koton-magazadzhylyk.tam.by Open in urlscan Pro
2a0a:7d80::b Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://koton-magazadzhylyk.tam.by/
Effective URL:
https://koton-magazadzhylyk.tam.by/
Submission: On April 02 via manual (April 2nd 2021, 5:39:36 pm UTC) from CZ

Summary HTTP 323 Redirects Links 97 Behaviour Indicators

Summary

This website contacted 51 IPs in 9 countries across 34 domains to perform 323 HTTP transactions. The main IP is 2a0a:7d80::b, located in Minsk, Belarus and belongs to BELPAK-AS BELPAK, BY. The main domain is koton-magazadzhylyk.tam.by.
TLS certificate: Issued by R3 on January 11th 2021. Valid for: 3 months.

This is the only time koton-magazadzhylyk.tam.by was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 26	2a0a:7d80::b 2a0a:7d80::b	6697 (BELPAK-AS...) (BELPAK-AS BELPAK)
12	2a02:6b8:20::215 2a02:6b8:20::215	13238 (YANDEX) (YANDEX)
9	2a0a:7d80::c:1:0 2a0a:7d80::c:1:0	6697 (BELPAK-AS...) (BELPAK-AS BELPAK)
6	2a02:6b8::173 2a02:6b8::173	13238 (YANDEX) (YANDEX)
4	93.125.48.34 93.125.48.34	6697 (BELPAK-AS...) (BELPAK-AS BELPAK)
2 4	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	2a02:6b8::16b 2a02:6b8::16b	13238 (YANDEX) (YANDEX)
1 12	2a02:6b8::90 2a02:6b8::90	13238 (YANDEX) (YANDEX)
5	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
3 15	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1 4	54.37.238.28 54.37.238.28	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a0a:7d80::a 2a0a:7d80::a	6697 (BELPAK-AS...) (BELPAK-AS BELPAK)
1	2a00:1450:400... 2a00:1450:400c:c04::9d	15169 (GOOGLE) (GOOGLE)
2 11	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
32	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
24	77.88.21.179 77.88.21.179	13238 (YANDEX) (YANDEX)
1	2a00:1450:400... 2a00:1450:400c:c04::9a	15169 (GOOGLE) (GOOGLE)
3 22	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
5	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
18	2a02:6b8::2b8 2a02:6b8::2b8	13238 (YANDEX) (YANDEX)
3	185.29.133.33 185.29.133.33	30419 (MEDIAMATH...) (MEDIAMATH-INC)
24	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1	78.46.90.238 78.46.90.238	24940 (HETZNER-AS) (HETZNER-AS)
15	18.203.213.28 18.203.213.28	16509 (AMAZON-02) (AMAZON-02)
1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2a02:6b8::184 2a02:6b8::184	13238 (YANDEX) (YANDEX)
1 4	138.201.84.253 138.201.84.253	24940 (HETZNER-AS) (HETZNER-AS)
1	2a02:6b8::5:114 2a02:6b8::5:114	13238 (YANDEX) (YANDEX)
1	2a02:fa8:8806... 2a02:fa8:8806:12::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
4	34.96.105.8 34.96.105.8	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
3 18	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
2 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	213.19.147.150 213.19.147.150	3356 (LEVEL3) (LEVEL3)
1	2a00:1450:400... 2a00:1450:4001:810::2006	15169 (GOOGLE) (GOOGLE)
2	88.99.69.161 88.99.69.161	24940 (HETZNER-AS) (HETZNER-AS)
3	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
3 3	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (TURN) (TURN)
3	46.228.164.11 46.228.164.11	56396 (TURN) (TURN)
2 3	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
4 4	3.125.99.7 3.125.99.7	16509 (AMAZON-02) (AMAZON-02)
4 4	213.155.156.164 213.155.156.164	1299 (TELIANET ...) (TELIANET Telia Carrier)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:6b8:a::a 2a02:6b8:a::a	13238 (YANDEX) (YANDEX)
6	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
323	51

26 2a0a:7d80::b (Minsk, Belarus) 1 redirects

ASN6697 (BELPAK-AS BELPAK, BY)

koton-magazadzhylyk.tam.by	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tam.by	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.tam.by	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.tut.by	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a0a:7d80::c:1:0 (Minsk, Belarus)

ASN6697 (BELPAK-AS BELPAK, BY)

s2r.tut.by	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1hit.tut.by	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c2hit.tut.by	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6b8::173 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

api-maps.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 93.125.48.34 (Belarus)

ASN6697 (BELPAK-AS BELPAK, BY)
PTR: 93-125-48-34.hoster.by

ad.tam.by	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::16b (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

matchid.adfox.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:6b8::90 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.37.238.28 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip28.ip-54-37-238.eu

gaby.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0a:7d80::a (Minsk, Belarus)

ASN6697 (BELPAK-AS BELPAK, BY)

tam.by	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 77.88.21.179 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: adfox-external-l3-engine.stable.qloud-b.yandex.net

ads.adfox.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a02:6b8::2b8 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

core-renderer-tiles.maps.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.133.33 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.46.90.238 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.238.90.46.78.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 18.203.213.28 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-213-28.eu-west-1.compute.amazonaws.com

s.update.mediamathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6b8::184 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

avatars.mds.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.84.253 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.253.84.201.138.clients.your-server.de

hal900021.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::5:114 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

ysa-static.passport.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1400 (United States)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (United Kingdom) 1 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.250.185.162 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.150 (United Kingdom) 2 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.99.69.161 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.161.69.99.88.clients.your-server.de

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:678:cb4:bbbb::11 (United Kingdom) 3 redirects

ASN56396 (TURN, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.164.11 (United Kingdom)

ASN56396 (TURN, GB)

r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.125.99.7 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-99-7.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.155.156.164 (Sweden) 4 redirects

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-164.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8:a::a (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
56	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	862 KB
34	doubleclick.net 6 redirects googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	95 KB
30	tam.by 1 redirects koton-magazadzhylyk.tam.by tam.by img.tam.by ad.tam.by	424 KB
24	yandex.net core-renderer-tiles.maps.yandex.net avatars.mds.yandex.net	469 KB
24	adfox.ru ads.adfox.ru	637 B
24	yandex.ru 2 redirects api-maps.yandex.ru matchid.adfox.yandex.ru an.yandex.ru mc.yandex.ru ysa-static.passport.yandex.ru yandex.ru	197 KB
16	google.com 2 redirects www.google.com adservice.google.com	2 KB
15	gstatic.com www.gstatic.com fonts.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn0.gstatic.com	303 KB
15	mediamathtag.com s.update.mediamathtag.com	43 KB
12	google.de www.google.de adservice.google.de	2 KB
12	yandex.com 2 redirects mc.yandex.com	3 KB
12	yastatic.net yastatic.net	908 KB
10	tut.by s2r.tut.by c1hit.tut.by c2hit.tut.by www.tut.by	19 KB
9	googletagservices.com www.googletagservices.com	282 KB
9	googleadservices.com 2 redirects www.googleadservices.com partner.googleadservices.com	32 KB
6	turn.com 3 redirects ad.turn.com r.turn.com	3 KB
5	redintelligence.net 1 redirects hal9000.redintelligence.net hal900021.redintelligence.net	8 KB
5	google-analytics.com www.google-analytics.com	53 KB
4	de17a.com 4 redirects d5p.de17a.com	1 KB
4	w55c.net 4 redirects pm.w55c.net	4 KB
4	blismedia.com tr.blismedia.com	478 B
4	mathtag.com tags.mathtag.com pixel.mathtag.com	3 KB
4	gemius.pl 1 redirects gaby.hit.gemius.pl	12 KB
3	quantserve.com 2 redirects cms.quantserve.com	1 KB
3	googleapis.com fonts.googleapis.com	2 KB
2	contentspread.net cdn.contentspread.net	72 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com	2 KB
1	2mdn.net s0.2mdn.net	122 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	696 B
1	1rx.io 1 redirects sync.1rx.io	829 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com	676 B
1	sitescout.com pixel-sync.sitescout.com	191 B
1	dotomi.com dclk-match.dotomi.com	104 B
1	googletagmanager.com www.googletagmanager.com	31 KB
323	34

	Domain	Requested by
32	pagead2.googlesyndication.com	yastatic.net pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
24	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
24	ads.adfox.ru	koton-magazadzhylyk.tam.by
18	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
18	core-renderer-tiles.maps.yandex.net	koton-magazadzhylyk.tam.by
15	s.update.mediamathtag.com	tags.mathtag.com s.update.mediamathtag.com
14	googleads.g.doubleclick.net	3 redirects www.googleadservices.com pagead2.googlesyndication.com googleads.g.doubleclick.net
14	img.tam.by	koton-magazadzhylyk.tam.by
12	mc.yandex.com	2 redirects koton-magazadzhylyk.tam.by mc.yandex.ru
12	an.yandex.ru	1 redirects yastatic.net koton-magazadzhylyk.tam.by
12	yastatic.net	yastatic.net api-maps.yandex.ru an.yandex.ru pagead2.googlesyndication.com koton-magazadzhylyk.tam.by
11	www.google.com	2 redirects koton-magazadzhylyk.tam.by googleads.g.doubleclick.net
9	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
9	tam.by	koton-magazadzhylyk.tam.by tam.by
7	www.google.de	koton-magazadzhylyk.tam.by
6	avatars.mds.yandex.net	koton-magazadzhylyk.tam.by
6	c2hit.tut.by	koton-magazadzhylyk.tam.by
6	api-maps.yandex.ru	koton-magazadzhylyk.tam.by yastatic.net
5	fonts.gstatic.com	fonts.googleapis.com
5	adservice.google.com	pagead2.googlesyndication.com
5	adservice.google.de	pagead2.googlesyndication.com
5	partner.googleadservices.com	pagead2.googlesyndication.com
5	www.google-analytics.com	koton-magazadzhylyk.tam.by www.google-analytics.com
4	d5p.de17a.com	4 redirects
4	pm.w55c.net	4 redirects
4	tr.blismedia.com	googleads.g.doubleclick.net
4	hal900021.redintelligence.net	1 redirects googleads.g.doubleclick.net hal900021.redintelligence.net
4	gaby.hit.gemius.pl	1 redirects koton-magazadzhylyk.tam.by gaby.hit.gemius.pl
4	www.googleadservices.com	2 redirects koton-magazadzhylyk.tam.by yastatic.net
4	ad.tam.by	koton-magazadzhylyk.tam.by tam.by ad.tam.by
3	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
3	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
3	cms.quantserve.com	2 redirects googleads.g.doubleclick.net
3	r.turn.com
3	ad.turn.com	3 redirects
3	www.gstatic.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	googleads.g.doubleclick.net
3	tags.mathtag.com	googleads.g.doubleclick.net tags.mathtag.com
3	mc.yandex.ru	1 redirects koton-magazadzhylyk.tam.by yastatic.net
3	koton-magazadzhylyk.tam.by	1 redirects koton-magazadzhylyk.tam.by
2	cdn.contentspread.net	hal900021.redintelligence.net
2	ssum-sec.casalemedia.com	2 redirects
2	stats.g.doubleclick.net	www.google-analytics.com
2	s2r.tut.by	koton-magazadzhylyk.tam.by
1	yandex.ru	yastatic.net
1	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
1	s0.2mdn.net	googleads.g.doubleclick.net
1	sync.targeting.unrulymedia.com	1 redirects
1	sync.1rx.io	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	pixel-sync.sitescout.com	googleads.g.doubleclick.net
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	ysa-static.passport.yandex.ru	koton-magazadzhylyk.tam.by
1	pixel.mathtag.com	tags.mathtag.com
1	hal9000.redintelligence.net	koton-magazadzhylyk.tam.by
1	www.tut.by	ad.tam.by
1	www.googletagmanager.com	koton-magazadzhylyk.tam.by
1	c1hit.tut.by	koton-magazadzhylyk.tam.by
1	matchid.adfox.yandex.ru	yastatic.net
323	59

This site contains links to these domains. Also see Links.

Domain
tam.by
blog.tam.by
partnership.tam.by
kusochek-schastya.tam.by
153.tam.by
avto-iz-ssha-usa-avto-by.tam.by
yurkas.tam.by
eurooptica.tam.by
myasnov.tam.by
docs.google.com
oooketuta.tam.by
buhgalterskij-uspeh.tam.by
agenstvo-yuridicheskih-uslug.tam.by
holamovacenter.tam.by
ratsionarius.tam.by
yandex.ru
yandex.by
tutby.com
jobs.tut.by
tamby.freshdesk.com
mobile.tut.by
brest.tam.by
vitebsk.tam.by
gomel.tam.by
grodno.tam.by
mogilev.tam.by
baranovichi.tam.by
bobruysk.tam.by
borisov.tam.by
zhlobin.tam.by
lida.tam.by
hoster.by

Subject Issuer	Validity	Valid
tam.by R3	`2021-01-11` - `2021-04-11`	3 months	crt.sh
*.yastatic.net Yandex CA	`2021-03-03` - `2021-09-01`	6 months	crt.sh
*.tut.by RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-23` - `2022-04-22`	a year	crt.sh
api-maps.yandex.ru Yandex CA	`2021-03-19` - `2021-09-15`	6 months	crt.sh
*.tam.by RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2020-12-24` - `2022-01-14`	a year	crt.sh
www.googleadservices.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
matchid.adfox.yandex.ru Yandex CA	`2021-03-16` - `2021-09-08`	6 months	crt.sh
bs.yandex.ru Yandex CA	`2020-12-17` - `2021-06-17`	6 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-02-27` - `2021-08-09`	5 months	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2019-09-11` - `2021-09-24`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.adfox.ru Yandex CA	`2021-02-26` - `2021-08-08`	5 months	crt.sh
*.google.de GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.core-renderer-tiles.maps.yandex.net Yandex CA	`2021-03-19` - `2021-09-16`	6 months	crt.sh
*.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2022-04-22`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
redintelligence.net R3	`2021-02-19` - `2021-05-20`	3 months	crt.sh
smwjqy.com Sectigo ECC Domain Validation Secure Server CA	`2020-05-26` - `2021-05-26`	a year	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2021-07-15`	a year	crt.sh
*.avatars.mds.yandex.net Yandex CA	`2021-03-12` - `2021-09-10`	6 months	crt.sh
ysa-static.passport.yandex.net Yandex CA	`2021-03-15` - `2021-09-13`	6 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2019-06-19` - `2021-08-31`	2 years	crt.sh
*.sitescout.com RapidSSL RSA CA 2018	`2020-01-15` - `2022-02-02`	2 years	crt.sh
tr.blismedia.com GTS CA 1D2	`2021-03-03` - `2021-06-01`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
contentspread.net R3	`2021-02-01` - `2021-05-02`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.turn.com DigiCert SHA2 Secure Server CA	`2020-03-18` - `2021-04-19`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
yandex.ru Yandex CA	`2021-03-18` - `2021-09-16`	6 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh

This page contains 27 frames:

Primary Page: https://koton-magazadzhylyk.tam.by/
Frame ID: 2AEE903E51A336664A39CD1FA2897DD3
Requests: 145 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: DAEC22B7AD5C5E044773C15B767699C0
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 7B04FC1FA65595AED4C2DBE8D3A4758B
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210331/r20190131/zrt_lookup.html
Frame ID: 94FF147014909DD82B4231811B9E7C20
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_300x250_3_floors_1&adk=105888313&adf=3279755398&pi=t.ma~as.tut.by_publishers_3_&w=300&fwrn=3&lmt=1617385158&psa=0&format=300x250&url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&ea=0&flash=0&wgl=1&dt=1617385158754&bpp=9&bdt=116&idt=135&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&correlator=8250955427519&frm=23&ife=1&pv=2&ga_vid=1948603448.1617385158&ga_sid=1617385159&ga_hid=1075486008&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=704121822&scr_x=0&scr_y=0&eid=42530672%2C182982000%2C44740079%2C44739387&oid=3&pvsid=2257477843771454&loc=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CEr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.gl6j26hfki01&fsb=1&dtd=163
Frame ID: 157C5667ACC40EEBB6E6327AFEB3A848
Requests: 27 HTTP requests in this frame

Frame: https://yastatic.net/pcode/adfox/adfox-adx-stub.html
Frame ID: 3E4CEC60D5E3355477383B7908EFFF14
Requests: 3 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.80/1-1-0/render.html
Frame ID: B9368AED9D37B7F06A2AE0C9B028EDD3
Requests: 23 HTTP requests in this frame

Frame: https://hal900021.redintelligence.net/request_content.php?s=47604100177899500951393011552021&a=00001f2b
Frame ID: 7D0FAC894F029154FF52D830CEDE6819
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8342181E97CF82D1E3471E2EE396D4C1
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 3E8FEAB4C9EB2D21CFFE93EDF077C299
Requests: 2 HTTP requests in this frame

Frame: data://truncated
Frame ID: F3AE9F7DCE6B981428CCBC5291DC402B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 728C8E451A4CD62172A29DB2F2AED874
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 17490188B9EA8BCB10B296A8D156D1B7
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_2_floors_35&adk=4252383148&adf=3279755401&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1617385160&psa=0&format=970x250&url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&ea=0&flash=0&wgl=1&dt=1617385160683&bpp=2&bdt=53&idt=110&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dbe4596db7a55dd94-22d3041cf5ba00de%3AT%3D1617385158%3ART%3D1617385158%3AS%3DALNI_MYKkSBEnsLZVtwi7km82YnLyg1CMA&correlator=8250955427519&frm=23&ife=1&pv=1&ga_vid=1948603448.1617385158&ga_sid=1617385161&ga_hid=393394414&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=488&biw=1600&bih=1200&isw=970&ish=250&ifk=1296003422&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2303951872584136&loc=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.8iqbjda7ntr9&fsb=1&dtd=118
Frame ID: E98FD9E896F4F00F30356CEF18C17332
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: E1E8EE98863370F9EE63767FB35BD39E
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_2_floors_11&adk=2366530133&adf=3279755400&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1617385160&psa=0&format=970x250&url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&ea=0&flash=0&wgl=1&dt=1617385160852&bpp=2&bdt=80&idt=58&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dbe4596db7a55dd94-22d3041cf5ba00de%3AT%3D1617385158%3ART%3D1617385158%3AS%3DALNI_MYKkSBEnsLZVtwi7km82YnLyg1CMA&correlator=8250955427519&frm=23&ife=1&pv=1&ga_vid=1948603448.1617385158&ga_sid=1617385161&ga_hid=506795244&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=2953&biw=1600&bih=1200&isw=970&ish=250&ifk=1296003422&scr_x=0&scr_y=0&eid=44735932%2C44740079%2C44739387&oid=3&pvsid=1555053346710673&loc=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.kqq8km99w2kk&btvi=1&fsb=1&dtd=68
Frame ID: 34A019051809F9970885EB86149AEE42
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=90&slotname=tut.by_publishers_728x90_1_floors_19&adk=3083819103&adf=3279755403&pi=t.ma~as.tut.by_publishers_7_&w=728&lmt=1617385160&psa=0&format=728x90&url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&ea=0&flash=0&wgl=1&dt=1617385160871&bpp=1&bdt=51&idt=64&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dbe4596db7a55dd94-22d3041cf5ba00de%3AT%3D1617385158%3ART%3D1617385158%3AS%3DALNI_MYKkSBEnsLZVtwi7km82YnLyg1CMA&correlator=8250955427519&frm=23&ife=1&pv=1&ga_vid=1948603448.1617385158&ga_sid=1617385161&ga_hid=161905389&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=276&ady=758&biw=1600&bih=1200&isw=728&ish=90&ifk=173005118&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2893525220256726&loc=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.38r73fjs5fey&fsb=1&dtd=73
Frame ID: 945660F50676BB018EED8D042C299C1E
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 86C28E6E837A1F33C732B4135AAC1945
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/DbMZ0rSwrYdtGIgs0aJlrMhQhsJZwxQeXkiX5VBkOL0.js
Frame ID: 3C60A0760801E75F96B365C1C073065A
Requests: 1 HTTP requests in this frame

Frame: blob://https://googleads.g.doubleclick.net/a0955d21-d96d-4198-a1d6-e7ccc22ea0d0
Frame ID: 6C3735B94AC00475B712A3A14C3CF5A0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 85BD62BD9AADEA103E2BC9387181144D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 665E7039E12822757E4F5F5167217433
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5983FB3C420BBBD0B29EF24405695B73
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/DbMZ0rSwrYdtGIgs0aJlrMhQhsJZwxQeXkiX5VBkOL0.js
Frame ID: E70B9E1769FA8043D14252F76BB01F42
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/DbMZ0rSwrYdtGIgs0aJlrMhQhsJZwxQeXkiX5VBkOL0.js
Frame ID: 74071B5AEB9F27D9D9D07D6AB34778D6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 0BA868EE41E76FD671A0CFECDAA9A751
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 985BE913882ED55AAA780862B74D4F40
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://koton-magazadzhylyk.tam.by/ HTTP 301
https://koton-magazadzhylyk.tam.by/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /https?:\/\/an\.yandex\.ru\//i

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /mc\.yandex\.ru\/metrika\/watch\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Gemius () Expand

Overall confidence: %
Detected patterns

script /hit\.gemius\.pl\/xgemius\.js/i
script /hit\.gemius\.pl/i
script /xgemius\.js/i

Page Statistics

323
Requests

99 %
HTTPS

65 %
IPv6

34
Domains

59
Subdomains

51
IPs

9
Countries

3817 kB
Transfer

10599 kB
Size

18
Cookies

97 Outgoing links

These are links going to different origins than the main page.

URL: https://tam.by/pages/publichnyi-dogovor/
Title: правила

Search URL Search Domain Scan URL

URL: https://tam.by/auth/soc/?t=tut&return=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F
Title:

Search URL Search Domain Scan URL

URL: https://tam.by/auth/soc/?t=fb&return=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F
Title:

Search URL Search Domain Scan URL

URL: https://tam.by/auth/soc/?t=vk&return=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F
Title:

Search URL Search Domain Scan URL

URL: https://tam.by/auth/soc/?t=gp&return=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F
Title:

Search URL Search Domain Scan URL

URL: https://tam.by/tender/?utm_source=tam.by&utm_medium=top-menu&utm_campaign=tender-soft-launch
Title: Заявки на товары и услуги

Search URL Search Domain Scan URL

URL: https://blog.tam.by/
Title: Советы

Search URL Search Domain Scan URL

URL: https://partnership.tam.by/?utm_source=TAM_menu&utm_medium=TAM&utm_campaign=landingPromo
Title: Эффективная реклама

Search URL Search Domain Scan URL

URL: https://tam.by/user/add/
Title: Добавить компанию

Search URL Search Domain Scan URL

URL: https://tam.by/
Title:

Search URL Search Domain Scan URL

URL: https://tam.by/eda/restorany-kafe/?rr=1
Title: Кафе и рестораны

Search URL Search Domain Scan URL

URL: https://tam.by/krasota/salony-krasoty/?rr=1
Title: Салоны красоты

Search URL Search Domain Scan URL

URL: https://tam.by/strojka/?rr=1
Title: Строительство и ремонт

Search URL Search Domain Scan URL

URL: https://tam.by/reklama/
Title: Эффективная реклама

Search URL Search Domain Scan URL

URL: https://tam.by/turizm/turfirmy/?rr=1
Title: Туристические компании

Search URL Search Domain Scan URL

URL: https://kusochek-schastya.tam.by/

Search URL Search Domain Scan URL

URL: https://kusochek-schastya.tam.by/#phone
Title:

Search URL Search Domain Scan URL

URL: https://153.tam.by/

Search URL Search Domain Scan URL

URL: https://153.tam.by/#phone
Title:

Search URL Search Domain Scan URL

URL: https://avto-iz-ssha-usa-avto-by.tam.by/

Search URL Search Domain Scan URL

URL: https://avto-iz-ssha-usa-avto-by.tam.by/#phone
Title:

Search URL Search Domain Scan URL

URL: https://yurkas.tam.by/skidki/sovershai-pokupki-v-salonahyurkasi-poluchai-v-podarok-kartu-skidokvygodnyi-remont

Search URL Search Domain Scan URL

URL: https://eurooptica.tam.by/skidki/sdai-starye-ochki-i-poluchi-skidku-7-rubna-novye

Search URL Search Domain Scan URL

URL: https://myasnov.tam.by/skidki/tehnika-dlya-kuhni-v-magazinah-myasnov-so-skidkoi-50

Search URL Search Domain Scan URL

URL: https://docs.google.com/forms/d/e/1FAIpQLScY-oK73PNduBP-xKjzsdtCzAV_C2W2jd-4KCOpx41VLInsYw/viewform?entry.1756128008=koton-magazadzhylyk.tam.by/
Title: Сообщить об ошибке

Search URL Search Domain Scan URL

URL: https://tam.by/user/verify/?id=58599040f7a017005a8b59ae
Title: Это моя компания

Search URL Search Domain Scan URL

URL: https://oooketuta.tam.by/skidki/1-mesyats-obsluzhivaniya-besplatno-dlya-vnov-otkryvshihsya-organizatsii-i-ip#offer

Search URL Search Domain Scan URL

URL: https://buhgalterskij-uspeh.tam.by/skidki/skidka-25na-3-mesyatsa-po-polnomu-paketu-buhgalterskih-uslugdelovoi#offer

Search URL Search Domain Scan URL

URL: https://buhgalterskij-uspeh.tam.by/skidki/kazhdyi-4-i-mesyats-v-podarok-dlya-vseh-kompanii-na-usn-na-ves-period-buhgalterskogo-soprovozhdeniya#offer

Search URL Search Domain Scan URL

URL: https://agenstvo-yuridicheskih-uslug.tam.by/skidki/pri-zakaze-uslugi-po-soprovozhdeniyu-likvidatsii-organizatsiiipvse-konsultatsii-besplatno#offer

Search URL Search Domain Scan URL

URL: https://holamovacenter.tam.by/skidki/skidka-registraciya#offer

Search URL Search Domain Scan URL

URL: https://ratsionarius.tam.by/skidki/30skidka-na-vosstanovlenie-buhuchyota-nezavisimo-ot-perioda#offer

Search URL Search Domain Scan URL

URL: https://buhgalterskij-uspeh.tam.by/skidki/skidka-45na-paket-buhgalterskih-uslugaktivnyina-5-mesyatsev#offer

Search URL Search Domain Scan URL

URL: https://holamovacenter.tam.by/skidki/first-month-free#offer

Search URL Search Domain Scan URL

URL: https://yandex.ru/legal/maps_termsofuse/?lang=ru
Title: Условия использования

Search URL Search Domain Scan URL

URL: https://yandex.by/maps/157/minsk/?mode=routes&rtext=~53.910325%2C27.592464&rtt=auto
Title: Маршрут

Search URL Search Domain Scan URL

URL: https://tam.by/avto/
Title: Авто

Search URL Search Domain Scan URL

URL: https://tam.by/avto/sto/
Title: СТО

Search URL Search Domain Scan URL

URL: https://tam.by/avto/avtozapchasti/
Title: Магазины автозапчастей

Search URL Search Domain Scan URL

URL: https://tam.by/avto/shiny-diski/
Title: Шины, диски

Search URL Search Domain Scan URL

URL: https://tam.by/avto/remont-gruz-avto/
Title: Ремонт грузовых авто и спецтехники

Search URL Search Domain Scan URL

URL: https://tam.by/prazdniki/
Title: Праздники

Search URL Search Domain Scan URL

URL: https://tam.by/prazdniki/podarki/
Title: Подарки и сувениры

Search URL Search Domain Scan URL

URL: https://tam.by/prazdniki/oformlenie-dekor/
Title: Оформление и декор

Search URL Search Domain Scan URL

URL: https://tam.by/prazdniki/magaziny-tsvetov/
Title: Магазины цветов

Search URL Search Domain Scan URL

URL: https://tam.by/prazdniki/prazdnichnye-agentstva/
Title: Праздничные агентства

Search URL Search Domain Scan URL

URL: https://tam.by/eda/
Title: Еда

Search URL Search Domain Scan URL

URL: https://tam.by/eda/restorany-kafe/
Title: Рестораны, кафе

Search URL Search Domain Scan URL

URL: https://tam.by/eda/dostavka/
Title: Доставка еды

Search URL Search Domain Scan URL

URL: https://tam.by/eda/banketnye-zaly/
Title: Банкетные залы

Search URL Search Domain Scan URL

URL: https://tam.by/eda/torty-na-zakaz/
Title: Торты на заказ

Search URL Search Domain Scan URL

URL: https://tam.by/krasota/
Title: Красота и медицина

Search URL Search Domain Scan URL

URL: https://tam.by/krasota/med-tsentry/
Title: Медицинские центры

Search URL Search Domain Scan URL

URL: https://tam.by/krasota/medtehnika/
Title: Магазины медтехники

Search URL Search Domain Scan URL

URL: https://tam.by/krasota/med-tsentry/ginekologiya/
Title: Гинекология и акушерство

Search URL Search Domain Scan URL

URL: https://tam.by/krasota/salony-krasoty/
Title: Салоны красоты

Search URL Search Domain Scan URL

URL: https://tam.by/strojka/
Title: Строительство и ремонт

Search URL Search Domain Scan URL

URL: https://tam.by/strojka/elektrooborudovanie/
Title: Электрооборудование

Search URL Search Domain Scan URL

URL: https://tam.by/strojka/mebel/
Title: Мебель

Search URL Search Domain Scan URL

URL: https://tam.by/strojka/mebel/korpusnaya-mebel/
Title: Корпусная мебель

Search URL Search Domain Scan URL

URL: https://tam.by/strojka/materialy/
Title: Материалы для строительства

Search URL Search Domain Scan URL

URL: https://tam.by/otdyh/
Title: Отдых и развлечения

Search URL Search Domain Scan URL

URL: https://tam.by/otdyh/kinoteatry/
Title: Кинотеатры

Search URL Search Domain Scan URL

URL: https://tam.by/otdyh/bilety-na-meropriyatiya/
Title: Билеты на мероприятия

Search URL Search Domain Scan URL

URL: https://tam.by/otdyh/teatry/
Title: Театры

Search URL Search Domain Scan URL

URL: https://tam.by/otdyh/kluby-po-interesam/
Title: Клубы по интересам

Search URL Search Domain Scan URL

URL: https://tam.by/turizm/
Title: Туризм и путешествия

Search URL Search Domain Scan URL

URL: https://tam.by/turizm/turfirmy/
Title: Туристические компании

Search URL Search Domain Scan URL

URL: https://tam.by/turizm/gostinitsy/
Title: Гостиницы

Search URL Search Domain Scan URL

URL: https://tam.by/turizm/sanatorii/
Title: Санатории

Search URL Search Domain Scan URL

URL: https://tam.by/turizm/bazy-otdyha/
Title: Базы отдыха

Search URL Search Domain Scan URL

URL: https://tam.by/magaziny/
Title: Магазины, торговые площадки

Search URL Search Domain Scan URL

URL: https://tam.by/magaziny/zhenskaya-odezhda/
Title: Женская одежда

Search URL Search Domain Scan URL

URL: https://tam.by/magaziny/bytovaya-tehnika/
Title: Магазины бытовой техники

Search URL Search Domain Scan URL

URL: https://tam.by/magaziny/kompyutery-orgtehnika/
Title: Компьютеры и оргтехника

Search URL Search Domain Scan URL

URL: https://tam.by/magaziny/kosmetika/
Title: Магазины парфюмерии и косметики

Search URL Search Domain Scan URL

URL: https://tutby.com/contact/filials/
Title: TAM.BY в регионах

Search URL Search Domain Scan URL

URL: https://jobs.tut.by/employer/752710
Title: Наши вакансии

Search URL Search Domain Scan URL

URL: https://tamby.freshdesk.com/support/tickets/new
Title: Связаться с нами

Search URL Search Domain Scan URL

URL: https://partnership.tam.by/?utm_source=TAM_footer&utm_medium=TAM&utm_campaign=landingPromo
Title: Реклама на TAM.BY

Search URL Search Domain Scan URL

URL: https://tam.by/pages/pravila-razmescheniya-otzyvov-na-proekte-tam-by/
Title: Правила работы с отзывами

Search URL Search Domain Scan URL

URL: https://mobile.tut.by/app-catalog-android.html?utm_source=TUT.BY&utm_medium=ref&utm_campaign=footer_tam.by
Title: Загрузить с Google Play

Search URL Search Domain Scan URL

URL: https://brest.tam.by/
Title: Брест

Search URL Search Domain Scan URL

URL: https://vitebsk.tam.by/
Title: Витебск

Search URL Search Domain Scan URL

URL: https://gomel.tam.by/
Title: Гомель

Search URL Search Domain Scan URL

URL: https://grodno.tam.by/
Title: Гродно

Search URL Search Domain Scan URL

URL: https://mogilev.tam.by/
Title: Могилев

Search URL Search Domain Scan URL

URL: https://baranovichi.tam.by/
Title: Барановичи

Search URL Search Domain Scan URL

URL: https://bobruysk.tam.by/
Title: Бобруйск

Search URL Search Domain Scan URL

URL: https://borisov.tam.by/
Title: Борисов

Search URL Search Domain Scan URL

URL: https://zhlobin.tam.by/
Title: Жлобин

Search URL Search Domain Scan URL

URL: https://lida.tam.by/
Title: Лида

Search URL Search Domain Scan URL

URL: https://tam.by/deti/
Title: Дети

Search URL Search Domain Scan URL

URL: https://tam.by/obschestvo/
Title: Государство и общество

Search URL Search Domain Scan URL

URL: https://tam.by/bytovye-uslugi/
Title: Бытовые услуги

Search URL Search Domain Scan URL

URL: https://tam.by/b2b/
Title: B2B

Search URL Search Domain Scan URL

URL: https://hoster.by/
Title: HOSTER.BY

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://koton-magazadzhylyk.tam.by/ HTTP 301
https://koton-magazadzhylyk.tam.by/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://an.yandex.ru/adfox/312020/getBulk/v2?dl=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&date=2021-04-02T19%3A39%3A18.210%2B02%3A00&pd=2&pdh=1200&pdw=1600&pr1=3445240191&pr=1603982883&prr=&pv=19&pw=5&extid_loader=&extid_tag_loader=koton-magazadzhylyk.tam.by&ylv=0.14318&ybv=0.14318&ytt=553054348773397&is-turbo=0&skip-token=&ad-session-id=5757701617385158233&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A0%2C%22h%22%3A0%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A0%2C%22top%22%3A0%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=0&p1=cjsjp&p2=gmyu&slotNumber=1&bids=W10%3D&grab=dNCa0J7QotCe0J0g0JzQkNCT0JDQl9CQ0JTQltCr0JvQq9CaINCyINCc0LjQvdGB0LrQtQo%3D&utf8=%E2%9C%93&use-server-side-rendering=1 HTTP 302
https://an.yandex.ru/adfox/312020/getBulk/v2?redir-setuniq=1&dl=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&date=2021-04-02T19%3A39%3A18.210%2B02%3A00&pd=2&pdh=1200&pdw=1600&pr1=3445240191&pr=1603982883&prr=&pv=19&pw=5&extid_loader=&extid_tag_loader=koton-magazadzhylyk.tam.by&ylv=0.14318&ybv=0.14318&ytt=553054348773397&is-turbo=0&skip-token=&ad-session-id=5757701617385158233&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A0%2C%22h%22%3A0%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A0%2C%22top%22%3A0%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=0&p1=cjsjp&p2=gmyu&slotNumber=1&bids=W10%3D&grab=dNCa0J7QotCe0J0g0JzQkNCT0JDQl9CQ0JTQltCr0JvQq9CaINCyINCc0LjQvdGB0LrQtQo%3D&utf8=%E2%9C%93&use-server-side-rendering=1

Request Chain 49

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9231.spzOW3cp5G5uXi93NLdkJ3Z_9Sz3M1FNL-5Voj2JsSK9JX71uWWWj6Kkp3gDnXXx.fJqzkTaB8uLYEPMGp3_1GD0Xhw0%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9231.nuOxh327jcWTfUi1JuFqgH9MsEjPSKVvAWSsD25GI9GDECW9ijCDVGyyKNT5iDJilWZtDBAjhqMaMQMje4LIbbJyQyCbG0EucJXn5P8VZEk%2C.qGH0pwBqVFwEvvepa7In7sRWdUE%2C

Request Chain 73

https://gaby.hit.gemius.pl/_1617385158685/rexdot.js?l=100&id=0iWVhGLhkSnOM.coExUx_ZR6DfXGYVuPku6GN3CSc4D.S7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=CJ97t9A2HJbojlpLptOb8OG22t8jhjV8ecWk.dBbttn.d7&vis=1 HTTP 301
https://gaby.hit.gemius.pl/__/_1617385158685/rexdot.js?l=100&id=0iWVhGLhkSnOM.coExUx_ZR6DfXGYVuPku6GN3CSc4D.S7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=CJ97t9A2HJbojlpLptOb8OG22t8jhjV8ecWk.dBbttn.d7&vis=1

Request Chain 74

https://mc.yandex.com/watch/31359968?wmode=7&page-url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5yitzpge8znbdz2%3Afp%3A934%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A482%3Acn%3A1%3Adp%3A0%3Als%3A1235440192465%3Ahid%3A169532008%3Az%3A120%3Ai%3A20210402193918%3Aet%3A1617385158%3Ac%3A1%3Arn%3A241069802%3Au%3A1617385158818104553%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1617385157438%3Ads%3A0%2C81%2C112%2C2%2C143%2C0%2C%2C%2C%2C%2C%2C%2C%3Adsn%3A0%2C81%2C112%2C2%2C143%2C0%2C%2C%2C%2C%2C%2C%2C%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1617385159%3At%3A%D0%9A%D0%9E%D0%A2%D0%9E%D0%9D%20%D0%9C%D0%90%D0%93%D0%90%D0%97%D0%90%D0%94%D0%96%D0%AB%D0%9B%D0%AB%D0%9A%20%D0%B2%20%D0%9C%D0%B8%D0%BD%D1%81%D0%BA%D0%B5 HTTP 302
https://mc.yandex.com/watch/31359968/1?wmode=7&page-url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5yitzpge8znbdz2%3Afp%3A934%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A482%3Acn%3A1%3Adp%3A0%3Als%3A1235440192465%3Ahid%3A169532008%3Az%3A120%3Ai%3A20210402193918%3Aet%3A1617385158%3Ac%3A1%3Arn%3A241069802%3Au%3A1617385158818104553%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1617385157438%3Ads%3A0%2C81%2C112%2C2%2C143%2C0%2C%2C%2C%2C%2C%2C%2C%3Adsn%3A0%2C81%2C112%2C2%2C143%2C0%2C%2C%2C%2C%2C%2C%2C%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1617385159%3At%3A%D0%9A%D0%9E%D0%A2%D0%9E%D0%9D%20%D0%9C%D0%90%D0%93%D0%90%D0%97%D0%90%D0%94%D0%96%D0%AB%D0%9B%D0%AB%D0%9A%20%D0%B2%20%D0%9C%D0%B8%D0%BD%D1%81%D0%BA%D0%B5

Request Chain 86

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=400&slotname=tut.by_publishers_240x400_1_floors_29&adk=1332428843&adf=3279755399&pi=t.ma~as.tut.by_publishers_2_&w=240&lmt=1617385158&psa=0&format=240x400&url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&ea=0&flash=0&wgl=1&dt=1617385158773&bpp=3&bdt=145&idt=154&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&correlator=8250955427519&frm=23&ife=1&pv=1&ga_vid=1948603448.1617385158&ga_sid=1617385159&ga_hid=1752348407&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1134&ady=938&biw=1600&bih=1200&isw=240&ish=400&ifk=2443680497&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=3412748173908634&loc=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C240%2C400&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.wn4adif5glqw&fsb=1&dtd=165 HTTP 302
https://yastatic.net/pcode/adfox/adfox-adx-stub.html

Request Chain 143

https://hal900021.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=15f3839615&subid=&uid=25e6fd2ac11dcb52&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D7289669487851265613%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_uuid%3D81186067-56c7-4701-aeb0-f9c97ec52773%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC9695xlZnYPuUOc6h7gPc7oXADM-HjptcwIbZgsYCwI23ARABIABglYq4gsgHggEXY2EtcHViLTgyNDEwNDk0OTc2MDg5OTfIAQmoAwGqBL4BT9AL236x_EUAsO_TkszafSpvsH25b8IXjun0yMRqrVUECyoj1iynUE_fCbGgW9kNTBj4xN6m5L2OHT5ZeR1R4Yf2Bkla8Xh-zW1INjZhxknM4KGAHYyMnJCyJ7KyeOEt828L8vdFxxqLq6BDwofAHztyTv2vs1nn6zDVwDSJR5LZedAtZD2s9bYKcgGE8PrcnFnGFgv9xoWFepdpS4vfFBv2oHmVb3aiLOSWiWX-8AqVL4IC4HaMtZJYOPJlXoAGkKXs7-GYgM7XAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0yNzQ3NzM0Mjc0NzUyNDgy-gsCCAGADAE%2526num%253D1%2526sig%253DAOD64_3sYO4aMWi1XDNv8sRE8iNBsPnAnQ%2526client%253Dca-pub-8241049497608997%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&ancestorOrigins=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2Chttps%3A%2F%2Fkoton-magazadzhylyk.tam.by&random=6434778987569&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0 HTTP 302
https://hal900021.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=15f3839615&subid=&uid=25e6fd2ac11dcb52&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D7289669487851265613%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_uuid%3D81186067-56c7-4701-aeb0-f9c97ec52773%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC9695xlZnYPuUOc6h7gPc7oXADM-HjptcwIbZgsYCwI23ARABIABglYq4gsgHggEXY2EtcHViLTgyNDEwNDk0OTc2MDg5OTfIAQmoAwGqBL4BT9AL236x_EUAsO_TkszafSpvsH25b8IXjun0yMRqrVUECyoj1iynUE_fCbGgW9kNTBj4xN6m5L2OHT5ZeR1R4Yf2Bkla8Xh-zW1INjZhxknM4KGAHYyMnJCyJ7KyeOEt828L8vdFxxqLq6BDwofAHztyTv2vs1nn6zDVwDSJR5LZedAtZD2s9bYKcgGE8PrcnFnGFgv9xoWFepdpS4vfFBv2oHmVb3aiLOSWiWX-8AqVL4IC4HaMtZJYOPJlXoAGkKXs7-GYgM7XAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0yNzQ3NzM0Mjc0NzUyNDgy-gsCCAGADAE%2526num%253D1%2526sig%253DAOD64_3sYO4aMWi1XDNv8sRE8iNBsPnAnQ%2526client%253Dca-pub-8241049497608997%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&ancestorOrigins=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2Chttps%3A%2F%2Fkoton-magazadzhylyk.tam.by&random=6434778987569&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1

Request Chain 155

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGjVjWnl0DQzX-ObD8iCopg&google_cver=1&google_push=AQvitUJr1t0IS_MpCaruAIqciP6atC7VYKVLfyiNMjm4ZMYJ_i2wLL_EVx-iIGN2Iy_X_Gfc8V72l4hjglFzFrEznZxoee4dCD8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUJr1t0IS_MpCaruAIqciP6atC7VYKVLfyiNMjm4ZMYJ_i2wLL_EVx-iIGN2Iy_X_Gfc8V72l4hjglFzFrEznZxoee4dCD8&google_hm=NDczMDU3OTc1NTEyMjgwNTc1MA%3D%3D

Request Chain 156

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDRauMKZHTXr0dIJeJ8lxSw&google_cver=1&google_push=AQvitUIbQw8uj8-OggFP97wg27H6luW_RkuBZj5CENYLO5yj9q4Dluqdp16XFpqQ3MVZfAbcFbKnscTqFFHp2VX0ClH6KoV9ys4 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEDRauMKZHTXr0dIJeJ8lxSw&google_push=AQvitUIbQw8uj8-OggFP97wg27H6luW_RkuBZj5CENYLO5yj9q4Dluqdp16XFpqQ3MVZfAbcFbKnscTqFFHp2VX0ClH6KoV9ys4&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YGdWyPCERkRlBEzkHVOYggAAAoMAAAIB&google_push=AQvitUIbQw8uj8-OggFP97wg27H6luW_RkuBZj5CENYLO5yj9q4Dluqdp16XFpqQ3MVZfAbcFbKnscTqFFHp2VX0ClH6KoV9ys4&google_gid=CAESEDRauMKZHTXr0dIJeJ8lxSw&google_cver=1

Request Chain 157

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEEvay2n15dfXdmHTjXQ0Iwg&google_cver=1&google_push=AQvitUIZFNWlpuuKZl6tXXiP4n8cFavrWUvW_rybGynD3eTWuDkcNORy2Wlyv13y82Lt2m6NRB0W10eAfUKYrYcurMWZMJ3D6vk HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-57b87953-5074-4f0d-8c38-a397a88729b6-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAQvitUIZFNWlpuuKZl6tXXiP4n8cFavrWUvW_rybGynD3eTWuDkcNORy2Wlyv13y82Lt2m6NRB0W10eAfUKYrYcurMWZMJ3D6vk%26google_hm%3DA1e4eVNQdE8NjDijl6iHKbY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AQvitUIZFNWlpuuKZl6tXXiP4n8cFavrWUvW_rybGynD3eTWuDkcNORy2Wlyv13y82Lt2m6NRB0W10eAfUKYrYcurMWZMJ3D6vk&google_hm=A1e4eVNQdE8NjDijl6iHKbY

Request Chain 227

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEP2ymleGpuqHlaml7wrsAo8&google_cver=1&google_push=AQvitUKhmjobC73WJ5ibE0c_rgaxJuTakFesDnSk3xxnyqI-8R-6fvqnZTGcDZISlCTLIUUqDBPf9Ro5Wy5MEHzJ-q7RcOna1w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzY0ODIzODE5NjM0NzI2MjIxMw== HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEP2ymleGpuqHlaml7wrsAo8&google_cver=1

Request Chain 229

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEF0z8tmob0Wb39tPOnuJcfM&google_cver=1&google_push=AQvitUKE_uJem6jKW5H7YkRialzzhKT5jwP0cIiXzybFT8J8HVEm29-VnmAWSCfduUhFRSzAyJFjzcR8w3MtYUzhWw6It-Jjs80 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEF0z8tmob0Wb39tPOnuJcfM&google_cver=1&google_push=AQvitUKE_uJem6jKW5H7YkRialzzhKT5jwP0cIiXzybFT8J8HVEm29-VnmAWSCfduUhFRSzAyJFjzcR8w3MtYUzhWw6It-Jjs80 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Nmt6dk5SUzcxTHNuTHI1&google_gid=CAESEF0z8tmob0Wb39tPOnuJcfM&google_cver=1&google_push=AQvitUKE_uJem6jKW5H7YkRialzzhKT5jwP0cIiXzybFT8J8HVEm29-VnmAWSCfduUhFRSzAyJFjzcR8w3MtYUzhWw6It-Jjs80

Request Chain 231

https://d5p.de17a.com/cookies/google?google_gid=CAESEOOgWG82KP-LupQ9CiHPvAY&google_cver=1&google_push=AQvitUIjQ-3sRtD1Yofgo5iLV2XwCXTUiU-o--t8dlqnWTy22F3OYwWaqHq4dx-8i3zmc8OcZTT5Vp3QPamwgKmIgaTXLNDD-Q HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEOOgWG82KP-LupQ9CiHPvAY&google_cver=1&google_push=AQvitUIjQ-3sRtD1Yofgo5iLV2XwCXTUiU-o--t8dlqnWTy22F3OYwWaqHq4dx-8i3zmc8OcZTT5Vp3QPamwgKmIgaTXLNDD-Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AQvitUIjQ-3sRtD1Yofgo5iLV2XwCXTUiU-o--t8dlqnWTy22F3OYwWaqHq4dx-8i3zmc8OcZTT5Vp3QPamwgKmIgaTXLNDD-Q

Request Chain 276

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEP2ymleGpuqHlaml7wrsAo8&google_cver=1&google_push=AQvitUJuKdoWEjEIQ48Z4p5CpP9LC4-RwhBsYNi27mIVfxQ7JhbTzS0YX2DN-3ffyqNhbxIlUaH-JsPA3RGXaMspcSZMjXC_wQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzY0ODIzODE5NjM0NzI2MjIxMw== HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEP2ymleGpuqHlaml7wrsAo8&google_cver=1

Request Chain 277

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMfl16C9DY0D9RLpxG2j5us&google_cver=1&google_push=AQvitUK1NasEbm5k8UKqCxeJNl0GCAR3QxDUlEW9fjcu7Ytjrbbb4QGxVOVeWvwdS64rcfrtukSdPmZS0Y9rCf7vGXP4yqV_Kg HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AQvitUK1NasEbm5k8UKqCxeJNl0GCAR3QxDUlEW9fjcu7Ytjrbbb4QGxVOVeWvwdS64rcfrtukSdPmZS0Y9rCf7vGXP4yqV_Kg&google_hm=kjI9oUGjiyZRqBRf0RVl6Q

Request Chain 278

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEF0z8tmob0Wb39tPOnuJcfM&google_cver=1&google_push=AQvitUJo8I45sM32TqfOSRz2sWa8NGoh8BJG0_Gi4sd-beEHeKjrtyykhEDsu-N4qAzHUUTUMf0jiZKAbGgb7-yjxyDq-xZzQ08 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Nmt6dk5SUzcxTHNuTHI1&google_gid=CAESEF0z8tmob0Wb39tPOnuJcfM&google_cver=1&google_push=AQvitUJo8I45sM32TqfOSRz2sWa8NGoh8BJG0_Gi4sd-beEHeKjrtyykhEDsu-N4qAzHUUTUMf0jiZKAbGgb7-yjxyDq-xZzQ08

Request Chain 280

https://d5p.de17a.com/cookies/google?google_gid=CAESEOOgWG82KP-LupQ9CiHPvAY&google_cver=1&google_push=AQvitUIMxtKRrJhdwODghUXg8CkTREsUXwQ_kua-TH-RckmSdUBlhgStzLt1Jmx_h_Yk0n7a_m50IH6bBNU0JUHivxe6LuDnJw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AQvitUIMxtKRrJhdwODghUXg8CkTREsUXwQ_kua-TH-RckmSdUBlhgStzLt1Jmx_h_Yk0n7a_m50IH6bBNU0JUHivxe6LuDnJw

Request Chain 284

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEP2ymleGpuqHlaml7wrsAo8&google_cver=1&google_push=AQvitUIUbIMF956cDevHnCmIQL4C4hWIBW3nhQwTgIgtzEIhZYT7KB0K9ZPE4WYajexlWzSFVjnq87DkVERiCmdLm9bnrDsYjZjR HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzY0ODIzODE5NjM0NzI2MjIxMw== HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEP2ymleGpuqHlaml7wrsAo8&google_cver=1

Request Chain 285

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMfl16C9DY0D9RLpxG2j5us&google_cver=1&google_push=AQvitULIC8EUljXbgce-xx_VfNqtjGebY3wgVecZfkRSKIW4RSAGuB1a6RWTvTCUWqUg-SLDbDN9w955Kybngv_UqTFfO5hrUfkdDg HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AQvitULIC8EUljXbgce-xx_VfNqtjGebY3wgVecZfkRSKIW4RSAGuB1a6RWTvTCUWqUg-SLDbDN9w955Kybngv_UqTFfO5hrUfkdDg&google_hm=kjI9oUGjiyZRqBRf0RVl6Q

Request Chain 286

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEF0z8tmob0Wb39tPOnuJcfM&google_cver=1&google_push=AQvitUJs1VivT_AZuUPNmuf_prLMvcCesbywnM3UZAwsjKawircCvBkGVGU04of06yqRgE1jSUcTeMLiwDd_w1Ha7lW2qc_QMvorFw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Nmt6dk5SUzcxTHNuTHI1&google_gid=CAESEF0z8tmob0Wb39tPOnuJcfM&google_cver=1&google_push=AQvitUJs1VivT_AZuUPNmuf_prLMvcCesbywnM3UZAwsjKawircCvBkGVGU04of06yqRgE1jSUcTeMLiwDd_w1Ha7lW2qc_QMvorFw

Request Chain 288

https://d5p.de17a.com/cookies/google?google_gid=CAESEOOgWG82KP-LupQ9CiHPvAY&google_cver=1&google_push=AQvitULiJGmGOJbxTDZMCOZfF5rUBejorLVDYC19FYilkZzHk0uQsEp1shGet7TaFq7CqHaB_-kuEj8jmqxxMudhO5qcbQ-jAJBojA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AQvitULiJGmGOJbxTDZMCOZfF5rUBejorLVDYC19FYilkZzHk0uQsEp1shGet7TaFq7CqHaB_-kuEj8jmqxxMudhO5qcbQ-jAJBojA

Request Chain 300

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=ylZnYIOhEeLGxgKkwJzIBg&random=228039662&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=228039662&crd=&is_vtc=1&random=24456416 HTTP 302
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=228039662&crd=&is_vtc=1&random=24456416&ipr=y

Request Chain 301

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=ylZnYKijEcKdmLAP26WzkAg&random=1426034569&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1426034569&crd=&is_vtc=1&random=576658323 HTTP 302
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1426034569&crd=&is_vtc=1&random=576658323&ipr=y

323 HTTP transactions
18 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
koton-magazadzhylyk.tam.by/
Redirect Chain

http://koton-magazadzhylyk.tam.by/
https://koton-magazadzhylyk.tam.by/

74 KB
17 KB

195ms
113ms

Document
text/html

2a0a:7d80::b
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL

https://koton-magazadzhylyk.tam.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0a:7d80::b Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),

Reverse DNS

Software

nginx /

Resource Hash

33813d331f47ff18b36ef895ad6318ce54a5e0ec145629f1cc17ea9b5be2feb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

:method: GET
:authority: koton-magazadzhylyk.tam.by
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
date: Fri, 02 Apr 2021 17:39:17 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding Accept-Encoding Cookie
link: <https://yastatic.net>; rel=preconnect; crossorigin, <https://s2r.tut.by>; rel=preconnect; crossorigin, <https://mc.yandex.ru>; rel=preconnect; crossorigin, <https://tam.by/css/by3/styles.min~catalog~custom~r0~r0~r0~r12053.css>; rel=preload; as=style; type=text/css, <https://tam.by/js/by3/modernizr~jquery-3.4.1.min~libs.min~main.min~catalog~catalog_suggests~catalog_geo~tam_core_extended~catalog_login~catalog_reviews~catalog_list~catalog_map~tam_by_events~r0~r0~r0~r12054.js>; rel=preload; as=script; type=text/javascript, <https://yastatic.net/pcode/adfox/loader.js>; rel=preload; as=script; type=text/javascript; crossorigin=anonymous
strict-transport-security: max-age=86400
referrer-policy: unsafe-url
content-encoding: gzip

Redirect headers

Server: nginx
Date: Fri, 02 Apr 2021 17:39:17 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://koton-magazadzhylyk.tam.by/
Strict-Transport-Security: max-age=86400
Referrer-Policy: unsafe-url

GET
H2 200 styles.min~catalog~custom~r0~r0~r0~r12053.css
tam.by/css/by3/ 313 KB
42 KB 165ms
163ms Stylesheet
text/css 2a0a:7d80::b
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL

https://tam.by/css/by3/styles.min~catalog~custom~r0~r0~r0~r12053.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0a:7d80::b Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),

Reverse DNS

Software

nginx /

Resource Hash

d61dec7be8ee9080cd713a30cbd91a22d0b594d5835467a3aac451b65a709578

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:17 GMT
content-encoding: gzip
referrer-policy: unsafe-url
server: nginx
etag: W/"605de22a-4e433"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
cache-control: max-age=604800
strict-transport-security: max-age=86400
expires: Fri, 09 Apr 2021 17:39:17 GMT

GET
H2 200 modernizr~jquery-3.4.1.min~libs.min~main.min~catalog~catalog_suggests~catalog_geo~tam_core_extended~catalog_login~catalog_reviews~catalog_list~catalog_map~tam_by_events~r0~r0~r0~r12054.js Show response
tam.by/js/by3/ 416 KB
119 KB 165ms
163ms Script
application/javascript 2a0a:7d80::b
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL

https://tam.by/js/by3/modernizr~jquery-3.4.1.min~libs.min~main.min~catalog~catalog_suggests~catalog_geo~tam_core_extended~catalog_login~catalog_reviews~catalog_list~catalog_map~tam_by_events~r0~r0~r0~r12054.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0a:7d80::b Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),

Reverse DNS

Software

nginx /

Resource Hash

73ea2c7e832452d7d280683c3794bcbab625458f9ecf9afc03e1aba63db84418

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:17 GMT
content-encoding: gzip
referrer-policy: unsafe-url
last-modified: Fri, 26 Mar 2021 13:31:22 GMT
server: nginx
etag: W/"605de22a-6801e"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf8
cache-control: max-age=604800
strict-transport-security: max-age=86400
expires: Fri, 09 Apr 2021 17:39:17 GMT

GET
H2 200 loader.js Show response
yastatic.net/pcode/adfox/ 164 KB
37 KB 101ms
32ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

03aed30c7279eaf7eab23c407e0f16fc9e222534ddd9a4d06d7379ccccbe481a

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://koton-magazadzhylyk.tam.by
Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:17 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 37707
last-modified: Thu, 01 Apr 2021 15:37:05 GMT
server: nginx/1.17.9
etag: "85aeca83da2c94d067eb2a4306762349"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Apr 2021 18:35:57 GMT

GET
H2 200 1px.gif
s2r.tut.by/ 43 B
207 B 57ms
52ms Image
image/gif 2a0a:7d80::c:1:0
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2r.tut.by/1px.gif
Requested by: Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a0a:7d80::c:1:0 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:18 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
content-type: image/gif
cache-control: max-age=5184000
x-robots-tag: noindex, nofollow
content-length: 43
expires: Tue, 01 Jun 2021 17:39:18 GMT

GET
H2 200 32687386e507930c626de1444b3928df-1.png
img.tam.by/240x150c/company/0e/0/ 15 KB
15 KB 127ms
86ms Image
image/png 2a0a:7d80::b
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tam.by/240x150c/company/0e/0/32687386e507930c626de1444b3928df-1.png
Requested by: Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0a:7d80::b Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: 92a4a039e38c6ae8219c6e5bfd1f9673ff9abb785dd4dbaa4d026b1536d03436

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:18 GMT
last-modified: Wed, 26 Jun 2019 07:51:02 GMT
server: nginx
etag: "5d1323e6-3b2a"
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 15146
expires: Fri, 09 Apr 2021 17:39:18 GMT

GET
H2 200 44a4c1bf4431d8a65bdb39ae2f05c2b8c2248636.jpg
img.tam.by/240x150c/user_uploads/0b/e/ 10 KB
10 KB 90ms
49ms Image
image/jpeg 2a0a:7d80::b
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tam.by/240x150c/user_uploads/0b/e/44a4c1bf4431d8a65bdb39ae2f05c2b8c2248636.jpg
Requested by: Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0a:7d80::b Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: cde1c67d99aac59b55c20e8b666b9b7b9b86a8d00abd7bc445dfdc22e2abe439

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:18 GMT
last-modified: Wed, 14 Nov 2018 07:44:40 GMT
server: nginx
etag: "5bebd268-28a9"
content-type: image/jpeg
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 10409
expires: Fri, 09 Apr 2021 17:39:18 GMT

GET
H2 200 320543c570d633429e01e3e61f8d3ee6-1.jpg
img.tam.by/240x150c/company/09/d/ 7 KB
7 KB 89ms
49ms Image
image/jpeg 2a0a:7d80::b
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tam.by/240x150c/company/09/d/320543c570d633429e01e3e61f8d3ee6-1.jpg
Requested by: Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0a:7d80::b Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: 568f21dcc485a41ddbe72a5c4c7ac7346ffbd17b8754fe22272b1e2ab2f61dfb

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:18 GMT
last-modified: Mon, 22 Mar 2021 07:57:58 GMT
server: nginx
etag: "60584e06-1bba"
content-type: image/jpeg
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7098
expires: Fri, 09 Apr 2021 17:39:18 GMT

GET
H2 200 af920a5f5465aed6e65fa13708df7144-2.jpg
img.tam.by/240x150c/offers/00/f/ 7 KB
8 KB 131ms
91ms Image
image/jpeg 2a0a:7d80::b
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tam.by/240x150c/offers/00/f/af920a5f5465aed6e65fa13708df7144-2.jpg
Requested by: Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0a:7d80::b Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: a1af81e943d1266d70e99cb4a7470e7697034c627e5612c3e3ea04fba146355c

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:18 GMT
last-modified: Mon, 01 Feb 2021 07:12:29 GMT
server: nginx
etag: "6017a9dd-1d79"
content-type: image/jpeg
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7545
expires: Fri, 09 Apr 2021 17:39:18 GMT

GET
H2 200 116f0df9096635861ff12e6177aed855-2.jpg
img.tam.by/240x150c/offers/08/b/ 14 KB
14 KB 130ms
90ms Image
image/jpeg 2a0a:7d80::b
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tam.by/240x150c/offers/08/b/116f0df9096635861ff12e6177aed855-2.jpg
Requested by: Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0a:7d80::b Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: 144dcdd61f86733bd5d48e15984754b51d48682828c38cf7bdf0a44f4a2865fc

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:18 GMT
last-modified: Sat, 23 Jan 2021 07:12:50 GMT
server: nginx
etag: "600bcc72-3771"
content-type: image/jpeg
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 14193
expires: Fri, 09 Apr 2021 17:39:18 GMT

GET
H2 200 857171a5833a9ae5c7684488c0e7e27db3c03a11.png
img.tam.by/240x150c/user_uploads/0f/6/ 67 KB
68 KB 90ms
50ms Image
image/png 2a0a:7d80::b
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tam.by/240x150c/user_uploads/0f/6/857171a5833a9ae5c7684488c0e7e27db3c03a11.png
Requested by: Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0a:7d80::b Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: 7a301b89a0d78d1135830780c1aaa9a818b4defba66bd7e9148e22a4c722df6f

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:18 GMT
last-modified: Wed, 24 Feb 2021 12:31:48 GMT
server: nginx
etag: "60364734-10d65"
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 68965
expires: Fri, 09 Apr 2021 17:39:18 GMT

GET
H2 200 1c5ff914f79882bc29f7ee4d6c743891-1.jpg
img.tam.by/240x150s/offers/00/6/ 9 KB
10 KB 47ms
43ms Image
image/jpeg 2a0a:7d80::b
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tam.by/240x150s/offers/00/6/1c5ff914f79882bc29f7ee4d6c743891-1.jpg
Requested by: Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0a:7d80::b Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: f84c279a15f661fbc8046d271d4fddb5e3f166e4ff17845712dba8dd27d320b8

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:18 GMT
last-modified: Fri, 05 Jan 2018 11:10:34 GMT
server: nginx
etag: "5a4f5d2a-2599"
content-type: image/jpeg
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 9625
expires: Fri, 09 Apr 2021 17:39:18 GMT

GET
H2 200 6d02b4f2bb07aa75ee2ffce310e48fe1846a82c2-1.jpg
img.tam.by/240x150s/offers/00/2/ 5 KB
5 KB 47ms
44ms Image
image/jpeg 2a0a:7d80::b
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tam.by/240x150s/offers/00/2/6d02b4f2bb07aa75ee2ffce310e48fe1846a82c2-1.jpg
Requested by: Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0a:7d80::b Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: c599ed684250b7755d158899137fa00a7d4b3f60d62db00a3940b980ce3ac325

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:18 GMT
last-modified: Mon, 10 Sep 2018 15:28:32 GMT
server: nginx
etag: "5b968da0-14db"
content-type: image/jpeg
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 5339
expires: Fri, 09 Apr 2021 17:39:18 GMT

GET
H2 200 6ec7538cef28974e8984db48cd2cad76-1.jpg
img.tam.by/240x150s/offers/09/0/ 9 KB
9 KB 78ms
77ms Image
image/jpeg 2a0a:7d80::b
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tam.by/240x150s/offers/09/0/6ec7538cef28974e8984db48cd2cad76-1.jpg
Requested by: Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0a:7d80::b Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: 2581a0241f048f30c4a0521ad4a65682718300a23217c2dfb79c9ef7090c8dc4

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:18 GMT
last-modified: Thu, 20 Sep 2018 15:05:30 GMT
server: nginx
etag: "5ba3b73a-247a"
content-type: image/jpeg
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 9338
expires: Fri, 09 Apr 2021 17:39:18 GMT

GET
H2 200 a9901fc633de4052467b60a6f434b005-2.jpg
img.tam.by/240x150s/offers/04/a/ 9 KB
9 KB 49ms
49ms Image
image/jpeg 2a0a:7d80::b
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tam.by/240x150s/offers/04/a/a9901fc633de4052467b60a6f434b005-2.jpg
Requested by: Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0a:7d80::b Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: decaf592259e884077141fe15ede999d7f29a5b860a460c23656238f41a6acb8

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:18 GMT
last-modified: Thu, 29 Jun 2017 09:23:09 GMT
server: nginx
etag: "5954c6fd-220c"
content-type: image/jpeg
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 8716
expires: Fri, 09 Apr 2021 17:39:18 GMT

GET
H2 200 cf2ebd4159d35d0c9399f14dd4fe76c7-1.jpg
img.tam.by/240x150s/offers/0b/4/ 5 KB
5 KB 83ms
82ms Image
image/jpeg 2a0a:7d80::b
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tam.by/240x150s/offers/0b/4/cf2ebd4159d35d0c9399f14dd4fe76c7-1.jpg
Requested by: Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0a:7d80::b Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: a4a6d6a23939f2e6afaaef326283efede10c37bd0710fe2cdfcaddad81fb8db2

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:18 GMT
last-modified: Wed, 15 Feb 2017 18:08:06 GMT
server: nginx
etag: "58a49906-1435"
content-type: image/jpeg
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 5173
expires: Fri, 09 Apr 2021 17:39:18 GMT

GET
H2 200 9da0aacfaff3f56941edc660c0bcdfb3-2.jpg
img.tam.by/240x150s/offers/04/10/ 10 KB
10 KB 83ms
82ms Image
image/jpeg 2a0a:7d80::b
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tam.by/240x150s/offers/04/10/9da0aacfaff3f56941edc660c0bcdfb3-2.jpg
Requested by: Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0a:7d80::b Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: c386fe6a00a4a05182b79972d00e9cbad80bb7092099f6465dee8f69e10e4c19

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:18 GMT
last-modified: Wed, 04 Nov 2020 07:50:18 GMT
server: nginx
etag: "5fa25d3a-260a"
content-type: image/jpeg
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 9738
expires: Fri, 09 Apr 2021 17:39:18 GMT

GET
H2 200 6599c6a6d28a87a24e78dce2903c47bf-1.jpg
img.tam.by/240x150s/offers/06/e/ 13 KB
14 KB 77ms
75ms Image
image/jpeg 2a0a:7d80::b
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tam.by/240x150s/offers/06/e/6599c6a6d28a87a24e78dce2903c47bf-1.jpg
Requested by: Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0a:7d80::b Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: 69dc445ce7660410166c39c3a57523adbde1a453f569686398f2ace985871b3d

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:18 GMT
last-modified: Tue, 06 Aug 2019 08:28:02 GMT
server: nginx
etag: "5d493a12-3550"
content-type: image/jpeg
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13648
expires: Fri, 09 Apr 2021 17:39:18 GMT

GET
H2 200 1_mesec_obsluzivania_besplatno_fon_2-1.png
img.tam.by/240x150s/crop_offers/07/6/ 43 KB
43 KB 77ms
75ms Image
image/png 2a0a:7d80::b
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tam.by/240x150s/crop_offers/07/6/1_mesec_obsluzivania_besplatno_fon_2-1.png
Requested by: Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0a:7d80::b Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: b1ecf87d9fba11c5f1ae5369323b0e1637869e058b726178e8b804941eb106b5

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:18 GMT
last-modified: Fri, 08 Sep 2017 14:35:21 GMT
server: nginx
etag: "59b2aaa9-aab3"
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 43699
expires: Fri, 09 Apr 2021 17:39:18 GMT

GET
H2 200 api Show response
s2r.tut.by/ 96 KB
16 KB 211ms
49ms Script
application/javascript 2a0a:7d80::c:1:0
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://s2r.tut.by/api?rev=r0~r2375~r0~r0
Requested by: Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a0a:7d80::c:1:0 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: 31697d4d66425d89d7fd18d49398d684e70656568ed4ecc64761840f7b4e2724

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:17 GMT
content-encoding: gzip
last-modified: Fri, 10 May 2019 13:17:30 GMT
server: nginx
etag: W/"5cd579ea-1805c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf8
cache-control: max-age=600
x-robots-tag: noindex, nofollow
expires: Fri, 02 Apr 2021 17:49:17 GMT

GET
H2 200 ajax-loader-transparent.gif
tam.by//images/i/by4/ 673 B
887 B 51ms
46ms Image
image/gif 2a0a:7d80::b
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tam.by//images/i/by4/ajax-loader-transparent.gif?v=1
Requested by: Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0a:7d80::b Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: 251e59286801a47d97bf67d9c7dfdbad02df1a6e524c81a9220c451be679b3fa

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:18 GMT
last-modified: Thu, 20 Aug 2015 13:27:32 GMT
server: nginx
etag: "55d5d5c4-2a1"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 673
expires: Fri, 09 Apr 2021 17:39:18 GMT

GET
H2 200 booking.js Show response
tam.by/js/by3/ 5 KB
1 KB 92ms
92ms Script
application/javascript 2a0a:7d80::b
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL

https://tam.by/js/by3/booking.js?446622234

Requested by

Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0a:7d80::b Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),

Reverse DNS

Software

nginx /

Resource Hash

7ea072ad6ad5e30314f8ee336c482e773605d45a713bbb7df6eb727073da8f9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:18 GMT
content-encoding: gzip
referrer-policy: unsafe-url
last-modified: Thu, 11 Jul 2019 09:48:13 GMT
server: nginx
etag: W/"5d2705dd-1257"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf8
cache-control: max-age=604800
strict-transport-security: max-age=86400
expires: Fri, 09 Apr 2021 17:39:18 GMT

GET
H/1.1 200
OK / Show response
api-maps.yandex.ru/2.1/ 35 KB
13 KB 157ms
55ms Script
application/javascript 2a02:6b8::173
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://api-maps.yandex.ru/2.1/?lang=ru_RU

Requested by

Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::173 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx /

Resource Hash

e8f4701198549152dc15a4959ca0cbcb06f4bc5408cf2577e7bb0b291ec47748

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Apr 2021 17:39:18 GMT
Content-Encoding: gzip
X-LIGHTTPD-LOCALE: ru_RU
Server: nginx
X-qloud-router: sas2-ca89f1d37d82.qloud-c.yandex.net
Vary: Accept-Encoding, Origin
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff, nosniff
Content-Disposition: attachment; filename=json.txt
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=120
X-XSS-Protection: 1; mode=block

GET
H2 200 powered-by-google-on-white.png
tam.by/images/catalog/ 2 KB
2 KB 47ms
43ms Image
image/png 2a0a:7d80::b
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tam.by/images/catalog/powered-by-google-on-white.png
Requested by: Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0a:7d80::b Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: 533cb39f7dad385e4b124588f494e5a8d192f26ff49360d0a38c635a369c852f

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:18 GMT
last-modified: Fri, 30 Dec 2016 07:24:02 GMT
server: nginx
etag: "58660b92-855"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 2133
expires: Fri, 09 Apr 2021 17:39:18 GMT

GET
H/1.1 200
OK track.js Show response
ad.tam.by/retarget/ 2 KB
2 KB 217ms
48ms Script
application/x-javascript 93.125.48.34
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.tam.by/retarget/track.js
Requested by: Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.125.48.34 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-34.hoster.by
Software: nginx/1.14.2 /
Resource Hash: 61ffbb80b1c185686850ce79ab22efac48c19de958143b051110f47f3630273e

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Apr 2021 17:39:18 GMT
Content-Encoding: gzip
Server: nginx/1.14.2
ETag: W/"8c4-KRHCzlIwEqpWaBZ6GHcFM8WspWg"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/x-javascript; charset=utf-8
Access-Control-Expose-Headers: IPCity
Cache-Control: public, max-age=18000000
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-type,Accept,X-Access-Token,X-Key,If-Modified-Since,Authorization,Etag,If-None-Match,IPCity

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 43 KB
17 KB 142ms
47ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

7b836f980105af48cc460cba4d6beded383be23233b43010337cddf9642ae7d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16505
x-xss-protection: 0
server: cafe
etag: 16397456148590585425
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 02 Apr 2021 17:39:18 GMT

GET
H2 200 getcookie Show response
matchid.adfox.yandex.ru/ 88 B
381 B 159ms
55ms XHR
application/json 2a02:6b8::16b
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://matchid.adfox.yandex.ru/getcookie

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::16b Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

fd4792af15618a2282c1ed68e4e1b49c20a7d99aecaf02f55c309459283f97fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://koton-magazadzhylyk.tam.by
date: Fri, 02 Apr 2021 17:39:18 GMT
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 88
x-content-type-options: nosniff
content-type: application/json

GET
H2 200 1e06858be6830fbbd966.js Show response
yastatic.net/partner-code-bundles/14318/ 74 KB
17 KB 44ms
40ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/14318/1e06858be6830fbbd966.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

dc60e9f5d3c55b6e616b6e3620cc8aeaa9a3aeb5d15e3837b539b96908a22dfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://koton-magazadzhylyk.tam.by
Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:18 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 16556
last-modified: Thu, 01 Apr 2021 15:00:45 GMT
server: nginx/1.17.9
etag: "4b4b8063bab9ee34b22ce35b33b0f580"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Apr 2051 00:13:58 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.80/ 29 KB
8 KB 36ms
36ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.80/host.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

9a10b1418ae87e1667a44c85f39b5e1af9b8a24279d9a2743c0859d478f3f925

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://koton-magazadzhylyk.tam.by
Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:18 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8120
last-modified: Wed, 13 Jan 2021 14:53:48 GMT
server: nginx/1.17.9
etag: "7fa61ab429a981f415ba1c49d1babdbb"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Apr 2051 00:12:21 GMT

GET
H2 200 context.js Show response
an.yandex.ru/system/ 127 KB
36 KB 163ms
64ms Script
text/javascript 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/system/context.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

a47b060bb0a97c5cca519382a0e368297cb14376d1adc2e596fd33e3fbe6c4f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
strict-transport-security: max-age=31536000
content-encoding: br
etag: 408278568
x-yandex-req-id: 1617385158282523-1742346732650946642400113-production-app-host-sas-pcode-60
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Fri, 02 Apr 2021 18:39:18 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 5051
date: Fri, 02 Apr 2021 16:15:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19463
expires: Fri, 02 Apr 2021 18:15:07 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 123 KB
43 KB 49ms
49ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

0feb630da27b3b9a39d2ae12f49ae9fc24c11e0f5dd8416bcd726d34f6f52523

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:18 GMT
content-encoding: br
last-modified: Tue, 30 Mar 2021 15:00:53 GMT
etag: "6064af5d-acf8"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 44280
expires: Fri, 02 Apr 2021 18:39:18 GMT

GET
H2 200 xgemius.js Show response
gaby.hit.gemius.pl/ 39 KB
10 KB 162ms
51ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaby.hit.gemius.pl/xgemius.js
Requested by: Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: e638d0a2e34839411a00a5b34800a1dbf737b68fcea0b85c683e0d46414d3556

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:18 GMT
content-encoding: gzip
last-modified: Wed, 17 Mar 2021 11:13:20 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
accept-ranges: none
content-type: application/x-javascript
content-length: 10549
expires: Sat, 03 Apr 2021 05:39:18 GMT

GET
H2 200 sprite.svg
koton-magazadzhylyk.tam.by/images/by3/svg/symbol/ 23 KB
8 KB 85ms
82ms Other
image/svg+xml 2a0a:7d80::b
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://koton-magazadzhylyk.tam.by/images/by3/svg/symbol/sprite.svg
Requested by: Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0a:7d80::b Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: b6745005745b7aefe26dfacb5bfd8a04b5e1a8ed10ca5da39529921bcd5c0956

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:18 GMT
content-encoding: gzip
last-modified: Fri, 07 Jun 2019 12:53:40 GMT
server: nginx
etag: W/"5cfa5e54-5c76"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800
expires: Fri, 09 Apr 2021 17:39:18 GMT

GET
H2 200 res_co_track.gif
c1hit.tut.by/ 43 B
297 B 100ms
37ms Image
image/gif 2a0a:7d80::c:1:0
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c1hit.tut.by/res_co_track.gif
Requested by: Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a0a:7d80::c:1:0 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:18 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
content-type: image/gif
cache-control: no-cache
x-robots-tag: noindex, nofollow
content-length: 43
expires: Fri, 02 Apr 2021 17:39:17 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 78 KB
31 KB 20ms
19ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K9H4XJ

Requested by

Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e94cd3d9ee3b384ed97fd357867367da1c1b4c90e671e241a6895851deb4b73b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:18 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31424
x-xss-protection: 0
last-modified: Fri, 02 Apr 2021 15:19:23 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 02 Apr 2021 17:39:18 GMT

GET
DATA 200
OK truncated
/ 624 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e09aea00e38e6dd82f3ef7fb470a7185501238189d6a9fb932a783a79fa8076e

Request headers

Referer: https://tam.by/css/by3/styles.min~catalog~custom~r0~r0~r0~r12053.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 jstracer Show response
an.yandex.ru/ 2 B
262 B 167ms
79ms XHR
application/json 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/jstracer?adfox=14318&fatal=ADFOX_0x0

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 2
x-xss-protection: 1; mode=block

GET
H2

200

v2 Show response
an.yandex.ru/adfox/312020/getBulk/
Redirect Chain

https://an.yandex.ru/adfox/312020/getBulk/v2?dl=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&date=2021-04-02T19%3A39%3A18.210%2B02%3A00&pd=2&pdh=1200&pdw=1600&pr1=3445240191&pr=1603982883&prr=&pv=19...
https://an.yandex.ru/adfox/312020/getBulk/v2?redir-setuniq=1&dl=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&date=2021-04-02T19%3A39%3A18.210%2B02%3A00&pd=2&pdh=1200&pdw=1600&pr1=3445240191&pr=16039...

6 KB
2 KB

194ms
194ms

XHR
application/json

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/312020/getBulk/v2?redir-setuniq=1&dl=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&date=2021-04-02T19%3A39%3A18.210%2B02%3A00&pd=2&pdh=1200&pdw=1600&pr1=3445240191&pr=1603982883&prr=&pv=19&pw=5&extid_loader=&extid_tag_loader=koton-magazadzhylyk.tam.by&ylv=0.14318&ybv=0.14318&ytt=553054348773397&is-turbo=0&skip-token=&ad-session-id=5757701617385158233&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A0%2C%22h%22%3A0%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A0%2C%22top%22%3A0%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=0&p1=cjsjp&p2=gmyu&slotNumber=1&bids=W10%3D&grab=dNCa0J7QotCe0J0g0JzQkNCT0JDQl9CQ0JTQltCr0JvQq9CaINCyINCc0LjQvdGB0LrQtQo%3D&utf8=%E2%9C%93&use-server-side-rendering=1

Requested by

Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

c6f8d89e1bcd01377c4eb7a6a74e10b08318f0c86b938dc574c77d2108f13aae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:18 GMT
content-encoding: gzip
last-modified: Fri, 02 Apr 2021 17:39:18 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://koton-magazadzhylyk.tam.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 02 Apr 2021 17:39:18 GMT

Redirect headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:18 GMT
content-encoding: gzip
last-modified: Fri, 02 Apr 2021 17:39:18 GMT
location: https://an.yandex.ru/adfox/312020/getBulk/v2?redir-setuniq=1&dl=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&date=2021-04-02T19%3A39%3A18.210%2B02%3A00&pd=2&pdh=1200&pdw=1600&pr1=3445240191&pr=1603982883&prr=&pv=19&pw=5&extid_loader=&extid_tag_loader=koton-magazadzhylyk.tam.by&ylv=0.14318&ybv=0.14318&ytt=553054348773397&is-turbo=0&skip-token=&ad-session-id=5757701617385158233&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A0%2C%22h%22%3A0%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A0%2C%22top%22%3A0%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=0&p1=cjsjp&p2=gmyu&slotNumber=1&bids=W10%3D&grab=dNCa0J7QotCe0J0g0JzQkNCT0JDQl9CQ0JTQltCr0JvQq9CaINCyINCc0LjQvdGB0LrQtQo%3D&utf8=%E2%9C%93&use-server-side-rendering=1
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://koton-magazadzhylyk.tam.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 02 Apr 2021 17:39:18 GMT

GET
DATA 200
OK truncated Show response
/ 360 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a709c3f568cb8f4026537b3bf992f80ac6f447a28f38917c31c72eb79e0cdefa

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H2 200 18408_9854_advertising.gif
c2hit.tut.by/stat/1362/54156/js/161738515/ 43 B
299 B 103ms
40ms Image
image/gif 2a0a:7d80::c:1:0
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c2hit.tut.by/stat/1362/54156/js/161738515/18408_9854_advertising.gif
Requested by: Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a0a:7d80::c:1:0 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:18 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
content-type: image/gif
cache-control: max-age=60
x-robots-tag: noindex, nofollow
content-length: 43
expires: Fri, 02 Apr 2021 17:40:18 GMT

GET
H2 200 18408_6826_advertising.gif
c2hit.tut.by/stat/1372/54243/js/161738515/ 43 B
299 B 102ms
39ms Image
image/gif 2a0a:7d80::c:1:0
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c2hit.tut.by/stat/1372/54243/js/161738515/18408_6826_advertising.gif
Requested by: Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a0a:7d80::c:1:0 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:18 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
content-type: image/gif
cache-control: max-age=60
x-robots-tag: noindex, nofollow
content-length: 43
expires: Fri, 02 Apr 2021 17:40:18 GMT

GET
H2 200 18408_1732_advertising.gif
c2hit.tut.by/stat/1360/54152/js/161738515/ 43 B
299 B 90ms
38ms Image
image/gif 2a0a:7d80::c:1:0
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c2hit.tut.by/stat/1360/54152/js/161738515/18408_1732_advertising.gif
Requested by: Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a0a:7d80::c:1:0 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:18 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
content-type: image/gif
cache-control: max-age=60
x-robots-tag: noindex, nofollow
content-length: 43
expires: Fri, 02 Apr 2021 17:40:18 GMT

GET
H2 200 v2 Show response
an.yandex.ru/adfox/312020/getBulk/ 6 KB
2 KB 196ms
192ms XHR
application/json 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/312020/getBulk/v2?dl=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&date=2021-04-02T19%3A39%3A18.333%2B02%3A00&pd=2&pdh=1200&pdw=1600&pr1=723603282&pr=1603982883&prr=&pv=19&pw=5&extid_loader=&extid_tag_loader=koton-magazadzhylyk.tam.by&ylv=0.14318&ybv=0.14318&ytt=553054348773397&is-turbo=0&skip-token=&ad-session-id=5757701617385158233&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A280%2C%22h%22%3A0%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A366%2C%22top%22%3A885%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=0&p1=cjsis&p2=gmys&slotNumber=2&bids=W10%3D&grab=dNCa0J7QotCe0J0g0JzQkNCT0JDQl9CQ0JTQltCr0JvQq9CaINCyINCc0LjQvdGB0LrQtQox0JrQntCi0J7QnSDQnNCQ0JPQkNCX0JDQlNCW0KvQm9Cr0JogCjLQodC60LjQtNC60Lgg0Lgg0LDQutGG0LjQuCAK&utf8=%E2%9C%93&use-server-side-rendering=1

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

06f3b04eeb7feeaf1ab3a24361b784c9b2ef7ae5a32b4e08d0158e6fbd273ba0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:18 GMT
content-encoding: gzip
last-modified: Fri, 02 Apr 2021 17:39:18 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://koton-magazadzhylyk.tam.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 02 Apr 2021 17:39:18 GMT

GET
H2 200 stars-gray.svg
tam.by/images/by3/content/ 2 KB
595 B 115ms
115ms Image
image/svg+xml 2a0a:7d80::b
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tam.by/images/by3/content/stars-gray.svg
Requested by: Host: tam.by
URL: https://tam.by/css/by3/styles.min~catalog~custom~r0~r0~r0~r12053.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0a:7d80::b Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: fd0d1e46f88e8ab51c3d4cfaaa9a22c2c2c5fd0e578b06afc7f710456e474b46

Request headers

Referer: https://tam.by/css/by3/styles.min~catalog~custom~r0~r0~r0~r12053.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:18 GMT
content-encoding: gzip
last-modified: Wed, 31 Jul 2019 12:43:11 GMT
server: nginx
etag: W/"5d418cdf-6d1"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800
expires: Fri, 09 Apr 2021 17:39:18 GMT

GET
H3-Q050 200 js Show response
www.google-analytics.com/gtm/ 86 KB
34 KB 20ms
20ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-TDBJVHT&cid=1948603448.1617385158

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

130b35d863e7d9123a75754ce638ddd00f7bbc8c8bc492ccbb9763737ec03c60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:18 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34724
x-xss-protection: 0
last-modified: Fri, 02 Apr 2021 15:19:23 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 02 Apr 2021 17:39:18 GMT

POST
H/1.1 200
OK show Show response
ad.tam.by/api/retarget/offers/ 15 B
664 B 71ms
49ms XHR
application/json 93.125.48.34
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.tam.by/api/retarget/offers/show
Requested by: Host: tam.by
URL: https://tam.by/js/by3/modernizr~jquery-3.4.1.min~libs.min~main.min~catalog~catalog_suggests~catalog_geo~tam_core_extended~catalog_login~catalog_reviews~catalog_list~catalog_map~tam_by_events~r0~r0~r0~r12054.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.125.48.34 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-34.hoster.by
Software: nginx/1.14.2 /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Fri, 02 Apr 2021 17:39:18 GMT
Server: nginx/1.14.2
ETag: W/"f-VaSQ4oDUiZblZNAEkkN+sX+q3Sg"
Vary: X-HTTP-Method-Override
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://koton-magazadzhylyk.tam.by
Access-Control-Expose-Headers: IPCity
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-type,Accept,X-Access-Token,X-Key,If-Modified-Since,Authorization,Etag,If-None-Match,IPCity
Content-Length: 15

GET
H2 200 18408_5208_advertising.gif
c2hit.tut.by/stat/1363/54157/js/161738515/ 43 B
299 B 45ms
36ms Image
image/gif 2a0a:7d80::c:1:0
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c2hit.tut.by/stat/1363/54157/js/161738515/18408_5208_advertising.gif
Requested by: Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a0a:7d80::c:1:0 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:18 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
content-type: image/gif
cache-control: max-age=60
x-robots-tag: noindex, nofollow
content-length: 43
expires: Fri, 02 Apr 2021 17:40:18 GMT

GET
H2 200 18408_3430_advertising.gif
c2hit.tut.by/stat/1361/54153/js/161738515/ 43 B
299 B 45ms
36ms Image
image/gif 2a0a:7d80::c:1:0
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c2hit.tut.by/stat/1361/54153/js/161738515/18408_3430_advertising.gif
Requested by: Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a0a:7d80::c:1:0 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:18 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
content-type: image/gif
cache-control: max-age=60
x-robots-tag: noindex, nofollow
content-length: 43
expires: Fri, 02 Apr 2021 17:40:18 GMT

GET
H2 200 full-ffb813a29f30feadb63b5654242d042b7b6a91aa.js Show response
yastatic.net/s3/front-maps-static/maps-front-jsapi-v2-1/2.1.78-11/build/release/ 3 MB
662 KB 104ms
32ms Script
application/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/s3/front-maps-static/maps-front-jsapi-v2-1/2.1.78-11/build/release/full-ffb813a29f30feadb63b5654242d042b7b6a91aa.js

Requested by

Host: api-maps.yandex.ru
URL: https://api-maps.yandex.ru/2.1/?lang=ru_RU

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

785f875b00c33e9b5372d7ada25ba6200bd430db1f01a58eb3ff8eb3c31e7257

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:18 GMT
content-encoding: gzip
last-modified: Fri, 26 Mar 2021 17:38:43 GMT
server: nginx/1.17.9
etag: W/"cbb078bbf4fdbb78535caeaa47bd2917"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sat, 02 Apr 2022 23:24:04 GMT
cache-control: public, max-age=31556952
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
x-nginx-request-id: 89325f6821368c82

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9231.spzOW3cp5G5uXi93NLdkJ3Z_9Sz3M1FNL-5Voj2JsSK9JX71uWWWj6Kkp3gDnXXx.fJqzkTaB8uLYEPMGp3_1GD0Xhw0%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9231.nuOxh327jcWTfUi1JuFqgH9MsEjPSKVvAWSsD25GI9GDECW9ijCDVGyyKNT5iDJilWZtDBAjhqMaMQMje4LIbbJyQyCbG0EucJXn5P8VZEk%2C.qGH0pwBqVFwEvvepa7In7sRWdUE%2C

43 B
377 B

56ms
56ms

Image
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9231.nuOxh327jcWTfUi1JuFqgH9MsEjPSKVvAWSsD25GI9GDECW9ijCDVGyyKNT5iDJilWZtDBAjhqMaMQMje4LIbbJyQyCbG0EucJXn5P8VZEk%2C.qGH0pwBqVFwEvvepa7In7sRWdUE%2C

Requested by

Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:18 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9231.nuOxh327jcWTfUi1JuFqgH9MsEjPSKVvAWSsD25GI9GDECW9ijCDVGyyKNT5iDJilWZtDBAjhqMaMQMje4LIbbJyQyCbG0EucJXn5P8VZEk%2C.qGH0pwBqVFwEvvepa7In7sRWdUE%2C
date: Fri, 02 Apr 2021 17:39:18 GMT
strict-transport-security: max-age=31536000
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 18408_9264_advertising.gif
c2hit.tut.by/stat/1359/54151/js/161738515/ 43 B
299 B 37ms
37ms Image
image/gif 2a0a:7d80::c:1:0
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c2hit.tut.by/stat/1359/54151/js/161738515/18408_9264_advertising.gif
Requested by: Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a0a:7d80::c:1:0 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:18 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
content-type: image/gif
cache-control: max-age=60
x-robots-tag: noindex, nofollow
content-length: 43
expires: Fri, 02 Apr 2021 17:40:18 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/997888407/ 2 KB
1 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/997888407/?random=1617385158490&cv=9&fst=1617385158490&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&tiba=%D0%9A%D0%9E%D0%A2%D0%9E%D0%9D%20%D0%9C%D0%90%D0%93%D0%90%D0%97%D0%90%D0%94%D0%96%D0%AB%D0%9B%D0%AB%D0%9A%20%D0%B2%20%D0%9C%D0%B8%D0%BD%D1%81%D0%BA%D0%B5&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ba92616ef39c857d074355bd95c05ebaab4926e2354cad22d7a566689e49fda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1049
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
72 B 49ms
48ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:18 GMT
last-modified: Tue, 30 Mar 2021 15:00:53 GMT
etag: "6064af5d-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Fri, 02 Apr 2021 18:39:18 GMT

GET
H2 200 da4a5ffa807a4e375917.js Show response
yastatic.net/partner-code-bundles/14307/ 12 KB
5 KB 34ms
33ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/14307/da4a5ffa807a4e375917.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

12d405bc873b728bf93562013bc26826c48c94cf7d776ecd763ddaac6e89b1bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://koton-magazadzhylyk.tam.by
Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:18 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4194
last-modified: Wed, 31 Mar 2021 11:33:52 GMT
server: nginx/1.17.9
etag: "6a7d5adcba4f06eaaaea14c30bff1e04"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Apr 2051 00:10:21 GMT

GET
H2 200 2debc7090af4334326bb.js Show response
yastatic.net/partner-code-bundles/14307/ 361 KB
78 KB 41ms
41ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/14307/2debc7090af4334326bb.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

ea479f3fcb3661b4b1fc554f00ffcdf272495dd0b10ea28f5b114af3d1f18d23

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://koton-magazadzhylyk.tam.by
Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:18 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 79633
last-modified: Wed, 31 Mar 2021 11:33:51 GMT
server: nginx/1.17.9
etag: "13d5736d4234026fe4891711bb2f3177"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Apr 2051 00:11:06 GMT

GET
H2 200 432e25c2f192797279bd.js Show response
yastatic.net/partner-code-bundles/14307/ 241 KB
42 KB 85ms
84ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/14307/432e25c2f192797279bd.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

1ce689cb61b527f5abe5307ca30161f8e8c247610d0a4644855d2dc8c6f3c7b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://koton-magazadzhylyk.tam.by
Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:18 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 42749
last-modified: Wed, 31 Mar 2021 11:33:51 GMT
server: nginx/1.17.9
etag: "e0ea6c6ab69932f4be5fdbaac2e41851"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Apr 2051 00:15:18 GMT

OPTIONS
H2 200 /
tam.by/ Frame 0
0 181ms
110ms Preflight
text/html 2a0a:7d80::a
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL

https://tam.by/?call=loginpopup&ret=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F

Protocol

Server

2a0a:7d80::a Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-requested-with
Origin: https://koton-magazadzhylyk.tam.by
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Fri, 02 Apr 2021 17:39:18 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding Accept-Encoding Cookie
access-control-allow-credentials: true
access-control-allow-origin: https://koton-magazadzhylyk.tam.by
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-headers: X-PINGOTHER, Authorization, Content-Type, x-requested-with
strict-transport-security: max-age=86400
referrer-policy: unsafe-url
content-encoding: gzip

GET
H2 200 / Show response
tam.by/ 13 KB
3 KB 56ms
46ms XHR
text/html 2a0a:7d80::b
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL

https://tam.by/?call=loginpopup&ret=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F

Requested by

Host: tam.by
URL: https://tam.by/js/by3/modernizr~jquery-3.4.1.min~libs.min~main.min~catalog~catalog_suggests~catalog_geo~tam_core_extended~catalog_login~catalog_reviews~catalog_list~catalog_map~tam_by_events~r0~r0~r0~r12054.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0a:7d80::b Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),

Reverse DNS

Software

nginx /

Resource Hash

3b4327a73dcf8380ca98c7b428c15b87679ea129ab2b425e41838c440830a74c

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: */*
Referer: https://koton-magazadzhylyk.tam.by/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:18 GMT
content-encoding: gzip
referrer-policy: unsafe-url
server: nginx
vary: Accept-Encoding, Accept-Encoding, Cookie
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://koton-magazadzhylyk.tam.by
cache-control: max-age=3600, public
access-control-allow-credentials: true
strict-transport-security: max-age=86400
access-control-allow-headers: X-PINGOTHER, Authorization, Content-Type, x-requested-with

OPTIONS
H/1.1 200
OK log
ad.tam.by/retarget/ Frame 0
0 157ms
55ms Preflight 93.125.48.34
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.tam.by/retarget/log
Protocol: HTTP/1.1
Server: 93.125.48.34 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-34.hoster.by
Software: nginx/1.14.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://koton-magazadzhylyk.tam.by
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.14.2
Date: Fri, 02 Apr 2021 17:39:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-type,Accept,X-Access-Token,X-Key,If-Modified-Since,Authorization,Etag,If-None-Match,IPCity
Access-Control-Expose-Headers: IPCity
Access-Control-Allow-Origin: https://koton-magazadzhylyk.tam.by
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS

GET
H2 200 ga.php Show response
www.tut.by/login/ 62 B
661 B 240ms
117ms Script
application/x-javascript 2a0a:7d80::b
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tut.by/login/ga.php

Requested by

Host: ad.tam.by
URL: https://ad.tam.by/retarget/track.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0a:7d80::b Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),

Reverse DNS

Software

nginx /

Resource Hash

74f8113a093a9772ebe29204ff0fd89b692fcc0ad69814bc1725fd8f68ceaa4e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:18 GMT
referrer-policy: unsafe-url
last-modified: Fri, 02 Apr 2021 17:39:18 GMT
server: nginx
vary: Cookie
content-type: application/x-javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=15768000
x-robots-tag: noindex, nofollow
content-length: 62
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK log Show response
ad.tam.by/retarget/ 6 B
562 B 50ms
48ms XHR
text/html 93.125.48.34
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.tam.by/retarget/log
Requested by: Host: ad.tam.by
URL: https://ad.tam.by/retarget/track.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.125.48.34 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-34.hoster.by
Software: nginx/1.14.2 /
Resource Hash: 7baa99652be2c7c7a89cd84eb9dd6b2cbd5f72217a229fdf08dfdd23eed637bb

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/json; charset=UTF-8

Response headers

Date: Fri, 02 Apr 2021 17:39:18 GMT
Server: nginx/1.14.2
ETag: W/"6-JBls4FkQjfZ7VowtRNIdA6ELOsw"
Vary: X-HTTP-Method-Override
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://koton-magazadzhylyk.tam.by
Access-Control-Expose-Headers: IPCity
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-type,Accept,X-Access-Token,X-Key,If-Modified-Since,Authorization,Etag,If-None-Match,IPCity
Content-Length: 6

GET
H2 200 fpdata.js Show response
gaby.hit.gemius.pl/ 275 B
388 B 57ms
56ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaby.hit.gemius.pl/fpdata.js?href=koton-magazadzhylyk.tam.by
Requested by: Host: gaby.hit.gemius.pl
URL: https://gaby.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: cacf7258ab3034a84e3d825e111afdb7e0b791dff8714520b0aa633bc43c9f56

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:18 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: private, max-age=2592000
accept-ranges: none
content-type: application/x-javascript
content-length: 275
expires: Sun, 02 May 2021 17:39:18 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
54 B 14ms
13ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j89&a=1312112141&t=pageview&_s=1&dl=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&ul=en-us&de=UTF-8&dt=%D0%9A%D0%9E%D0%A2%D0%9E%D0%9D%20%D0%9C%D0%90%D0%93%D0%90%D0%97%D0%90%D0%94%D0%96%D0%AB%D0%9B%D0%AB%D0%9A%20%D0%B2%20%D0%9C%D0%B8%D0%BD%D1%81%D0%BA%D0%B5&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGDAAEADQAAAAC~&jid=2131851534&gjid=1465018093&cid=1948603448.1617385158&tid=UA-46480880-15&_gid=2005468644.1617385158&_r=1&_slc=1&z=1893783740

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://koton-magazadzhylyk.tam.by
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
27 B 14ms
13ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j89&a=1312112141&t=pageview&_s=1&dl=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&ul=en-us&de=UTF-8&dt=%D0%9A%D0%9E%D0%A2%D0%9E%D0%9D%20%D0%9C%D0%90%D0%93%D0%90%D0%97%D0%90%D0%94%D0%96%D0%AB%D0%9B%D0%AB%D0%9A%20%D0%B2%20%D0%9C%D0%B8%D0%BD%D1%81%D0%BA%D0%B5&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGDAAEADQAAAAC~&jid=1349332299&gjid=755216565&cid=1948603448.1617385158&tid=UA-46480880-18&_gid=2005468644.1617385158&_r=1&_slc=1&z=1281014583

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://koton-magazadzhylyk.tam.by
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
94 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&cid=1948603448.1617385158&jid=1010127815&gjid=1798722383&_gid=2005468644.1617385158&_u=aGDAgEADQAAAAG~&z=846213835

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 02 Apr 2021 17:39:18 GMT
content-type: text/plain
access-control-allow-origin: https://koton-magazadzhylyk.tam.by
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
120 B 7ms
6ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j89&a=1312112141&t=pageview&_s=1&dl=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&ul=en-us&de=UTF-8&dt=%D0%9A%D0%9E%D0%A2%D0%9E%D0%9D%20%D0%9C%D0%90%D0%93%D0%90%D0%97%D0%90%D0%94%D0%96%D0%AB%D0%9B%D0%AB%D0%9A%20%D0%B2%20%D0%9C%D0%B8%D0%BD%D1%81%D0%BA%D0%B5&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEADQAAAAC~&jid=1010127815&gjid=1798722383&cid=1948603448.1617385158&tid=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&_gid=2005468644.1617385158&gtm=2wg3o0K9H4XJ&z=1294175824

Requested by

Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 10:03:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 27341
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/997888407/ 42 B
138 B 21ms
20ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/997888407/?random=1617385158490&cv=9&fst=1617382800000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&tiba=%D0%9A%D0%9E%D0%A2%D0%9E%D0%9D%20%D0%9C%D0%90%D0%93%D0%90%D0%97%D0%90%D0%94%D0%96%D0%AB%D0%9B%D0%AB%D0%9A%20%D0%B2%20%D0%9C%D0%B8%D0%BD%D1%81%D0%BA%D0%B5&fmt=3&is_vtc=1&random=650520636&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/997888407/ 42 B
108 B 37ms
35ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/997888407/?random=1617385158490&cv=9&fst=1617382800000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&tiba=%D0%9A%D0%9E%D0%A2%D0%9E%D0%9D%20%D0%9C%D0%90%D0%93%D0%90%D0%97%D0%90%D0%94%D0%96%D0%AB%D0%9B%D0%AB%D0%9A%20%D0%B2%20%D0%9C%D0%B8%D0%BD%D1%81%D0%BA%D0%B5&fmt=3&is_vtc=1&random=650520636&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame DAEC 133 KB
47 KB 65ms
42ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83c54916208ba4fec97b8c109dc1d26f5e2231ced12bee8032864c219b7d14e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47703
x-xss-protection: 0
server: cafe
etag: 6346030555081020592
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 02 Apr 2021 17:39:18 GMT

GET
H2 204 event
ads.adfox.ru/312020/ 0
107 B 204ms
80ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/312020/event?hash=6ee6a8a7837bf673&pm=bmo&pxo=FA5s0pO_iA7tvCLXUYwK5cnWlwEtIHDyU-3KABGQMytIPCeNCEpitMO7_o8vlz9f4EWZTXHJjprUjVMDtVPni1mBdNlkYmmfC24pstSxe4TQZCmpZ8wf7crXB0fBFLEeUffNlP7Ef9_wQI9YBcwzQmcy5XmrlyjyBfjyJCBQamcKyFUMYhY%3D&p5=gxcpa&rand=bhfdtst&sj=bi3KecYx8lH5_BTJC4zJ8xNk_bNxGnI6V7P2yxLBjot_bav7RNkqvHn9JbsMxA%3D%3D&ad-session-id=5757701617385158233&lts=fgdijpm&ytt=553054348773397&ybv=0.14318&ylv=0.14318&dl=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&pr=fezzvtj&p1=cjsis&rqs=xuJqASf_QjnGVmdgaXFonN1C0W8HPl1i&rtb-si=b&p2=gmys

Requested by

Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 02 Apr 2021 17:39:18 GMT
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 7B04 133 KB
47 KB 42ms
24ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83c54916208ba4fec97b8c109dc1d26f5e2231ced12bee8032864c219b7d14e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47703
x-xss-protection: 0
server: cafe
etag: 6346030555081020592
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 02 Apr 2021 17:39:18 GMT

GET
H2 204 event
ads.adfox.ru/312020/ 0
14 B 201ms
84ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/312020/event?hash=eb494b8eb239f429&pm=bmo&pxo=wVrzWNzYJ7Y1XAqmmMtMD55fqTrthp-hOmV6pOxXEoaONtfkYj0C8JtmHGWk1AQd7BR2egqnh5MrOTTfypBNquLYVjZEZ_93rJn-rguJAy_eXaNeLfumZVBqtRE_HD_scui7sDi6QEHxBj9oMoUUR7gB4hOeEsTGo3M2yS7H7WOCdTbd&p5=gxcpb&rand=gqduarv&sj=6_TwB-Xz-07S7kUESAflmb6HH82acFEM3Fb_y9mNoziyGKSoOK9D7YGKjS5AiA%3D%3D&ad-session-id=5757701617385158233&lts=fgdijpm&ytt=553054348773397&ybv=0.14318&ylv=0.14318&dl=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&pr=fezzvtj&p1=cjsjp&rqs=xuJqASf_QjnGVmdg9_rfj4Kx4g7iy5_A&rtb-si=b&p2=gmyu

Requested by

Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 02 Apr 2021 17:39:18 GMT
x-content-type-options: nosniff
timing-allow-origin: *

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
430 B 100ms
17ms XHR
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-46480880-15&cid=1948603448.1617385158&jid=2131851534&gjid=1465018093&_gid=2005468644.1617385158&_u=KGDAAEACQAAAAC~&z=1379711476

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 02 Apr 2021 17:39:18 GMT
content-type: text/plain
access-control-allow-origin: https://koton-magazadzhylyk.tam.by
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rexdot.js Show response
gaby.hit.gemius.pl/__/_1617385158685/
Redirect Chain

https://gaby.hit.gemius.pl/_1617385158685/rexdot.js?l=100&id=0iWVhGLhkSnOM.coExUx_ZR6DfXGYVuPku6GN3CSc4D.S7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=https%3A%2F%2Fkoton-ma...
https://gaby.hit.gemius.pl/__/_1617385158685/rexdot.js?l=100&id=0iWVhGLhkSnOM.coExUx_ZR6DfXGYVuPku6GN3CSc4D.S7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=https%3A%2F%2Fkoton...

169 B
426 B

53ms
52ms

Script
application/x-javascript

54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaby.hit.gemius.pl/__/_1617385158685/rexdot.js?l=100&id=0iWVhGLhkSnOM.coExUx_ZR6DfXGYVuPku6GN3CSc4D.S7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=CJ97t9A2HJbojlpLptOb8OG22t8jhjV8ecWk.dBbttn.d7&vis=1
Requested by: Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: c2706573fb65f2a3d056dc932cd06940bc74fa8ccfd5b3581e72d12f2d57fc6b

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:18 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-type: application/x-javascript
content-length: 169
expires: Thu, 01 Apr 2021 17:39:18 GMT

Redirect headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:18 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1617385158685/rexdot.js?l=100&id=0iWVhGLhkSnOM.coExUx_ZR6DfXGYVuPku6GN3CSc4D.S7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=CJ97t9A2HJbojlpLptOb8OG22t8jhjV8ecWk.dBbttn.d7&vis=1
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-length: 0
expires: Thu, 01 Apr 2021 17:39:18 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/31359968/
Redirect Chain

https://mc.yandex.com/watch/31359968?wmode=7&page-url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5yitzpge8znbdz2%3Afp%3A934%3Afu%3A0%3Aen%3Autf...
https://mc.yandex.com/watch/31359968/1?wmode=7&page-url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5yitzpge8znbdz2%3Afp%3A934%3Afu%3A0%3Aen%3Au...

236 B
609 B

49ms
49ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/31359968/1?wmode=7&page-url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5yitzpge8znbdz2%3Afp%3A934%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A482%3Acn%3A1%3Adp%3A0%3Als%3A1235440192465%3Ahid%3A169532008%3Az%3A120%3Ai%3A20210402193918%3Aet%3A1617385158%3Ac%3A1%3Arn%3A241069802%3Au%3A1617385158818104553%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1617385157438%3Ads%3A0%2C81%2C112%2C2%2C143%2C0%2C%2C%2C%2C%2C%2C%2C%3Adsn%3A0%2C81%2C112%2C2%2C143%2C0%2C%2C%2C%2C%2C%2C%2C%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1617385159%3At%3A%D0%9A%D0%9E%D0%A2%D0%9E%D0%9D%20%D0%9C%D0%90%D0%93%D0%90%D0%97%D0%90%D0%94%D0%96%D0%AB%D0%9B%D0%AB%D0%9A%20%D0%B2%20%D0%9C%D0%B8%D0%BD%D1%81%D0%BA%D0%B5

Requested by

Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

ff01abcda30db3f0195e462b33eb98f8e4fcf594f24cd34ea88b3d5ff883abfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:18 GMT
x-content-type-options: nosniff
last-modified: Fri, 02-Apr-2021 17:39:18 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://koton-magazadzhylyk.tam.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 236
x-xss-protection: 1; mode=block
expires: Fri, 02-Apr-2021 17:39:18 GMT

Redirect headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:18 GMT
last-modified: Fri, 02-Apr-2021 17:39:18 GMT
location: /watch/31359968/1?wmode=7&page-url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5yitzpge8znbdz2%3Afp%3A934%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A482%3Acn%3A1%3Adp%3A0%3Als%3A1235440192465%3Ahid%3A169532008%3Az%3A120%3Ai%3A20210402193918%3Aet%3A1617385158%3Ac%3A1%3Arn%3A241069802%3Au%3A1617385158818104553%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1617385157438%3Ads%3A0%2C81%2C112%2C2%2C143%2C0%2C%2C%2C%2C%2C%2C%2C%3Adsn%3A0%2C81%2C112%2C2%2C143%2C0%2C%2C%2C%2C%2C%2C%2C%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1617385159%3At%3A%D0%9A%D0%9E%D0%A2%D0%9E%D0%9D%20%D0%9C%D0%90%D0%93%D0%90%D0%97%D0%90%D0%94%D0%96%D0%AB%D0%9B%D0%AB%D0%9A%20%D0%B2%20%D0%9C%D0%B8%D0%BD%D1%81%D0%BA%D0%B5
strict-transport-security: max-age=31536000
access-control-allow-origin: https://koton-magazadzhylyk.tam.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 02-Apr-2021 17:39:18 GMT

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210331/r20190131/ Frame 7B04 225 KB
84 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210331/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8241049497608997&plah=koton-magazadzhylyk.tam.by&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ee65ec4e6687e75cf0082dffb5a452a42d4353263efe439959072d89b7f437b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86022
x-xss-protection: 0
server: cafe
etag: 6413673484793450264
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 02 Apr 2021 17:39:18 GMT

GET
H3-Q050 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210331/r20190131/ Frame 94FF 10 KB
5 KB 37ms
22ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210331/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ee8a97200cf0e24af175070d017d0bdabe6c619ede7bf7c5585e90de0f39798

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210331/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://koton-magazadzhylyk.tam.by/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://koton-magazadzhylyk.tam.by/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 01 Apr 2021 20:38:57 GMT
expires: Thu, 15 Apr 2021 20:38:57 GMT
content-type: text/html; charset=UTF-8
etag: 13254444762018554669
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4647
x-xss-protection: 0
age: 75621
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210331/r20190131/ Frame DAEC 225 KB
84 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210331/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8241049497608997&plah=koton-magazadzhylyk.tam.by&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ee65ec4e6687e75cf0082dffb5a452a42d4353263efe439959072d89b7f437b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86022
x-xss-protection: 0
server: cafe
etag: 6413673484793450264
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 02 Apr 2021 17:39:18 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 7B04 196 B
404 B 83ms
80ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=koton-magazadzhylyk.tam.by&callback=_gfp_s_&client=ca-pub-8241049497608997

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210331/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8241049497608997&plah=koton-magazadzhylyk.tam.by&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

9207bd75f70f72199d3be67fba3e1acf9a451009c3a8aaf3cd36e27f40c339a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 188
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 7B04 107 B
165 B 17ms
16ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=koton-magazadzhylyk.tam.by

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Apr 2021 17:39:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 7B04 107 B
165 B 17ms
16ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=koton-magazadzhylyk.tam.by

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Apr 2021 17:39:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 157C 14 KB
7 KB 181ms
181ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_300x250_3_floors_1&adk=105888313&adf=3279755398&pi=t.ma~as.tut.by_publishers_3_&w=300&fwrn=3&lmt=1617385158&psa=0&format=300x250&url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&ea=0&flash=0&wgl=1&dt=1617385158754&bpp=9&bdt=116&idt=135&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&correlator=8250955427519&frm=23&ife=1&pv=2&ga_vid=1948603448.1617385158&ga_sid=1617385159&ga_hid=1075486008&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=704121822&scr_x=0&scr_y=0&eid=42530672%2C182982000%2C44740079%2C44739387&oid=3&pvsid=2257477843771454&loc=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CEr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.gl6j26hfki01&fsb=1&dtd=163

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba0bcd6f788cb0014352ba77b9824873ee625662d999f02817d8d625cf6246d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_300x250_3_floors_1&adk=105888313&adf=3279755398&pi=t.ma~as.tut.by_publishers_3_&w=300&fwrn=3&lmt=1617385158&psa=0&format=300x250&url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&ea=0&flash=0&wgl=1&dt=1617385158754&bpp=9&bdt=116&idt=135&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&correlator=8250955427519&frm=23&ife=1&pv=2&ga_vid=1948603448.1617385158&ga_sid=1617385159&ga_hid=1075486008&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=704121822&scr_x=0&scr_y=0&eid=42530672%2C182982000%2C44740079%2C44739387&oid=3&pvsid=2257477843771454&loc=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CEr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.gl6j26hfki01&fsb=1&dtd=163
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://koton-magazadzhylyk.tam.by/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://koton-magazadzhylyk.tam.by/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 02 Apr 2021 17:39:19 GMT
server: cafe
content-length: 7128
x-xss-protection: 0
set-cookie: IDE=AHWqTUlucT6JtwtXX4gAYJAdCoe1Vhtf6ZDB3We2rXB87cJa3mh9wqqUtdX1P7NM; expires=Wed, 27-Apr-2022 17:39:18 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 02 Apr 2021 17:39:19 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7B04 73 KB
28 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

234e58e81d77759daf07d771662c4e4b7711301f3a867a8bbf78651dfc13c2f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617218226621639"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28276
x-xss-protection: 0
expires: Fri, 02 Apr 2021 17:39:18 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame DAEC 196 B
258 B 83ms
83ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=koton-magazadzhylyk.tam.by&callback=_gfp_s_&client=ca-pub-8241049497608997

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

46c3fb8d2c5c49168423e96b1818910c824967695cde3dc92e94586732012b43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 189
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame DAEC 107 B
504 B 17ms
16ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=koton-magazadzhylyk.tam.by

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Apr 2021 17:39:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame DAEC 107 B
146 B 16ms
15ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=koton-magazadzhylyk.tam.by

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Apr 2021 17:39:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2

200

adfox-adx-stub.html Show response
yastatic.net/pcode/adfox/ Frame 3E4C
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=400&slotname=tut.by_publishers_240x400_1_floors_29&adk=1332428843&adf=3279755399&pi=t.ma~as.tut.by_publis...
https://yastatic.net/pcode/adfox/adfox-adx-stub.html

242 B
648 B

32ms
32ms

Document
text/html

2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/pcode/adfox/adfox-adx-stub.html

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

120ea53b536de5386f2b93585bd4b011869ed428d43ca9557a1d947449cc161d

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

:method: GET
:authority: yastatic.net
:scheme: https
:path: /pcode/adfox/adfox-adx-stub.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://koton-magazadzhylyk.tam.by/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://koton-magazadzhylyk.tam.by/

Response headers

server: nginx/1.17.9
date: Fri, 02 Apr 2021 17:39:19 GMT
content-type: text/html
content-length: 106
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: br
etag: "0abc2c613030819f5563f36c638ea606"
expires: Fri, 02 Apr 2021 18:36:37 GMT
last-modified: Wed, 17 Mar 2021 06:04:30 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://yastatic.net/pcode/adfox/adfox-adx-stub.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 02 Apr 2021 17:39:19 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: IDE=AHWqTUn9Xsc30WvRCmDG5oVWwTh2wSgQCL2kxO99khpdmtI-hm-W6ERPoP2rgSDi; expires=Wed, 27-Apr-2022 17:39:18 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame DAEC 73 KB
28 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

234e58e81d77759daf07d771662c4e4b7711301f3a867a8bbf78651dfc13c2f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617218226621639"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28276
x-xss-protection: 0
expires: Fri, 02 Apr 2021 17:39:18 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/31359968/ 43 B
148 B 49ms
49ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/31359968/1?page-url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A5yitzpge8znbdz2%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A482%3Acn%3A1%3Adp%3A1%3Als%3A1235440192465%3Ahid%3A169532008%3Az%3A120%3Ai%3A20210402193919%3Aet%3A1617385159%3Ac%3A1%3Arn%3A421383763%3Au%3A1617385158818104553%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1617385157438%3Ads%3A%2C%2C%2C%2C%2C%2C%2C715%2C2%2C%2C%2C%2C1057%3Adsn%3A%2C%2C%2C%2C%2C%2C%2C717%2C2%2C%2C%2C%2C1057%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1617385159

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:19 GMT
last-modified: Fri, 02-Apr-2021 17:39:19 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://koton-magazadzhylyk.tam.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 02-Apr-2021 17:39:19 GMT

GET
H/1.1 200
OK grab.cur
api-maps.yandex.ru/2.1.78/build/release/images/cursor/ 326 B
780 B 93ms
92ms Image
application/octet-stream 2a02:6b8::173
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-maps.yandex.ru/2.1.78/build/release/images/cursor/grab.cur
Requested by: Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::173 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 13e327b334d10b2b24101040eecace86aaaa2eed03d282fa75a04aa3bebf69c1

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Apr 2021 17:39:19 GMT
Last-Modified: Fri, 26 Mar 2021 17:38:57 GMT
Server: nginx
ETag: "605e1c31-146"
X-qloud-router: sas2-ca89f1d37d82.qloud-c.yandex.net
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=120
Content-Length: 326
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK grabbing.cur
api-maps.yandex.ru/2.1.78/build/release/images/cursor/ 326 B
780 B 142ms
49ms Image
application/octet-stream 2a02:6b8::173
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-maps.yandex.ru/2.1.78/build/release/images/cursor/grabbing.cur
Requested by: Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::173 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: a0fb89588dc7b711c0ffddb5fa2f6852f670ef1f615985bb65b2ea446cceb79f

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Apr 2021 17:39:19 GMT
Last-Modified: Fri, 26 Mar 2021 17:38:57 GMT
Server: nginx
ETag: "605e1c31-146"
X-qloud-router: sas2-ca89f1d37d82.qloud-c.yandex.net
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=120
Content-Length: 326
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK help.cur
api-maps.yandex.ru/2.1.78/build/release/images/cursor/ 326 B
780 B 158ms
58ms Image
application/octet-stream 2a02:6b8::173
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-maps.yandex.ru/2.1.78/build/release/images/cursor/help.cur
Requested by: Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::173 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 128811e08fc761c192794eadb0ca1ece135e0b3a8ea7d897c2f7f9fd5a37281f

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Apr 2021 17:39:19 GMT
Last-Modified: Fri, 26 Mar 2021 17:38:57 GMT
Server: nginx
ETag: "605e1c31-146"
X-qloud-router: sas1-2054dff9b260.qloud-c.yandex.net
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=120
Content-Length: 326
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK zoom_in.cur
api-maps.yandex.ru/2.1.78/build/release/images/cursor/ 326 B
780 B 157ms
57ms Image
application/octet-stream 2a02:6b8::173
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-maps.yandex.ru/2.1.78/build/release/images/cursor/zoom_in.cur
Requested by: Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::173 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: eb69f540be1e416b7346017da48deaf5ba2f2ee0af366c04f1e374351b651872

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Apr 2021 17:39:19 GMT
Last-Modified: Fri, 26 Mar 2021 17:38:57 GMT
Server: nginx
ETag: "605e1c31-146"
X-qloud-router: sas2-7b98f760436e.qloud-c.yandex.net
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=120
Content-Length: 326
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DAEC 0
0 38ms
38ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gfp_cw_status&domain=tam.by&host=koton-magazadzhylyk.tam.by&success=1

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 104 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ac301e04134f0a6a5a96b2e9f056107818db1d84226f0cf85d700d196c44ed85

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: da17ae7b44b5b19d5f12cbf92c7b31b46f342331c0e00337915493071b207be1

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 tiles
core-renderer-tiles.maps.yandex.net/ 21 KB
21 KB 141ms
45ms Image
image/png 2a02:6b8::2b8
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://core-renderer-tiles.maps.yandex.net/tiles?l=map&v=21.04.01-0-b210309130700&x=37791&y=21126&z=16&scale=1&lang=ru_RU
Requested by: Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::2b8 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: 0b770070c358b505b8f2656f85e710aed4c71b3e461cd91fcd2c167d4511a498

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 02 Apr 2021 17:39:19 GMT
cache-control: max-age=7654321
etag: "b28000df"
content-length: 21848
content-type: image/png

GET
H2 200 tiles
core-renderer-tiles.maps.yandex.net/ 21 KB
21 KB 227ms
133ms Image
image/png 2a02:6b8::2b8
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://core-renderer-tiles.maps.yandex.net/tiles?l=map&v=21.04.01-0-b210309130700&x=37790&y=21126&z=16&scale=1&lang=ru_RU
Requested by: Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::2b8 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: b1a79da9ea711829f735a9a8e429213fddba692f1c05b20d99e23b7e4a9eda6d

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 02 Apr 2021 17:39:19 GMT
cache-control: max-age=7654321
etag: "dee2c98a"
content-length: 21633
content-type: image/png

GET
H2 200 tiles
core-renderer-tiles.maps.yandex.net/ 17 KB
17 KB 270ms
176ms Image
image/png 2a02:6b8::2b8
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://core-renderer-tiles.maps.yandex.net/tiles?l=map&v=21.04.01-0-b210309130700&x=37792&y=21126&z=16&scale=1&lang=ru_RU
Requested by: Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::2b8 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: 33f8358b86c3f1998ed71ba1d40294d096f37f980d87dc6b26302bbcb2725642

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 02 Apr 2021 17:39:19 GMT
cache-control: max-age=7654321
etag: "992393e"
content-length: 17761
content-type: image/png

GET
H2 200 tiles
core-renderer-tiles.maps.yandex.net/ 22 KB
22 KB 182ms
88ms Image
image/png 2a02:6b8::2b8
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://core-renderer-tiles.maps.yandex.net/tiles?l=map&v=21.04.01-0-b210309130700&x=37789&y=21126&z=16&scale=1&lang=ru_RU
Requested by: Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::2b8 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: 03156005e53f2bd3ac00c1f6a1460f4eab1d33b7a1ffc052bee9aa9dbeab2fed

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 02 Apr 2021 17:39:19 GMT
cache-control: max-age=7654321
etag: "ff03e385"
content-length: 22541
content-type: image/png

GET
H2 200 tiles
core-renderer-tiles.maps.yandex.net/ 17 KB
17 KB 268ms
175ms Image
image/png 2a02:6b8::2b8
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://core-renderer-tiles.maps.yandex.net/tiles?l=map&v=21.04.01-0-b210309130700&x=37793&y=21126&z=16&scale=1&lang=ru_RU
Requested by: Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::2b8 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: 48661badf6a6ba95013eb6d9a17e65cf1252abf032352b084030cfdf679dff96

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 02 Apr 2021 17:39:19 GMT
cache-control: max-age=7654321
etag: "361026ef"
content-length: 17104
content-type: image/png

GET
H2 200 tiles
core-renderer-tiles.maps.yandex.net/ 20 KB
20 KB 225ms
133ms Image
image/png 2a02:6b8::2b8
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://core-renderer-tiles.maps.yandex.net/tiles?l=map&v=21.04.01-0-b210309130700&x=37789&y=21125&z=16&scale=1&lang=ru_RU
Requested by: Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::2b8 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: d1efd201e64050c230fb24da4f9587793706bf7fbd12ad998d0da2652f83c48a

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 02 Apr 2021 17:39:19 GMT
cache-control: max-age=7654321
etag: "e552f51f"
content-length: 20472
content-type: image/png

GET
H2 200 tiles
core-renderer-tiles.maps.yandex.net/ 22 KB
22 KB 183ms
182ms Image
image/png 2a02:6b8::2b8
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://core-renderer-tiles.maps.yandex.net/tiles?l=map&v=21.04.01-0-b210309130700&x=37789&y=21127&z=16&scale=1&lang=ru_RU
Requested by: Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::2b8 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: c87bc4b568203d9d4575f7ee25cb5c9d52bfa545e0a6f167334eb4da44adf008

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 02 Apr 2021 17:39:19 GMT
cache-control: max-age=7654321
etag: "9d3b7722"
content-length: 22302
content-type: image/png

GET
H2 200 tiles
core-renderer-tiles.maps.yandex.net/ 18 KB
18 KB 139ms
138ms Image
image/png 2a02:6b8::2b8
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://core-renderer-tiles.maps.yandex.net/tiles?l=map&v=21.04.01-0-b210309130700&x=37790&y=21125&z=16&scale=1&lang=ru_RU
Requested by: Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::2b8 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: d3fffb48d468a898d00e051331a698ce2120482f4703e3ec6cbd877b293000ef

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 02 Apr 2021 17:39:19 GMT
cache-control: max-age=7654321
etag: "b32cd0c4"
content-length: 18183
content-type: image/png

GET
H2 200 tiles
core-renderer-tiles.maps.yandex.net/ 18 KB
18 KB 139ms
139ms Image
image/png 2a02:6b8::2b8
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://core-renderer-tiles.maps.yandex.net/tiles?l=map&v=21.04.01-0-b210309130700&x=37790&y=21127&z=16&scale=1&lang=ru_RU
Requested by: Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::2b8 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: 583ade0904fb445d6a9f9674d5422cac6684b6536d57288a1d0aae201eb1d671

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 02 Apr 2021 17:39:19 GMT
cache-control: max-age=7654321
etag: "c07bf464"
content-length: 18761
content-type: image/png

GET
H2 200 tiles
core-renderer-tiles.maps.yandex.net/ 14 KB
14 KB 139ms
138ms Image
image/png 2a02:6b8::2b8
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://core-renderer-tiles.maps.yandex.net/tiles?l=map&v=21.04.01-0-b210309130700&x=37791&y=21125&z=16&scale=1&lang=ru_RU
Requested by: Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::2b8 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: ea621ac6fc6656ccda83cd90312d99cb3885c20df782a788528692647b9bbfd0

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 02 Apr 2021 17:39:19 GMT
cache-control: max-age=7654321
etag: "4e1c73a2"
content-length: 14338
content-type: image/png

GET
H2 200 tiles
core-renderer-tiles.maps.yandex.net/ 19 KB
19 KB 183ms
182ms Image
image/png 2a02:6b8::2b8
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://core-renderer-tiles.maps.yandex.net/tiles?l=map&v=21.04.01-0-b210309130700&x=37791&y=21127&z=16&scale=1&lang=ru_RU
Requested by: Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::2b8 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: da51fad6633155dd0b66f1eb153845ec6edcb267887a4946b90817028dbfc090

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 02 Apr 2021 17:39:19 GMT
cache-control: max-age=7654321
etag: "489270a6"
content-length: 19410
content-type: image/png

GET
H2 200 tiles
core-renderer-tiles.maps.yandex.net/ 20 KB
20 KB 183ms
183ms Image
image/png 2a02:6b8::2b8
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://core-renderer-tiles.maps.yandex.net/tiles?l=map&v=21.04.01-0-b210309130700&x=37792&y=21125&z=16&scale=1&lang=ru_RU
Requested by: Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::2b8 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: b6c6d80028d34ec8ef0e9fe7c41cf668d0be46f3bd093c152cc7248cb24aa4e7

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 02 Apr 2021 17:39:19 GMT
cache-control: max-age=7654321
etag: "e931d1ce"
content-length: 20846
content-type: image/png

GET
H2 200 tiles
core-renderer-tiles.maps.yandex.net/ 17 KB
17 KB 139ms
139ms Image
image/png 2a02:6b8::2b8
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://core-renderer-tiles.maps.yandex.net/tiles?l=map&v=21.04.01-0-b210309130700&x=37792&y=21127&z=16&scale=1&lang=ru_RU
Requested by: Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::2b8 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: 0314e4d2f0edb57b7456309545e63dc90044a7f006f830a35380dd28d7fe542f

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 02 Apr 2021 17:39:19 GMT
cache-control: max-age=7654321
etag: "8ffd4315"
content-length: 16990
content-type: image/png

GET
H2 200 tiles
core-renderer-tiles.maps.yandex.net/ 17 KB
17 KB 139ms
139ms Image
image/png 2a02:6b8::2b8
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://core-renderer-tiles.maps.yandex.net/tiles?l=map&v=21.04.01-0-b210309130700&x=37793&y=21125&z=16&scale=1&lang=ru_RU
Requested by: Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::2b8 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: 112e9492ececed3054c0f5cd6e6aad9a08918278aba182a364fee1d431f44bfe

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 02 Apr 2021 17:39:19 GMT
cache-control: max-age=7654321
etag: "5e09a994"
content-length: 17176
content-type: image/png

GET
H2 200 tiles
core-renderer-tiles.maps.yandex.net/ 15 KB
15 KB 183ms
182ms Image
image/png 2a02:6b8::2b8
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://core-renderer-tiles.maps.yandex.net/tiles?l=map&v=21.04.01-0-b210309130700&x=37793&y=21127&z=16&scale=1&lang=ru_RU
Requested by: Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::2b8 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: fc026b974014d5e7486116c3440c832dbf3856387cb2bd0032107a29cee85dc4

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 02 Apr 2021 17:39:19 GMT
cache-control: max-age=7654321
etag: "3c8e615a"
content-length: 15580
content-type: image/png

GET
H2 200 tiles
core-renderer-tiles.maps.yandex.net/ 20 KB
20 KB 183ms
183ms Image
image/png 2a02:6b8::2b8
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://core-renderer-tiles.maps.yandex.net/tiles?l=map&v=21.04.01-0-b210309130700&x=37788&y=21125&z=16&scale=1&lang=ru_RU
Requested by: Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::2b8 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: 21ed829aa772e0f475e3eff46af5b849088a32c18063c3163faa2d67396df569

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 02 Apr 2021 17:39:19 GMT
cache-control: max-age=7654321
etag: "e8c54020"
content-length: 20588
content-type: image/png

GET
DATA 200
OK truncated
/ 152 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c825ab46f6c799d1b2694913c1111977150739d55dae694ba6e41efe3d40e732

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 126 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dbd9b5b78b0d2b6513c22452dbc77094b9839195a20fcb06abd9eb3376643f32

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 358 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9613573c5095fd4c6b558212ba48604a686830b0875553737d568d00f8662368

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 394 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f336e6c64b3b1b88dce399b9284c1c6f3163c9cfd2e9320994fc97a20d5740e2

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 162 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7c412e4643ec4d23beadfdc2ffaadab0de8e3ffbb5e42403d6a08cd9992435bd

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 141 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8c99901dce19d2082c7b4164f08f8e6e2f7cf405e745163757a7c0bd06894b3d

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 tam-pin.png
tam.by/images/by3/general/ 466 B
671 B 31ms
30ms Image
image/png 2a0a:7d80::b
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tam.by/images/by3/general/tam-pin.png
Requested by: Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0a:7d80::b Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: 744d833f862f4a69b538c98e77916575318a0e2eee906968eabde1f513a6e668

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:19 GMT
last-modified: Wed, 31 Jul 2019 12:43:12 GMT
server: nginx
etag: "5d418ce0-1d2"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 466
expires: Fri, 09 Apr 2021 17:39:19 GMT

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame 157C 3 KB
2 KB 175ms
56ms Script
application/x-javascript 185.29.133.33
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTVdZeVpHSmlaREl0WlRnNVl5MWhPREZpTFRBd01EQXRNREF3TURBd01EQXdNREF3LzcyODk2Njk0ODc4NTEyNjU2MTMvNjYyMjMyNi80NTYyMzA2LzQvNFpuLThIaXRpQ2tMU1UzckdXNWh5SE5uczJkXzhsd0ZRWlpxLW05eGJfcy8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC83Mjg5NjY5NDg3ODUxMjY1NjEzL2Ftcy8wLzkwMi84MS85OTkvMzIyLzJhMDE6NGY4OjE5Mjo6LzAuMDAwLzE2MTczODUxNTgvMTYxNzM5Nzc1OC80L3B1Yi04MjQxMDQ5NDk3NjA4OTk3Lw/QVwsA1fYsu41QZuBSsqYHmrvMqs&nodeid=2822&group=eu&auctionid=7289669487851265613&sid=4562306&cid=6622326&bp=a_bjgfgc&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.146&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9695xlZnYPuUOc6h7gPc7oXADM-HjptcwIbZgsYCwI23ARABIABglYq4gsgHggEXY2EtcHViLTgyNDEwNDk0OTc2MDg5OTfIAQmoAwGqBL4BT9AL236x_EUAsO_TkszafSpvsH25b8IXjun0yMRqrVUECyoj1iynUE_fCbGgW9kNTBj4xN6m5L2OHT5ZeR1R4Yf2Bkla8Xh-zW1INjZhxknM4KGAHYyMnJCyJ7KyeOEt828L8vdFxxqLq6BDwofAHztyTv2vs1nn6zDVwDSJR5LZedAtZD2s9bYKcgGE8PrcnFnGFgv9xoWFepdpS4vfFBv2oHmVb3aiLOSWiWX-8AqVL4IC4HaMtZJYOPJlXoAGkKXs7-GYgM7XAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0yNzQ3NzM0Mjc0NzUyNDgy-gsCCAGADAE%26num%3D1%26sig%3DAOD64_3sYO4aMWi1XDNv8sRE8iNBsPnAnQ%26client%3Dca-pub-8241049497608997%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_300x250_3_floors_1&adk=105888313&adf=3279755398&pi=t.ma~as.tut.by_publishers_3_&w=300&fwrn=3&lmt=1617385158&psa=0&format=300x250&url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&ea=0&flash=0&wgl=1&dt=1617385158754&bpp=9&bdt=116&idt=135&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&correlator=8250955427519&frm=23&ife=1&pv=2&ga_vid=1948603448.1617385158&ga_sid=1617385159&ga_hid=1075486008&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=704121822&scr_x=0&scr_y=0&eid=42530672%2C182982000%2C44740079%2C44739387&oid=3&pvsid=2257477843771454&loc=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CEr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.gl6j26hfki01&fsb=1&dtd=163
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.133.33 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.195.3 /
Resource Hash: 4b489c25ac71dd20643d8c7a6fec1658ae9b55d9a2d53251b572a505a3712e72

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Apr 2021 17:39:24 GMT
Content-Encoding: gzip
x-mm-bid-request-time: 1617385158
Last-Modified: Fri, 02 Apr 2021 17:39:18 GMT
Server: MMBD/3.195.3
x-mm-latency: 17 (0)
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg: Count
Cache-Control: no-cache
x-mm-host: zrh-router-x68, cdg-bidder-x171
Connection: close
Content-Type: application/x-javascript; charset=UTF-8
Expires: Fri, 02 Apr 2021 17:39:23 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/ Frame 157C 2 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_300x250_3_floors_1&adk=105888313&adf=3279755398&pi=t.ma~as.tut.by_publishers_3_&w=300&fwrn=3&lmt=1617385158&psa=0&format=300x250&url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&ea=0&flash=0&wgl=1&dt=1617385158754&bpp=9&bdt=116&idt=135&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&correlator=8250955427519&frm=23&ife=1&pv=2&ga_vid=1948603448.1617385158&ga_sid=1617385159&ga_hid=1075486008&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=704121822&scr_x=0&scr_y=0&eid=42530672%2C182982000%2C44740079%2C44739387&oid=3&pvsid=2257477843771454&loc=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CEr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.gl6j26hfki01&fsb=1&dtd=163

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Apr 2021 17:39:11 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 157C 118 KB
36 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8727cf8bd32a94a8d93d7c75469184dada14c6cadf02178c17db5ee06f832b0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617218245166195"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36656
x-xss-protection: 0
expires: Fri, 02 Apr 2021 17:39:19 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/ Frame 157C 13 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:38:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5599
x-xss-protection: 0
server: cafe
etag: 2241650964481140939
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Apr 2021 17:38:07 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 157C 0
0 14ms
13ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQadiUbl05n7584lI5W-kw97g0kfQANysJ1TKEXG43sP2L9XJdHNtnrTZGgGJiklLMB5FHqLVd-tRWtKsxK81KE80V7hA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_300x250_3_floors_1&adk=105888313&adf=3279755398&pi=t.ma~as.tut.by_publishers_3_&w=300&fwrn=3&lmt=1617385158&psa=0&format=300x250&url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&ea=0&flash=0&wgl=1&dt=1617385158754&bpp=9&bdt=116&idt=135&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&correlator=8250955427519&frm=23&ife=1&pv=2&ga_vid=1948603448.1617385158&ga_sid=1617385159&ga_hid=1075486008&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=704121822&scr_x=0&scr_y=0&eid=42530672%2C182982000%2C44740079%2C44739387&oid=3&pvsid=2257477843771454&loc=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CEr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.gl6j26hfki01&fsb=1&dtd=163
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 157C 0
0 44ms
43ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CNlaexlZnYPuUOc6h7gPc7oXADM-HjptcwIbZgsYCwI23ARABIABglYq4gsgHggEXY2EtcHViLTgyNDEwNDk0OTc2MDg5OTfIAQmoAwGqBLsBT9AL236x_EUAsO_TkszafSpvsH25b8IXjun0yMRqrVUECyoj1iynUE_fCbGgW9kNTBj4xN6m5L2OHT5ZeR1R4Yf2Bkla8Xh-zW1INjZhxknM4KGAHYyMnJCyJ7KyeOEt828L8vdFxxqLq6BDwofAHztyTv2vs1nn6zDVwDSJR5LZedAtZD2s9bYKcgGE8PrcnFnGFgv9xoWFepdpS4vfFBv2oHmVb3aiLKaUhPdSYK6SoiZKS67MGmJFLIAGkKXs7-GYgM7XAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0yNzQ3NzM0Mjc0NzUyNDgygAoD-gsCCAGADAGyFxgKFhIUcHViLTgyNDEwNDk0OTc2MDg5OTc&sigh=sc--5quxwhc&tpd=AGWhJmvrY2orLy19nEWrWBoKXAovWWRtOUL9c7M5TxAtBQZe9hKQZ0uGXMpHJB0oTcyD_qd5VfvW0o6pilzHsABd0nsevSQB3Z4gEF53sDfvgNz2xduHAsVDgYj1eQ6TkzH7FCraUJQDqXujDoqr-J4k5UlWnwnzMX4es8Qunn433tIUSuvc6ww2hB0ov4TM2LK5UEw4srxlIphjUcMin_RwWYqONEVekYO0m-xXYc7Bve-pZwTu3BxMPj-QpYo2Z9wblPrJrtH9FGFqLKwdQaXnQIrmNZC1ONIR2Q9gbGMNCB9-49_8gRv4uLdIs_6I6uNxP0hR3Q0FeMd4wNDwgODNW4Px79Ben7U29Gqp-SPylHexwKKetqgdNVeR6cIXPZ_E4BzITylqRFd14hO1wJBaioMGgIKPTgleZawNdnF0um-kX5IvdEQEOQ-2xBIH8U3VZT8oLBFRhuxmmT4ShEmAWmOFCAo3sepdKIxRVN7nhX3gMMZLZu7bAT0gDQM1gykZEhyplCuwyiTJ1zDfUBq16btkDyE9jgDPZcWQpvKxMolxuSV00x_JyRNEYV3hz6k0FO2jZqgVfB7X3KOJSKAvZG1XaWNRFipBe-QBCzYteGmwqIHW9DAWeePYUr9pOdKZZ60iE76oC2E70uJk4SLRrfW5BiK8iO6TzH6aceBqMrF_7iBM7yuqLgEeBEymHnBb7zXP_Z9VwSRnGuwQmmo3Sb08s4oUDxXlcXOeyoP5O8zlMktt1tc55l6DS1-yDGvcfEmPfWTmj1mGM9BL7vjntRe-y5-exrIcvT8wQe78i0_u18Y2ayz6EDQce2dPLhUadS0HxGniOOoKelKVHM_Hg09ep62TPJ1mbew2Fo42bRsVCu3B5Vu1pWzPMuVa7pvVRnTxl-wtabVpasLrghbrI1BqklqsgBrVNHxjJYJ0zxg-xeQlcxTWWom9tLKCIexJaLL1xgtf_Oe72Y82ysiaTQpgakhvdtsoz0gz3fS5-VprzNrdDipMCiYf3twYznYGZMoEF8N0XWjm6fnHSlt8Tkth-wzWZFQ

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_300x250_3_floors_1&adk=105888313&adf=3279755398&pi=t.ma~as.tut.by_publishers_3_&w=300&fwrn=3&lmt=1617385158&psa=0&format=300x250&url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&ea=0&flash=0&wgl=1&dt=1617385158754&bpp=9&bdt=116&idt=135&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&correlator=8250955427519&frm=23&ife=1&pv=2&ga_vid=1948603448.1617385158&ga_sid=1617385159&ga_hid=1075486008&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=704121822&scr_x=0&scr_y=0&eid=42530672%2C182982000%2C44740079%2C44739387&oid=3&pvsid=2257477843771454&loc=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CEr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.gl6j26hfki01&fsb=1&dtd=163
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 02 Apr 2021 17:39:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK / Show response
api-maps.yandex.ru/services/coverage/v2/ 206 B
628 B 113ms
112ms Script
text/javascript 2a02:6b8::173
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://api-maps.yandex.ru/services/coverage/v2/?l=map&ll=27.59246400,53.91032500&z=16&lang=ru_RU&callback=jsonp_yandex_coverage__l_map_ll_27_59246400_53_91032500_z_16_lang_ru_RU

Requested by

Host: yastatic.net
URL: https://yastatic.net/s3/front-maps-static/maps-front-jsapi-v2-1/2.1.78-11/build/release/full-ffb813a29f30feadb63b5654242d042b7b6a91aa.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::173 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx /

Resource Hash

d761f43c8627e4b5029545088fdc53b2eadea6b13f2b0b2a704dd86f6c6e0611

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Apr 2021 17:39:19 GMT
X-Content-Type-Options: nosniff, nosniff
Server: nginx
ETag: W/"ce-5ugEgTiwtDLTAIV8KI6lR7irs5o"
X-qloud-router: sas1-2054dff9b260.qloud-c.yandex.net
Content-Type: text/javascript; charset=utf-8
Connection: keep-alive
Keep-Alive: timeout=120
Content-Length: 206
X-XSS-Protection: 1; mode=block
Expires: Sat, 03 Apr 2021 17:39:19 GMT

GET
H2 200 adfox-adx-stub.js Show response
yastatic.net/pcode/adfox/ Frame 3E4C 60 KB
15 KB 32ms
32ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/pcode/adfox/adfox-adx-stub.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/adfox-adx-stub.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

4c9f9038ef0cca8daea160666fcf23b0cc4fd3ba853dcd4494e8ec35e3a0c039

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://yastatic.net/pcode/adfox/adfox-adx-stub.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:19 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 15032
last-modified: Wed, 17 Mar 2021 06:04:30 GMT
server: nginx/1.17.9
etag: "21008573aeaf1ce20fdc2d49c53e692c"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Apr 2021 18:36:10 GMT

GET watch.js
mc.yandex.ru/metrika/ Frame 3E4C 0
0

GET sodar
pagead2.googlesyndication.com/getconfig/ Frame DAEC 0
0

GET
H2 200 v2 Show response
an.yandex.ru/adfox/312020/getBulk/ 53 KB
19 KB 76ms
75ms XHR
application/json 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/312020/getBulk/v2?bids=W10%3D&date=2021-04-02T19%3A39%3A18.333%2B02%3A00&dl=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&enable-flat-highlight=1&extid_loader=&extid_tag_loader=koton-magazadzhylyk.tam.by&grab=dNCa0J7QotCe0J0g0JzQkNCT0JDQl9CQ0JTQltCr0JvQq9CaINCyINCc0LjQvdGB0LrQtQox0JrQntCi0J7QnSDQnNCQ0JPQkNCX0JDQlNCW0KvQm9Cr0JogCjLQodC60LjQtNC60Lgg0Lgg0LDQutGG0LjQuCAK&is-turbo=0&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A280%2C%22h%22%3A0%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A366%2C%22top%22%3A885%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&p1=cjsis&p2=gmys&pcode-version=0&pd=2&pdh=1200&pdw=1600&pr=1603982883&pr1=723603282&prr=&pv=19&pw=5&skip-token=&slotNumber=2&use-server-side-rendering=1&utf8=%E2%9C%93&ybv=0.14318&ylv=0.14318&ytt=553054348773397&lvlfrom=20&rqs=xuJqASf_QjnGVmdgaXFonN1C0W8HPl1i&rtb-si=1&dmv=2&csl=&ad-session-id=5757701617385158233&rtb-answer-hash=13535788868390545855&usgn=ASzN63VnkmqXlwvH7Tt0vvDaC2d12Al-CQJgVL0dxilh&resp-time=823

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

348eae872d522e06b76438a2df6ba6e00b2980d30573260d9430f32594b12260

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:19 GMT
content-encoding: gzip
last-modified: Fri, 02 Apr 2021 17:39:19 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://koton-magazadzhylyk.tam.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 02 Apr 2021 17:39:19 GMT

GET
H2 204 event
ads.adfox.ru/312020/ 0
38 B 64ms
64ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/312020/event?hash=603f3e8359143b30&pm=bmt&pxo=FA5s0pO_iA7tvCLXUYwK5cnWlwEtIHDyU-3KABGQMytIPCeNCEpitMO7_o8vlz9f4EWZTXHJjprUjVMDtVPni1mBdNlkYmmfC24pstSxe4TQZCmpZ8wf7crXB0fBFLEeUffNlP7Ef9_wQI9YBcwzQmcy5XmrlyjyBfjyJCBQamcKyFUMYhY%3D&p5=gxcpa&rand=kyfjrrn&sj=bi3KecYx8lH5_BTJC4zJ8xNk_bNxGnI6V7P2yxLBjot_bav7RNkqvHn9JbsMxA%3D%3D&ad-session-id=5757701617385158233&lts=fgdijpm&ytt=553054348773397&ybv=0.14318&ylv=0.14318&dl=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&pr=fezzvtj&p1=cjsis&rqs=xuJqASf_QjnGVmdgaXFonN1C0W8HPl1i&rtb-si=b&p2=gmys

Requested by

Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 02 Apr 2021 17:39:19 GMT
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 200 tiles
core-renderer-tiles.maps.yandex.net/ 21 KB
21 KB 90ms
89ms Image
image/png 2a02:6b8::2b8
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://core-renderer-tiles.maps.yandex.net/tiles?l=map&v=21.04.01-0-b210309130700&x=37788&y=21126&z=16&scale=1&lang=ru_RU
Requested by: Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::2b8 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: 0168501286844a4a979c93e0fd8160d12d784da8d5f7638ef04e324dbeed442d

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 02 Apr 2021 17:39:19 GMT
cache-control: max-age=7654321
etag: "b7a86b0"
content-length: 21790
content-type: image/png

GET
H2 200 tiles
core-renderer-tiles.maps.yandex.net/ 22 KB
23 KB 89ms
89ms Image
image/png 2a02:6b8::2b8
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://core-renderer-tiles.maps.yandex.net/tiles?l=map&v=21.04.01-0-b210309130700&x=37788&y=21127&z=16&scale=1&lang=ru_RU
Requested by: Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::2b8 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: 57c367a49429114ce998f3cbe654c899cf867fe4fc3958c456988bea595dcee2

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 02 Apr 2021 17:39:19 GMT
cache-control: max-age=7654321
etag: "86a20ffa"
content-length: 22989
content-type: image/png

GET
H/1.1 200
OK 01qrvgnrrbds Show response
hal9000.redintelligence.net/zone/ Frame 157C 11 KB
4 KB 114ms
38ms Script
text/html 78.46.90.238
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/01qrvgnrrbds?subid=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&rnd=7289669487851265613&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D7289669487851265613%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_uuid%3D81186067-56c7-4701-aeb0-f9c97ec52773%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC9695xlZnYPuUOc6h7gPc7oXADM-HjptcwIbZgsYCwI23ARABIABglYq4gsgHggEXY2EtcHViLTgyNDEwNDk0OTc2MDg5OTfIAQmoAwGqBL4BT9AL236x_EUAsO_TkszafSpvsH25b8IXjun0yMRqrVUECyoj1iynUE_fCbGgW9kNTBj4xN6m5L2OHT5ZeR1R4Yf2Bkla8Xh-zW1INjZhxknM4KGAHYyMnJCyJ7KyeOEt828L8vdFxxqLq6BDwofAHztyTv2vs1nn6zDVwDSJR5LZedAtZD2s9bYKcgGE8PrcnFnGFgv9xoWFepdpS4vfFBv2oHmVb3aiLOSWiWX-8AqVL4IC4HaMtZJYOPJlXoAGkKXs7-GYgM7XAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0yNzQ3NzM0Mjc0NzUyNDgy-gsCCAGADAE%2526num%253D1%2526sig%253DAOD64_3sYO4aMWi1XDNv8sRE8iNBsPnAnQ%2526client%253Dca-pub-8241049497608997%2526adurl%253D%26redirect%3D
Requested by: Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.238.90.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 7268dafc25475e04135c6bc0eefa4752ef82c95dd7043bdc7e6ed03495bd00cb

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Apr 2021 17:39:19 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3416
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame 157C 49 B
330 B 133ms
59ms Image
image/gif 185.29.133.33
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=7289669487851265613&node_id=2822&exch_id=4
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTVdZeVpHSmlaREl0WlRnNVl5MWhPREZpTFRBd01EQXRNREF3TURBd01EQXdNREF3LzcyODk2Njk0ODc4NTEyNjU2MTMvNjYyMjMyNi80NTYyMzA2LzQvNFpuLThIaXRpQ2tMU1UzckdXNWh5SE5uczJkXzhsd0ZRWlpxLW05eGJfcy8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC83Mjg5NjY5NDg3ODUxMjY1NjEzL2Ftcy8wLzkwMi84MS85OTkvMzIyLzJhMDE6NGY4OjE5Mjo6LzAuMDAwLzE2MTczODUxNTgvMTYxNzM5Nzc1OC80L3B1Yi04MjQxMDQ5NDk3NjA4OTk3Lw/QVwsA1fYsu41QZuBSsqYHmrvMqs&nodeid=2822&group=eu&auctionid=7289669487851265613&sid=4562306&cid=6622326&bp=a_bjgfgc&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.146&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9695xlZnYPuUOc6h7gPc7oXADM-HjptcwIbZgsYCwI23ARABIABglYq4gsgHggEXY2EtcHViLTgyNDEwNDk0OTc2MDg5OTfIAQmoAwGqBL4BT9AL236x_EUAsO_TkszafSpvsH25b8IXjun0yMRqrVUECyoj1iynUE_fCbGgW9kNTBj4xN6m5L2OHT5ZeR1R4Yf2Bkla8Xh-zW1INjZhxknM4KGAHYyMnJCyJ7KyeOEt828L8vdFxxqLq6BDwofAHztyTv2vs1nn6zDVwDSJR5LZedAtZD2s9bYKcgGE8PrcnFnGFgv9xoWFepdpS4vfFBv2oHmVb3aiLOSWiWX-8AqVL4IC4HaMtZJYOPJlXoAGkKXs7-GYgM7XAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0yNzQ3NzM0Mjc0NzUyNDgy-gsCCAGADAE%26num%3D1%26sig%3DAOD64_3sYO4aMWi1XDNv8sRE8iNBsPnAnQ%26client%3Dca-pub-8241049497608997%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.133.33 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.195.3 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Apr 2021 17:39:24 GMT
Server: MMBD/3.195.3
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x67, cdg-bidder-x171
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Fri, 02 Apr 2021 17:39:23 GMT

GET
H/1.1 200
OK analytics.js Show response
s.update.mediamathtag.com/2/619621/ Frame 157C 4 KB
3 KB 213ms
51ms Script
application/javascript 18.203.213.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//koton-magazadzhylyk.tam.by&ui=1f2dbbd2-e89c-a81b-0000-000000000000&ap=&ti=7289669487851265613&pv=1ff27708-dd70-446f-a990-98fe81b508e1&pp=pub-8241049497608997&sr=4&de=43003&si=472641958&dm=300x250&ac=651871&cr=6622326&ai=216536&c1=4562306&r1=2a01:4f8:192::&r2=&r3=

Requested by

Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTVdZeVpHSmlaREl0WlRnNVl5MWhPREZpTFRBd01EQXRNREF3TURBd01EQXdNREF3LzcyODk2Njk0ODc4NTEyNjU2MTMvNjYyMjMyNi80NTYyMzA2LzQvNFpuLThIaXRpQ2tMU1UzckdXNWh5SE5uczJkXzhsd0ZRWlpxLW05eGJfcy8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC83Mjg5NjY5NDg3ODUxMjY1NjEzL2Ftcy8wLzkwMi84MS85OTkvMzIyLzJhMDE6NGY4OjE5Mjo6LzAuMDAwLzE2MTczODUxNTgvMTYxNzM5Nzc1OC80L3B1Yi04MjQxMDQ5NDk3NjA4OTk3Lw/QVwsA1fYsu41QZuBSsqYHmrvMqs&nodeid=2822&group=eu&auctionid=7289669487851265613&sid=4562306&cid=6622326&bp=a_bjgfgc&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.146&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9695xlZnYPuUOc6h7gPc7oXADM-HjptcwIbZgsYCwI23ARABIABglYq4gsgHggEXY2EtcHViLTgyNDEwNDk0OTc2MDg5OTfIAQmoAwGqBL4BT9AL236x_EUAsO_TkszafSpvsH25b8IXjun0yMRqrVUECyoj1iynUE_fCbGgW9kNTBj4xN6m5L2OHT5ZeR1R4Yf2Bkla8Xh-zW1INjZhxknM4KGAHYyMnJCyJ7KyeOEt828L8vdFxxqLq6BDwofAHztyTv2vs1nn6zDVwDSJR5LZedAtZD2s9bYKcgGE8PrcnFnGFgv9xoWFepdpS4vfFBv2oHmVb3aiLOSWiWX-8AqVL4IC4HaMtZJYOPJlXoAGkKXs7-GYgM7XAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0yNzQ3NzM0Mjc0NzUyNDgy-gsCCAGADAE%26num%3D1%26sig%3DAOD64_3sYO4aMWi1XDNv8sRE8iNBsPnAnQ%26client%3Dca-pub-8241049497608997%26adurl%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

18.203.213.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-203-213-28.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ac84272344649141bba052578bb391fa2b16dd651f29babccf32c01cfdfad40e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Apr 2021 17:39:19 GMT
Content-Encoding: gzip
Accept-Ch: Viewport-Width, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: *
Content-Type: application/javascript
Cache-Control: no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Timing-Allow-Origin: *
Content-Length: 2065
Expires: 0

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 157C 43 B
359 B 122ms
50ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=7289669487851265613&v3=651871&v4=4562306&v5=6622326&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTVdZeVpHSmlaREl0WlRnNVl5MWhPREZpTFRBd01EQXRNREF3TURBd01EQXdNREF3LzcyODk2Njk0ODc4NTEyNjU2MTMvNjYyMjMyNi80NTYyMzA2LzQvNFpuLThIaXRpQ2tMU1UzckdXNWh5SE5uczJkXzhsd0ZRWlpxLW05eGJfcy8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC83Mjg5NjY5NDg3ODUxMjY1NjEzL2Ftcy8wLzkwMi84MS85OTkvMzIyLzJhMDE6NGY4OjE5Mjo6LzAuMDAwLzE2MTczODUxNTgvMTYxNzM5Nzc1OC80L3B1Yi04MjQxMDQ5NDk3NjA4OTk3Lw/QVwsA1fYsu41QZuBSsqYHmrvMqs&nodeid=2822&group=eu&auctionid=7289669487851265613&sid=4562306&cid=6622326&bp=a_bjgfgc&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.146&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9695xlZnYPuUOc6h7gPc7oXADM-HjptcwIbZgsYCwI23ARABIABglYq4gsgHggEXY2EtcHViLTgyNDEwNDk0OTc2MDg5OTfIAQmoAwGqBL4BT9AL236x_EUAsO_TkszafSpvsH25b8IXjun0yMRqrVUECyoj1iynUE_fCbGgW9kNTBj4xN6m5L2OHT5ZeR1R4Yf2Bkla8Xh-zW1INjZhxknM4KGAHYyMnJCyJ7KyeOEt828L8vdFxxqLq6BDwofAHztyTv2vs1nn6zDVwDSJR5LZedAtZD2s9bYKcgGE8PrcnFnGFgv9xoWFepdpS4vfFBv2oHmVb3aiLOSWiWX-8AqVL4IC4HaMtZJYOPJlXoAGkKXs7-GYgM7XAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0yNzQ3NzM0Mjc0NzUyNDgy-gsCCAGADAE%26num%3D1%26sig%3DAOD64_3sYO4aMWi1XDNv8sRE8iNBsPnAnQ%26client%3Dca-pub-8241049497608997%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3628 75f709e master cdg-pixel-x4 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Apr 2021 17:39:19 GMT
Server: MT3 3628 75f709e master cdg-pixel-x4
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 02 Apr 2021 17:38:49 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame 157C 49 B
330 B 129ms
56ms Image
image/gif 185.29.133.33
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=7289669487851265613&st=4562306&time=1617385159&nodeid=2822
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTVdZeVpHSmlaREl0WlRnNVl5MWhPREZpTFRBd01EQXRNREF3TURBd01EQXdNREF3LzcyODk2Njk0ODc4NTEyNjU2MTMvNjYyMjMyNi80NTYyMzA2LzQvNFpuLThIaXRpQ2tMU1UzckdXNWh5SE5uczJkXzhsd0ZRWlpxLW05eGJfcy8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC83Mjg5NjY5NDg3ODUxMjY1NjEzL2Ftcy8wLzkwMi84MS85OTkvMzIyLzJhMDE6NGY4OjE5Mjo6LzAuMDAwLzE2MTczODUxNTgvMTYxNzM5Nzc1OC80L3B1Yi04MjQxMDQ5NDk3NjA4OTk3Lw/QVwsA1fYsu41QZuBSsqYHmrvMqs&nodeid=2822&group=eu&auctionid=7289669487851265613&sid=4562306&cid=6622326&bp=a_bjgfgc&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.146&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9695xlZnYPuUOc6h7gPc7oXADM-HjptcwIbZgsYCwI23ARABIABglYq4gsgHggEXY2EtcHViLTgyNDEwNDk0OTc2MDg5OTfIAQmoAwGqBL4BT9AL236x_EUAsO_TkszafSpvsH25b8IXjun0yMRqrVUECyoj1iynUE_fCbGgW9kNTBj4xN6m5L2OHT5ZeR1R4Yf2Bkla8Xh-zW1INjZhxknM4KGAHYyMnJCyJ7KyeOEt828L8vdFxxqLq6BDwofAHztyTv2vs1nn6zDVwDSJR5LZedAtZD2s9bYKcgGE8PrcnFnGFgv9xoWFepdpS4vfFBv2oHmVb3aiLOSWiWX-8AqVL4IC4HaMtZJYOPJlXoAGkKXs7-GYgM7XAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0yNzQ3NzM0Mjc0NzUyNDgy-gsCCAGADAE%26num%3D1%26sig%3DAOD64_3sYO4aMWi1XDNv8sRE8iNBsPnAnQ%26client%3Dca-pub-8241049497608997%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.133.33 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.195.3 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Apr 2021 17:39:24 GMT
Server: MMBD/3.195.3
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x71, cdg-bidder-x171
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Fri, 02 Apr 2021 17:39:23 GMT

GET
DATA 200
OK truncated
/ 333 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f1e572871055c1d0e152936f664d5fb075f505b99b412a4776f65a7abe80b505

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 y300
avatars.mds.yandex.net/get-direct/1520687/Yq5m0FCKwBySKwVEKtfSNQ/ 9 KB
10 KB 138ms
44ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/1520687/Yq5m0FCKwBySKwVEKtfSNQ/y300
Requested by: Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 09cd78d927dcb725c0a40c0fa03a201c211c37b4ff700de66088a0d75da44cfb

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:19 GMT
last-modified: Wed, 16 Sep 2020 06:07:29 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 9570
x-request-id: 8e71f5bbd75c0bf1

GET
H2 200 y300
avatars.mds.yandex.net/get-direct/2112407/UekVV6fHGnccjffn3UlQuw/ 19 KB
19 KB 181ms
88ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/2112407/UekVV6fHGnccjffn3UlQuw/y300
Requested by: Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: f0100a96c9c18dfd523880863690cfee8c0c849dac7459c26b1701f7411bf8da

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:19 GMT
last-modified: Fri, 18 Oct 2019 10:38:26 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 19508
x-request-id: e0f2cd0af44368fe

GET
H2 200 render.html Show response
yastatic.net/safeframe-bundles/0.80/1-1-0/ Frame B936 22 KB
6 KB 32ms
32ms Document
text/html 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.80/1-1-0/render.html

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.80/host.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

40cc818c8b06374b11230d18b2b54f8c7f2a7668b94ac9ee00d6a106cf0efd8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

:method: GET
:authority: yastatic.net
:scheme: https
:path: /safeframe-bundles/0.80/1-1-0/render.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://koton-magazadzhylyk.tam.by/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://koton-magazadzhylyk.tam.by/

Response headers

server: nginx/1.17.9
date: Fri, 02 Apr 2021 17:39:19 GMT
content-type: text/html
content-length: 6026
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "f883bd7781c332870c9968db60e89349"
expires: Mon, 03 Apr 2051 00:12:30 GMT
last-modified: Wed, 13 Jan 2021 14:53:48 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes

GET
H2 200 545743 Show response
mc.yandex.com/watch/ 35 B
69 B 49ms
49ms XHR
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/545743?wmode=7&page-url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5yitzpge8znbdz2%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A482%3Acn%3A2%3Adp%3A1%3Als%3A1325922967500%3Ahid%3A169532008%3Az%3A120%3Ai%3A20210402193919%3Aet%3A1617385160%3Ac%3A1%3Arn%3A956118278%3Au%3A1617385158818104553%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1617385157438%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1617385160%3At%3A%D0%9A%D0%9E%D0%A2%D0%9E%D0%9D%20%D0%9C%D0%90%D0%93%D0%90%D0%97%D0%90%D0%94%D0%96%D0%AB%D0%9B%D0%AB%D0%9A%20%D0%B2%20%D0%9C%D0%B8%D0%BD%D1%81%D0%BA%D0%B5

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:19 GMT
x-content-type-options: nosniff
last-modified: Fri, 02-Apr-2021 17:39:19 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://koton-magazadzhylyk.tam.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 35
x-xss-protection: 1; mode=block
expires: Fri, 02-Apr-2021 17:39:19 GMT

GET
H/1.1

200
OK

request.php Show response
hal900021.redintelligence.net/ Frame 157C
Redirect Chain

https://hal900021.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=15f3839615&subid=&uid=25e6fd2ac11dcb52&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900021.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=15f3839615&subid=&uid=25e6fd2ac11dcb52&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

613 B
937 B

186ms
115ms

Script
application/x-javascript

138.201.84.253
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900021.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=15f3839615&subid=&uid=25e6fd2ac11dcb52&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D7289669487851265613%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_uuid%3D81186067-56c7-4701-aeb0-f9c97ec52773%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC9695xlZnYPuUOc6h7gPc7oXADM-HjptcwIbZgsYCwI23ARABIABglYq4gsgHggEXY2EtcHViLTgyNDEwNDk0OTc2MDg5OTfIAQmoAwGqBL4BT9AL236x_EUAsO_TkszafSpvsH25b8IXjun0yMRqrVUECyoj1iynUE_fCbGgW9kNTBj4xN6m5L2OHT5ZeR1R4Yf2Bkla8Xh-zW1INjZhxknM4KGAHYyMnJCyJ7KyeOEt828L8vdFxxqLq6BDwofAHztyTv2vs1nn6zDVwDSJR5LZedAtZD2s9bYKcgGE8PrcnFnGFgv9xoWFepdpS4vfFBv2oHmVb3aiLOSWiWX-8AqVL4IC4HaMtZJYOPJlXoAGkKXs7-GYgM7XAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0yNzQ3NzM0Mjc0NzUyNDgy-gsCCAGADAE%2526num%253D1%2526sig%253DAOD64_3sYO4aMWi1XDNv8sRE8iNBsPnAnQ%2526client%253Dca-pub-8241049497608997%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&ancestorOrigins=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2Chttps%3A%2F%2Fkoton-magazadzhylyk.tam.by&random=6434778987569&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_300x250_3_floors_1&adk=105888313&adf=3279755398&pi=t.ma~as.tut.by_publishers_3_&w=300&fwrn=3&lmt=1617385158&psa=0&format=300x250&url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&ea=0&flash=0&wgl=1&dt=1617385158754&bpp=9&bdt=116&idt=135&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&correlator=8250955427519&frm=23&ife=1&pv=2&ga_vid=1948603448.1617385158&ga_sid=1617385159&ga_hid=1075486008&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=704121822&scr_x=0&scr_y=0&eid=42530672%2C182982000%2C44740079%2C44739387&oid=3&pvsid=2257477843771454&loc=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CEr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.gl6j26hfki01&fsb=1&dtd=163
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.253 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.253.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 95c9f1a045ef1399911e58b9b7ac9cd78df06d33d5ed9b43962a0fd15f1479e4

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Apr 2021 17:39:19 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 47604100177899500951393011552021
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 331
Expires: Fri, 02 Apr 2021 18:39:19 +0200

Redirect headers

Pragma: no-cache
Date: Fri, 02 Apr 2021 17:39:19 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=15f3839615&subid=&uid=25e6fd2ac11dcb52&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D7289669487851265613%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_uuid%3D81186067-56c7-4701-aeb0-f9c97ec52773%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC9695xlZnYPuUOc6h7gPc7oXADM-HjptcwIbZgsYCwI23ARABIABglYq4gsgHggEXY2EtcHViLTgyNDEwNDk0OTc2MDg5OTfIAQmoAwGqBL4BT9AL236x_EUAsO_TkszafSpvsH25b8IXjun0yMRqrVUECyoj1iynUE_fCbGgW9kNTBj4xN6m5L2OHT5ZeR1R4Yf2Bkla8Xh-zW1INjZhxknM4KGAHYyMnJCyJ7KyeOEt828L8vdFxxqLq6BDwofAHztyTv2vs1nn6zDVwDSJR5LZedAtZD2s9bYKcgGE8PrcnFnGFgv9xoWFepdpS4vfFBv2oHmVb3aiLOSWiWX-8AqVL4IC4HaMtZJYOPJlXoAGkKXs7-GYgM7XAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0yNzQ3NzM0Mjc0NzUyNDgy-gsCCAGADAE%2526num%253D1%2526sig%253DAOD64_3sYO4aMWi1XDNv8sRE8iNBsPnAnQ%2526client%253Dca-pub-8241049497608997%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&ancestorOrigins=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2Chttps%3A%2F%2Fkoton-magazadzhylyk.tam.by&random=6434778987569&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Fri, 02 Apr 2021 18:39:19 +0200

POST
H2 200 1 Show response
mc.yandex.com/watch/545743/ 43 B
73 B 50ms
50ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/545743/1?page-url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&charset=utf-8&cnt-class=1&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A5yitzpge8znbdz2%3Afp%3A934%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A482%3Acn%3A2%3Adp%3A1%3Als%3A1325922967500%3Ahid%3A169532008%3Az%3A120%3Ai%3A20210402193919%3Aet%3A1617385160%3Ac%3A1%3Arn%3A1028485725%3Au%3A1617385158818104553%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1617385157438%3Ads%3A0%2C81%2C112%2C2%2C143%2C0%2C%2C715%2C2%2C%2C%2C%2C1057%3Adsn%3A0%2C81%2C112%2C2%2C143%2C0%2C%2C717%2C2%2C%2C%2C%2C1057%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1617385160

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:19 GMT
last-modified: Fri, 02-Apr-2021 17:39:19 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://koton-magazadzhylyk.tam.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 02-Apr-2021 17:39:19 GMT

GET
H/1.1 200
Ok d.png
ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/ Frame B936 95 B
400 B 136ms
45ms Image
image/png 2a02:6b8::5:114
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes

Requested by

Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::5:114 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Apr 2021 17:39:19 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=315360000; includeSubDomains
X-RT-IH: 0.0003
Content-Type: image/png
Cache-Control: private
Connection: close
X-RT-IQ: 0.0002
Content-Length: 95
Expires: Sat, 03 Apr 2021 17:39:19 GMT

GET
H2 200 545743 Show response
mc.yandex.com/watch/ 43 B
73 B 49ms
49ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/545743?page-url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A5yitzpge8znbdz2%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A482%3Acn%3A2%3Adp%3A1%3Als%3A1325922967500%3Ahid%3A169532008%3Az%3A120%3Ai%3A20210402193919%3Aet%3A1617385160%3Ac%3A1%3Arn%3A43851092%3Au%3A1617385158818104553%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1617385157438%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1617385160%3At%3A%D0%9A%D0%9E%D0%A2%D0%9E%D0%9D%20%D0%9C%D0%90%D0%93%D0%90%D0%97%D0%90%D0%94%D0%96%D0%AB%D0%9B%D0%AB%D0%9A%20%D0%B2%20%D0%9C%D0%B8%D0%BD%D1%81%D0%BA%D0%B5

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:19 GMT
last-modified: Fri, 02-Apr-2021 17:39:19 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://koton-magazadzhylyk.tam.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 02-Apr-2021 17:39:19 GMT

GET
H/1.1 200
OK request_content.php Show response
hal900021.redintelligence.net/ Frame 7D0F 3 KB
2 KB 126ms
40ms Document
text/html 138.201.84.253
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900021.redintelligence.net/request_content.php?s=47604100177899500951393011552021&a=00001f2b
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=15f3839615&subid=&uid=25e6fd2ac11dcb52&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=BAAAAAAAAAAAAAAAAAluAA%2F%2F%2F%2F%2F%2F%2BABgCeAJ4Ang&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D7289669487851265613%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_uuid%3D81186067-56c7-4701-aeb0-f9c97ec52773%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC9695xlZnYPuUOc6h7gPc7oXADM-HjptcwIbZgsYCwI23ARABIABglYq4gsgHggEXY2EtcHViLTgyNDEwNDk0OTc2MDg5OTfIAQmoAwGqBL4BT9AL236x_EUAsO_TkszafSpvsH25b8IXjun0yMRqrVUECyoj1iynUE_fCbGgW9kNTBj4xN6m5L2OHT5ZeR1R4Yf2Bkla8Xh-zW1INjZhxknM4KGAHYyMnJCyJ7KyeOEt828L8vdFxxqLq6BDwofAHztyTv2vs1nn6zDVwDSJR5LZedAtZD2s9bYKcgGE8PrcnFnGFgv9xoWFepdpS4vfFBv2oHmVb3aiLOSWiWX-8AqVL4IC4HaMtZJYOPJlXoAGkKXs7-GYgM7XAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi0yNzQ3NzM0Mjc0NzUyNDgy-gsCCAGADAE%2526num%253D1%2526sig%253DAOD64_3sYO4aMWi1XDNv8sRE8iNBsPnAnQ%2526client%253Dca-pub-8241049497608997%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&ancestorOrigins=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2Chttps%3A%2F%2Fkoton-magazadzhylyk.tam.by&random=6434778987569&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.253 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.253.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: b2cbab4014ee47277958ce9b2e92b75355dfa2c107846c08d92615106ecce7db

Request headers

Host: hal900021.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: 8lcfmzhxc8d6_uid=1ae228f973cce275
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

Date: Fri, 02 Apr 2021 17:39:20 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Fri, 02 Apr 2021 18:39:20 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1311
Connection: close
Content-Type: text/html; charset=utf-8

GET
H3-Q050 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8342 1 KB
754 B 6ms
6ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 02 Apr 2021 16:59:40 GMT
expires: Sat, 03 Apr 2021 16:59:40 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 2380
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/1.25.0/619621/AHIwugcVEATnKCeI/ Frame 157C 0
145 B 199ms
46ms XHR
text/plain 18.203.213.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/1.25.0/619621/AHIwugcVEATnKCeI/postback?oz_pl=1&sr=4&si=472641958&ai=216536&c1=4562306&dt=6196211556140246740000&pd=avt&r1=2a01%3A4f8%3A192%3A%3A&ci=619621&di=https%3A%2F%2Fkoton-magazadzhylyk.tam.by&pp=pub-8241049497608997&r3=&de=43003&ac=651871&ti=7289669487851265613&pv=1ff27708-dd70-446f-a990-98fe81b508e1&dm=300x250&cr=6622326&r2=&ui=1f2dbbd2-e89c-a81b-0000-000000000000&ap=
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//koton-magazadzhylyk.tam.by&ui=1f2dbbd2-e89c-a81b-0000-000000000000&ap=&ti=7289669487851265613&pv=1ff27708-dd70-446f-a990-98fe81b508e1&pp=pub-8241049497608997&sr=4&de=43003&si=472641958&dm=300x250&ac=651871&cr=6622326&ai=216536&c1=4562306&r1=2a01:4f8:192::&r2=&r3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.213.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-213-28.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 02 Apr 2021 17:39:19 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK main.js Show response
s.update.mediamathtag.com/2/1.25.0/ Frame 157C 121 KB
38 KB 55ms
54ms Script
application/javascript 18.203.213.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.update.mediamathtag.com/2/1.25.0/main.js?o=1

Requested by

Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//koton-magazadzhylyk.tam.by&ui=1f2dbbd2-e89c-a81b-0000-000000000000&ap=&ti=7289669487851265613&pv=1ff27708-dd70-446f-a990-98fe81b508e1&pp=pub-8241049497608997&sr=4&de=43003&si=472641958&dm=300x250&ac=651871&cr=6622326&ai=216536&c1=4562306&r1=2a01:4f8:192::&r2=&r3=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

18.203.213.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-203-213-28.eu-west-1.compute.amazonaws.com

Software

Resource Hash

299664e524851e4d14341a591566d7b903be58b6d05264f93e5004f9f8b0470d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Apr 2021 17:39:19 GMT
Content-Encoding: br
Accept-Ch: Viewport-Width, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: Origin, Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, no-transform, immutable, max-age=999999999
Strict-Transport-Security: max-age=31536000; includeSubDomains
Timing-Allow-Origin: *
Content-Length: 38635
Expires: Mon, 09 Dec 2052 08:06:40 GMT

GET
H2 204 event
ads.adfox.ru/312020/ 0
37 B 90ms
90ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/312020/event?hash=06163f0dc8df6021&pm=bmu&pxo=wVrzWNzYJ7Y1XAqmmMtMD55fqTrthp-hOmV6pOxXEoaONtfkYj0C8JtmHGWk1AQd7BR2egqnh5MrOTTfypBNquLYVjZEZ_93rJn-rguJAy_eXaNeLfumZVBqtRE_HD_scui7sDi6QEHxBj9oMoUUR7gB4hOeEsTGo3M2yS7H7WOCdTbd&p5=gxcpb&rand=dnpnnn&sj=6_TwB-Xz-07S7kUESAflmb6HH82acFEM3Fb_y9mNoziyGKSoOK9D7YGKjS5AiA%3D%3D&ad-session-id=5757701617385158233&lts=fgdijpm&ytt=553054348773397&ybv=0.14318&ylv=0.14318&dl=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&pr=fezzvtj&p1=cjsjp&rqs=xuJqASf_QjnGVmdg9_rfj4Kx4g7iy5_A&rtb-si=b&p2=gmyu&resp-time=1470

Requested by

Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 02 Apr 2021 17:39:20 GMT
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 8342 0
104 B 95ms
62ms Image
text/plain 2a02:fa8:8806:12::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEEVpHWvLe5eUUXuCwPMuEhs&google_cver=1&google_push=AQvitUKnaVKBbvyrqdmgjtyx1lKEXERPRDtVS26RCucHHgrfH5SvFzYU2PtZJ6bAqRqonyBlh5Cbr3tWqWAOgJsskSsf61QGJ2E
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_300x250_3_floors_1&adk=105888313&adf=3279755398&pi=t.ma~as.tut.by_publishers_3_&w=300&fwrn=3&lmt=1617385158&psa=0&format=300x250&url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&ea=0&flash=0&wgl=1&dt=1617385158754&bpp=9&bdt=116&idt=135&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&correlator=8250955427519&frm=23&ife=1&pv=2&ga_vid=1948603448.1617385158&ga_sid=1617385159&ga_hid=1075486008&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=704121822&scr_x=0&scr_y=0&eid=42530672%2C182982000%2C44740079%2C44739387&oid=3&pvsid=2257477843771454&loc=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CEr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.gl6j26hfki01&fsb=1&dtd=163
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:20 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 8342 0
191 B 143ms
42ms Image
text/plain 66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEP2DhSY2E2-zMUazhFdhRS4&google_cver=1&google_push=AQvitUIUiAuLyiU8fdF1d5Jh_JDcRkBCBw3QNstQYXt7g4XnB2PymEXmV_bFa123jxziAraNzS2Sj9dI4uYOki2PNlcP8rBWc54
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_300x250_3_floors_1&adk=105888313&adf=3279755398&pi=t.ma~as.tut.by_publishers_3_&w=300&fwrn=3&lmt=1617385158&psa=0&format=300x250&url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&ea=0&flash=0&wgl=1&dt=1617385158754&bpp=9&bdt=116&idt=135&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&correlator=8250955427519&frm=23&ife=1&pv=2&ga_vid=1948603448.1617385158&ga_sid=1617385159&ga_hid=1075486008&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=704121822&scr_x=0&scr_y=0&eid=42530672%2C182982000%2C44740079%2C44739387&oid=3&pvsid=2257477843771454&loc=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CEr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.gl6j26hfki01&fsb=1&dtd=163
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:19 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 8342 0
136 B 127ms
54ms Image
text/plain 34.96.105.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEO8N6Pl8RLMadocsUjI8Ucg&google_cver=1&google_push=AQvitULKJ7jGv0PMZuHzWHM2-Bb-nuIUl2DA0aZXO-C-GL1sEq24on3iMc3OQTUOLJ6jF5SgD_seumCDCZ7jFflp8RBQNSd8R_4
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_300x250_3_floors_1&adk=105888313&adf=3279755398&pi=t.ma~as.tut.by_publishers_3_&w=300&fwrn=3&lmt=1617385158&psa=0&format=300x250&url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&ea=0&flash=0&wgl=1&dt=1617385158754&bpp=9&bdt=116&idt=135&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&correlator=8250955427519&frm=23&ife=1&pv=2&ga_vid=1948603448.1617385158&ga_sid=1617385159&ga_hid=1075486008&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=704121822&scr_x=0&scr_y=0&eid=42530672%2C182982000%2C44740079%2C44739387&oid=3&pvsid=2257477843771454&loc=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CEr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.gl6j26hfki01&fsb=1&dtd=163
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:20 GMT
via: 1.1 google
alt-svc: clear

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8342
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGjVjWnl0DQzX-ObD8iCopg&google_cver=1&google_push=AQvitUJr1t0IS_MpCaruAIqciP6atC7VYKVLfyiNMjm4ZMYJ_i2wLL_EVx-iIGN2Iy_X_Gfc8V72l4hjglFzFrEznZxoee4...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUJr1t0IS_MpCaruAIqciP6atC7VYKVLfyiNMjm4ZMYJ_i2wLL_EVx-iIGN2Iy_X_Gfc8V72l4hjglFzFrEznZxoee4dCD8&google_hm=NDczMDU3OTc1NTEyMjgwNTc...

170 B
243 B

49ms
49ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUJr1t0IS_MpCaruAIqciP6atC7VYKVLfyiNMjm4ZMYJ_i2wLL_EVx-iIGN2Iy_X_Gfc8V72l4hjglFzFrEznZxoee4dCD8&google_hm=NDczMDU3OTc1NTEyMjgwNTc1MA%3D%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 02 Apr 2021 17:39:20 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUJr1t0IS_MpCaruAIqciP6atC7VYKVLfyiNMjm4ZMYJ_i2wLL_EVx-iIGN2Iy_X_Gfc8V72l4hjglFzFrEznZxoee4dCD8&google_hm=NDczMDU3OTc1NTEyMjgwNTc1MA%3D%3D
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 8342
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDRauMKZHTXr0dIJeJ8lxSw&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEDRauMKZHTXr0dIJeJ8lxSw&google_push=AQ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YGdWyPCERkRlBEzkHVOYggAAAoMAAAIB&google_push=AQvitUIbQw8uj8-OggFP97wg27H6luW_RkuBZj5CENYLO5yj9q4Dluqdp16XFpqQ3MVZfAbcFbKnscTqFFHp2VX0Cl...

170 B
213 B

47ms
46ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YGdWyPCERkRlBEzkHVOYggAAAoMAAAIB&google_push=AQvitUIbQw8uj8-OggFP97wg27H6luW_RkuBZj5CENYLO5yj9q4Dluqdp16XFpqQ3MVZfAbcFbKnscTqFFHp2VX0ClH6KoV9ys4&google_gid=CAESEDRauMKZHTXr0dIJeJ8lxSw&google_cver=1

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 02 Apr 2021 17:39:20 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YGdWyPCERkRlBEzkHVOYggAAAoMAAAIB&google_push=AQvitUIbQw8uj8-OggFP97wg27H6luW_RkuBZj5CENYLO5yj9q4Dluqdp16XFpqQ3MVZfAbcFbKnscTqFFHp2VX0ClH6KoV9ys4&google_gid=CAESEDRauMKZHTXr0dIJeJ8lxSw&google_cver=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 459
Expires: Fri, 02 Apr 2021 17:39:20 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 8342
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEE...
https://sync.targeting.unrulymedia.com/csync/RX-57b87953-5074-4f0d-8c38-a397a88729b6-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAQvitUIZFNWlpuuKZl6tXXiP4...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AQvitUIZFNWlpuuKZl6tXXiP4n8cFavrWUvW_rybGynD3eTWuDkcNORy2Wlyv13y82Lt2m6NRB0W10eAfUKYrYcurMWZMJ3D6vk&google_hm=A1e4eVNQdE8NjDijl6iHKbY

170 B
190 B

44ms
43ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AQvitUIZFNWlpuuKZl6tXXiP4n8cFavrWUvW_rybGynD3eTWuDkcNORy2Wlyv13y82Lt2m6NRB0W10eAfUKYrYcurMWZMJ3D6vk&google_hm=A1e4eVNQdE8NjDijl6iHKbY

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 02 Apr 2021 17:39:20 GMT
Server: Tengine
ETag: RX57b8795350744f0d8c38a397a88729b6003
Transfer-Encoding: chunked
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AQvitUIZFNWlpuuKZl6tXXiP4n8cFavrWUvW_rybGynD3eTWuDkcNORy2Wlyv13y82Lt2m6NRB0W10eAfUKYrYcurMWZMJ3D6vk&google_hm=A1e4eVNQdE8NjDijl6iHKbY
Connection: keep-alive
Content-Type: text/html

GET
H2 200 dot.gif
s0.2mdn.net/ Frame 8342 43 B
122 B 14ms
13ms Image
image/gif 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEHId_w78SmOD7ipC0IBMiKE&google_cver=1&google_push=AQvitUIRuJ5WgLRVW0P0PN3WB7jTvyR6Mfmdd4ggV1yTr9CZIHfzQzf_fn_XYYL3UlWGBWLXEGM3pDYxksyHmHTB2lFrcT7v5iGY

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Sat, 03 Apr 2021 17:39:20 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 8342 0
40 B 47ms
46ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KkjN-iQryulrinagNyQfEeejeSqkytl_S0_E2MFF-hYDFCxO2nzmfsYiyEtF0cprbzdv5u7w

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:20 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK S-300x250.gif
cdn.contentspread.net/24i/content/soberfb/DE/ Frame 7D0F 70 KB
71 KB 171ms
55ms Image
image/gif 88.99.69.161
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/content/soberfb/DE/S-300x250.gif
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=47604100177899500951393011552021&a=00001f2b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.69.161 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.161.69.99.88.clients.your-server.de
Software: nginx /
Resource Hash: 8aa79a5d6fdffd63c26f013cd8f1bcb12ed624ef714702b5850cc30b673e6a37

Request headers

Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Apr 2021 17:39:20 GMT
Last-Modified: Mon, 23 Jul 2018 15:19:52 GMT
Server: nginx
ETag: "5b55f218-119bc"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 72124

GET
H/1.1 200
OK viewability Show response
hal900021.redintelligence.net/ Frame 7D0F 0
150 B 112ms
36ms Script
text/html 138.201.84.253
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900021.redintelligence.net/viewability?s=47604100177899500951393011552021&a=f7d5ab81&vb=m
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=47604100177899500951393011552021&a=00001f2b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.253 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.253.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal900021.redintelligence.net/request_content.php?s=47604100177899500951393011552021&a=00001f2b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Apr 2021 17:39:20 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 7D0F 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK addDoubleBorder.js Show response
cdn.contentspread.net/24i/tools/js/ Frame 7D0F 851 B
1 KB 149ms
36ms Script
application/javascript 88.99.69.161
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.contentspread.net/24i/tools/js/addDoubleBorder.js
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=47604100177899500951393011552021&a=00001f2b
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.69.161 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.161.69.99.88.clients.your-server.de
Software: nginx /
Resource Hash: abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Apr 2021 17:39:20 GMT
Last-Modified: Tue, 03 May 2016 20:54:50 GMT
Server: nginx
ETag: "5729101a-353"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 851

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/1.25.0/619621/AHIwugcVEATnKCeI/ Frame 157C 0
145 B 113ms
50ms XHR
text/plain 18.203.213.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/1.25.0/619621/AHIwugcVEATnKCeI/postback?oz_pl=1&sr=4&si=472641958&ai=216536&c1=4562306&dt=6196211556140246740000&pd=avt&r1=2a01%3A4f8%3A192%3A%3A&ci=619621&di=https%3A%2F%2Fkoton-magazadzhylyk.tam.by&pp=pub-8241049497608997&r3=&de=43003&ac=651871&ti=7289669487851265613&pv=1ff27708-dd70-446f-a990-98fe81b508e1&dm=300x250&cr=6622326&r2=&ui=1f2dbbd2-e89c-a81b-0000-000000000000&ap=
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//koton-magazadzhylyk.tam.by&ui=1f2dbbd2-e89c-a81b-0000-000000000000&ap=&ti=7289669487851265613&pv=1ff27708-dd70-446f-a990-98fe81b508e1&pp=pub-8241049497608997&sr=4&de=43003&si=472641958&dm=300x250&ac=651871&cr=6622326&ai=216536&c1=4562306&r1=2a01:4f8:192::&r2=&r3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.213.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-213-28.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 02 Apr 2021 17:39:19 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/1.25.0/619621/AHIwugcVEATnKCeI/ Frame 157C 0
145 B 139ms
51ms XHR
text/plain 18.203.213.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/1.25.0/619621/AHIwugcVEATnKCeI/postback?sr=4&si=472641958&ai=216536&c1=4562306&dt=6196211556140246740000&pd=avt&r1=2a01%3A4f8%3A192%3A%3A&ci=619621&di=https%3A%2F%2Fkoton-magazadzhylyk.tam.by&pp=pub-8241049497608997&r3=&de=43003&ac=651871&ti=7289669487851265613&pv=1ff27708-dd70-446f-a990-98fe81b508e1&dm=300x250&cr=6622326&r2=&ui=1f2dbbd2-e89c-a81b-0000-000000000000&ap=&sid=AHIwugcVEATnKCeI&oz_sc=d58a9c4111e9e901a1d8996f&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/1.25.0/main.js?o=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.213.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-213-28.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 02 Apr 2021 17:39:20 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7B04 8 KB
6 KB 17ms
17ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210331&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cd7c2c544a508f39217dc39ec2add8939f6d3153a253eec34f866dbb1496e71b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Apr 2021 17:39:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6537
x-xss-protection: 0

GET
H2 200 v2 Show response
an.yandex.ru/adfox/246762/getBulk/ 170 B
245 B 64ms
64ms XHR
application/json 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/246762/getBulk/v2?dl=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&date=2021-04-02T19%3A39%3A20.375%2B02%3A00&pd=2&pdh=1200&pdw=1600&pr1=590101215&pr=1603982883&prr=&pv=19&pw=5&extid_loader=MTYxNzM4NTE1ODgxODEwNDU1Mw%3D%3D&extid_tag_loader=koton-magazadzhylyk.tam.by&ylv=0.14318&ybv=0.14318&ytt=553054349297685&is-turbo=0&skip-token=yabs.NzIwNTc2MDM4ODE5ODYzNTIKNzIwNTc2MDQ1MzM2MjE3NzU%3D&ad-session-id=5757701617385158233&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A1600%2C%22h%22%3A0%2C%22width%22%3A1600%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A0%2C%22top%22%3A0%2C%22req_no%22%3A2%2C%22ad_no%22%3A4%7D&enable-flat-highlight=1&pcode-version=0&yandexuid=13555295991270858395&sign=1511f415367631f835dc93d98eeb7dcd&p1=cgcgp&p2=ftad&puid1=15800&puid2=&puid4=&puid5=0&puid17=1914&slotNumber=3&matchid-direct=1&bids=W10%3D&grab=dNCa0J7QotCe0J0g0JzQkNCT0JDQl9CQ0JTQltCr0JvQq9CaINCyINCc0LjQvdGB0LrQtQox0JrQntCi0J7QnSDQnNCQ0JPQkNCX0JDQlNCW0KvQm9Cr0JogCjLQodC60LjQtNC60Lgg0Lgg0LDQutGG0LjQuCAKMtCQ0LTRgNC10YEgCg%3D%3D&utf8=%E2%9C%93&duid=MTYxNzM4NTE1ODgxODEwNDU1Mw%3D%3D&use-server-side-rendering=1

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

2fcd73085b1909e564982e93e67adf0f176194604e9c550fc8d88a27883b0402

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:20 GMT
content-encoding: gzip
last-modified: Fri, 02 Apr 2021 17:39:20 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://koton-magazadzhylyk.tam.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 02 Apr 2021 17:39:20 GMT

GET
H2 200 v2 Show response
an.yandex.ru/adfox/312020/getBulk/ 6 KB
2 KB 238ms
238ms XHR
application/json 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/312020/getBulk/v2?dl=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&date=2021-04-02T19%3A39%3A20.381%2B02%3A00&pd=2&pdh=1200&pdw=1600&pr1=3041730353&pr=1603982883&prr=&pv=19&pw=5&extid_loader=MTYxNzM4NTE1ODgxODEwNDU1Mw%3D%3D&extid_tag_loader=koton-magazadzhylyk.tam.by&ylv=0.14318&ybv=0.14318&ytt=553054349297685&is-turbo=0&skip-token=yabs.NzIwNTc2MDM4ODE5ODYzNTIKNzIwNTc2MDQ1MzM2MjE3NzU%3D&ad-session-id=5757701617385158233&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A1208%2C%22h%22%3A0%2C%22width%22%3A1208%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A196%2C%22top%22%3A488%2C%22req_no%22%3A3%2C%22ad_no%22%3A4%7D&enable-flat-highlight=1&pcode-version=0&yandexuid=13555295991270858395&sign=1511f415367631f835dc93d98eeb7dcd&p1=cjsja&p2=gmyw&puid17=1914&slotNumber=6&matchid-direct=1&bids=W10%3D&grab=dNCa0J7QotCe0J0g0JzQkNCT0JDQl9CQ0JTQltCr0JvQq9CaINCyINCc0LjQvdGB0LrQtQox0JrQntCi0J7QnSDQnNCQ0JPQkNCX0JDQlNCW0KvQm9Cr0JogCjLQodC60LjQtNC60Lgg0Lgg0LDQutGG0LjQuCAKMtCQ0LTRgNC10YEgCg%3D%3D&utf8=%E2%9C%93&duid=MTYxNzM4NTE1ODgxODEwNDU1Mw%3D%3D&use-server-side-rendering=1

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

38e4cfe3a21bfa875fcf03364d3871b819471ecac56638555f2c054856268c6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:20 GMT
content-encoding: gzip
last-modified: Fri, 02 Apr 2021 17:39:20 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://koton-magazadzhylyk.tam.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 02 Apr 2021 17:39:20 GMT

GET
H2 200 v2 Show response
an.yandex.ru/adfox/312020/getBulk/ 6 KB
2 KB 407ms
403ms XHR
application/json 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/312020/getBulk/v2?dl=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&date=2021-04-02T19%3A39%3A20.385%2B02%3A00&pd=2&pdh=1200&pdw=1600&pr1=947446884&pr=1603982883&prr=&pv=19&pw=5&extid_loader=MTYxNzM4NTE1ODgxODEwNDU1Mw%3D%3D&extid_tag_loader=koton-magazadzhylyk.tam.by&ylv=0.14318&ybv=0.14318&ytt=553054349297685&is-turbo=0&skip-token=yabs.NzIwNTc2MDM4ODE5ODYzNTIKNzIwNTc2MDQ1MzM2MjE3NzU%3D&ad-session-id=5757701617385158233&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A888%2C%22h%22%3A0%2C%22width%22%3A888%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A196%2C%22top%22%3A509%2C%22req_no%22%3A4%2C%22ad_no%22%3A4%7D&enable-flat-highlight=1&pcode-version=0&yandexuid=13555295991270858395&sign=1511f415367631f835dc93d98eeb7dcd&p1=cjsiy&p2=gmyv&slotNumber=7&matchid-direct=1&bids=W10%3D&grab=dNCa0J7QotCe0J0g0JzQkNCT0JDQl9CQ0JTQltCr0JvQq9CaINCyINCc0LjQvdGB0LrQtQox0JrQntCi0J7QnSDQnNCQ0JPQkNCX0JDQlNCW0KvQm9Cr0JogCjLQodC60LjQtNC60Lgg0Lgg0LDQutGG0LjQuCAKMtCQ0LTRgNC10YEgCg%3D%3D&utf8=%E2%9C%93&duid=MTYxNzM4NTE1ODgxODEwNDU1Mw%3D%3D&use-server-side-rendering=1

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

a3ef2dd4a7ae98108ed7b9a1543411fb3768cf05b7a6c722a6d70f5803a5ec5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:20 GMT
content-encoding: gzip
last-modified: Fri, 02 Apr 2021 17:39:20 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://koton-magazadzhylyk.tam.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 02 Apr 2021 17:39:20 GMT

GET
H2 200 v2 Show response
an.yandex.ru/adfox/312020/getBulk/ 97 KB
27 KB 245ms
245ms XHR
application/json 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/312020/getBulk/v2?dl=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&date=2021-04-02T19%3A39%3A20.407%2B02%3A00&pd=2&pdh=1200&pdw=1600&pr1=804970374&pr=1603982883&prr=&pv=19&pw=5&extid_loader=MTYxNzM4NTE1ODgxODEwNDU1Mw%3D%3D&extid_tag_loader=koton-magazadzhylyk.tam.by&ylv=0.14318&ybv=0.14318&ytt=553054349297685&is-turbo=0&skip-token=yabs.NzIwNTc2MDM4ODE5ODYzNTIKNzIwNTc2MDQ1MzM2MjE3NzU%3D&ad-session-id=5757701617385158233&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A1248%2C%22h%22%3A0%2C%22width%22%3A1248%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A176%2C%22top%22%3A1586%2C%22req_no%22%3A5%2C%22ad_no%22%3A4%7D&enable-flat-highlight=1&pcode-version=0&yandexuid=13555295991270858395&sign=1511f415367631f835dc93d98eeb7dcd&p1=cjsiz&p2=gmyw&slotNumber=8&matchid-direct=1&bids=W10%3D&grab=dNCa0J7QotCe0J0g0JzQkNCT0JDQl9CQ0JTQltCr0JvQq9CaINCyINCc0LjQvdGB0LrQtQox0JrQntCi0J7QnSDQnNCQ0JPQkNCX0JDQlNCW0KvQm9Cr0JogCjLQodC60LjQtNC60Lgg0Lgg0LDQutGG0LjQuCAKMtCQ0LTRgNC10YEgCg%3D%3D&utf8=%E2%9C%93&duid=MTYxNzM4NTE1ODgxODEwNDU1Mw%3D%3D&use-server-side-rendering=1

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

192709a2fe8cb11e817ed812280e64603be492744f5b9c68d139c9f2269beb78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:20 GMT
content-encoding: gzip
last-modified: Fri, 02 Apr 2021 17:39:20 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://koton-magazadzhylyk.tam.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 02 Apr 2021 17:39:20 GMT

GET
H2 200 v2 Show response
an.yandex.ru/adfox/312020/getBulk/ 6 KB
2 KB 327ms
326ms XHR
application/json 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/312020/getBulk/v2?dl=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&date=2021-04-02T19%3A39%3A20.416%2B02%3A00&pd=2&pdh=1200&pdw=1600&pr1=3517573126&pr=1603982883&prr=&pv=19&pw=5&extid_loader=MTYxNzM4NTE1ODgxODEwNDU1Mw%3D%3D&extid_tag_loader=koton-magazadzhylyk.tam.by&ylv=0.14318&ybv=0.14318&ytt=553054349297685&is-turbo=0&skip-token=yabs.NzIwNTc2MDM4ODE5ODYzNTIKNzIwNTc2MDQ1MzM2MjE3NzU%3D&ad-session-id=5757701617385158233&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A1248%2C%22h%22%3A0%2C%22width%22%3A1248%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A176%2C%22top%22%3A2414%2C%22req_no%22%3A6%2C%22ad_no%22%3A4%7D&enable-flat-highlight=1&pcode-version=0&yandexuid=13555295991270858395&sign=1511f415367631f835dc93d98eeb7dcd&p1=cjsja&p2=gmyw&puid17=1914&slotNumber=11&matchid-direct=1&bids=W10%3D&grab=dNCa0J7QotCe0J0g0JzQkNCT0JDQl9CQ0JTQltCr0JvQq9CaINCyINCc0LjQvdGB0LrQtQox0JrQntCi0J7QnSDQnNCQ0JPQkNCX0JDQlNCW0KvQm9Cr0JogCjLQodC60LjQtNC60Lgg0Lgg0LDQutGG0LjQuCAKMtCQ0LTRgNC10YEgCg%3D%3D&utf8=%E2%9C%93&duid=MTYxNzM4NTE1ODgxODEwNDU1Mw%3D%3D&use-server-side-rendering=1

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

158cb00229b24e409c7e49c23031d0963b143a724b301a900511b7e56920af40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:20 GMT
content-encoding: gzip
last-modified: Fri, 02 Apr 2021 17:39:20 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://koton-magazadzhylyk.tam.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 02 Apr 2021 17:39:20 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7B04 17 KB
6 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Fri, 02 Apr 2021 17:39:20 GMT

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/1.25.0/619621/AHIwugcVEATnKCeI/ Frame 157C 0
145 B 51ms
51ms XHR
text/plain 18.203.213.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/1.25.0/619621/AHIwugcVEATnKCeI/postback?sr=4&si=472641958&ai=216536&c1=4562306&dt=6196211556140246740000&pd=avt&r1=2a01%3A4f8%3A192%3A%3A&ci=619621&di=https%3A%2F%2Fkoton-magazadzhylyk.tam.by&pp=pub-8241049497608997&r3=&de=43003&ac=651871&ti=7289669487851265613&pv=1ff27708-dd70-446f-a990-98fe81b508e1&dm=300x250&cr=6622326&r2=&ui=1f2dbbd2-e89c-a81b-0000-000000000000&ap=&sid=AHIwugcVEATnKCeI&oz_sc=d58a9c4111e9e901a1d8996f&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/1.25.0/main.js?o=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.213.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-213-28.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 02 Apr 2021 17:39:20 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 3E8F 12 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://koton-magazadzhylyk.tam.by/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://koton-magazadzhylyk.tam.by/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Fri, 02 Apr 2021 15:43:08 GMT
expires: Sat, 02 Apr 2022 15:43:08 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 6972
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 DbMZ0rSwrYdtGIgs0aJlrMhQhsJZwxQeXkiX5VBkOL0.js Show response
pagead2.googlesyndication.com/bg/ Frame 3E8F 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DbMZ0rSwrYdtGIgs0aJlrMhQhsJZwxQeXkiX5VBkOL0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0db319d2b4b0ad876d18882cd1a265acc85086c259c3141e5e4897e5506438bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 00:38:23 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 61257
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5732
x-xss-protection: 0
expires: Sat, 02 Apr 2022 00:38:23 GMT

GET
DATA 200
OK truncated Show response
/ Frame F3AE 13 B
13 B Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/html;charset=utf-8

GET
H3-Q050 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 728C 133 KB
47 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83c54916208ba4fec97b8c109dc1d26f5e2231ced12bee8032864c219b7d14e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47703
x-xss-protection: 0
server: cafe
etag: 6346030555081020592
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 02 Apr 2021 17:39:20 GMT

GET
H2 204 event
ads.adfox.ru/312020/ 0
14 B 74ms
73ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/312020/event?hash=1bd89614557d30be&pm=bmo&pxo=HsYtf160w1Xb-WdoeG5qIFHVxm4MkWylO1Wvtn6AR6Z7m1U6WNwu9CF-Rd97vkz-WD9iVbL-VglbkV5X6MraUX9fgYXNYTqLwZwLXgHDrLvOP74eVK0ceVxJrvFgyRux_OYXPzg6u8UM9hogy7lQjMkJYjqHlEZUDOvWFddvwlDD-EeELHY%3D&p5=gxcpc&rand=mvaptrl&sj=aFmI0GYYtaTxm0g4fYKuJxh43fPnh6DfePRC0ulMJOgOIB0qjz6WnF0axEoeiw%3D%3D&ad-session-id=5757701617385158233&lts=fgdijpo&ytt=553054349297685&ybv=0.14318&ylv=0.14318&dl=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&rtb-si=b&p2=gmyw&puid17=1914&pr=fezzvtj&p1=cjsja&rqs=xuJqASf_QjnIVmdgvQdkQpkftkVFpLgc

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 02 Apr 2021 17:39:20 GMT
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 204 event
ads.adfox.ru/312020/ 0
14 B 76ms
76ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/312020/event?hash=988bafc14b3bdb23&pm=bmp&pxo=wVrzWNzYJ7Y1XAqmmMtMD55fqTrthp-hOmV6pOxXEoaONtfkYj0C8JtmHGWk1AQd7BR2egqnh5MrOTTfypBNquLYVjZEZ_93rJn-rguJAy_eXaNeLfumZVBqtRE_HD_scui7sDi6QEHxBj9oMoUUR7gB4hOeEsTGo3M2yS7H7WOCdTbd&p5=gxcpb&rand=cepgtyg&sj=6_TwB-Xz-07S7kUESAflmb6HH82acFEM3Fb_y9mNoziyGKSoOK9D7YGKjS5AiA%3D%3D&ad-session-id=5757701617385158233&lts=fgdijpm&ytt=553054348773397&ybv=0.14318&ylv=0.14318&dl=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&pr=fezzvtj&p1=cjsjp&rqs=xuJqASf_QjnGVmdg9_rfj4Kx4g7iy5_A&rtb-si=b&p2=gmyu

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 02 Apr 2021 17:39:20 GMT
x-content-type-options: nosniff
timing-allow-origin: *

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210331/r20190131/ Frame 728C 225 KB
84 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210331/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8241049497608997&plah=koton-magazadzhylyk.tam.by&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ee65ec4e6687e75cf0082dffb5a452a42d4353263efe439959072d89b7f437b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86022
x-xss-protection: 0
server: cafe
etag: 6413673484793450264
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 02 Apr 2021 17:39:20 GMT

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/1.25.0/619621/AHIwugcVEATnKCeI/ Frame 157C 0
145 B 56ms
55ms XHR
text/plain 18.203.213.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/1.25.0/619621/AHIwugcVEATnKCeI/postback?sr=4&si=472641958&ai=216536&c1=4562306&dt=6196211556140246740000&pd=avt&r1=2a01%3A4f8%3A192%3A%3A&ci=619621&di=https%3A%2F%2Fkoton-magazadzhylyk.tam.by&pp=pub-8241049497608997&r3=&de=43003&ac=651871&ti=7289669487851265613&pv=1ff27708-dd70-446f-a990-98fe81b508e1&dm=300x250&cr=6622326&r2=&ui=1f2dbbd2-e89c-a81b-0000-000000000000&ap=&sid=AHIwugcVEATnKCeI&oz_sc=d58a9c4111e9e901a1d8996f&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/1.25.0/main.js?o=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.213.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-213-28.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 02 Apr 2021 17:39:20 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 y300
avatars.mds.yandex.net/get-direct/225309/addSm6e82LUuQ6Xl04EG8Q/ 22 KB
22 KB 50ms
48ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/225309/addSm6e82LUuQ6Xl04EG8Q/y300
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 3fd3d93f4b71c891005240b5ddb47c4c21a2479f03069387af6504dba1d6c185

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:20 GMT
last-modified: Wed, 09 Jan 2019 07:52:31 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 22446
x-request-id: 9a97bcf75484375e

GET
H2 200 arrow-light.svg
yastatic.net/pcode-static/resources/32/poster/ 573 B
865 B 33ms
32ms Image
image/svg+xml 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yastatic.net/pcode-static/resources/32/poster/arrow-light.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

8f0e6d4660923d760d33c0530003fbd85a1398c4a7ea2c078adf7e81dd7d3e10

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:20 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 317
last-modified: Fri, 15 May 2020 06:40:57 GMT
server: nginx/1.17.9
etag: "9d7414a5605d903642bcfb972f42010d"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=216013
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Apr 2021 05:37:26 GMT

GET
H2 200 y300
avatars.mds.yandex.net/get-direct/2864005/tmjIaO3abHFsSXofIFn82g/ 18 KB
18 KB 50ms
49ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/2864005/tmjIaO3abHFsSXofIFn82g/y300
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: fb121237cb0699e072b94e1bc1ff08c0542ff590bcaf6545d63520a715ea90bf

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:20 GMT
last-modified: Fri, 16 Oct 2020 12:36:00 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 18086
x-request-id: 1a4b78e8afb04dff

GET
H2 200 y300
avatars.mds.yandex.net/get-direct/4384279/Pi88bg8uruj0JKl7uHm4Yg/ 17 KB
18 KB 92ms
91ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/4384279/Pi88bg8uruj0JKl7uHm4Yg/y300
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 30822450163784ae177c0ba522427361217be14246213279b8164eb6cf1fdca6

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:20 GMT
last-modified: Mon, 25 Jan 2021 19:52:16 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 17680
x-request-id: 363f689c2b5320c5

GET
H2 200 x450
avatars.mds.yandex.net/get-direct/114553/J5Bn-HuSdl7wrxJfuwM-Wg/ 38 KB
38 KB 92ms
92ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/114553/J5Bn-HuSdl7wrxJfuwM-Wg/x450
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 37904719aee82c400a0c9b1067eccb2cf9f01a2a4c40f0a8512e7c860b72c7ed

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:20 GMT
last-modified: Wed, 06 Jun 2018 19:56:49 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 38918
x-request-id: 7dc424beeb3541bf

GET
H3-Q050 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 1749 133 KB
47 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83c54916208ba4fec97b8c109dc1d26f5e2231ced12bee8032864c219b7d14e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47703
x-xss-protection: 0
server: cafe
etag: 6346030555081020592
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 02 Apr 2021 17:39:20 GMT

GET
H2 204 event
ads.adfox.ru/312020/ 0
14 B 87ms
86ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/312020/event?hash=e5b479565657c698&pm=bmo&pxo=dKtKOeAPXpLNhJJ1FQblexPzBFtqMoBtGrQwRdr9vmoqVmX6BimPb_hnFWUe4PN8poyqzo7W_Kal7kfYcyLW2NPyDbGeKApJE9Ll_2Z5lxhLohgJQo9tEFNrBl_7CuPAWMv-Kx6khRXLUAH1jT7zwJiXE-M0Hnpe7nYIlDBFMapbBMdZRAk%3D&p5=gxcpc&rand=kgccdvj&sj=RMnyaCmz3Z56ajl7cvC-JQ5up9Kdu3BVpmfO5t2T9z1_GBaJgMkbq4v1yz1XZA%3D%3D&ad-session-id=5757701617385158233&lts=fgdijpo&ytt=553054349297685&ybv=0.14318&ylv=0.14318&dl=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&rtb-si=b&p2=gmyw&puid17=1914&pr=fezzvtj&p1=cjsja&rqs=xuJqASf_QjnIVmdgRlDwh0K9IYtEXa31

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 02 Apr 2021 17:39:20 GMT
x-content-type-options: nosniff
timing-allow-origin: *

GET
H3-Q050 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 728C 12 B
215 B 85ms
85ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=koton-magazadzhylyk.tam.by&callback=_gfp_s_&client=ca-pub-8241049497608997&cookie=ID%3Dbe4596db7a55dd94-22d3041cf5ba00de%3AT%3D1617385158%3ART%3D1617385158%3AS%3DALNI_MYKkSBEnsLZVtwi7km82YnLyg1CMA

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame 728C 107 B
146 B 16ms
16ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=koton-magazadzhylyk.tam.by

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Apr 2021 17:39:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 728C 107 B
123 B 16ms
16ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=koton-magazadzhylyk.tam.by

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Apr 2021 17:39:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E98F 71 KB
24 KB 435ms
435ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_2_floors_35&adk=4252383148&adf=3279755401&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1617385160&psa=0&format=970x250&url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&ea=0&flash=0&wgl=1&dt=1617385160683&bpp=2&bdt=53&idt=110&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dbe4596db7a55dd94-22d3041cf5ba00de%3AT%3D1617385158%3ART%3D1617385158%3AS%3DALNI_MYKkSBEnsLZVtwi7km82YnLyg1CMA&correlator=8250955427519&frm=23&ife=1&pv=1&ga_vid=1948603448.1617385158&ga_sid=1617385161&ga_hid=393394414&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=488&biw=1600&bih=1200&isw=970&ish=250&ifk=1296003422&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2303951872584136&loc=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.8iqbjda7ntr9&fsb=1&dtd=118

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0cd895416afe7af3b624948ebb72cd60106d12183ffcf5dd9f9631b1b55eb71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_2_floors_35&adk=4252383148&adf=3279755401&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1617385160&psa=0&format=970x250&url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&ea=0&flash=0&wgl=1&dt=1617385160683&bpp=2&bdt=53&idt=110&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dbe4596db7a55dd94-22d3041cf5ba00de%3AT%3D1617385158%3ART%3D1617385158%3AS%3DALNI_MYKkSBEnsLZVtwi7km82YnLyg1CMA&correlator=8250955427519&frm=23&ife=1&pv=1&ga_vid=1948603448.1617385158&ga_sid=1617385161&ga_hid=393394414&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=488&biw=1600&bih=1200&isw=970&ish=250&ifk=1296003422&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2303951872584136&loc=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.8iqbjda7ntr9&fsb=1&dtd=118
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://koton-magazadzhylyk.tam.by/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUn9Xsc30WvRCmDG5oVWwTh2wSgQCL2kxO99khpdmtI-hm-W6ERPoP2rgSDi
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://koton-magazadzhylyk.tam.by/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 02 Apr 2021 17:39:21 GMT
server: cafe
content-length: 24425
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 728C 73 KB
28 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

234e58e81d77759daf07d771662c4e4b7711301f3a867a8bbf78651dfc13c2f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617218226621639"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28276
x-xss-protection: 0
expires: Fri, 02 Apr 2021 17:39:20 GMT

GET
H3-Q050 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame E1E8 133 KB
47 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83c54916208ba4fec97b8c109dc1d26f5e2231ced12bee8032864c219b7d14e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47703
x-xss-protection: 0
server: cafe
etag: 6346030555081020592
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 02 Apr 2021 17:39:20 GMT

GET
H2 204 event
ads.adfox.ru/312020/ 0
14 B 87ms
87ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/312020/event?hash=818fc54f4b35512e&pm=bmo&pxo=xwbu5oOu_gsmSVPeppnbqESwBsx5cpQLbLN9zmJd9Nm4kckts04HOEXmX8HpwO_Aceq1Is-O9jCL0CGGbPwABVqguZM1RkhDBFOGMMtmQGhePo0s196npmMkK86asCNGFqQ7VgX6w222d4tneNtV2-eXLoKHq5bGJVpGvlvsowbzUdkhW0w%3D&p5=hwryv&rand=jwqjzua&sj=3z_ttnCT3AvHlRhH9KvpX40OE3StiCLCbXgabpv1Sa7o7NMztIC_OO-nOVpnag%3D%3D&ad-session-id=5757701617385158233&lts=fgdijpo&ytt=553054349297685&ybv=0.14318&ylv=0.14318&dl=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&pr=fezzvtj&p1=cjsiy&rqs=xuJqASf_QjnIVmdgyCU2JWYfgpGWB_rW&rtb-si=b&p2=gmyv

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 02 Apr 2021 17:39:20 GMT
x-content-type-options: nosniff
timing-allow-origin: *

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7B04 0
23 B 40ms
40ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210331&jk=2257477843771454&bg=!AgGlAUXNAAY56aLOOek7ACkAdvg8WlOxR4NpniXDXRSR1uFs0JrS_nY4sBLKKjmeS8UkxNRgpYeP_wIAAACvUgAAACJoAQcKAMxGAwO5NjMNDamtw4dwHN66YL8vIgkLLQ9kEfhTwr2GqRxWIpbPx-BB1Vb18T_zb2E9fjNmw2Rcv-JkLnttnWggkZLZz1aWYcGX6N0oNixcZISoh5KHmdCVc2Um3i76RipsBDcwG-BeEBOO1eHNFf3ubIAW1cLy0J_oSB4mn6EMbIwFbTlin-6zqba_Xq-SdEVGVRGYfTI-rz33dgioPjgN-yQl5E_Dq2fraOa6pDa1548Eazrny1oN_c8ZE1rwBcpFZqdug3qVhm3YDiWZAfvsyvH72rdoPd7nwx09ze_N9tWjfA9uUQ1DxuOM4dSgmu_U2eCtVTAU9a1l1zxTH1ty2B5EzEfmd1fEZzajH84Gl0QsrDSq_npajC1boDomwadbfIquPraJoTSutwWola351DSuuCpaqbAoPkH2Joskj1pCu_56lL5aHqixwVoFW66WnIbSTUuuMhEt6bKryrnIK_rtyBfuGSsK-IKlDsDJiHBDYIb2IUX5oALcGmQ0cng7svGHtceBCa5q9Fk6pkloenY5f4etvQfXq5EdIozNEo5Cky9R8XV34lKLuyuDDtu9F4DpQ4epGj3To1LtZ2xq0fbtbJemVujU7T9L2clqY0yJTeFzI5Cb7csFyQXDCAklcjAnlZaj7lOYXErAD_i1RFjtfcH59_k5Y63P8MqoQoWOBfOQtGwDwx-PStR7MMNWm_cQKoaMQEUXLra6noCbTacfx-Qb8FbDjW8dAZmNPuT_hKHRX3dcXoUxzLLoPpDmxfBUrIwatUzEr5Hhh9ExnFeXNYULFHbDBhmVfH3Rw9K5sqXaJRHHF5AQjNDGsf3sikw6YndBniC2dwdCsXA15rLgVtSD95nbepd8pwwGWYtcE1UEJpPKR_pG1ZPBtVTfJnABoeI-KHg54wGjzq1Alf-6k6PmNtp2Yx25nTtWhdF5D0JMMUzo10w

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210331/r20190131/ Frame 1749 225 KB
84 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210331/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8241049497608997&plah=koton-magazadzhylyk.tam.by&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ee65ec4e6687e75cf0082dffb5a452a42d4353263efe439959072d89b7f437b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86022
x-xss-protection: 0
server: cafe
etag: 6413673484793450264
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 02 Apr 2021 17:39:20 GMT

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/1.25.0/619621/AHIwugcVEATnKCeI/ Frame 157C 0
145 B 58ms
57ms XHR
text/plain 18.203.213.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/1.25.0/619621/AHIwugcVEATnKCeI/postback?sr=4&si=472641958&ai=216536&c1=4562306&dt=6196211556140246740000&pd=avt&r1=2a01%3A4f8%3A192%3A%3A&ci=619621&di=https%3A%2F%2Fkoton-magazadzhylyk.tam.by&pp=pub-8241049497608997&r3=&de=43003&ac=651871&ti=7289669487851265613&pv=1ff27708-dd70-446f-a990-98fe81b508e1&dm=300x250&cr=6622326&r2=&ui=1f2dbbd2-e89c-a81b-0000-000000000000&ap=&sid=AHIwugcVEATnKCeI&oz_sc=d58a9c4111e9e901a1d8996f&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/1.25.0/main.js?o=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.213.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-213-28.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 02 Apr 2021 17:39:20 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210331/r20190131/ Frame E1E8 225 KB
84 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210331/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8241049497608997&plah=koton-magazadzhylyk.tam.by&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ee65ec4e6687e75cf0082dffb5a452a42d4353263efe439959072d89b7f437b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86022
x-xss-protection: 0
server: cafe
etag: 6413673484793450264
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 02 Apr 2021 17:39:20 GMT

GET
H3-Q050 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 1749 12 B
59 B 85ms
84ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame 1749 107 B
123 B 15ms
15ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=koton-magazadzhylyk.tam.by

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Apr 2021 17:39:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 1749 107 B
123 B 16ms
16ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=koton-magazadzhylyk.tam.by

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Apr 2021 17:39:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 34A0 74 KB
24 KB 477ms
476ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_2_floors_11&adk=2366530133&adf=3279755400&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1617385160&psa=0&format=970x250&url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&ea=0&flash=0&wgl=1&dt=1617385160852&bpp=2&bdt=80&idt=58&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dbe4596db7a55dd94-22d3041cf5ba00de%3AT%3D1617385158%3ART%3D1617385158%3AS%3DALNI_MYKkSBEnsLZVtwi7km82YnLyg1CMA&correlator=8250955427519&frm=23&ife=1&pv=1&ga_vid=1948603448.1617385158&ga_sid=1617385161&ga_hid=506795244&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=2953&biw=1600&bih=1200&isw=970&ish=250&ifk=1296003422&scr_x=0&scr_y=0&eid=44735932%2C44740079%2C44739387&oid=3&pvsid=1555053346710673&loc=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.kqq8km99w2kk&btvi=1&fsb=1&dtd=68

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c40cb92c04ec1bb4623745b05736f9557a733c012017710f1a0367439791ac2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_2_floors_11&adk=2366530133&adf=3279755400&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1617385160&psa=0&format=970x250&url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&ea=0&flash=0&wgl=1&dt=1617385160852&bpp=2&bdt=80&idt=58&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dbe4596db7a55dd94-22d3041cf5ba00de%3AT%3D1617385158%3ART%3D1617385158%3AS%3DALNI_MYKkSBEnsLZVtwi7km82YnLyg1CMA&correlator=8250955427519&frm=23&ife=1&pv=1&ga_vid=1948603448.1617385158&ga_sid=1617385161&ga_hid=506795244&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=2953&biw=1600&bih=1200&isw=970&ish=250&ifk=1296003422&scr_x=0&scr_y=0&eid=44735932%2C44740079%2C44739387&oid=3&pvsid=1555053346710673&loc=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.kqq8km99w2kk&btvi=1&fsb=1&dtd=68
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://koton-magazadzhylyk.tam.by/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUn9Xsc30WvRCmDG5oVWwTh2wSgQCL2kxO99khpdmtI-hm-W6ERPoP2rgSDi
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://koton-magazadzhylyk.tam.by/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 02 Apr 2021 17:39:21 GMT
server: cafe
content-length: 24623
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1749 73 KB
28 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

234e58e81d77759daf07d771662c4e4b7711301f3a867a8bbf78651dfc13c2f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617218226621639"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28276
x-xss-protection: 0
expires: Fri, 02 Apr 2021 17:39:20 GMT

GET
H3-Q050 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame E1E8 12 B
55 B 86ms
85ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame E1E8 107 B
123 B 15ms
15ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=koton-magazadzhylyk.tam.by

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Apr 2021 17:39:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame E1E8 107 B
123 B 15ms
15ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=koton-magazadzhylyk.tam.by

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Apr 2021 17:39:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9456 96 KB
26 KB 442ms
441ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=90&slotname=tut.by_publishers_728x90_1_floors_19&adk=3083819103&adf=3279755403&pi=t.ma~as.tut.by_publishers_7_&w=728&lmt=1617385160&psa=0&format=728x90&url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&ea=0&flash=0&wgl=1&dt=1617385160871&bpp=1&bdt=51&idt=64&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dbe4596db7a55dd94-22d3041cf5ba00de%3AT%3D1617385158%3ART%3D1617385158%3AS%3DALNI_MYKkSBEnsLZVtwi7km82YnLyg1CMA&correlator=8250955427519&frm=23&ife=1&pv=1&ga_vid=1948603448.1617385158&ga_sid=1617385161&ga_hid=161905389&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=276&ady=758&biw=1600&bih=1200&isw=728&ish=90&ifk=173005118&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2893525220256726&loc=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.38r73fjs5fey&fsb=1&dtd=73

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d93566b8130c22bae0ed57539a9236e203d87538d02f5b66b3c173f7dffb3ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8241049497608997&output=html&h=90&slotname=tut.by_publishers_728x90_1_floors_19&adk=3083819103&adf=3279755403&pi=t.ma~as.tut.by_publishers_7_&w=728&lmt=1617385160&psa=0&format=728x90&url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&ea=0&flash=0&wgl=1&dt=1617385160871&bpp=1&bdt=51&idt=64&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dbe4596db7a55dd94-22d3041cf5ba00de%3AT%3D1617385158%3ART%3D1617385158%3AS%3DALNI_MYKkSBEnsLZVtwi7km82YnLyg1CMA&correlator=8250955427519&frm=23&ife=1&pv=1&ga_vid=1948603448.1617385158&ga_sid=1617385161&ga_hid=161905389&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=276&ady=758&biw=1600&bih=1200&isw=728&ish=90&ifk=173005118&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2893525220256726&loc=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.38r73fjs5fey&fsb=1&dtd=73
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://koton-magazadzhylyk.tam.by/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUn9Xsc30WvRCmDG5oVWwTh2wSgQCL2kxO99khpdmtI-hm-W6ERPoP2rgSDi
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://koton-magazadzhylyk.tam.by/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 02 Apr 2021 17:39:21 GMT
server: cafe
content-length: 26278
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame E1E8 73 KB
28 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

234e58e81d77759daf07d771662c4e4b7711301f3a867a8bbf78651dfc13c2f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617218226621639"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28276
x-xss-protection: 0
expires: Fri, 02 Apr 2021 17:39:20 GMT

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/1.25.0/619621/AHIwugcVEATnKCeI/ Frame 157C 0
145 B 58ms
58ms XHR
text/plain 18.203.213.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/1.25.0/619621/AHIwugcVEATnKCeI/postback?sr=4&si=472641958&ai=216536&c1=4562306&dt=6196211556140246740000&pd=avt&r1=2a01%3A4f8%3A192%3A%3A&ci=619621&di=https%3A%2F%2Fkoton-magazadzhylyk.tam.by&pp=pub-8241049497608997&r3=&de=43003&ac=651871&ti=7289669487851265613&pv=1ff27708-dd70-446f-a990-98fe81b508e1&dm=300x250&cr=6622326&r2=&ui=1f2dbbd2-e89c-a81b-0000-000000000000&ap=&sid=AHIwugcVEATnKCeI&oz_sc=d58a9c4111e9e901a1d8996f&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/1.25.0/main.js?o=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.213.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-213-28.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 02 Apr 2021 17:39:20 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/1.25.0/619621/AHIwugcVEATnKCeI/ Frame 157C 0
145 B 75ms
75ms XHR
text/plain 18.203.213.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/1.25.0/619621/AHIwugcVEATnKCeI/postback?sr=4&si=472641958&ai=216536&c1=4562306&dt=6196211556140246740000&pd=avt&r1=2a01%3A4f8%3A192%3A%3A&ci=619621&di=https%3A%2F%2Fkoton-magazadzhylyk.tam.by&pp=pub-8241049497608997&r3=&de=43003&ac=651871&ti=7289669487851265613&pv=1ff27708-dd70-446f-a990-98fe81b508e1&dm=300x250&cr=6622326&r2=&ui=1f2dbbd2-e89c-a81b-0000-000000000000&ap=&sid=AHIwugcVEATnKCeI&oz_sc=d58a9c4111e9e901a1d8996f&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/1.25.0/main.js?o=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.213.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-213-28.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 02 Apr 2021 17:39:20 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 css
fonts.googleapis.com/ Frame E98F 6 KB
765 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_2_floors_35&adk=4252383148&adf=3279755401&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1617385160&psa=0&format=970x250&url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&ea=0&flash=0&wgl=1&dt=1617385160683&bpp=2&bdt=53&idt=110&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dbe4596db7a55dd94-22d3041cf5ba00de%3AT%3D1617385158%3ART%3D1617385158%3AS%3DALNI_MYKkSBEnsLZVtwi7km82YnLyg1CMA&correlator=8250955427519&frm=23&ife=1&pv=1&ga_vid=1948603448.1617385158&ga_sid=1617385161&ga_hid=393394414&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=488&biw=1600&bih=1200&isw=970&ish=250&ifk=1296003422&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2303951872584136&loc=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.8iqbjda7ntr9&fsb=1&dtd=118

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e47a27d91c2487289d6607ee10d7cb7b31944a5ed3ff5ffc86ec8526e9374af0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 02 Apr 2021 17:22:46 GMT
server: ESF
date: Fri, 02 Apr 2021 17:39:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 02 Apr 2021 17:39:21 GMT

GET
H3-Q050 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/ Frame E98F 1 KB
913 B 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_2_floors_35&adk=4252383148&adf=3279755401&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1617385160&psa=0&format=970x250&url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&ea=0&flash=0&wgl=1&dt=1617385160683&bpp=2&bdt=53&idt=110&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dbe4596db7a55dd94-22d3041cf5ba00de%3AT%3D1617385158%3ART%3D1617385158%3AS%3DALNI_MYKkSBEnsLZVtwi7km82YnLyg1CMA&correlator=8250955427519&frm=23&ife=1&pv=1&ga_vid=1948603448.1617385158&ga_sid=1617385161&ga_hid=393394414&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=488&biw=1600&bih=1200&isw=970&ish=250&ifk=1296003422&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2303951872584136&loc=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.8iqbjda7ntr9&fsb=1&dtd=118

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Apr 2021 17:39:01 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/ Frame E98F 17 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_2_floors_35&adk=4252383148&adf=3279755401&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1617385160&psa=0&format=970x250&url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&ea=0&flash=0&wgl=1&dt=1617385160683&bpp=2&bdt=53&idt=110&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dbe4596db7a55dd94-22d3041cf5ba00de%3AT%3D1617385158%3ART%3D1617385158%3AS%3DALNI_MYKkSBEnsLZVtwi7km82YnLyg1CMA&correlator=8250955427519&frm=23&ife=1&pv=1&ga_vid=1948603448.1617385158&ga_sid=1617385161&ga_hid=393394414&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=488&biw=1600&bih=1200&isw=970&ish=250&ifk=1296003422&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2303951872584136&loc=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.8iqbjda7ntr9&fsb=1&dtd=118

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4e10c54a966ed5abeeac2aca4cfa968f317497770f59ec94af6d712db96e7d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:34:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7115
x-xss-protection: 0
server: cafe
etag: 8094203328658613728
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Apr 2021 17:34:16 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/ Frame E98F 2 KB
1 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_2_floors_35&adk=4252383148&adf=3279755401&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1617385160&psa=0&format=970x250&url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&ea=0&flash=0&wgl=1&dt=1617385160683&bpp=2&bdt=53&idt=110&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dbe4596db7a55dd94-22d3041cf5ba00de%3AT%3D1617385158%3ART%3D1617385158%3AS%3DALNI_MYKkSBEnsLZVtwi7km82YnLyg1CMA&correlator=8250955427519&frm=23&ife=1&pv=1&ga_vid=1948603448.1617385158&ga_sid=1617385161&ga_hid=393394414&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=488&biw=1600&bih=1200&isw=970&ish=250&ifk=1296003422&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2303951872584136&loc=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.8iqbjda7ntr9&fsb=1&dtd=118

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Apr 2021 17:39:11 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E98F 118 KB
36 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_2_floors_35&adk=4252383148&adf=3279755401&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1617385160&psa=0&format=970x250&url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&ea=0&flash=0&wgl=1&dt=1617385160683&bpp=2&bdt=53&idt=110&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dbe4596db7a55dd94-22d3041cf5ba00de%3AT%3D1617385158%3ART%3D1617385158%3AS%3DALNI_MYKkSBEnsLZVtwi7km82YnLyg1CMA&correlator=8250955427519&frm=23&ife=1&pv=1&ga_vid=1948603448.1617385158&ga_sid=1617385161&ga_hid=393394414&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=488&biw=1600&bih=1200&isw=970&ish=250&ifk=1296003422&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2303951872584136&loc=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.8iqbjda7ntr9&fsb=1&dtd=118

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8727cf8bd32a94a8d93d7c75469184dada14c6cadf02178c17db5ee06f832b0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617218245166195"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36656
x-xss-protection: 0
expires: Fri, 02 Apr 2021 17:39:21 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/ Frame E98F 13 KB
5 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_2_floors_35&adk=4252383148&adf=3279755401&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1617385160&psa=0&format=970x250&url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&ea=0&flash=0&wgl=1&dt=1617385160683&bpp=2&bdt=53&idt=110&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dbe4596db7a55dd94-22d3041cf5ba00de%3AT%3D1617385158%3ART%3D1617385158%3AS%3DALNI_MYKkSBEnsLZVtwi7km82YnLyg1CMA&correlator=8250955427519&frm=23&ife=1&pv=1&ga_vid=1948603448.1617385158&ga_sid=1617385161&ga_hid=393394414&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=488&biw=1600&bih=1200&isw=970&ish=250&ifk=1296003422&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2303951872584136&loc=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.8iqbjda7ntr9&fsb=1&dtd=118

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:38:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5599
x-xss-protection: 0
server: cafe
etag: 2241650964481140939
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Apr 2021 17:38:07 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame E98F 0
0 15ms
14ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ-7kOrTiXEq_XqS0hCaCCYsk_eLsGctxi0WX1KOZO0NLDjkJJZ7tDmWjcHsmp4Eg2usQqaFz7F2PplBJdyjm81GkW7Fw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_2_floors_35&adk=4252383148&adf=3279755401&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1617385160&psa=0&format=970x250&url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&ea=0&flash=0&wgl=1&dt=1617385160683&bpp=2&bdt=53&idt=110&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dbe4596db7a55dd94-22d3041cf5ba00de%3AT%3D1617385158%3ART%3D1617385158%3AS%3DALNI_MYKkSBEnsLZVtwi7km82YnLyg1CMA&correlator=8250955427519&frm=23&ife=1&pv=1&ga_vid=1948603448.1617385158&ga_sid=1617385161&ga_hid=393394414&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=488&biw=1600&bih=1200&isw=970&ish=250&ifk=1296003422&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2303951872584136&loc=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.8iqbjda7ntr9&fsb=1&dtd=118
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 0d74ed574692e0488c8a49b73918ea59.js Show response
www.gstatic.com/mysidia/ Frame E98F 25 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0d74ed574692e0488c8a49b73918ea59.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_2_floors_35&adk=4252383148&adf=3279755401&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1617385160&psa=0&format=970x250&url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&ea=0&flash=0&wgl=1&dt=1617385160683&bpp=2&bdt=53&idt=110&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dbe4596db7a55dd94-22d3041cf5ba00de%3AT%3D1617385158%3ART%3D1617385158%3AS%3DALNI_MYKkSBEnsLZVtwi7km82YnLyg1CMA&correlator=8250955427519&frm=23&ife=1&pv=1&ga_vid=1948603448.1617385158&ga_sid=1617385161&ga_hid=393394414&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=488&biw=1600&bih=1200&isw=970&ish=250&ifk=1296003422&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2303951872584136&loc=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.8iqbjda7ntr9&fsb=1&dtd=118

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11909c0ebcd1e1258ecf3c2ef83688b057b08e5d92a9c715f4fe44c13f20f7b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 07:57:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Mar 2021 05:14:52 GMT
server: sffe
age: 121317
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10398
x-xss-protection: 0
expires: Wed, 30 Jun 2021 07:57:24 GMT

GET
H3-Q050 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 86C2 1 KB
754 B 8ms
6ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_2_floors_35&adk=4252383148&adf=3279755401&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1617385160&psa=0&format=970x250&url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&ea=0&flash=0&wgl=1&dt=1617385160683&bpp=2&bdt=53&idt=110&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dbe4596db7a55dd94-22d3041cf5ba00de%3AT%3D1617385158%3ART%3D1617385158%3AS%3DALNI_MYKkSBEnsLZVtwi7km82YnLyg1CMA&correlator=8250955427519&frm=23&ife=1&pv=1&ga_vid=1948603448.1617385158&ga_sid=1617385161&ga_hid=393394414&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=488&biw=1600&bih=1200&isw=970&ish=250&ifk=1296003422&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2303951872584136&loc=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.8iqbjda7ntr9&fsb=1&dtd=118

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 02 Apr 2021 16:59:40 GMT
expires: Sat, 03 Apr 2021 16:59:40 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 2381
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/14019643379134103828/ Frame E98F 24 KB
24 KB 9ms
6ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14019643379134103828/downsize_200k_v1?w=600&h=314

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_2_floors_35&adk=4252383148&adf=3279755401&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1617385160&psa=0&format=970x250&url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&ea=0&flash=0&wgl=1&dt=1617385160683&bpp=2&bdt=53&idt=110&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dbe4596db7a55dd94-22d3041cf5ba00de%3AT%3D1617385158%3ART%3D1617385158%3AS%3DALNI_MYKkSBEnsLZVtwi7km82YnLyg1CMA&correlator=8250955427519&frm=23&ife=1&pv=1&ga_vid=1948603448.1617385158&ga_sid=1617385161&ga_hid=393394414&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=488&biw=1600&bih=1200&isw=970&ish=250&ifk=1296003422&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2303951872584136&loc=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.8iqbjda7ntr9&fsb=1&dtd=118

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98b082093121a48510229e46fc64083e8fa9320acd73a971a19d987d34ca7520

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 10:04:23 GMT
x-content-type-options: nosniff
age: 200098
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24376
x-xss-protection: 0
last-modified: Tue, 12 May 2020 10:48:04 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Mar 2022 10:04:23 GMT

GET
DATA 200
OK truncated
/ Frame E98F 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E98F 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b49d452e947e947e787fa69d00b575e7a9ed35e20a27f6d9657b315614aff446

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame E98F 15 KB
16 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 15:37:32 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:00 GMT
server: sffe
age: 266509
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15816
x-xss-protection: 0
expires: Wed, 30 Mar 2022 15:37:32 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame E98F 15 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29f6da0a8c21c5681511bb9b08663d3fd2c5d09c9bd8054ec354c563b8c8b7c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 10:03:37 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:55 GMT
server: sffe
age: 27344
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15784
x-xss-protection: 0
expires: Sat, 02 Apr 2022 10:03:37 GMT

GET
H2 204 event
ads.adfox.ru/312020/ 0
37 B 74ms
74ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/312020/event?hash=b7a83ccbcd6d6e3f&pm=bmu&pxo=HsYtf160w1Xb-WdoeG5qIFHVxm4MkWylO1Wvtn6AR6Z7m1U6WNwu9CF-Rd97vkz-WD9iVbL-VglbkV5X6MraUX9fgYXNYTqLwZwLXgHDrLvOP74eVK0ceVxJrvFgyRux_OYXPzg6u8UM9hogy7lQjMkJYjqHlEZUDOvWFddvwlDD-EeELHY%3D&p5=gxcpc&rand=ithxacm&sj=aFmI0GYYtaTxm0g4fYKuJxh43fPnh6DfePRC0ulMJOgOIB0qjz6WnF0axEoeiw%3D%3D&ad-session-id=5757701617385158233&lts=fgdijpo&ytt=553054349297685&ybv=0.14318&ylv=0.14318&dl=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&rtb-si=b&p2=gmyw&puid17=1914&pr=fezzvtj&p1=cjsja&rqs=xuJqASf_QjnIVmdgvQdkQpkftkVFpLgc&resp-time=714

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 02 Apr 2021 17:39:21 GMT
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 86C2
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEP2ymleGpuqHlaml7wrsAo8&google_cver=1&google_push=AQvitUKhmjobC73WJ5ibE0c_rgaxJuTakFesDnSk3xxnyqI-8R-6fvqnZTGcDZISlCTLIUUqDBPf9Ro5Wy5MEHzJ-q7RcOna1w
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzY0ODIzODE5NjM0NzI2MjIxMw==
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEP2ymleGpuqHlaml7wrsAo8&google_cver=1

43 B
407 B

37ms
36ms

Image
image/gif

46.228.164.11
TURN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEP2ymleGpuqHlaml7wrsAo8&google_cver=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.228.164.11 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:21 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEP2ymleGpuqHlaml7wrsAo8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 86C2 35 B
463 B 10ms
8ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMfl16C9DY0D9RLpxG2j5us&google_cver=1&google_push=AQvitUJZB1LNtUbFy1vHLy39mVmTMNhqWMgUkaQ4bZIabgpKxEgrygzxLyCqpqg-PpuR-ZEIIAIU3HHYL_wIlU-LTdVpww2mtcc

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_2_floors_35&adk=4252383148&adf=3279755401&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1617385160&psa=0&format=970x250&url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&ea=0&flash=0&wgl=1&dt=1617385160683&bpp=2&bdt=53&idt=110&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dbe4596db7a55dd94-22d3041cf5ba00de%3AT%3D1617385158%3ART%3D1617385158%3AS%3DALNI_MYKkSBEnsLZVtwi7km82YnLyg1CMA&correlator=8250955427519&frm=23&ife=1&pv=1&ga_vid=1948603448.1617385158&ga_sid=1617385161&ga_hid=393394414&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=488&biw=1600&bih=1200&isw=970&ish=250&ifk=1296003422&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2303951872584136&loc=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.8iqbjda7ntr9&fsb=1&dtd=118

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:21 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 86C2
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEF0z8tmob0Wb39tPOnuJcfM&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEF0z8tmob0Wb39tPOnuJcfM&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Nmt6dk5SUzcxTHNuTHI1&google_gid=CAESEF0z8tmob0Wb39tPOnuJcfM&google_cver=1&google_push=AQvitUKE_uJem6jKW5H7YkRialzzhKT5jwP0cIiXzybFT8J...

170 B
190 B

53ms
53ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Nmt6dk5SUzcxTHNuTHI1&google_gid=CAESEF0z8tmob0Wb39tPOnuJcfM&google_cver=1&google_push=AQvitUKE_uJem6jKW5H7YkRialzzhKT5jwP0cIiXzybFT8J8HVEm29-VnmAWSCfduUhFRSzAyJFjzcR8w3MtYUzhWw6It-Jjs80

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 02 Apr 2021 17:39:20 GMT
Server: PingMatch/v2.0.30-632-ga311aad#rel-ec2-master i-0bdbeb4516d61c7d8@eu-central-1a@dxedge-app-eu-central-1-prod-asg
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Nmt6dk5SUzcxTHNuTHI1&google_gid=CAESEF0z8tmob0Wb39tPOnuJcfM&google_cver=1&google_push=AQvitUKE_uJem6jKW5H7YkRialzzhKT5jwP0cIiXzybFT8J8HVEm29-VnmAWSCfduUhFRSzAyJFjzcR8w3MtYUzhWw6It-Jjs80
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 86C2 0
114 B 53ms
52ms Image
text/plain 34.96.105.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEM1DYg4DmgzZAi_NurFXlCI&google_cver=1&google_push=AQvitULxA3a00M8NzPjTLZ5JbDLZzhM1EEtOz7sRzojSreNMmG5QZHYOZjVMPLSOikHuulLkxTjvsOPDVha0Kdb2MEvcdK44cB0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_2_floors_35&adk=4252383148&adf=3279755401&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1617385160&psa=0&format=970x250&url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&ea=0&flash=0&wgl=1&dt=1617385160683&bpp=2&bdt=53&idt=110&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dbe4596db7a55dd94-22d3041cf5ba00de%3AT%3D1617385158%3ART%3D1617385158%3AS%3DALNI_MYKkSBEnsLZVtwi7km82YnLyg1CMA&correlator=8250955427519&frm=23&ife=1&pv=1&ga_vid=1948603448.1617385158&ga_sid=1617385161&ga_hid=393394414&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=488&biw=1600&bih=1200&isw=970&ish=250&ifk=1296003422&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2303951872584136&loc=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.8iqbjda7ntr9&fsb=1&dtd=118
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:21 GMT
via: 1.1 google
alt-svc: clear

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 86C2
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEOOgWG82KP-LupQ9CiHPvAY&google_cver=1&google_push=AQvitUIjQ-3sRtD1Yofgo5iLV2XwCXTUiU-o--t8dlqnWTy22F3OYwWaqHq4dx-8i3zmc8OcZTT5Vp3QPamwgKmIgaTXLNDD-Q
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEOOgWG82KP-LupQ9CiHPvAY&google_cver=1&google_push=AQvitUIjQ-3sRtD1Yofgo5iLV2XwCXTUiU-o--t8dlqnWTy22F3OYwWaqHq4dx-8i3zmc8OcZTT5Vp3QPamwgKmIgaTXL...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AQvitUIjQ-3sRtD1Yofgo5iLV2XwCXTUiU-o--t8dlqnWTy22F3OYwWaqHq4dx-8i3zmc8OcZTT5Vp3QPamwgKmIgaTXLNDD-Q

170 B
190 B

47ms
45ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AQvitUIjQ-3sRtD1Yofgo5iLV2XwCXTUiU-o--t8dlqnWTy22F3OYwWaqHq4dx-8i3zmc8OcZTT5Vp3QPamwgKmIgaTXLNDD-Q

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AQvitUIjQ-3sRtD1Yofgo5iLV2XwCXTUiU-o--t8dlqnWTy22F3OYwWaqHq4dx-8i3zmc8OcZTT5Vp3QPamwgKmIgaTXLNDD-Q
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3-Q050 204 attr
cm.g.doubleclick.net/pixel/ Frame 86C2 0
39 B 42ms
40ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jecytu7ZvFIuEDATfUmjRdlyCNeFvjlVEyg5m2zegOQZmlPBZaS7VWaU4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_2_floors_35&adk=4252383148&adf=3279755401&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1617385160&psa=0&format=970x250&url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&ea=0&flash=0&wgl=1&dt=1617385160683&bpp=2&bdt=53&idt=110&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dbe4596db7a55dd94-22d3041cf5ba00de%3AT%3D1617385158%3ART%3D1617385158%3AS%3DALNI_MYKkSBEnsLZVtwi7km82YnLyg1CMA&correlator=8250955427519&frm=23&ife=1&pv=1&ga_vid=1948603448.1617385158&ga_sid=1617385161&ga_hid=393394414&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=488&biw=1600&bih=1200&isw=970&ish=250&ifk=1296003422&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2303951872584136&loc=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.8iqbjda7ntr9&fsb=1&dtd=118

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:21 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 728C 8 KB
6 KB 19ms
19ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210331&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

07fbacea18dfbf072b1c64553339e59d780780a386a189fc4752b8d06f56620b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Apr 2021 17:39:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6542
x-xss-protection: 0

GET
H3-Q050 200 DbMZ0rSwrYdtGIgs0aJlrMhQhsJZwxQeXkiX5VBkOL0.js Show response
pagead2.googlesyndication.com/bg/ Frame 3C60 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DbMZ0rSwrYdtGIgs0aJlrMhQhsJZwxQeXkiX5VBkOL0.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_2_floors_35&adk=4252383148&adf=3279755401&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1617385160&psa=0&format=970x250&url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&ea=0&flash=0&wgl=1&dt=1617385160683&bpp=2&bdt=53&idt=110&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dbe4596db7a55dd94-22d3041cf5ba00de%3AT%3D1617385158%3ART%3D1617385158%3AS%3DALNI_MYKkSBEnsLZVtwi7km82YnLyg1CMA&correlator=8250955427519&frm=23&ife=1&pv=1&ga_vid=1948603448.1617385158&ga_sid=1617385161&ga_hid=393394414&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=488&biw=1600&bih=1200&isw=970&ish=250&ifk=1296003422&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2303951872584136&loc=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.8iqbjda7ntr9&fsb=1&dtd=118

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0db319d2b4b0ad876d18882cd1a265acc85086c259c3141e5e4897e5506438bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 00:38:23 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 61258
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5732
x-xss-protection: 0
expires: Sat, 02 Apr 2022 00:38:23 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 728C 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Fri, 02 Apr 2021 17:39:21 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 9456 2 KB
599 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=90&slotname=tut.by_publishers_728x90_1_floors_19&adk=3083819103&adf=3279755403&pi=t.ma~as.tut.by_publishers_7_&w=728&lmt=1617385160&psa=0&format=728x90&url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&ea=0&flash=0&wgl=1&dt=1617385160871&bpp=1&bdt=51&idt=64&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dbe4596db7a55dd94-22d3041cf5ba00de%3AT%3D1617385158%3ART%3D1617385158%3AS%3DALNI_MYKkSBEnsLZVtwi7km82YnLyg1CMA&correlator=8250955427519&frm=23&ife=1&pv=1&ga_vid=1948603448.1617385158&ga_sid=1617385161&ga_hid=161905389&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=276&ady=758&biw=1600&bih=1200&isw=728&ish=90&ifk=173005118&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2893525220256726&loc=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.38r73fjs5fey&fsb=1&dtd=73

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c6a305cd9f8592bbd50ddd47eb5af53952b97937e9b0c4df40498f7140ff8a49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 02 Apr 2021 17:19:18 GMT
server: ESF
date: Fri, 02 Apr 2021 17:39:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 02 Apr 2021 17:39:21 GMT

GET
BLOB 200
OK a0955d21-d96d-4198-a1d6-e7ccc22ea0d0
https://googleads.g.doubleclick.net/ Frame 6C37 476 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://googleads.g.doubleclick.net/a0955d21-d96d-4198-a1d6-e7ccc22ea0d0
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 573dd332efcaf9ab1ae7f7e72bbbd65aa0c6b9223c4bcead7be3aa25685cba4e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 476
Content-Type: javascript

GET
H3-Q050 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/ Frame 9456 1 KB
918 B 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Apr 2021 17:39:01 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/ Frame 9456 17 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4e10c54a966ed5abeeac2aca4cfa968f317497770f59ec94af6d712db96e7d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:34:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7115
x-xss-protection: 0
server: cafe
etag: 8094203328658613728
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Apr 2021 17:34:16 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/ Frame 9456 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Apr 2021 17:39:11 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9456 118 KB
36 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8727cf8bd32a94a8d93d7c75469184dada14c6cadf02178c17db5ee06f832b0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617218245166195"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36656
x-xss-protection: 0
expires: Fri, 02 Apr 2021 17:39:21 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/ Frame 9456 13 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:38:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5599
x-xss-protection: 0
server: cafe
etag: 2241650964481140939
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Apr 2021 17:38:07 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 9456 0
0 18ms
17ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTIiQIikgLuI58Oiz9vZfLzRi4U9fL1ORfw6bxmXDNNdLxCNtueQgFbEf6TLlleitxFkxr-BYn0hJzK_4KuY2cjger8oQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=90&slotname=tut.by_publishers_728x90_1_floors_19&adk=3083819103&adf=3279755403&pi=t.ma~as.tut.by_publishers_7_&w=728&lmt=1617385160&psa=0&format=728x90&url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&ea=0&flash=0&wgl=1&dt=1617385160871&bpp=1&bdt=51&idt=64&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dbe4596db7a55dd94-22d3041cf5ba00de%3AT%3D1617385158%3ART%3D1617385158%3AS%3DALNI_MYKkSBEnsLZVtwi7km82YnLyg1CMA&correlator=8250955427519&frm=23&ife=1&pv=1&ga_vid=1948603448.1617385158&ga_sid=1617385161&ga_hid=161905389&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=276&ady=758&biw=1600&bih=1200&isw=728&ish=90&ifk=173005118&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2893525220256726&loc=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.38r73fjs5fey&fsb=1&dtd=73
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 0d74ed574692e0488c8a49b73918ea59.js Show response
www.gstatic.com/mysidia/ Frame 9456 25 KB
10 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0d74ed574692e0488c8a49b73918ea59.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11909c0ebcd1e1258ecf3c2ef83688b057b08e5d92a9c715f4fe44c13f20f7b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 07:57:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Mar 2021 05:14:52 GMT
server: sffe
age: 121317
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10398
x-xss-protection: 0
expires: Wed, 30 Jun 2021 07:57:24 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 34A0 3 KB
600 B 23ms
23ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_2_floors_11&adk=2366530133&adf=3279755400&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1617385160&psa=0&format=970x250&url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&ea=0&flash=0&wgl=1&dt=1617385160852&bpp=2&bdt=80&idt=58&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dbe4596db7a55dd94-22d3041cf5ba00de%3AT%3D1617385158%3ART%3D1617385158%3AS%3DALNI_MYKkSBEnsLZVtwi7km82YnLyg1CMA&correlator=8250955427519&frm=23&ife=1&pv=1&ga_vid=1948603448.1617385158&ga_sid=1617385161&ga_hid=506795244&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=2953&biw=1600&bih=1200&isw=970&ish=250&ifk=1296003422&scr_x=0&scr_y=0&eid=44735932%2C44740079%2C44739387&oid=3&pvsid=1555053346710673&loc=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.kqq8km99w2kk&btvi=1&fsb=1&dtd=68

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 02 Apr 2021 17:19:26 GMT
server: ESF
date: Fri, 02 Apr 2021 17:39:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 02 Apr 2021 17:39:21 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 85BD 12 KB
5 KB 10ms
9ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://koton-magazadzhylyk.tam.by/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://koton-magazadzhylyk.tam.by/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Fri, 02 Apr 2021 15:43:08 GMT
expires: Sat, 02 Apr 2022 15:43:08 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 6973
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 9456 28 KB
29 KB 16ms
11ms Image
image/jpeg 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcR7wy2kBvZf03G7t8MLl1YKOw_Usja1RozMVzwgN9uJPvdPAvYUE2UrVj6XtA&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ec1664a3d39d69df0721b464754491bf276c67d6627df9f7fa2929eb7e39667

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 15:13:26 GMT
x-content-type-options: nosniff
last-modified: Sat, 15 Aug 2020 13:01:20 GMT
server: sffe
age: 354355
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29146
x-xss-protection: 0
expires: Tue, 29 Mar 2022 15:13:26 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 9456 33 KB
33 KB 9ms
4ms Image
image/jpeg 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcThE3WcdH9aa1lI2WcJzt7w4MGAFxrwP7uDAP-65ia1NQF0qVD5gA4OUZe_KA&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2cf0ad6055dc13cefb473a3c2175cea1fb9db2d7af8171bd5c0bee4c82b303e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 08:39:40 GMT
x-content-type-options: nosniff
last-modified: Tue, 30 Mar 2021 23:19:26 GMT
server: sffe
age: 205181
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33386
x-xss-protection: 0
expires: Thu, 31 Mar 2022 08:39:40 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 9456 34 KB
34 KB 13ms
4ms Image
image/jpeg 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRTWjvfRpoLdVpOdo_IDwDN6DT5y_hcLceGT8SY5nBXBKJWqFvNUUztTMKSU4I&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f95af666abfd8f69575572df54d034fcca3f383da232bcdff588a640fe7c5f17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 04:27:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 30 Mar 2021 23:19:36 GMT
server: sffe
age: 220304
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34744
x-xss-protection: 0
expires: Thu, 31 Mar 2022 04:27:37 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 9456 16 KB
16 KB 11ms
2ms Image
image/jpeg 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSu1DF_pVPKJTdW-v7zJzF1Os4gXg6R0feuWI37sblp2k6cdJjev3Gc6c15rg&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b6875dfbcf419f01f020cb0f23b3d8a8f1dcce67857d27e5966d809efaa2a02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 13:23:32 GMT
x-content-type-options: nosniff
last-modified: Mon, 27 Jul 2020 22:04:47 GMT
server: sffe
age: 274549
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16136
x-xss-protection: 0
expires: Wed, 30 Mar 2022 13:23:32 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 9456 24 KB
24 KB 21ms
12ms Image
image/jpeg 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRPgJlpWjB7OSO9EwAtwsd4px9FmmX3A9KId3CiPn_sLZs1eHPOnNx85CG8eQ&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

459b64956afafb29082becaeb9492a23cc479dc4406a1740043f255ed60e1b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 18:04:36 GMT
x-content-type-options: nosniff
last-modified: Thu, 14 May 2020 15:31:55 GMT
server: sffe
age: 171285
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24631
x-xss-protection: 0
expires: Thu, 31 Mar 2022 18:04:36 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 9456 17 KB
17 KB 13ms
9ms Image
image/jpeg 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSz0pxwLH2VTsUH3kF1zdT45fxkYjJTlE0zfUvFyk-JA_piMmaTOzFNkrRpQLQ&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f283cf2774a30c30789d74543d0ef90caa51a6bea51b81866356b244647201a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 18:34:29 GMT
x-content-type-options: nosniff
last-modified: Thu, 14 May 2020 15:31:58 GMT
server: sffe
age: 255892
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17683
x-xss-protection: 0
expires: Wed, 30 Mar 2022 18:34:29 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 9456 26 KB
26 KB 13ms
5ms Image
image/jpeg 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTWhiklYCHCCk5dpGiKI8nZAmikfSQWd9yXj6ZJMbdYJZO9YbyKZz3cbzRwqA&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

698078228b3275a937834a386651d862b001e18509cbc27c561c4fee2e0e2d7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 11:43:06 GMT
x-content-type-options: nosniff
last-modified: Fri, 13 Mar 2020 17:02:41 GMT
server: sffe
age: 280575
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26606
x-xss-protection: 0
expires: Wed, 30 Mar 2022 11:43:06 GMT

GET
H3-Q050 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/ Frame 34A0 1 KB
1 KB 23ms
9ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_2_floors_11&adk=2366530133&adf=3279755400&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1617385160&psa=0&format=970x250&url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&ea=0&flash=0&wgl=1&dt=1617385160852&bpp=2&bdt=80&idt=58&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dbe4596db7a55dd94-22d3041cf5ba00de%3AT%3D1617385158%3ART%3D1617385158%3AS%3DALNI_MYKkSBEnsLZVtwi7km82YnLyg1CMA&correlator=8250955427519&frm=23&ife=1&pv=1&ga_vid=1948603448.1617385158&ga_sid=1617385161&ga_hid=506795244&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=2953&biw=1600&bih=1200&isw=970&ish=250&ifk=1296003422&scr_x=0&scr_y=0&eid=44735932%2C44740079%2C44739387&oid=3&pvsid=1555053346710673&loc=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.kqq8km99w2kk&btvi=1&fsb=1&dtd=68

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Apr 2021 17:39:01 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/ Frame 34A0 17 KB
7 KB 13ms
9ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_2_floors_11&adk=2366530133&adf=3279755400&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1617385160&psa=0&format=970x250&url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&ea=0&flash=0&wgl=1&dt=1617385160852&bpp=2&bdt=80&idt=58&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dbe4596db7a55dd94-22d3041cf5ba00de%3AT%3D1617385158%3ART%3D1617385158%3AS%3DALNI_MYKkSBEnsLZVtwi7km82YnLyg1CMA&correlator=8250955427519&frm=23&ife=1&pv=1&ga_vid=1948603448.1617385158&ga_sid=1617385161&ga_hid=506795244&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=2953&biw=1600&bih=1200&isw=970&ish=250&ifk=1296003422&scr_x=0&scr_y=0&eid=44735932%2C44740079%2C44739387&oid=3&pvsid=1555053346710673&loc=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.kqq8km99w2kk&btvi=1&fsb=1&dtd=68

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4e10c54a966ed5abeeac2aca4cfa968f317497770f59ec94af6d712db96e7d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:34:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7115
x-xss-protection: 0
server: cafe
etag: 8094203328658613728
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Apr 2021 17:34:16 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/ Frame 34A0 2 KB
1 KB 13ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_2_floors_11&adk=2366530133&adf=3279755400&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1617385160&psa=0&format=970x250&url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&ea=0&flash=0&wgl=1&dt=1617385160852&bpp=2&bdt=80&idt=58&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dbe4596db7a55dd94-22d3041cf5ba00de%3AT%3D1617385158%3ART%3D1617385158%3AS%3DALNI_MYKkSBEnsLZVtwi7km82YnLyg1CMA&correlator=8250955427519&frm=23&ife=1&pv=1&ga_vid=1948603448.1617385158&ga_sid=1617385161&ga_hid=506795244&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=2953&biw=1600&bih=1200&isw=970&ish=250&ifk=1296003422&scr_x=0&scr_y=0&eid=44735932%2C44740079%2C44739387&oid=3&pvsid=1555053346710673&loc=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.kqq8km99w2kk&btvi=1&fsb=1&dtd=68

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Apr 2021 17:39:11 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 34A0 118 KB
36 KB 16ms
13ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_2_floors_11&adk=2366530133&adf=3279755400&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1617385160&psa=0&format=970x250&url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&ea=0&flash=0&wgl=1&dt=1617385160852&bpp=2&bdt=80&idt=58&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dbe4596db7a55dd94-22d3041cf5ba00de%3AT%3D1617385158%3ART%3D1617385158%3AS%3DALNI_MYKkSBEnsLZVtwi7km82YnLyg1CMA&correlator=8250955427519&frm=23&ife=1&pv=1&ga_vid=1948603448.1617385158&ga_sid=1617385161&ga_hid=506795244&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=2953&biw=1600&bih=1200&isw=970&ish=250&ifk=1296003422&scr_x=0&scr_y=0&eid=44735932%2C44740079%2C44739387&oid=3&pvsid=1555053346710673&loc=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.kqq8km99w2kk&btvi=1&fsb=1&dtd=68

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8727cf8bd32a94a8d93d7c75469184dada14c6cadf02178c17db5ee06f832b0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1617218245166195"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36656
x-xss-protection: 0
expires: Fri, 02 Apr 2021 17:39:21 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/ Frame 34A0 13 KB
5 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210331/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_2_floors_11&adk=2366530133&adf=3279755400&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1617385160&psa=0&format=970x250&url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&ea=0&flash=0&wgl=1&dt=1617385160852&bpp=2&bdt=80&idt=58&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dbe4596db7a55dd94-22d3041cf5ba00de%3AT%3D1617385158%3ART%3D1617385158%3AS%3DALNI_MYKkSBEnsLZVtwi7km82YnLyg1CMA&correlator=8250955427519&frm=23&ife=1&pv=1&ga_vid=1948603448.1617385158&ga_sid=1617385161&ga_hid=506795244&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=2953&biw=1600&bih=1200&isw=970&ish=250&ifk=1296003422&scr_x=0&scr_y=0&eid=44735932%2C44740079%2C44739387&oid=3&pvsid=1555053346710673&loc=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.kqq8km99w2kk&btvi=1&fsb=1&dtd=68

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:38:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5599
x-xss-protection: 0
server: cafe
etag: 2241650964481140939
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Apr 2021 17:38:07 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 34A0 0
0 17ms
14ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaROoQPx8xY2LgU4nFNMtSkz2GjDwUrniWbCnKxTANJd-vxJAmJT3gkUAAdm9W1AqMLsphLEeZPY6pCRyOMnzP7V4AOwog
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_2_floors_11&adk=2366530133&adf=3279755400&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1617385160&psa=0&format=970x250&url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&ea=0&flash=0&wgl=1&dt=1617385160852&bpp=2&bdt=80&idt=58&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dbe4596db7a55dd94-22d3041cf5ba00de%3AT%3D1617385158%3ART%3D1617385158%3AS%3DALNI_MYKkSBEnsLZVtwi7km82YnLyg1CMA&correlator=8250955427519&frm=23&ife=1&pv=1&ga_vid=1948603448.1617385158&ga_sid=1617385161&ga_hid=506795244&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=2953&biw=1600&bih=1200&isw=970&ish=250&ifk=1296003422&scr_x=0&scr_y=0&eid=44735932%2C44740079%2C44739387&oid=3&pvsid=1555053346710673&loc=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.kqq8km99w2kk&btvi=1&fsb=1&dtd=68
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 0d74ed574692e0488c8a49b73918ea59.js Show response
www.gstatic.com/mysidia/ Frame 34A0 25 KB
10 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0d74ed574692e0488c8a49b73918ea59.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_2_floors_11&adk=2366530133&adf=3279755400&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1617385160&psa=0&format=970x250&url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&ea=0&flash=0&wgl=1&dt=1617385160852&bpp=2&bdt=80&idt=58&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dbe4596db7a55dd94-22d3041cf5ba00de%3AT%3D1617385158%3ART%3D1617385158%3AS%3DALNI_MYKkSBEnsLZVtwi7km82YnLyg1CMA&correlator=8250955427519&frm=23&ife=1&pv=1&ga_vid=1948603448.1617385158&ga_sid=1617385161&ga_hid=506795244&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=2953&biw=1600&bih=1200&isw=970&ish=250&ifk=1296003422&scr_x=0&scr_y=0&eid=44735932%2C44740079%2C44739387&oid=3&pvsid=1555053346710673&loc=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.kqq8km99w2kk&btvi=1&fsb=1&dtd=68

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11909c0ebcd1e1258ecf3c2ef83688b057b08e5d92a9c715f4fe44c13f20f7b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Apr 2021 07:57:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Mar 2021 05:14:52 GMT
server: sffe
age: 121317
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10398
x-xss-protection: 0
expires: Wed, 30 Jun 2021 07:57:24 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/14350279087312724244/ Frame 34A0 18 KB
18 KB 11ms
9ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14350279087312724244/downsize_200k_v1?w=600&h=314

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_2_floors_11&adk=2366530133&adf=3279755400&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1617385160&psa=0&format=970x250&url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&ea=0&flash=0&wgl=1&dt=1617385160852&bpp=2&bdt=80&idt=58&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dbe4596db7a55dd94-22d3041cf5ba00de%3AT%3D1617385158%3ART%3D1617385158%3AS%3DALNI_MYKkSBEnsLZVtwi7km82YnLyg1CMA&correlator=8250955427519&frm=23&ife=1&pv=1&ga_vid=1948603448.1617385158&ga_sid=1617385161&ga_hid=506795244&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=2953&biw=1600&bih=1200&isw=970&ish=250&ifk=1296003422&scr_x=0&scr_y=0&eid=44735932%2C44740079%2C44739387&oid=3&pvsid=1555053346710673&loc=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.kqq8km99w2kk&btvi=1&fsb=1&dtd=68

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b8469e48c96e767282d1c0dae810623890a1dd1ee471ca30c63a922dd76a275

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 10:03:42 GMT
x-content-type-options: nosniff
age: 27339
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18108
x-xss-protection: 0
last-modified: Thu, 14 Jan 2021 14:36:00 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Apr 2022 10:03:42 GMT

GET
DATA 200
OK truncated
/ Frame 34A0 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 665E 1 KB
750 B 6ms
6ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 02 Apr 2021 16:59:40 GMT
expires: Sat, 03 Apr 2021 16:59:40 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 2381
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 9456 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4552cb0a3302723047ceac6bafda74ee39fb3851b095e3fcf326b9a0036f249

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 event
ads.adfox.ru/312020/ 0
14 B 93ms
90ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/312020/event?hash=847c61b8fc3a7084&pm=bmu&pxo=xwbu5oOu_gsmSVPeppnbqESwBsx5cpQLbLN9zmJd9Nm4kckts04HOEXmX8HpwO_Aceq1Is-O9jCL0CGGbPwABVqguZM1RkhDBFOGMMtmQGhePo0s196npmMkK86asCNGFqQ7VgX6w222d4tneNtV2-eXLoKHq5bGJVpGvlvsowbzUdkhW0w%3D&p5=hwryv&rand=imyhrio&sj=3z_ttnCT3AvHlRhH9KvpX40OE3StiCLCbXgabpv1Sa7o7NMztIC_OO-nOVpnag%3D%3D&ad-session-id=5757701617385158233&lts=fgdijpo&ytt=553054349297685&ybv=0.14318&ylv=0.14318&dl=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&pr=fezzvtj&p1=cjsiy&rqs=xuJqASf_QjnIVmdgyCU2JWYfgpGWB_rW&rtb-si=b&p2=gmyv&resp-time=859

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 02 Apr 2021 17:39:21 GMT
x-content-type-options: nosniff
timing-allow-origin: *

GET
H3-Q050 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5983 1 KB
750 B 9ms
9ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_2_floors_11&adk=2366530133&adf=3279755400&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1617385160&psa=0&format=970x250&url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&ea=0&flash=0&wgl=1&dt=1617385160852&bpp=2&bdt=80&idt=58&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dbe4596db7a55dd94-22d3041cf5ba00de%3AT%3D1617385158%3ART%3D1617385158%3AS%3DALNI_MYKkSBEnsLZVtwi7km82YnLyg1CMA&correlator=8250955427519&frm=23&ife=1&pv=1&ga_vid=1948603448.1617385158&ga_sid=1617385161&ga_hid=506795244&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=2953&biw=1600&bih=1200&isw=970&ish=250&ifk=1296003422&scr_x=0&scr_y=0&eid=44735932%2C44740079%2C44739387&oid=3&pvsid=1555053346710673&loc=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.kqq8km99w2kk&btvi=1&fsb=1&dtd=68

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 02 Apr 2021 16:59:40 GMT
expires: Sat, 03 Apr 2021 16:59:40 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 2381
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v14/ Frame 9456 20 KB
20 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v14/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 10:03:37 GMT
x-content-type-options: nosniff
last-modified: Wed, 04 Dec 2019 18:44:32 GMT
server: sffe
age: 27344
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20900
x-xss-protection: 0
expires: Sat, 02 Apr 2022 10:03:37 GMT

GET
H2 200 bundle.js Show response
yastatic.net/q/set/s/rsya-tag-users/ Frame B936 105 KB
35 KB 33ms
32ms Script
application/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Requested by

Host: koton-magazadzhylyk.tam.by
URL: https://koton-magazadzhylyk.tam.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://yastatic.net/safeframe-bundles/0.80/1-1-0/render.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:21 GMT
content-encoding: gzip
last-modified: Tue, 30 Mar 2021 17:05:54 GMT
server: nginx/1.17.9
etag: W/"82bdc8db563d3e71c35534315f8a9fd5"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Mon, 05 Apr 2021 05:38:05 GMT
cache-control: public, max-age=31556952
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
x-nginx-request-id: 32fe7e4246a09afc

GET
DATA 200
OK truncated
/ Frame 34A0 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 31832b754ea08dcaddf1bdcc8dd1ba1b0abcabdfffa12685124d308293bcd3aa

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 34A0 21 KB
21 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 30 Mar 2021 12:53:27 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
age: 276354
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
expires: Wed, 30 Mar 2022 12:53:27 GMT

GET
H3-Q050 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 34A0 21 KB
21 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 10:03:37 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
age: 27344
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Sat, 02 Apr 2022 10:03:37 GMT

GET
H2 204 event
ads.adfox.ru/312020/ 0
14 B 80ms
80ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/312020/event?hash=7a7b00ed19c769a3&pm=bmu&pxo=dKtKOeAPXpLNhJJ1FQblexPzBFtqMoBtGrQwRdr9vmoqVmX6BimPb_hnFWUe4PN8poyqzo7W_Kal7kfYcyLW2NPyDbGeKApJE9Ll_2Z5lxhLohgJQo9tEFNrBl_7CuPAWMv-Kx6khRXLUAH1jT7zwJiXE-M0Hnpe7nYIlDBFMapbBMdZRAk%3D&p5=gxcpc&rand=ygugvy&sj=RMnyaCmz3Z56ajl7cvC-JQ5up9Kdu3BVpmfO5t2T9z1_GBaJgMkbq4v1yz1XZA%3D%3D&ad-session-id=5757701617385158233&lts=fgdijpo&ytt=553054349297685&ybv=0.14318&ylv=0.14318&dl=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&rtb-si=b&p2=gmyw&puid17=1914&pr=fezzvtj&p1=cjsja&rqs=xuJqASf_QjnIVmdgRlDwh0K9IYtEXa31&resp-time=984

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 02 Apr 2021 17:39:21 GMT
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ Frame B936 123 KB
43 KB 50ms
50ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

0feb630da27b3b9a39d2ae12f49ae9fc24c11e0f5dd8416bcd726d34f6f52523

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:21 GMT
content-encoding: br
last-modified: Tue, 30 Mar 2021 15:00:53 GMT
etag: "6064af5d-acf8"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 44280
expires: Fri, 02 Apr 2021 18:39:21 GMT

GET
H2 200 data Show response
yandex.ru/set/s/rsya-tag-users/ Frame B936 403 B
1010 B 208ms
102ms Fetch
application/json 2a02:6b8:a::a
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/set/s/rsya-tag-users/data?referrer=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

5c19c69dab307b93f854942a5f7324e1e9d6ef64e8db41c617f8b2dd9ce83a79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: public,max-age=300
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/1.25.0/619621/AHIwugcVEATnKCeI/ Frame 157C 0
145 B 59ms
58ms XHR
text/plain 18.203.213.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/1.25.0/619621/AHIwugcVEATnKCeI/postback?sr=4&si=472641958&ai=216536&c1=4562306&dt=6196211556140246740000&pd=avt&r1=2a01%3A4f8%3A192%3A%3A&ci=619621&di=https%3A%2F%2Fkoton-magazadzhylyk.tam.by&pp=pub-8241049497608997&r3=&de=43003&ac=651871&ti=7289669487851265613&pv=1ff27708-dd70-446f-a990-98fe81b508e1&dm=300x250&cr=6622326&r2=&ui=1f2dbbd2-e89c-a81b-0000-000000000000&ap=&sid=AHIwugcVEATnKCeI&oz_sc=d58a9c4111e9e901a1d8996f&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/1.25.0/main.js?o=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.213.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-213-28.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 02 Apr 2021 17:39:21 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 665E
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEP2ymleGpuqHlaml7wrsAo8&google_cver=1&google_push=AQvitUJuKdoWEjEIQ48Z4p5CpP9LC4-RwhBsYNi27mIVfxQ7JhbTzS0YX2DN-3ffyqNhbxIlUaH-JsPA3RGXaMspcSZMjXC_wQ
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzY0ODIzODE5NjM0NzI2MjIxMw==
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEP2ymleGpuqHlaml7wrsAo8&google_cver=1

43 B
407 B

33ms
33ms

Image
image/gif

46.228.164.11
TURN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEP2ymleGpuqHlaml7wrsAo8&google_cver=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.228.164.11 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:21 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEP2ymleGpuqHlaml7wrsAo8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 665E
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMfl16C9DY0D9RLpxG2j5us&google_cver=1&google_push=AQvitUK1NasEbm5k8UKqCxeJNl0GCAR3QxDUlEW9fjcu7Ytjrbbb4QGxVO...
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AQvitUK1NasEbm5k8UKqCxeJNl0GCAR3QxDUlEW9fjcu7Ytjrbbb4QGxVOVeWvwdS64rcfrtukSdPmZS0Y9rCf7vGXP4yqV_Kg&google_hm=kjI9oUGj...

170 B
190 B

51ms
51ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AQvitUK1NasEbm5k8UKqCxeJNl0GCAR3QxDUlEW9fjcu7Ytjrbbb4QGxVOVeWvwdS64rcfrtukSdPmZS0Y9rCf7vGXP4yqV_Kg&google_hm=kjI9oUGjiyZRqBRf0RVl6Q

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AQvitUK1NasEbm5k8UKqCxeJNl0GCAR3QxDUlEW9fjcu7Ytjrbbb4QGxVOVeWvwdS64rcfrtukSdPmZS0Y9rCf7vGXP4yqV_Kg&google_hm=kjI9oUGjiyZRqBRf0RVl6Q
pragma: no-cache
date: Fri, 02 Apr 2021 17:39:21 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 665E
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEF0z8tmob0Wb39tPOnuJcfM&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Nmt6dk5SUzcxTHNuTHI1&google_gid=CAESEF0z8tmob0Wb39tPOnuJcfM&google_cver=1&google_push=AQvitUJo8I45sM32TqfOSRz2sWa8NGoh8BJG0_Gi4sd-beE...

170 B
190 B

44ms
44ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Nmt6dk5SUzcxTHNuTHI1&google_gid=CAESEF0z8tmob0Wb39tPOnuJcfM&google_cver=1&google_push=AQvitUJo8I45sM32TqfOSRz2sWa8NGoh8BJG0_Gi4sd-beEHeKjrtyykhEDsu-N4qAzHUUTUMf0jiZKAbGgb7-yjxyDq-xZzQ08

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 02 Apr 2021 17:39:20 GMT
Server: PingMatch/v2.0.30-632-ga311aad#rel-ec2-master i-0bdbeb4516d61c7d8@eu-central-1a@dxedge-app-eu-central-1-prod-asg
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Nmt6dk5SUzcxTHNuTHI1&google_gid=CAESEF0z8tmob0Wb39tPOnuJcfM&google_cver=1&google_push=AQvitUJo8I45sM32TqfOSRz2sWa8NGoh8BJG0_Gi4sd-beEHeKjrtyykhEDsu-N4qAzHUUTUMf0jiZKAbGgb7-yjxyDq-xZzQ08
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 665E 0
114 B 63ms
60ms Image
text/plain 34.96.105.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEM1DYg4DmgzZAi_NurFXlCI&google_cver=1&google_push=AQvitUJb8PDMhuNxFIBiCBoBzS9ODHzgLt28jroMX3iCyr-ENJ9xMftjKa4XQiDNCG3Bst3u4rND-MyyMAmrAFtxFFHUR02sIek
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=90&slotname=tut.by_publishers_728x90_1_floors_19&adk=3083819103&adf=3279755403&pi=t.ma~as.tut.by_publishers_7_&w=728&lmt=1617385160&psa=0&format=728x90&url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&ea=0&flash=0&wgl=1&dt=1617385160871&bpp=1&bdt=51&idt=64&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dbe4596db7a55dd94-22d3041cf5ba00de%3AT%3D1617385158%3ART%3D1617385158%3AS%3DALNI_MYKkSBEnsLZVtwi7km82YnLyg1CMA&correlator=8250955427519&frm=23&ife=1&pv=1&ga_vid=1948603448.1617385158&ga_sid=1617385161&ga_hid=161905389&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=276&ady=758&biw=1600&bih=1200&isw=728&ish=90&ifk=173005118&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=2893525220256726&loc=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.38r73fjs5fey&fsb=1&dtd=73
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:21 GMT
via: 1.1 google
alt-svc: clear

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 665E
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEOOgWG82KP-LupQ9CiHPvAY&google_cver=1&google_push=AQvitUIMxtKRrJhdwODghUXg8CkTREsUXwQ_kua-TH-RckmSdUBlhgStzLt1Jmx_h_Yk0n7a_m50IH6bBNU0JUHivxe6LuDnJw
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AQvitUIMxtKRrJhdwODghUXg8CkTREsUXwQ_kua-TH-RckmSdUBlhgStzLt1Jmx_h_Yk0n7a_m50IH6bBNU0JUHivxe6LuDnJw

170 B
190 B

50ms
48ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AQvitUIMxtKRrJhdwODghUXg8CkTREsUXwQ_kua-TH-RckmSdUBlhgStzLt1Jmx_h_Yk0n7a_m50IH6bBNU0JUHivxe6LuDnJw

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AQvitUIMxtKRrJhdwODghUXg8CkTREsUXwQ_kua-TH-RckmSdUBlhgStzLt1Jmx_h_Yk0n7a_m50IH6bBNU0JUHivxe6LuDnJw
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3-Q050 204 attr
cm.g.doubleclick.net/pixel/ Frame 665E 0
16 B 48ms
46ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IsRS9molImU9dXWpP5cetRbx_g-TP0N0OM529FdKPfVzAQ9GM9TWbUbg8

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:21 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame E1E8 9 KB
7 KB 19ms
18ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210331&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d73d07f3315ebd34e7549000216341ad410fb119468e1175597ec71f578220fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Apr 2021 17:39:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7083
x-xss-protection: 0

GET
H3-Q050 200 DbMZ0rSwrYdtGIgs0aJlrMhQhsJZwxQeXkiX5VBkOL0.js Show response
pagead2.googlesyndication.com/bg/ Frame E70B 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DbMZ0rSwrYdtGIgs0aJlrMhQhsJZwxQeXkiX5VBkOL0.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0db319d2b4b0ad876d18882cd1a265acc85086c259c3141e5e4897e5506438bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 00:38:23 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 61258
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5732
x-xss-protection: 0
expires: Sat, 02 Apr 2022 00:38:23 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 5983
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEP2ymleGpuqHlaml7wrsAo8&google_cver=1&google_push=AQvitUIUbIMF956cDevHnCmIQL4C4hWIBW3nhQwTgIgtzEIhZYT7KB0K9ZPE4WYajexlWzSFVjnq87DkVERiCmdLm9bnrDsYjZjR
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzY0ODIzODE5NjM0NzI2MjIxMw==
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEP2ymleGpuqHlaml7wrsAo8&google_cver=1

43 B
407 B

33ms
33ms

Image
image/gif

46.228.164.11
TURN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEP2ymleGpuqHlaml7wrsAo8&google_cver=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.228.164.11 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:21 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEP2ymleGpuqHlaml7wrsAo8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 5983
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMfl16C9DY0D9RLpxG2j5us&google_cver=1&google_push=AQvitULIC8EUljXbgce-xx_VfNqtjGebY3wgVecZfkRSKIW4RSAGuB1a6R...
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AQvitULIC8EUljXbgce-xx_VfNqtjGebY3wgVecZfkRSKIW4RSAGuB1a6RWTvTCUWqUg-SLDbDN9w955Kybngv_UqTFfO5hrUfkdDg&google_hm=kjI9...

170 B
190 B

48ms
47ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AQvitULIC8EUljXbgce-xx_VfNqtjGebY3wgVecZfkRSKIW4RSAGuB1a6RWTvTCUWqUg-SLDbDN9w955Kybngv_UqTFfO5hrUfkdDg&google_hm=kjI9oUGjiyZRqBRf0RVl6Q

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AQvitULIC8EUljXbgce-xx_VfNqtjGebY3wgVecZfkRSKIW4RSAGuB1a6RWTvTCUWqUg-SLDbDN9w955Kybngv_UqTFfO5hrUfkdDg&google_hm=kjI9oUGjiyZRqBRf0RVl6Q
pragma: no-cache
date: Fri, 02 Apr 2021 17:39:21 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 5983
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEF0z8tmob0Wb39tPOnuJcfM&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Nmt6dk5SUzcxTHNuTHI1&google_gid=CAESEF0z8tmob0Wb39tPOnuJcfM&google_cver=1&google_push=AQvitUJs1VivT_AZuUPNmuf_prLMvcCesbywnM3UZAwsjKa...

170 B
190 B

55ms
45ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Nmt6dk5SUzcxTHNuTHI1&google_gid=CAESEF0z8tmob0Wb39tPOnuJcfM&google_cver=1&google_push=AQvitUJs1VivT_AZuUPNmuf_prLMvcCesbywnM3UZAwsjKawircCvBkGVGU04of06yqRgE1jSUcTeMLiwDd_w1Ha7lW2qc_QMvorFw

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 02 Apr 2021 17:39:20 GMT
Server: PingMatch/v2.0.30-632-ga311aad#rel-ec2-master i-0ab29fc25246f26bf@eu-central-1b@dxedge-app-eu-central-1-prod-asg
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Nmt6dk5SUzcxTHNuTHI1&google_gid=CAESEF0z8tmob0Wb39tPOnuJcfM&google_cver=1&google_push=AQvitUJs1VivT_AZuUPNmuf_prLMvcCesbywnM3UZAwsjKawircCvBkGVGU04of06yqRgE1jSUcTeMLiwDd_w1Ha7lW2qc_QMvorFw
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 5983 0
114 B 61ms
56ms Image
text/plain 34.96.105.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEM1DYg4DmgzZAi_NurFXlCI&google_cver=1&google_push=AQvitUL1J_8v5aok4CSez5yVIj_azMk09CatmZzEZhtoxApdJV98MEjg0L6xc28wjLWVmU3PWR-Qzd8AAPsBypqiQNYu504hfp73Ow
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_2_floors_11&adk=2366530133&adf=3279755400&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1617385160&psa=0&format=970x250&url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&ea=0&flash=0&wgl=1&dt=1617385160852&bpp=2&bdt=80&idt=58&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dbe4596db7a55dd94-22d3041cf5ba00de%3AT%3D1617385158%3ART%3D1617385158%3AS%3DALNI_MYKkSBEnsLZVtwi7km82YnLyg1CMA&correlator=8250955427519&frm=23&ife=1&pv=1&ga_vid=1948603448.1617385158&ga_sid=1617385161&ga_hid=506795244&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=2953&biw=1600&bih=1200&isw=970&ish=250&ifk=1296003422&scr_x=0&scr_y=0&eid=44735932%2C44740079%2C44739387&oid=3&pvsid=1555053346710673&loc=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.kqq8km99w2kk&btvi=1&fsb=1&dtd=68
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:21 GMT
via: 1.1 google
alt-svc: clear

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 5983
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEOOgWG82KP-LupQ9CiHPvAY&google_cver=1&google_push=AQvitULiJGmGOJbxTDZMCOZfF5rUBejorLVDYC19FYilkZzHk0uQsEp1shGet7TaFq7CqHaB_-kuEj8jmqxxMudhO5qcbQ-...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AQvitULiJGmGOJbxTDZMCOZfF5rUBejorLVDYC19FYilkZzHk0uQsEp1shGet7TaFq7CqHaB_-kuEj8jmqxxMudhO5qcbQ-jAJBojA

170 B
213 B

45ms
44ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AQvitULiJGmGOJbxTDZMCOZfF5rUBejorLVDYC19FYilkZzHk0uQsEp1shGet7TaFq7CqHaB_-kuEj8jmqxxMudhO5qcbQ-jAJBojA

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AQvitULiJGmGOJbxTDZMCOZfF5rUBejorLVDYC19FYilkZzHk0uQsEp1shGet7TaFq7CqHaB_-kuEj8jmqxxMudhO5qcbQ-jAJBojA
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3-Q050 204 attr
cm.g.doubleclick.net/pixel/ Frame 5983 0
16 B 49ms
47ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IgIRDR6JWTRsSk-3bQnbgosa7dYI2dw4UCjREdOEv-4kuQ8RddH5nu2zw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_2_floors_11&adk=2366530133&adf=3279755400&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1617385160&psa=0&format=970x250&url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&ea=0&flash=0&wgl=1&dt=1617385160852&bpp=2&bdt=80&idt=58&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dbe4596db7a55dd94-22d3041cf5ba00de%3AT%3D1617385158%3ART%3D1617385158%3AS%3DALNI_MYKkSBEnsLZVtwi7km82YnLyg1CMA&correlator=8250955427519&frm=23&ife=1&pv=1&ga_vid=1948603448.1617385158&ga_sid=1617385161&ga_hid=506795244&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=2953&biw=1600&bih=1200&isw=970&ish=250&ifk=1296003422&scr_x=0&scr_y=0&eid=44735932%2C44740079%2C44739387&oid=3&pvsid=1555053346710673&loc=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.kqq8km99w2kk&btvi=1&fsb=1&dtd=68

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:21 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1749 9 KB
7 KB 18ms
18ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210331&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

59850ee1aa150f735791047df59f173f424ee15d0a550267a61277f23cab2b7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Apr 2021 17:39:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6949
x-xss-protection: 0

GET
H3-Q050 200 DbMZ0rSwrYdtGIgs0aJlrMhQhsJZwxQeXkiX5VBkOL0.js Show response
pagead2.googlesyndication.com/bg/ Frame 85BD 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DbMZ0rSwrYdtGIgs0aJlrMhQhsJZwxQeXkiX5VBkOL0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0db319d2b4b0ad876d18882cd1a265acc85086c259c3141e5e4897e5506438bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 00:38:23 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 61258
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5732
x-xss-protection: 0
expires: Sat, 02 Apr 2022 00:38:23 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame E1E8 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Fri, 02 Apr 2021 17:39:21 GMT

GET
H3-Q050 200 DbMZ0rSwrYdtGIgs0aJlrMhQhsJZwxQeXkiX5VBkOL0.js Show response
pagead2.googlesyndication.com/bg/ Frame 7407 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DbMZ0rSwrYdtGIgs0aJlrMhQhsJZwxQeXkiX5VBkOL0.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8241049497608997&output=html&h=250&slotname=tut.by_publishers_970x250_2_floors_11&adk=2366530133&adf=3279755400&pi=t.ma~as.tut.by_publishers_9_&w=970&lmt=1617385160&psa=0&format=970x250&url=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&ea=0&flash=0&wgl=1&dt=1617385160852&bpp=2&bdt=80&idt=58&shv=r20210331&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dbe4596db7a55dd94-22d3041cf5ba00de%3AT%3D1617385158%3ART%3D1617385158%3AS%3DALNI_MYKkSBEnsLZVtwi7km82YnLyg1CMA&correlator=8250955427519&frm=23&ife=1&pv=1&ga_vid=1948603448.1617385158&ga_sid=1617385161&ga_hid=506795244&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=2953&biw=1600&bih=1200&isw=970&ish=250&ifk=1296003422&scr_x=0&scr_y=0&eid=44735932%2C44740079%2C44739387&oid=3&pvsid=1555053346710673&loc=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.kqq8km99w2kk&btvi=1&fsb=1&dtd=68

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0db319d2b4b0ad876d18882cd1a265acc85086c259c3141e5e4897e5506438bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 00:38:23 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 61258
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5732
x-xss-protection: 0
expires: Sat, 02 Apr 2022 00:38:23 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1749 17 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Fri, 02 Apr 2021 17:39:21 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 0BA8 12 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://koton-magazadzhylyk.tam.by/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://koton-magazadzhylyk.tam.by/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Fri, 02 Apr 2021 15:43:08 GMT
expires: Sat, 02 Apr 2022 15:43:08 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 6974
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 WHmejI_zO8S0bGW0z0qXDnpXMX4m9mK0Xm4GW8200J76LcTW000003YUpqA80WEv0ZFNeY4o0Auyy0AvihtM2F050Q06m0791iRYQW4d_q8vXqDTK0BEmzmMW0e1Y0e9g0he1uWB1geB43mD6A13NG00uvhLqm2_y0i6g0_3kf6nuFcmxXQG4CNEwQ70gFM4e07mY...
an.yandex.ru/count/ 43 B
161 B 54ms
53ms Image
image/gif 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/count/WHmejI_zO8S0bGW0z0qXDnpXMX4m9mK0Xm4GW8200J76LcTW000003YUpqA80WEv0ZFNeY4o0Auyy0AvihtM2F050Q06m0791iRYQW4d_q8vXqDTK0BEmzmMW0e1Y0e9g0he1uWB1geB43mD6A13NG00uvhLqm2_y0i6g0_3kf6nuFcmxXQG4CNEwQ70gFM4e07mYwUg5E0K0TWLmOhsxAEFlFnZy80MbP20W83WVSaMy3-15wWN2PaOq1WX-1Y06R0PniMhY_3alw4vk1dI6H9vOM9pNtDbSdPbSYzoDJ4qBJFe6O320_0PWC83401ss1yADaBHC8bk8GIO69xBLeTbRaaraxSUvTfuLBOXCZPSjNES27yiWyQ6IWOseW00~1=WZ0ejI_zOB01DH40b1mxNx1Yi0BAz-gGYnQ00VlNexA9ykQDDuW1Xl-Uj5UG0U2aWwp9W8200fW1uAI3h4cW0Twe0Twu0OQyXhyWs06UexIL0U01X9kqbG7e0L3u0Po8thu1e0BAbAqOc0F0X3sm0vmBY0NlXKwG1SUpNB05lBGQk0Myj1h01SNpbWF81PIcTD05vh89u0Ltg0R00RW7W0Ma3_470032fSgM3D4zfv7HOCC_oTaBGrrG0ix3t1Re2--5JeWCd8ZUlW7e39i6c0sVvJi_e0x0X3s04C_FWXkQ41i9003uFnd84C6W4D0GXeclNvWHawi7eRdW4S6JwW7e4UUSbBUhYFt2q517z43b20XwwuRCFvWJ0k0JlBGQY1JMjScKpFAFac-W5Boq6gWKnxDSm1I0tg3B1SWK1D0KhlBrFzWKdj2ZWWRe58m2q1MUqAE21jWLmOhsxAEFlFnZc1RGw9Y31g2m5je4oHRG5fo8thu1WHUO5uJqoIku5m705xK2s1V0X3te5m6P6A0O5R0OsfkTWmQu60Bu6FZMrSAHhRU8PO0PYHax6P0P0Q0Pm06u6Vy1u1a1w1c0mWFm6O320u4Q__z_vt3JJhMG6e10k1e17m23CN2aInr4EPHHA29eYDm-0ZML4QKD2RbRpdjiBdUHdhngoBJI3FPN7NdlwWPMn2feR0I2pXkq9BW9Chi8B0sE63c9LqAEdcEGWF39XRjIEZMmhZM93hO9E000~1=WY8ejI_zO9W1nH0011mYNZD9c0ACWxgoonQ00UNFmHA80UE1nTPla06UqBoPpe20W0AO0PxGl9bEe07SpgW1tCwycKwu0RpenCqXs06OnTcO0U01rjFR3UW1jWFu0PIwthu1e0AGs8KNc0F0X3sW0mIm0-W4Y0N3ZrEG1QMFjG6m1OlYCxW5Y-8pm0NvkgC2o0NefbFG1S-r4k05TwW6m06u1u05f0_n1m00meZimXZ_ANAiukC_oTaBGrrG0ix3t1Re2yEFKvi6c0sVvJkmFg0Em8GzW13CeDKSmQ0Gc16JgmUX4PgPcPcPcRdW4S6JwW7e4UUSbBUhYFt2q517z42igFXAqChLFvWJ0k0JY-8pY1JMjScKpFAFac-W58lYCwWKfO-r0S0KW9Jht0F8507G58p6dXNO58t4p886w1IC0j0LZSJCWWRO5S6AzkoZZxpyOvWMqEYOWmQWi1RQ1CaMq1RuuTw-0O4N0F0_c1UvigCFk1S1m1Ur0jWNm8Gzw1S1cHYW60om6EMDdOC6k1W1-1ZurjN2aQstY6M06OaPEncG6G6W6S01k1d___y1u1a1w1c0mWFm6O320u4Q__yFDnzvn16G6e10k1e1703YXjCdnf4wY78e8w48m-r4GsfJ6IRNaEIYvRowcej5GiYoTnM2AW9g8F018J7q8qIf6hH8C1p8mYAmu3TY42HU2J5wZa7qmISNovNIUQTcri4s0GS0~1?stat-id=3&test-tag=547007156498945&format-type=108&actual-format=78&pcodever=14307&banner-test-tags=eyI3MjA1NzYwMzg4MTk4NjM1MiI6IjU3MzYwIiwiNzIwNTc2MDQ1MzM2MjE3NzUiOiI1NzM2MCJ9&renderWidth=300&renderHeight=599&confirmTime=2146000&confirmRatio=20000&wmode=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:22 GMT
content-encoding: gzip
last-modified: Fri, 02 Apr 2021 17:39:22 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 02 Apr 2021 17:39:22 GMT

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/1.25.0/619621/AHIwugcVEATnKCeI/ Frame 157C 0
145 B 52ms
51ms XHR
text/plain 18.203.213.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/1.25.0/619621/AHIwugcVEATnKCeI/postback?sr=4&si=472641958&ai=216536&c1=4562306&dt=6196211556140246740000&pd=avt&r1=2a01%3A4f8%3A192%3A%3A&ci=619621&di=https%3A%2F%2Fkoton-magazadzhylyk.tam.by&pp=pub-8241049497608997&r3=&de=43003&ac=651871&ti=7289669487851265613&pv=1ff27708-dd70-446f-a990-98fe81b508e1&dm=300x250&cr=6622326&r2=&ui=1f2dbbd2-e89c-a81b-0000-000000000000&ap=&sid=AHIwugcVEATnKCeI&oz_sc=d58a9c4111e9e901a1d8996f&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/1.25.0/main.js?o=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.213.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-213-28.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 02 Apr 2021 17:39:21 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 985B 12 KB
5 KB 8ms
8ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://koton-magazadzhylyk.tam.by/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://koton-magazadzhylyk.tam.by/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Fri, 02 Apr 2021 15:43:08 GMT
expires: Sat, 02 Apr 2022 15:43:08 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 6974
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame B936 35 KB
14 KB 126ms
73ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

cd3601b2f79f3cccc6333afba636cc8e645f7703257326df7df02497dc09d2df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13758
x-xss-protection: 0
server: cafe
etag: 4262303240453495685
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 02 Apr 2021 17:39:22 GMT

GET
H3-Q050

200

/
www.google.de/pagead/1p-user-list/1014923426/ Frame B936
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=ylZnYIOhEeLGxgKkwJzIBg...
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=228039662&crd=&is_vtc=1&random=24456416
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=228039662&crd=&is_vtc=1&random=24456416&ipr=y

42 B
530 B

52ms
37ms

Image
image/gif

2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=228039662&crd=&is_vtc=1&random=24456416&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:22 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=228039662&crd=&is_vtc=1&random=24456416&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

/
www.google.de/pagead/1p-user-list/1014923426/ Frame B936
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=ylZnYKijEcKdmLAP26WzkA...
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1426034569&crd=&is_vtc=1&random=576658323
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1426034569&crd=&is_vtc=1&random=576658323&ipr=y

42 B
66 B

53ms
37ms

Image
image/gif

2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1426034569&crd=&is_vtc=1&random=576658323&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:22 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1426034569&crd=&is_vtc=1&random=576658323&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3 Show response
mc.yandex.com/watch/ Frame B936 35 B
185 B 52ms
52ms XHR
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A%3Avf%3A5yitzpge8znbdz2%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A482%3Acn%3A1%3Adp%3A0%3Als%3A114606859405%3Ahid%3A993588395%3Az%3A120%3Ai%3A20210402193922%3Aet%3A1617385162%3Ac%3A1%3Arn%3A692247598%3Au%3A1617385162719761649%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1617385159696%3Ads%3A0%2C0%2C32%2C1%2C0%2C0%2C%2C27%2C0%2C67%2C67%2C0%2C67%3Adsn%3A0%2C0%2C32%2C0%2C0%2C0%2C%2C33%2C1%2C67%2C67%2C0%2C66%3Ati%3A2%3Ast%3A1617385162

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:22 GMT
x-content-type-options: nosniff
last-modified: Fri, 02-Apr-2021 17:39:22 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 35
x-xss-protection: 1; mode=block
expires: Fri, 02-Apr-2021 17:39:22 GMT

GET
H3-Q050 200 DbMZ0rSwrYdtGIgs0aJlrMhQhsJZwxQeXkiX5VBkOL0.js Show response
pagead2.googlesyndication.com/bg/ Frame 0BA8 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DbMZ0rSwrYdtGIgs0aJlrMhQhsJZwxQeXkiX5VBkOL0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0db319d2b4b0ad876d18882cd1a265acc85086c259c3141e5e4897e5506438bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 00:38:23 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 61259
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5732
x-xss-protection: 0
expires: Sat, 02 Apr 2022 00:38:23 GMT

GET
H3-Q050 200 DbMZ0rSwrYdtGIgs0aJlrMhQhsJZwxQeXkiX5VBkOL0.js Show response
pagead2.googlesyndication.com/bg/ Frame 985B 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DbMZ0rSwrYdtGIgs0aJlrMhQhsJZwxQeXkiX5VBkOL0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0db319d2b4b0ad876d18882cd1a265acc85086c259c3141e5e4897e5506438bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 00:38:23 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:18:00 GMT
server: sffe
age: 61259
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5732
x-xss-protection: 0
expires: Sat, 02 Apr 2022 00:38:23 GMT

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/1.25.0/619621/AHIwugcVEATnKCeI/ Frame 157C 0
145 B 56ms
56ms XHR
text/plain 18.203.213.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/1.25.0/619621/AHIwugcVEATnKCeI/postback?sr=4&si=472641958&ai=216536&c1=4562306&dt=6196211556140246740000&pd=avt&r1=2a01%3A4f8%3A192%3A%3A&ci=619621&di=https%3A%2F%2Fkoton-magazadzhylyk.tam.by&pp=pub-8241049497608997&r3=&de=43003&ac=651871&ti=7289669487851265613&pv=1ff27708-dd70-446f-a990-98fe81b508e1&dm=300x250&cr=6622326&r2=&ui=1f2dbbd2-e89c-a81b-0000-000000000000&ap=&sid=AHIwugcVEATnKCeI&oz_sc=d58a9c4111e9e901a1d8996f&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/1.25.0/main.js?o=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.213.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-213-28.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 02 Apr 2021 17:39:21 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 advert.gif
mc.yandex.com/metrika/ Frame B936 43 B
136 B 50ms
50ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 17:39:22 GMT
last-modified: Tue, 30 Mar 2021 15:00:53 GMT
etag: "6064af5d-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Fri, 02 Apr 2021 18:39:22 GMT

GET
H2 200 37412095 Show response
mc.yandex.com/watch/ Frame B936 203 B
237 B 50ms
49ms XHR
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%220%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22chrome%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Agdpr%3A6%3Avf%3A5yitzpge8znbdz2%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A482%3Acn%3A2%3Adp%3A1%3Als%3A213538014148%3Ahid%3A993588395%3Az%3A120%3Ai%3A20210402193922%3Aet%3A1617385162%3Ac%3A1%3Arn%3A343516025%3Au%3A161738516273356337%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1617385159696%3Ads%3A0%2C0%2C32%2C1%2C0%2C0%2C%2C27%2C0%2C67%2C67%2C0%2C67%3Adsn%3A0%2C0%2C32%2C0%2C0%2C0%2C%2C33%2C1%2C67%2C67%2C0%2C66%3Arqnl%3A1%3Ati%3A2%3Ast%3A1617385162%3At%3A

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

eb9c0912a118ff99485f924a8dd2ad584e4b9f154643bc0fa4e8c26514068703

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:22 GMT
x-content-type-options: nosniff
last-modified: Fri, 02-Apr-2021 17:39:22 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 203
x-xss-protection: 1; mode=block
expires: Fri, 02-Apr-2021 17:39:22 GMT

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame B936 3 KB
1 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1617385162397&cv=9&fst=1617385162397&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b015377a7c8c643e1bd434e850f9c59eec5ff8ee3b838dbb93bc1a3a1984fa9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1128
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame B936 3 KB
1 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1617385162401&cv=9&fst=1617385162401&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3db84177139e174e2b3b5b31097023d0abdc8fda05ea91dd1a6d7a75e48f270c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1128
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame B936 3 KB
1 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1617385162404&cv=9&fst=1617385162404&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04d7b35efdee1ef2d46af9efc52c04ee876cbf73fc0cdf37191d071f8eb6931d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1128
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame B936 3 KB
1 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1617385162405&cv=9&fst=1617385162405&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a91151afe43d7efbc5988ec7aa468f45ce37743ff4493f703b9beb22df037a6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1129
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E98F 42 B
89 B 48ms
46ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuA9PPhhnXleumT14GjU4vNNverkbT-BHcrHtUR-bHOk83fKfhy4Q32_QRo3jIzvRvE0qzUWDCUfC-BdXMVALJVcHTUJE_sJrsEIu8cLM0IqjGQCBD0aHqirJuqenifBAOPyzrJl0Xkc1NaTSzUQLf5MQ&sai=AMfl-YRkDo8I-c5HECM0m6fT-oxODoTJvZtBwUxrRRdPLpinuDLbBs6WYmviF7baq0bTv8_pSNOObAb_nVe0hXIGVcZpagXnZLsy--O_120RN_XsEx_Fx8hPboS0SEIg&sig=Cg0ArKJSzG4uaeDqb0dHEAE&cid=CAASF-RoAl3AlMilvQPj1JR0_BsCIVeNoY5_&id=osdim&mcvt=1046&p=0,0,250,970&mtos=1046,1046,1046,1046,1046&tos=1046,0,0,0,0&v=20210331&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=4252383148&rs=2&met=mue&la=1&cr=0&osd=1&vs=4&rst=1617385160803&dlt=438&rpt=41&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame B936 42 B
66 B 20ms
20ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1617385162401&cv=9&fst=1617382800000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&async=1&fmt=3&is_vtc=1&random=1485332963&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/693627671/ Frame B936 42 B
66 B 46ms
38ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/693627671/?random=1617385162401&cv=9&fst=1617382800000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&async=1&fmt=3&is_vtc=1&random=1485332963&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame B936 42 B
66 B 20ms
20ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1617385162397&cv=9&fst=1617382800000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&async=1&fmt=3&is_vtc=1&random=1835619672&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/947884341/ Frame B936 42 B
66 B 45ms
37ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/947884341/?random=1617385162397&cv=9&fst=1617382800000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&async=1&fmt=3&is_vtc=1&random=1835619672&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame B936 42 B
66 B 20ms
20ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1617385162404&cv=9&fst=1617382800000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&async=1&fmt=3&is_vtc=1&random=909009772&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/947884341/ Frame B936 42 B
66 B 46ms
40ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/947884341/?random=1617385162404&cv=9&fst=1617382800000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&async=1&fmt=3&is_vtc=1&random=909009772&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame B936 42 B
66 B 26ms
24ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1617385162405&cv=9&fst=1617382800000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&async=1&fmt=3&is_vtc=1&random=3933609289&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/693627671/ Frame B936 42 B
66 B 52ms
50ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/693627671/?random=1617385162405&cv=9&fst=1617382800000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&async=1&fmt=3&is_vtc=1&random=3933609289&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 728C 0
46 B 44ms
40ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210331&jk=2303951872584136&bg=!m5ilmNzNAAY56aLOOek7ACkAdvg8Wj6WAyXXP-IoKmdV057LU9KkugJWlx4USpBPk55mgmNXbur5IAIAAAEgUgAAABtoAQcKAGCTdsnPsml6w39l_ESwtH0r7rdQKxQ_XHxbDUAeiHBy7KBJdTuQ8VMmN6W2DGo8F47pAhV1A3Rmi9R4frFKLZZWrGmbgAZvYtT5hmBxoaiYT0sO0UICZ8ttSlmuu55pZLGZAgIXYgsxkro9_V2Nx9X6lHxvP51G8ooEyBW_ArRh_NM6Ps0xGLpxoloRa8CfVKItY-bKLfxC7PWPYm4cdh0_rgpbMZzGQpI1GN5SdAVChSZ4KsXiB9hzW8Ng5nIPzEhF5hcDYs-bK-m_tLgQp3TsKaAF6Y25MNQG7xNhz_QC43JpH08AHiMoDEK1JDliGcfpziI_Ygo3CrPuCPlnN5_RMUOBjtdTzKxLCV-k9-2XSP0CXHS8EDTvHoCFOAfW2uHXNu6WBiN37FQN686Fe6xTiCk97g6ivB76gngQl0Q6XlWu2Bi88EpeHmuxYFgVh_5Vqd8bq2zEg60mt2bp9UjATsDLzz2q-uzYjYevP0VOlKQOMCWGkD3hJ7WWOyGDXh6h902DKT5SsboDD3GKKrn3N0i8jqzhSGj0yQ_dDwR9OyhY8sNZkdGVBOUlCg0Sq-XnqlvMtM6sOctstxewD9x1jlovTENUEBS6z26Ey07Ujq_7oHMiORk3iiwNCpUkI5rE8K5Gu-w3fS2UC4PODRyqBthNRzIZlV8jgm39IL1y2Jlt_Ym7DAZvdror-8LedP0VrXUuOZet29AwYyv0jPU357737QKNpRuMcZ-mVlAp0rmgb20B0prYk6NBtx-_memsYexuWu-AC-j02bD8r1-S8KYw8FbwCWj4F2DxlsF1PZYVqrtP

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 event
ads.adfox.ru/312020/ 0
37 B 101ms
101ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/312020/event?hash=b076a00918de613f&pm=bmp&pxo=HsYtf160w1Xb-WdoeG5qIFHVxm4MkWylO1Wvtn6AR6Z7m1U6WNwu9CF-Rd97vkz-WD9iVbL-VglbkV5X6MraUX9fgYXNYTqLwZwLXgHDrLvOP74eVK0ceVxJrvFgyRux_OYXPzg6u8UM9hogy7lQjMkJYjqHlEZUDOvWFddvwlDD-EeELHY%3D&p5=gxcpc&rand=dafqnli&sj=aFmI0GYYtaTxm0g4fYKuJxh43fPnh6DfePRC0ulMJOgOIB0qjz6WnF0axEoeiw%3D%3D&ad-session-id=5757701617385158233&lts=fgdijpo&ytt=553054349297685&ybv=0.14318&ylv=0.14318&dl=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&rtb-si=b&p2=gmyw&puid17=1914&pr=fezzvtj&p1=cjsja&rqs=xuJqASf_QjnIVmdgvQdkQpkftkVFpLgc

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 02 Apr 2021 17:39:22 GMT
x-content-type-options: nosniff
timing-allow-origin: *

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E1E8 0
23 B 41ms
40ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210331&jk=2893525220256726&bg=!7u2l7anNAAY56aLOOek7ACkAdvg8WhttPQF4X0n-DNyivlj3s905aipOidm8ictmOxDXYXZe4T6jhgIAAAEqUgAAABloAQcKANycgfodF5NkUSgicaMI3ezjeel2C-S6xZA9BW3rMDiBQJ6iSnJm-W82eD-lv_bKcMGTDEg9KJ6bxxiYLlzv3RbjFeydb-pTolHBtwtk0Ms07U-wPfFchugieJM_yAVzGdIpZxhblkChp5_NUHiZBsXLLCm59ROkmR0g_NVHgLLrFQ75ZRB0FyxPAA5hlOot41LeRB3WwFKlUh6ZBaJIHYgsmT8rQUoFy9jg6ut9B9EO_bDRdq0pSqwO0RdwEE6dHuXJ-s78k4Hx-KLNHNkoPGcGjz5jgw7WUPN3H62UmQJKFiETemmUMgylixQU1fCoR0QHwmmLi6km_VMPIIDdaFyr5_GFYCMMQSoVxPTnhvgtPE2lI012zxrAuyq1LdCc6e-SqLJNv3oQ0lEAYsrbggyQOumI7s3smQThgTTM0Gr5roSe8R-Vr034bM7wXXPzIH2-iiPB-t3E-ZFtMadv-MjFWKIp2GQPoNmvy0WXdM6NOb6Ao49GofqXdGnxS8DqnSIw_yy7IkZkWrt0rBvYvZo8EAVBgvzPxxOGem0OGo9fQmR6UB_2oTivZn_2v7lv-snnePrs6mjTj9nbcJpgZCyfwiyNvb62d2iFeEPrU59nUaS68exMWCJWEfg3fwSGfZ937txWWotgsbaHIYxGPXmkC4J_NyqX025qiSxCjmaCQR91iFpl6IjYlS7Zvg-xMH-zZhthuOn6Amqq-OqSRc8w_eQgV88d93axZ6nEBCsu33KZZbt1yCHnxJ8XqZ1KpzLziMW-RLwpDIzmSI-PkOD8M5EWGd_8OQ36Ne2QGSclVdT6HmPhOiFyQBw43CASRHvcE7wcTkALFVv3aiP8j7oGkKRI3OPV0oQxokCPRsxMx-UdX8K4_km4mqRCKsO4rOJWB3J3bTAZwUEobEmswKxt5rOXZDalVHGt1h9EgaCp67Ll1sn3Osmcm0a40zPT88ME0bsR1M6zyK9ESWa_v5D7y7aECnqLEd9q0HbTwJLFR-3i1c3lePPao-zyvD9cXwFTk6vdsuO7jKDbGBJKlP2pS4xxiyLjEy7jaYosqwmMNtvmTGaUzSJhXA

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1749 0
23 B 41ms
39ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210331&jk=1555053346710673&bg=!KyilKGzNAAY56aLOOek7ACkAdvg8Wixwi5--SSbOa0B7uqzaquceG4ShOhYk7dMVN8k7W1UxRPKHGgIAAAEoUgAAABFoAQcKABfBqkd7GLPeC03xUDdxVoqloH3VcBQ1g5kCT_L864TNcM9V4yUpmeoUby5b4F8QhrE8WuEWOZlCtL8FfxbX1UD_nChku4Y9blH3XkQoGTmmO-mXgH732NUSEAHXm-lGXeIwlWmWoarEnsgxGAqvtKyF5EJtdoqxLL-8f-tnMJWToOD6-xr6EGNKnmcNmKJmvnucsgE9XCbTzDH5YagUyNr76FcyOw321Kqn4UV2NeVSueoghNPb4LM6BYVB6Jx-hUASKS-E7Oojm-hf1PVJA2pAeK0GqfH_DbOtaPEd87rFapn2Qva9EitKd_6fTfQkEirZImJ5sqsuxxTmLwIvneun2nYANS7k4tG7WyYTwdg2gmdb0nl1heuZ3ERia2MJS2eNUeDvyloCGytIpJLuOoIOp1IF06rzP-sZECzW7HIEN6DE-c0v8R063C30l2GDhDECk4l76rQgeTiWf5_qPi4gV4DVgfvIh0fCAT2xsAjHVbrzw-KTGxZUT9qf_Ni1lCxIu4vtL0EZcvqRPosr7g7IRiSxGibEQPj-AIiW7anbJ0f7k6qNcOMIGvRcb5QhZ1yqQhzrpOA2erlShXZqC60DN1W5NHhbzdYKtttq9t7FEMOb7kycK3MoU6rQNkOERYkv9L1Jvqgms5H4D6Vq4s7MZbdsBIfqkLrgLDkreK4oUktErNnTB2R3OZZdOl_zRxzBKcoGiLNN-G9CJ9tjW-NpIjg_bs6p9_PSjS-DaqBgDrgB7KZajmiqV43Fjs4UD_R804RPEM069WtGJ15oB4W5j95asT2Wgh0NC6i-t-ZQQ9m_Z1AdfJsRCA

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 event
ads.adfox.ru/312020/ 0
14 B 94ms
93ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/312020/event?hash=54160a5a5d88f304&pm=bmp&pxo=dKtKOeAPXpLNhJJ1FQblexPzBFtqMoBtGrQwRdr9vmoqVmX6BimPb_hnFWUe4PN8poyqzo7W_Kal7kfYcyLW2NPyDbGeKApJE9Ll_2Z5lxhLohgJQo9tEFNrBl_7CuPAWMv-Kx6khRXLUAH1jT7zwJiXE-M0Hnpe7nYIlDBFMapbBMdZRAk%3D&p5=gxcpc&rand=ltvvhiu&sj=RMnyaCmz3Z56ajl7cvC-JQ5up9Kdu3BVpmfO5t2T9z1_GBaJgMkbq4v1yz1XZA%3D%3D&ad-session-id=5757701617385158233&lts=fgdijpo&ytt=553054349297685&ybv=0.14318&ylv=0.14318&dl=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&rtb-si=b&p2=gmyw&puid17=1914&pr=fezzvtj&p1=cjsja&rqs=xuJqASf_QjnIVmdgRlDwh0K9IYtEXa31

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 02 Apr 2021 17:39:22 GMT
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 204 event
ads.adfox.ru/312020/ 0
14 B 77ms
77ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/312020/event?hash=d0f9812fbcbf483f&pm=bmp&pxo=xwbu5oOu_gsmSVPeppnbqESwBsx5cpQLbLN9zmJd9Nm4kckts04HOEXmX8HpwO_Aceq1Is-O9jCL0CGGbPwABVqguZM1RkhDBFOGMMtmQGhePo0s196npmMkK86asCNGFqQ7VgX6w222d4tneNtV2-eXLoKHq5bGJVpGvlvsowbzUdkhW0w%3D&p5=hwryv&rand=nemmvvw&sj=3z_ttnCT3AvHlRhH9KvpX40OE3StiCLCbXgabpv1Sa7o7NMztIC_OO-nOVpnag%3D%3D&ad-session-id=5757701617385158233&lts=fgdijpo&ytt=553054349297685&ybv=0.14318&ylv=0.14318&dl=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&pr=fezzvtj&p1=cjsiy&rqs=xuJqASf_QjnIVmdgyCU2JWYfgpGWB_rW&rtb-si=b&p2=gmyv

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 02 Apr 2021 17:39:22 GMT
x-content-type-options: nosniff
timing-allow-origin: *

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9456 42 B
66 B 46ms
45ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstA4tET-5Kdjk2SL_lZXu0utV4ykBaTBMehdLH_ghJxgo2imtKkvA-r2nYz4CufmHJgeqUYPOV_ztHPneYm17Hajv3VJtkzZ9di3mzW_KVrjkRAIVb9b32lxQmJkw&sai=AMfl-YR4BacUE_7P_g0zMDaUa1ZuZ-3NSg71z41PZ47yGvwZBaLeczu5OZE7lp-emeL6TsNiLyVD401ZzAfOm1bI7Yq86ZxKeKC_NHwC7b1R3JBL8AVTGJaGE1efrmG8&sig=Cg0ArKJSzLfyT7FHHuxbEAE&cid=CAASF-RoIYZGFFNyOX8WqA6FlPneeZ3dONKl&id=osdim&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210331&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3083819103&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1617385160946&dlt=445&rpt=32&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Apr 2021 17:39:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 event
ads.adfox.ru/312020/ 0
37 B 67ms
67ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/312020/event?hash=ace386088ee7af16&pm=bmq&pxo=wVrzWNzYJ7Y1XAqmmMtMD55fqTrthp-hOmV6pOxXEoaONtfkYj0C8JtmHGWk1AQd7BR2egqnh5MrOTTfypBNquLYVjZEZ_93rJn-rguJAy_eXaNeLfumZVBqtRE_HD_scui7sDi6QEHxBj9oMoUUR7gB4hOeEsTGo3M2yS7H7WOCdTbd&p5=gxcpb&rand=mzslvur&sj=6_TwB-Xz-07S7kUESAflmb6HH82acFEM3Fb_y9mNoziyGKSoOK9D7YGKjS5AiA%3D%3D&ad-session-id=5757701617385158233&lts=fgdijpm&ytt=553054348773397&ybv=0.14318&ylv=0.14318&dl=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&pr=fezzvtj&p1=cjsjp&rqs=xuJqASf_QjnGVmdg9_rfj4Kx4g7iy5_A&rtb-si=b&p2=gmyu

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 02 Apr 2021 17:39:23 GMT
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 204 event
ads.adfox.ru/312020/ 0
14 B 87ms
87ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/312020/event?hash=0aa184ddcd79af2a&pm=bmn&pxo=HsYtf160w1Xb-WdoeG5qIFHVxm4MkWylO1Wvtn6AR6Z7m1U6WNwu9CF-Rd97vkz-WD9iVbL-VglbkV5X6MraUX9fgYXNYTqLwZwLXgHDrLvOP74eVK0ceVxJrvFgyRux_OYXPzg6u8UM9hogy7lQjMkJYjqHlEZUDOvWFddvwlDD-EeELHY%3D&p5=gxcpc&rand=ddztrpd&sj=aFmI0GYYtaTxm0g4fYKuJxh43fPnh6DfePRC0ulMJOgOIB0qjz6WnF0axEoeiw%3D%3D&ad-session-id=5757701617385158233&lts=fgdijpo&ytt=553054349297685&ybv=0.14318&ylv=0.14318&dl=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&rtb-si=b&p2=gmyw&puid17=1914&pr=fezzvtj&p1=cjsja&rqs=xuJqASf_QjnIVmdgvQdkQpkftkVFpLgc

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 02 Apr 2021 17:39:23 GMT
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 204 event
ads.adfox.ru/312020/ 0
37 B 92ms
92ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/312020/event?hash=28519065f782813d&pm=bmn&pxo=xwbu5oOu_gsmSVPeppnbqESwBsx5cpQLbLN9zmJd9Nm4kckts04HOEXmX8HpwO_Aceq1Is-O9jCL0CGGbPwABVqguZM1RkhDBFOGMMtmQGhePo0s196npmMkK86asCNGFqQ7VgX6w222d4tneNtV2-eXLoKHq5bGJVpGvlvsowbzUdkhW0w%3D&p5=hwryv&rand=faxburj&sj=3z_ttnCT3AvHlRhH9KvpX40OE3StiCLCbXgabpv1Sa7o7NMztIC_OO-nOVpnag%3D%3D&ad-session-id=5757701617385158233&lts=fgdijpo&ytt=553054349297685&ybv=0.14318&ylv=0.14318&dl=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&pr=fezzvtj&p1=cjsiy&rqs=xuJqASf_QjnIVmdgyCU2JWYfgpGWB_rW&rtb-si=b&p2=gmyv

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 02 Apr 2021 17:39:24 GMT
x-content-type-options: nosniff
timing-allow-origin: *

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/1.25.0/619621/AHIwugcVEATnKCeI/ Frame 157C 0
145 B 60ms
59ms XHR
text/plain 18.203.213.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/1.25.0/619621/AHIwugcVEATnKCeI/postback?sr=4&si=472641958&ai=216536&c1=4562306&dt=6196211556140246740000&pd=avt&r1=2a01%3A4f8%3A192%3A%3A&ci=619621&di=https%3A%2F%2Fkoton-magazadzhylyk.tam.by&pp=pub-8241049497608997&r3=&de=43003&ac=651871&ti=7289669487851265613&pv=1ff27708-dd70-446f-a990-98fe81b508e1&dm=300x250&cr=6622326&r2=&ui=1f2dbbd2-e89c-a81b-0000-000000000000&ap=&sid=AHIwugcVEATnKCeI&oz_sc=d58a9c4111e9e901a1d8996f&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/1.25.0/main.js?o=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.213.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-213-28.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 02 Apr 2021 17:39:25 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 204 event
ads.adfox.ru/312020/ 0
37 B 91ms
90ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/312020/event?hash=d9b74712a65a533b&pm=bmq&pxo=HsYtf160w1Xb-WdoeG5qIFHVxm4MkWylO1Wvtn6AR6Z7m1U6WNwu9CF-Rd97vkz-WD9iVbL-VglbkV5X6MraUX9fgYXNYTqLwZwLXgHDrLvOP74eVK0ceVxJrvFgyRux_OYXPzg6u8UM9hogy7lQjMkJYjqHlEZUDOvWFddvwlDD-EeELHY%3D&p5=gxcpc&rand=mwmvsao&sj=aFmI0GYYtaTxm0g4fYKuJxh43fPnh6DfePRC0ulMJOgOIB0qjz6WnF0axEoeiw%3D%3D&ad-session-id=5757701617385158233&lts=fgdijpo&ytt=553054349297685&ybv=0.14318&ylv=0.14318&dl=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&rtb-si=b&p2=gmyw&puid17=1914&pr=fezzvtj&p1=cjsja&rqs=xuJqASf_QjnIVmdgvQdkQpkftkVFpLgc

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 02 Apr 2021 17:39:25 GMT
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 204 event
ads.adfox.ru/312020/ 0
14 B 98ms
98ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/312020/event?hash=8ed1206712465c18&pm=bmq&pxo=dKtKOeAPXpLNhJJ1FQblexPzBFtqMoBtGrQwRdr9vmoqVmX6BimPb_hnFWUe4PN8poyqzo7W_Kal7kfYcyLW2NPyDbGeKApJE9Ll_2Z5lxhLohgJQo9tEFNrBl_7CuPAWMv-Kx6khRXLUAH1jT7zwJiXE-M0Hnpe7nYIlDBFMapbBMdZRAk%3D&p5=gxcpc&rand=mfyansr&sj=RMnyaCmz3Z56ajl7cvC-JQ5up9Kdu3BVpmfO5t2T9z1_GBaJgMkbq4v1yz1XZA%3D%3D&ad-session-id=5757701617385158233&lts=fgdijpo&ytt=553054349297685&ybv=0.14318&ylv=0.14318&dl=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&rtb-si=b&p2=gmyw&puid17=1914&pr=fezzvtj&p1=cjsja&rqs=xuJqASf_QjnIVmdgRlDwh0K9IYtEXa31

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 02 Apr 2021 17:39:25 GMT
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 204 event
ads.adfox.ru/312020/ 0
14 B 92ms
92ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/312020/event?hash=090786b30a784433&pm=bmq&pxo=xwbu5oOu_gsmSVPeppnbqESwBsx5cpQLbLN9zmJd9Nm4kckts04HOEXmX8HpwO_Aceq1Is-O9jCL0CGGbPwABVqguZM1RkhDBFOGMMtmQGhePo0s196npmMkK86asCNGFqQ7VgX6w222d4tneNtV2-eXLoKHq5bGJVpGvlvsowbzUdkhW0w%3D&p5=hwryv&rand=msdabry&sj=3z_ttnCT3AvHlRhH9KvpX40OE3StiCLCbXgabpv1Sa7o7NMztIC_OO-nOVpnag%3D%3D&ad-session-id=5757701617385158233&lts=fgdijpo&ytt=553054349297685&ybv=0.14318&ylv=0.14318&dl=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&pr=fezzvtj&p1=cjsiy&rqs=xuJqASf_QjnIVmdgyCU2JWYfgpGWB_rW&rtb-si=b&p2=gmyv

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 02 Apr 2021 17:39:25 GMT
x-content-type-options: nosniff
timing-allow-origin: *

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/1.25.0/619621/AHIwugcVEATnKCeI/ Frame 157C 0
145 B 65ms
65ms XHR
text/plain 18.203.213.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/1.25.0/619621/AHIwugcVEATnKCeI/postback?sr=4&si=472641958&ai=216536&c1=4562306&dt=6196211556140246740000&pd=avt&r1=2a01%3A4f8%3A192%3A%3A&ci=619621&di=https%3A%2F%2Fkoton-magazadzhylyk.tam.by&pp=pub-8241049497608997&r3=&de=43003&ac=651871&ti=7289669487851265613&pv=1ff27708-dd70-446f-a990-98fe81b508e1&dm=300x250&cr=6622326&r2=&ui=1f2dbbd2-e89c-a81b-0000-000000000000&ap=&sid=AHIwugcVEATnKCeI&oz_sc=d58a9c4111e9e901a1d8996f&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/1.25.0/main.js?o=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.213.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-213-28.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 02 Apr 2021 17:39:27 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 204 event
ads.adfox.ru/312020/ 0
37 B 77ms
76ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/312020/event?hash=7b7796764774aeb3&pm=bmr&pxo=wVrzWNzYJ7Y1XAqmmMtMD55fqTrthp-hOmV6pOxXEoaONtfkYj0C8JtmHGWk1AQd7BR2egqnh5MrOTTfypBNquLYVjZEZ_93rJn-rguJAy_eXaNeLfumZVBqtRE_HD_scui7sDi6QEHxBj9oMoUUR7gB4hOeEsTGo3M2yS7H7WOCdTbd&p5=gxcpb&rand=nvhrcbe&sj=6_TwB-Xz-07S7kUESAflmb6HH82acFEM3Fb_y9mNoziyGKSoOK9D7YGKjS5AiA%3D%3D&ad-session-id=5757701617385158233&lts=fgdijpm&ytt=553054348773397&ybv=0.14318&ylv=0.14318&dl=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&pr=fezzvtj&p1=cjsjp&rqs=xuJqASf_QjnGVmdg9_rfj4Kx4g7iy5_A&rtb-si=b&p2=gmyu

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 02 Apr 2021 17:39:28 GMT
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 204 event
ads.adfox.ru/312020/ 0
37 B 89ms
89ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/312020/event?hash=a793326df0a07f64&pm=bmr&pxo=HsYtf160w1Xb-WdoeG5qIFHVxm4MkWylO1Wvtn6AR6Z7m1U6WNwu9CF-Rd97vkz-WD9iVbL-VglbkV5X6MraUX9fgYXNYTqLwZwLXgHDrLvOP74eVK0ceVxJrvFgyRux_OYXPzg6u8UM9hogy7lQjMkJYjqHlEZUDOvWFddvwlDD-EeELHY%3D&p5=gxcpc&rand=miltcdr&sj=aFmI0GYYtaTxm0g4fYKuJxh43fPnh6DfePRC0ulMJOgOIB0qjz6WnF0axEoeiw%3D%3D&ad-session-id=5757701617385158233&lts=fgdijpo&ytt=553054349297685&ybv=0.14318&ylv=0.14318&dl=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&rtb-si=b&p2=gmyw&puid17=1914&pr=fezzvtj&p1=cjsja&rqs=xuJqASf_QjnIVmdgvQdkQpkftkVFpLgc

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 02 Apr 2021 17:39:30 GMT
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 204 event
ads.adfox.ru/312020/ 0
14 B 98ms
97ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/312020/event?hash=b726a6a2bf2ca761&pm=bmr&pxo=dKtKOeAPXpLNhJJ1FQblexPzBFtqMoBtGrQwRdr9vmoqVmX6BimPb_hnFWUe4PN8poyqzo7W_Kal7kfYcyLW2NPyDbGeKApJE9Ll_2Z5lxhLohgJQo9tEFNrBl_7CuPAWMv-Kx6khRXLUAH1jT7zwJiXE-M0Hnpe7nYIlDBFMapbBMdZRAk%3D&p5=gxcpc&rand=kjoepxx&sj=RMnyaCmz3Z56ajl7cvC-JQ5up9Kdu3BVpmfO5t2T9z1_GBaJgMkbq4v1yz1XZA%3D%3D&ad-session-id=5757701617385158233&lts=fgdijpo&ytt=553054349297685&ybv=0.14318&ylv=0.14318&dl=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&rtb-si=b&p2=gmyw&puid17=1914&pr=fezzvtj&p1=cjsja&rqs=xuJqASf_QjnIVmdgRlDwh0K9IYtEXa31

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 02 Apr 2021 17:39:30 GMT
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 204 event
ads.adfox.ru/312020/ 0
14 B 82ms
82ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/312020/event?hash=e380cc0b1316617b&pm=bmr&pxo=xwbu5oOu_gsmSVPeppnbqESwBsx5cpQLbLN9zmJd9Nm4kckts04HOEXmX8HpwO_Aceq1Is-O9jCL0CGGbPwABVqguZM1RkhDBFOGMMtmQGhePo0s196npmMkK86asCNGFqQ7VgX6w222d4tneNtV2-eXLoKHq5bGJVpGvlvsowbzUdkhW0w%3D&p5=hwryv&rand=fnozqui&sj=3z_ttnCT3AvHlRhH9KvpX40OE3StiCLCbXgabpv1Sa7o7NMztIC_OO-nOVpnag%3D%3D&ad-session-id=5757701617385158233&lts=fgdijpo&ytt=553054349297685&ybv=0.14318&ylv=0.14318&dl=https%3A%2F%2Fkoton-magazadzhylyk.tam.by%2F&pr=fezzvtj&p1=cjsiy&rqs=xuJqASf_QjnIVmdgyCU2JWYfgpGWB_rW&rtb-si=b&p2=gmyv

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://koton-magazadzhylyk.tam.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 02 Apr 2021 17:39:30 GMT
x-content-type-options: nosniff
timing-allow-origin: *

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210331&st=env

Verdicts & Comments Add Verdict or Comment

133 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.redintelligence.net/	1970-01-19 19:26:01	Name: 8lcfmzhxc8d6_uid Value: 1ae228f973cce275
.doubleclick.net/	1970-01-20 02:38:01	Name: IDE Value: AHWqTUn9Xsc30WvRCmDG5oVWwTh2wSgQCL2kxO99khpdmtI-hm-W6ERPoP2rgSDi
.tam.by/	1970-01-20 02:38:01	Name: __gads Value: ID=be4596db7a55dd94-22d3041cf5ba00de:T=1617385158:RT=1617385158:S=ALNI_MYKkSBEnsLZVtwi7km82YnLyg1CMA
.tam.by/	1970-01-19 17:16:26	Name: _ym_visorc Value: w
.tam.by/	1970-01-20 02:02:01	Name: _ym_d Value: 1617385158
.koton-magazadzhylyk.tam.by/	1970-01-19 17:16:25	Name: _dc_gtm_httpskoton-magazadzhylyktamby Value: 1
.tam.by/	1970-01-19 17:17:51	Name: _gid Value: GA1.2.2005468644.1617385158
.koton-magazadzhylyk.tam.by/	1970-01-19 17:17:51	Name: _gid Value: GA1.3.2005468644.1617385158
.koton-magazadzhylyk.tam.by/	1970-01-20 10:47:37	Name: _ga Value: GA1.3.1948603448.1617385158
.tam.by/	1970-01-19 17:16:25	Name: _gat Value: 1
.tam.by/	1970-01-19 17:59:37	Name: gta_tut Value: null
.tam.by/	1969-12-31 23:59:59	Name: track_uniq_usr Value: 0abfc77dc8840368b35cf6cc82d57611
.tam.by/	1970-01-20 17:16:25	Name: __gfp_64b Value: CJ97t9A2HJbojlpLptOb8OG22t8jhjV8ecWk.dBbttn.d7\|1617385158
.tam.by/	1970-01-19 17:17:37	Name: _ym_isad Value: 2
.tam.by/	1970-01-20 02:02:01	Name: _ym_uid Value: 1617385158818104553
yastatic.net/safeframe-bundles/0.80/1-1-0	1970-01-19 17:17:51	Name: afpix Value: 1
.tam.by/	1970-01-19 17:16:25	Name: _gat_tamby Value: 1
.tam.by/	1970-01-20 10:47:37	Name: _ga Value: GA1.2.1948603448.1617385158

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=86400

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.tam.by
ad.turn.com
ads.adfox.ru
adservice.google.com
adservice.google.de
an.yandex.ru
api-maps.yandex.ru
avatars.mds.yandex.net
c1hit.tut.by
c2hit.tut.by
cdn.contentspread.net
cm.g.doubleclick.net
cms.quantserve.com
core-renderer-tiles.maps.yandex.net
d5p.de17a.com
dclk-match.dotomi.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
gaby.hit.gemius.pl
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900021.redintelligence.net
img.tam.by
koton-magazadzhylyk.tam.by
matchid.adfox.yandex.ru
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pixel.mathtag.com
pm.w55c.net
pr-bh.ybp.yahoo.com
r.turn.com
s.update.mediamathtag.com
s0.2mdn.net
s2r.tut.by
ssum-sec.casalemedia.com
stats.g.doubleclick.net
sync.1rx.io
sync.targeting.unrulymedia.com
tags.mathtag.com
tam.by
tpc.googlesyndication.com
tr.blismedia.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.tut.by
yandex.ru
yastatic.net
ysa-static.passport.yandex.ru
mc.yandex.ru
pagead2.googlesyndication.com
138.201.84.253
142.250.185.162
142.250.186.98
172.217.16.130
18.203.213.28
185.29.133.33
2.18.233.201
2.18.234.21
2001:678:cb4:bbbb::11
213.155.156.164
213.19.147.150
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1288:110:c305::8000
2a00:1450:4001:801::2003
2a00:1450:4001:803::200a
2a00:1450:4001:808::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2004
2a00:1450:4001:810::2006
2a00:1450:4001:812::2008
2a00:1450:4001:813::2002
2a00:1450:4001:813::200e
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200e
2a00:1450:400c:c04::9a
2a00:1450:400c:c04::9d
2a02:6b8:20::215
2a02:6b8::16b
2a02:6b8::173
2a02:6b8::184
2a02:6b8::1:119
2a02:6b8::2b8
2a02:6b8::5:114
2a02:6b8::90
2a02:6b8:a::a
2a02:fa8:8806:12::1400
2a0a:7d80::a
2a0a:7d80::b
2a0a:7d80::c:1:0
3.125.99.7
34.96.105.8
46.228.164.11
54.37.238.28
66.155.71.25
77.88.21.179
78.46.90.238
88.99.69.161
93.125.48.34
0168501286844a4a979c93e0fd8160d12d784da8d5f7638ef04e324dbeed442d
0314e4d2f0edb57b7456309545e63dc90044a7f006f830a35380dd28d7fe542f
03156005e53f2bd3ac00c1f6a1460f4eab1d33b7a1ffc052bee9aa9dbeab2fed
03aed30c7279eaf7eab23c407e0f16fc9e222534ddd9a4d06d7379ccccbe481a
04d7b35efdee1ef2d46af9efc52c04ee876cbf73fc0cdf37191d071f8eb6931d
06f3b04eeb7feeaf1ab3a24361b784c9b2ef7ae5a32b4e08d0158e6fbd273ba0
07fbacea18dfbf072b1c64553339e59d780780a386a189fc4752b8d06f56620b
09cd78d927dcb725c0a40c0fa03a201c211c37b4ff700de66088a0d75da44cfb
0b770070c358b505b8f2656f85e710aed4c71b3e461cd91fcd2c167d4511a498
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0db319d2b4b0ad876d18882cd1a265acc85086c259c3141e5e4897e5506438bd
0feb630da27b3b9a39d2ae12f49ae9fc24c11e0f5dd8416bcd726d34f6f52523
112e9492ececed3054c0f5cd6e6aad9a08918278aba182a364fee1d431f44bfe
11909c0ebcd1e1258ecf3c2ef83688b057b08e5d92a9c715f4fe44c13f20f7b4
120ea53b536de5386f2b93585bd4b011869ed428d43ca9557a1d947449cc161d
128811e08fc761c192794eadb0ca1ece135e0b3a8ea7d897c2f7f9fd5a37281f
12d405bc873b728bf93562013bc26826c48c94cf7d776ecd763ddaac6e89b1bc
130b35d863e7d9123a75754ce638ddd00f7bbc8c8bc492ccbb9763737ec03c60
13e327b334d10b2b24101040eecace86aaaa2eed03d282fa75a04aa3bebf69c1
144dcdd61f86733bd5d48e15984754b51d48682828c38cf7bdf0a44f4a2865fc
158cb00229b24e409c7e49c23031d0963b143a724b301a900511b7e56920af40
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
192709a2fe8cb11e817ed812280e64603be492744f5b9c68d139c9f2269beb78
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1ce689cb61b527f5abe5307ca30161f8e8c247610d0a4644855d2dc8c6f3c7b4
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
21ed829aa772e0f475e3eff46af5b849088a32c18063c3163faa2d67396df569
234e58e81d77759daf07d771662c4e4b7711301f3a867a8bbf78651dfc13c2f6
251e59286801a47d97bf67d9c7dfdbad02df1a6e524c81a9220c451be679b3fa
2581a0241f048f30c4a0521ad4a65682718300a23217c2dfb79c9ef7090c8dc4
299664e524851e4d14341a591566d7b903be58b6d05264f93e5004f9f8b0470d
29f6da0a8c21c5681511bb9b08663d3fd2c5d09c9bd8054ec354c563b8c8b7c1
2ec1664a3d39d69df0721b464754491bf276c67d6627df9f7fa2929eb7e39667
2fcd73085b1909e564982e93e67adf0f176194604e9c550fc8d88a27883b0402
30822450163784ae177c0ba522427361217be14246213279b8164eb6cf1fdca6
31697d4d66425d89d7fd18d49398d684e70656568ed4ecc64761840f7b4e2724
31832b754ea08dcaddf1bdcc8dd1ba1b0abcabdfffa12685124d308293bcd3aa
33813d331f47ff18b36ef895ad6318ce54a5e0ec145629f1cc17ea9b5be2feb6
33f8358b86c3f1998ed71ba1d40294d096f37f980d87dc6b26302bbcb2725642
348eae872d522e06b76438a2df6ba6e00b2980d30573260d9430f32594b12260
37904719aee82c400a0c9b1067eccb2cf9f01a2a4c40f0a8512e7c860b72c7ed
38e4cfe3a21bfa875fcf03364d3871b819471ecac56638555f2c054856268c6e
3b4327a73dcf8380ca98c7b428c15b87679ea129ab2b425e41838c440830a74c
3db84177139e174e2b3b5b31097023d0abdc8fda05ea91dd1a6d7a75e48f270c
3fd3d93f4b71c891005240b5ddb47c4c21a2479f03069387af6504dba1d6c185
40cc818c8b06374b11230d18b2b54f8c7f2a7668b94ac9ee00d6a106cf0efd8b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
459b64956afafb29082becaeb9492a23cc479dc4406a1740043f255ed60e1b54
46c3fb8d2c5c49168423e96b1818910c824967695cde3dc92e94586732012b43
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
48661badf6a6ba95013eb6d9a17e65cf1252abf032352b084030cfdf679dff96
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4b489c25ac71dd20643d8c7a6fec1658ae9b55d9a2d53251b572a505a3712e72
4c9f9038ef0cca8daea160666fcf23b0cc4fd3ba853dcd4494e8ec35e3a0c039
533cb39f7dad385e4b124588f494e5a8d192f26ff49360d0a38c635a369c852f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
568f21dcc485a41ddbe72a5c4c7ac7346ffbd17b8754fe22272b1e2ab2f61dfb
573dd332efcaf9ab1ae7f7e72bbbd65aa0c6b9223c4bcead7be3aa25685cba4e
57c367a49429114ce998f3cbe654c899cf867fe4fc3958c456988bea595dcee2
583ade0904fb445d6a9f9674d5422cac6684b6536d57288a1d0aae201eb1d671
59850ee1aa150f735791047df59f173f424ee15d0a550267a61277f23cab2b7d
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5ba92616ef39c857d074355bd95c05ebaab4926e2354cad22d7a566689e49fda
5c19c69dab307b93f854942a5f7324e1e9d6ef64e8db41c617f8b2dd9ce83a79
5c40cb92c04ec1bb4623745b05736f9557a733c012017710f1a0367439791ac2
5d93566b8130c22bae0ed57539a9236e203d87538d02f5b66b3c173f7dffb3ec
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61ffbb80b1c185686850ce79ab22efac48c19de958143b051110f47f3630273e
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
698078228b3275a937834a386651d862b001e18509cbc27c561c4fee2e0e2d7c
69dc445ce7660410166c39c3a57523adbde1a453f569686398f2ace985871b3d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7268dafc25475e04135c6bc0eefa4752ef82c95dd7043bdc7e6ed03495bd00cb
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
73ea2c7e832452d7d280683c3794bcbab625458f9ecf9afc03e1aba63db84418
744d833f862f4a69b538c98e77916575318a0e2eee906968eabde1f513a6e668
74f8113a093a9772ebe29204ff0fd89b692fcc0ad69814bc1725fd8f68ceaa4e
785f875b00c33e9b5372d7ada25ba6200bd430db1f01a58eb3ff8eb3c31e7257
7a301b89a0d78d1135830780c1aaa9a818b4defba66bd7e9148e22a4c722df6f
7b836f980105af48cc460cba4d6beded383be23233b43010337cddf9642ae7d2
7baa99652be2c7c7a89cd84eb9dd6b2cbd5f72217a229fdf08dfdd23eed637bb
7c412e4643ec4d23beadfdc2ffaadab0de8e3ffbb5e42403d6a08cd9992435bd
7ea072ad6ad5e30314f8ee336c482e773605d45a713bbb7df6eb727073da8f9e
7ee65ec4e6687e75cf0082dffb5a452a42d4353263efe439959072d89b7f437b
7ee8a97200cf0e24af175070d017d0bdabe6c619ede7bf7c5585e90de0f39798
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83c54916208ba4fec97b8c109dc1d26f5e2231ced12bee8032864c219b7d14e4
8727cf8bd32a94a8d93d7c75469184dada14c6cadf02178c17db5ee06f832b0f
8aa79a5d6fdffd63c26f013cd8f1bcb12ed624ef714702b5850cc30b673e6a37
8b6875dfbcf419f01f020cb0f23b3d8a8f1dcce67857d27e5966d809efaa2a02
8c99901dce19d2082c7b4164f08f8e6e2f7cf405e745163757a7c0bd06894b3d
8f0e6d4660923d760d33c0530003fbd85a1398c4a7ea2c078adf7e81dd7d3e10
9207bd75f70f72199d3be67fba3e1acf9a451009c3a8aaf3cd36e27f40c339a7
92a4a039e38c6ae8219c6e5bfd1f9673ff9abb785dd4dbaa4d026b1536d03436
95c9f1a045ef1399911e58b9b7ac9cd78df06d33d5ed9b43962a0fd15f1479e4
9613573c5095fd4c6b558212ba48604a686830b0875553737d568d00f8662368
98b082093121a48510229e46fc64083e8fa9320acd73a971a19d987d34ca7520
9a10b1418ae87e1667a44c85f39b5e1af9b8a24279d9a2743c0859d478f3f925
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b8469e48c96e767282d1c0dae810623890a1dd1ee471ca30c63a922dd76a275
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0fb89588dc7b711c0ffddb5fa2f6852f670ef1f615985bb65b2ea446cceb79f
a1af81e943d1266d70e99cb4a7470e7697034c627e5612c3e3ea04fba146355c
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a3ef2dd4a7ae98108ed7b9a1543411fb3768cf05b7a6c722a6d70f5803a5ec5b
a4552cb0a3302723047ceac6bafda74ee39fb3851b095e3fcf326b9a0036f249
a47b060bb0a97c5cca519382a0e368297cb14376d1adc2e596fd33e3fbe6c4f5
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4a6d6a23939f2e6afaaef326283efede10c37bd0710fe2cdfcaddad81fb8db2
a709c3f568cb8f4026537b3bf992f80ac6f447a28f38917c31c72eb79e0cdefa
a91151afe43d7efbc5988ec7aa468f45ce37743ff4493f703b9beb22df037a6a
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107
ac301e04134f0a6a5a96b2e9f056107818db1d84226f0cf85d700d196c44ed85
ac84272344649141bba052578bb391fa2b16dd651f29babccf32c01cfdfad40e
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b015377a7c8c643e1bd434e850f9c59eec5ff8ee3b838dbb93bc1a3a1984fa9d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1a79da9ea711829f735a9a8e429213fddba692f1c05b20d99e23b7e4a9eda6d
b1ecf87d9fba11c5f1ae5369323b0e1637869e058b726178e8b804941eb106b5
b2cbab4014ee47277958ce9b2e92b75355dfa2c107846c08d92615106ecce7db
b49d452e947e947e787fa69d00b575e7a9ed35e20a27f6d9657b315614aff446
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
b4e10c54a966ed5abeeac2aca4cfa968f317497770f59ec94af6d712db96e7d8
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b6745005745b7aefe26dfacb5bfd8a04b5e1a8ed10ca5da39529921bcd5c0956
b6c6d80028d34ec8ef0e9fe7c41cf668d0be46f3bd093c152cc7248cb24aa4e7
ba0bcd6f788cb0014352ba77b9824873ee625662d999f02817d8d625cf6246d8
c2706573fb65f2a3d056dc932cd06940bc74fa8ccfd5b3581e72d12f2d57fc6b
c2cf0ad6055dc13cefb473a3c2175cea1fb9db2d7af8171bd5c0bee4c82b303e
c386fe6a00a4a05182b79972d00e9cbad80bb7092099f6465dee8f69e10e4c19
c599ed684250b7755d158899137fa00a7d4b3f60d62db00a3940b980ce3ac325
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c6a305cd9f8592bbd50ddd47eb5af53952b97937e9b0c4df40498f7140ff8a49
c6f8d89e1bcd01377c4eb7a6a74e10b08318f0c86b938dc574c77d2108f13aae
c825ab46f6c799d1b2694913c1111977150739d55dae694ba6e41efe3d40e732
c87bc4b568203d9d4575f7ee25cb5c9d52bfa545e0a6f167334eb4da44adf008
c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb
cacf7258ab3034a84e3d825e111afdb7e0b791dff8714520b0aa633bc43c9f56
cd3601b2f79f3cccc6333afba636cc8e645f7703257326df7df02497dc09d2df
cd7c2c544a508f39217dc39ec2add8939f6d3153a253eec34f866dbb1496e71b
cde1c67d99aac59b55c20e8b666b9b7b9b86a8d00abd7bc445dfdc22e2abe439
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0cd895416afe7af3b624948ebb72cd60106d12183ffcf5dd9f9631b1b55eb71
d1efd201e64050c230fb24da4f9587793706bf7fbd12ad998d0da2652f83c48a
d3fffb48d468a898d00e051331a698ce2120482f4703e3ec6cbd877b293000ef
d61dec7be8ee9080cd713a30cbd91a22d0b594d5835467a3aac451b65a709578
d73d07f3315ebd34e7549000216341ad410fb119468e1175597ec71f578220fb
d761f43c8627e4b5029545088fdc53b2eadea6b13f2b0b2a704dd86f6c6e0611
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
da17ae7b44b5b19d5f12cbf92c7b31b46f342331c0e00337915493071b207be1
da51fad6633155dd0b66f1eb153845ec6edcb267887a4946b90817028dbfc090
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dbd9b5b78b0d2b6513c22452dbc77094b9839195a20fcb06abd9eb3376643f32
dc60e9f5d3c55b6e616b6e3620cc8aeaa9a3aeb5d15e3837b539b96908a22dfc
decaf592259e884077141fe15ede999d7f29a5b860a460c23656238f41a6acb8
e09aea00e38e6dd82f3ef7fb470a7185501238189d6a9fb932a783a79fa8076e
e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47a27d91c2487289d6607ee10d7cb7b31944a5ed3ff5ffc86ec8526e9374af0
e638d0a2e34839411a00a5b34800a1dbf737b68fcea0b85c683e0d46414d3556
e8f4701198549152dc15a4959ca0cbcb06f4bc5408cf2577e7bb0b291ec47748
e94cd3d9ee3b384ed97fd357867367da1c1b4c90e671e241a6895851deb4b73b
ea479f3fcb3661b4b1fc554f00ffcdf272495dd0b10ea28f5b114af3d1f18d23
ea621ac6fc6656ccda83cd90312d99cb3885c20df782a788528692647b9bbfd0
eb69f540be1e416b7346017da48deaf5ba2f2ee0af366c04f1e374351b651872
eb9c0912a118ff99485f924a8dd2ad584e4b9f154643bc0fa4e8c26514068703
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b
f0100a96c9c18dfd523880863690cfee8c0c849dac7459c26b1701f7411bf8da
f1e572871055c1d0e152936f664d5fb075f505b99b412a4776f65a7abe80b505
f283cf2774a30c30789d74543d0ef90caa51a6bea51b81866356b244647201a0
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f336e6c64b3b1b88dce399b9284c1c6f3163c9cfd2e9320994fc97a20d5740e2
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
f84c279a15f661fbc8046d271d4fddb5e3f166e4ff17845712dba8dd27d320b8
f95af666abfd8f69575572df54d034fcca3f383da232bcdff588a640fe7c5f17
fb121237cb0699e072b94e1bc1ff08c0542ff590bcaf6545d63520a715ea90bf
fc026b974014d5e7486116c3440c832dbf3856387cb2bd0032107a29cee85dc4
fd0d1e46f88e8ab51c3d4cfaaa9a22c2c2c5fd0e578b06afc7f710456e474b46
fd4792af15618a2282c1ed68e4e1b49c20a7d99aecaf02f55c309459283f97fe
ff01abcda30db3f0195e462b33eb98f8e4fcf594f24cd34ea88b3d5ff883abfe

koton-magazadzhylyk.tam.by Open in urlscan Pro 2a0a:7d80::b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

323 Requests

99 %HTTPS

65 %IPv6

34 Domains

59 Subdomains

51 IPs

9 Countries

3817 kBTransfer

10599 kBSize

18 Cookies

97 Outgoing links

Page URL History

Redirected requests

323 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 18 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

koton-magazadzhylyk.tam.by Open in urlscan Pro
2a0a:7d80::b Public Scan

Screenshot
Live screenshot

Full Image

323
Requests

99 %
HTTPS

65 %
IPv6

34
Domains

59
Subdomains

51
IPs

9
Countries

3817 kB
Transfer

10599 kB
Size

18
Cookies

323 HTTP transactions
18 data transactions