www.kp.by Open in urlscan Pro
178.159.244.92 Public Scan

URL:
https://www.kp.by/
Submission: On February 25 via api (February 25th 2021, 5:16:44 pm UTC) from US

Summary HTTP 303 Redirects Links 32 Behaviour Indicators

Summary

This website contacted 54 IPs in 8 countries across 56 domains to perform 303 HTTP transactions. The main IP is 178.159.244.92, located in Belarus and belongs to BELPAK-AS BELPAK, BY. The main domain is www.kp.by.
TLS certificate: Issued by R3 on February 20th 2021. Valid for: 3 months.

This is the only time www.kp.by was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	178.159.244.92 178.159.244.92	6697 (BELPAK-AS...) (BELPAK-AS BELPAK)
30	5.254.23.204 5.254.23.204	3223 (VOXILITY) (VOXILITY)
12	2a02:6b8:20::215 2a02:6b8:20::215	13238 (YANDEX) (YANDEX)
1	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
1 3	2001:6d0:4001... 2001:6d0:4001::226	52016 (TNSMSK-) (TNSMSK-)
5	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1 4	149.202.199.193 149.202.199.193	16276 (OVH) (OVH)
2	82.202.225.229 82.202.225.229	50340 (SELECTEL-MSK) (SELECTEL-MSK)
1 13	89.108.120.68 89.108.120.68	197695 (AS-REG) (AS-REG)
4	217.69.133.145 217.69.133.145	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
4 26	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
2 3	88.212.201.210 88.212.201.210	39134 (UNITEDNET) (UNITEDNET)
1 3	184.25.115.49 184.25.115.49	16625 (AKAMAI-AS) (AKAMAI-AS)
1	87.240.190.72 87.240.190.72	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS http://vk.com)
1	95.163.94.178 95.163.94.178	198226 (KP-AS) (KP-AS)
5	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a02:6b8::16b 2a02:6b8::16b	13238 (YANDEX) (YANDEX)
1 11	2a02:6b8::90 2a02:6b8::90	13238 (YANDEX) (YANDEX)
3	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:400c:c07::9d	15169 (GOOGLE) (GOOGLE)
4	136.243.42.249 136.243.42.249	24940 (HETZNER-AS) (HETZNER-AS)
3 12	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
6	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	82.202.225.240 82.202.225.240	50340 (SELECTEL-MSK) (SELECTEL-MSK)
10 22	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2 2	193.232.148.147 193.232.148.147	48061 (UMA-TECH-AS) (UMA-TECH-AS)
2 2	46.46.137.179 46.46.137.179	29470 (RETNNET-AS) (RETNNET-AS)
1 1	2a02:24b0:300... 2a02:24b0:300:2::1	29470 (RETNNET-AS) (RETNNET-AS)
2 2	99.80.128.92 99.80.128.92	16509 (AMAZON-02) (AMAZON-02)
2 2	176.9.158.88 176.9.158.88	24940 (HETZNER-AS) (HETZNER-AS)
1	195.201.106.117 195.201.106.117	24940 (HETZNER-AS) (HETZNER-AS)
2 2	136.243.48.22 136.243.48.22	24940 (HETZNER-AS) (HETZNER-AS)
1 1	88.198.16.238 88.198.16.238	24940 (HETZNER-AS) (HETZNER-AS)
1 1	80.64.106.149 80.64.106.149	20764 (RASCOM-AS...) (RASCOM-AS CJSC RASCOM ISP)
1 1	138.201.139.144 138.201.139.144	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1148:db0... 2a00:1148:db00::17	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
1	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
17	77.88.21.179 77.88.21.179	13238 (YANDEX) (YANDEX)
1	34.120.195.249 34.120.195.249	15169 (GOOGLE) (GOOGLE)
7	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
3	2a02:6b8::184 2a02:6b8::184	13238 (YANDEX) (YANDEX)
2 36	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:6b8::5:114 2a02:6b8::5:114	13238 (YANDEX) (YANDEX)
5	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
4	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:82b::2006	15169 (GOOGLE) (GOOGLE)
2 4	184.30.20.241 184.30.20.241	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	37.252.172.250 37.252.172.250	29990 (ASN-APPNEX) (ASN-APPNEX)
2 3	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2 2	3.127.88.255 3.127.88.255	16509 (AMAZON-02) (AMAZON-02)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2 2	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (TURN) (TURN)
1	46.228.164.11 46.228.164.11	56396 (TURN) (TURN)
1	34.246.156.173 34.246.156.173	16509 (AMAZON-02) (AMAZON-02)
1 1	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
1	34.96.105.8 34.96.105.8	15169 (GOOGLE) (GOOGLE)
3 3	52.58.146.86 52.58.146.86	16509 (AMAZON-02) (AMAZON-02)
2 2	18.194.183.62 18.194.183.62	16509 (AMAZON-02) (AMAZON-02)
2 2	52.59.28.101 52.59.28.101	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	82.113.101.132 82.113.101.132	6805 (TDDE-ASN1) (TDDE-ASN1)
1	2a02:6b8:a::a 2a02:6b8:a::a	13238 (YANDEX) (YANDEX)
2 3	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
303	54

6 178.159.244.92 (Belarus)

ASN6697 (BELPAK-AS BELPAK, BY)

www.kp.by	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 5.254.23.204 (Frankfurt am Main, Germany)

ASN3223 (VOXILITY, GB)

s3.stc.all.kpcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s2.stc.all.kpcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s12.stc.all.kpcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s10.stc.all.kpcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s13.stc.all.kpcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s15.stc.all.kpcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s9.stc.all.kpcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s16.stc.all.kpcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s11.stc.all.kpcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s14.stc.all.kpcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s8.stc.m.kpcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:6d0:4001::226 (Russian Federation) 1 redirects

ASN52016 (TNSMSK-, RU)

www.tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 149.202.199.193 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ua1.host.hit.gemius.pl

gaby.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 82.202.225.229 (Russian Federation)

ASN50340 (SELECTEL-MSK, RU)
PTR: target2-1.ssel21.imcmdb.net

target.smi2.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 89.108.120.68 (Russian Federation) 1 redirects

ASN197695 (AS-REG, RU)
PTR: d51803.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 217.69.133.145 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a02:6b8::1:119 (Moscow, Russian Federation) 4 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.212.201.210 (Russian Federation) 2 redirects

ASN39134 (UNITEDNET, RU)
PTR: host210.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.25.115.49 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-25-115-49.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.240.190.72 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU)
PTR: srv72-190-240-87.vk.com

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.163.94.178 (Russian Federation)

ASN198226 (KP-AS, RU)

identity.kp.house	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::16b (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

matchid.adfox.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:6b8::90 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 136.243.42.249 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: sm-server1-1.sfa51.imcmdb.net

stat.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.202.225.240 (Russian Federation)

ASN50340 (SELECTEL-MSK, RU)

smi2.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 142.250.185.130 (United States) 10 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.148.147 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: hosting.adhigh.net

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.46.137.179 (Moscow, Russian Federation) 2 redirects

ASN29470 (RETNNET-AS, RU)
PTR: serv12.mt.viaprog.eu

otclick-adv.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:24b0:300:2::1 (Russian Federation) 1 redirects

ASN29470 (RETNNET-AS, RU)

idntfy.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.80.128.92 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-128-92.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 176.9.158.88 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.201.106.117 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.117.106.201.195.clients.your-server.de

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 136.243.48.22 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-22.community.moscow

sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.16.238 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-24.community.moscow

0e40bcd1-d702-4fb2-b7a1-de475d7f3a94.sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.64.106.149 (Russian Federation) 1 redirects

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr4.rutarget.ru

aidata-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.139.144 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.144.139.201.138.clients.your-server.de

cm.p.altergeo.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 77.88.21.179 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: adfox-external-l3-engine.stable.qloud-b.yandex.net

ads.adfox.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o442949.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8::184 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

avatars.mds.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3c021f42f589682000f52b6d36135318.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d40dcff76d8fde160d82e59583d19251.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::5:114 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

ysa-static.passport.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.30.20.241 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-241.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.250 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.64.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.127.88.255 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-88-255.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.115 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.156.0.31 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.164.11 (United Kingdom)

ASN56396 (TURN, GB)

r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.246.156.173 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-156-173.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.25 (Portsmouth, United Kingdom) 1 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.58.146.86 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.194.183.62 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

a.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.59.28.101 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.113.101.132 (Offenbach, Germany)

ASN6805 (TDDE-ASN1, DE)

portal.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8:a::a (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.23.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	googlesyndication.com pagead2.googlesyndication.com 3c021f42f589682000f52b6d36135318.safeframe.googlesyndication.com tpc.googlesyndication.com d40dcff76d8fde160d82e59583d19251.safeframe.googlesyndication.com 268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com ade.googlesyndication.com	260 KB
47	doubleclick.net 12 redirects stats.g.doubleclick.net cm.g.doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net googleads4.g.doubleclick.net	387 KB
41	yandex.ru 5 redirects mc.yandex.ru matchid.adfox.yandex.ru an.yandex.ru ysa-static.passport.yandex.ru yandex.ru	181 KB
30	kpcdn.net s3.stc.all.kpcdn.net s2.stc.all.kpcdn.net s12.stc.all.kpcdn.net s10.stc.all.kpcdn.net s13.stc.all.kpcdn.net s15.stc.all.kpcdn.net s9.stc.all.kpcdn.net s16.stc.all.kpcdn.net s11.stc.all.kpcdn.net s14.stc.all.kpcdn.net s8.stc.m.kpcdn.net	2 MB
17	adfox.ru ads.adfox.ru	494 B
15	google.com 3 redirects www.google.com adservice.google.com	3 KB
13	aidata.io 1 redirects x01.aidata.io	27 KB
12	yastatic.net yastatic.net	403 KB
11	2mdn.net s0.2mdn.net	256 KB
11	google.de www.google.de adservice.google.de	3 KB
7	googletagservices.com www.googletagservices.com	179 KB
7	criteo.com bidder.criteo.com gum.criteo.com	1 KB
6	kp.by www.kp.by	107 KB
5	ampproject.org cdn.ampproject.org	97 KB
5	mail.ru top-fwz1.mail.ru ad.mail.ru	13 KB
5	google-analytics.com www.google-analytics.com	19 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com	4 KB
4	stat.media stat.media	30 KB
4	gemius.pl 1 redirects gaby.hit.gemius.pl	12 KB
3	googleadservices.com 2 redirects www.googleadservices.com	13 KB
3	bidswitch.net 3 redirects x.bidswitch.net	1 KB
3	yahoo.com 3 redirects ups.analytics.yahoo.com	3 KB
3	openx.net 2 redirects us-u.openx.net	831 B
3	adnxs.com 2 redirects ib.adnxs.com	3 KB
3	yandex.net avatars.mds.yandex.net	403 KB
3	upravel.com 3 redirects sync.upravel.com 0e40bcd1-d702-4fb2-b7a1-de475d7f3a94.sync.upravel.com	2 KB
3	criteo.net static.criteo.net	38 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	yadro.ru 2 redirects counter.yadro.ru	2 KB
3	smi2.net target.smi2.net smi2.net	2 KB
3	tns-counter.ru 1 redirects www.tns-counter.ru	1 KB
2	advertising.com 2 redirects pixel.advertising.com	933 B
2	sportradarserving.com 2 redirects a.sportradarserving.com	1 KB
2	turn.com 1 redirects ad.turn.com r.turn.com	857 B
2	pubmatic.com 2 redirects image6.pubmatic.com	2 KB
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	buzzoola.com 2 redirects exchange.buzzoola.com	595 B
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net	978 B
2	otclick-adv.ru 2 redirects otclick-adv.ru	841 B
2	adhigh.net 2 redirects px.adhigh.net	951 B
1	o2online.de portal.o2online.de	607 B
1	cloudflare.com cdnjs.cloudflare.com	22 KB
1	blismedia.com tr.blismedia.com	136 B
1	sitescout.com 1 redirects pixel-sync.sitescout.com	408 B
1	adsrvr.org match.adsrvr.org	265 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com	480 B
1	sentry.io o442949.ingest.sentry.io	349 B
1	altergeo.ru 1 redirects cm.p.altergeo.ru	553 B
1	rutarget.ru 1 redirects aidata-sync.rutarget.ru	434 B
1	otm-r.com sync.dmp.otm-r.com	69 B
1	idntfy.ru 1 redirects idntfy.ru	437 B
1	kp.house identity.kp.house	3 KB
1	vk.com vk.com	446 B
1	googletagmanager.com www.googletagmanager.com	54 KB
0	wbtrk.net Failed um.wbtrk.net Failed
0	netmng.com Failed google2waycm.netmng.com Failed
303	56

	Domain	Requested by
27	pagead2.googlesyndication.com	s3.stc.all.kpcdn.net securepubads.g.doubleclick.net 268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com www.kp.by googleads.g.doubleclick.net d40dcff76d8fde160d82e59583d19251.safeframe.googlesyndication.com tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com
26	mc.yandex.ru	4 redirects www.kp.by s3.stc.all.kpcdn.net yastatic.net mc.yandex.ru
22	cm.g.doubleclick.net	10 redirects googleads.g.doubleclick.net d40dcff76d8fde160d82e59583d19251.safeframe.googlesyndication.com 268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com
21	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.kp.by 268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net d40dcff76d8fde160d82e59583d19251.safeframe.googlesyndication.com s0.2mdn.net
17	ads.adfox.ru
13	x01.aidata.io	1 redirects www.kp.by
12	www.google.com	3 redirects www.kp.by 268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com
12	yastatic.net	www.kp.by yastatic.net an.yandex.ru
11	s0.2mdn.net	268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com www.kp.by s0.2mdn.net d40dcff76d8fde160d82e59583d19251.safeframe.googlesyndication.com
11	googleads.g.doubleclick.net	2 redirects 268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com www.kp.by www.googleadservices.com
11	an.yandex.ru	1 redirects yastatic.net
11	s2.stc.all.kpcdn.net	www.kp.by s3.stc.all.kpcdn.net
8	www.google.de	www.kp.by
7	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.kp.by
7	www.googletagservices.com	yastatic.net securepubads.g.doubleclick.net 268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com www.kp.by
6	bidder.criteo.com	s3.stc.all.kpcdn.net static.criteo.net
6	www.kp.by	s3.stc.all.kpcdn.net
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	www.google-analytics.com	www.googletagmanager.com s3.stc.all.kpcdn.net www.kp.by
5	s3.stc.all.kpcdn.net	www.kp.by
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	googleads4.g.doubleclick.net	googleads.g.doubleclick.net www.kp.by
4	stat.media	target.smi2.net stat.media s3.stc.all.kpcdn.net
4	top-fwz1.mail.ru	www.kp.by top-fwz1.mail.ru
4	gaby.hit.gemius.pl	1 redirects www.kp.by gaby.hit.gemius.pl
4	s13.stc.all.kpcdn.net	www.kp.by
3	www.googleadservices.com	2 redirects yastatic.net
3	x.bidswitch.net	3 redirects
3	ups.analytics.yahoo.com	3 redirects
3	us-u.openx.net	2 redirects googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	adservice.google.com	securepubads.g.doubleclick.net
3	adservice.google.de	securepubads.g.doubleclick.net
3	avatars.mds.yandex.net	yastatic.net
3	stats.g.doubleclick.net	s3.stc.all.kpcdn.net
3	static.criteo.net	yastatic.net www.kp.by
3	sb.scorecardresearch.com	1 redirects www.kp.by www.googletagmanager.com
3	counter.yadro.ru	2 redirects www.kp.by
3	www.tns-counter.ru	1 redirects www.kp.by
2	pixel.advertising.com	2 redirects
2	a.sportradarserving.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	pm.w55c.net	2 redirects
2	268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	d40dcff76d8fde160d82e59583d19251.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	sync.upravel.com	2 redirects
2	exchange.buzzoola.com	2 redirects
2	sync.crwdcntrl.net	2 redirects
2	otclick-adv.ru	2 redirects
2	px.adhigh.net	2 redirects
2	matchid.adfox.yandex.ru	yastatic.net
2	target.smi2.net	www.kp.by
2	s15.stc.all.kpcdn.net	www.kp.by
2	s12.stc.all.kpcdn.net	www.kp.by
1	ade.googlesyndication.com
1	yandex.ru	yastatic.net
1	portal.o2online.de
1	cdnjs.cloudflare.com	s0.2mdn.net
1	tr.blismedia.com	268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com
1	pixel-sync.sitescout.com	1 redirects
1	match.adsrvr.org	268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com
1	r.turn.com
1	ad.turn.com	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	ysa-static.passport.yandex.ru
1	3c021f42f589682000f52b6d36135318.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	o442949.ingest.sentry.io	s3.stc.all.kpcdn.net
1	gum.criteo.com	static.criteo.net
1	ad.mail.ru
1	cm.p.altergeo.ru	1 redirects
1	aidata-sync.rutarget.ru	1 redirects
1	0e40bcd1-d702-4fb2-b7a1-de475d7f3a94.sync.upravel.com	1 redirects
1	sync.dmp.otm-r.com
1	idntfy.ru	1 redirects
1	smi2.net	www.kp.by
1	s8.stc.m.kpcdn.net	s3.stc.all.kpcdn.net
1	identity.kp.house	s3.stc.all.kpcdn.net
1	vk.com	www.kp.by
1	s14.stc.all.kpcdn.net	www.kp.by
1	s11.stc.all.kpcdn.net	www.kp.by
1	s16.stc.all.kpcdn.net	www.kp.by
1	s9.stc.all.kpcdn.net	www.kp.by
1	s10.stc.all.kpcdn.net	www.kp.by
1	www.googletagmanager.com	www.kp.by
0	um.wbtrk.net Failed	d40dcff76d8fde160d82e59583d19251.safeframe.googlesyndication.com
0	google2waycm.netmng.com Failed	d40dcff76d8fde160d82e59583d19251.safeframe.googlesyndication.com
303	86

This site contains links to these domains. Also see Links.

Domain
www.kp.ru
radiokp.ru
advert.kp.ru
an.yandex.ru
direct.yandex.ru
rodniki.kp.by
kp.by
icq.com
www.youtube.com
flipboard.com
invite.viber.com
vk.com
www.facebook.com
ok.ru
twitter.com
www.agima.ru

Subject Issuer	Validity	Valid
country.kp.ru R3	`2021-02-20` - `2021-05-21`	3 months	crt.sh
kpcdn.net R3	`2020-12-21` - `2021-03-21`	3 months	crt.sh
*.yastatic.net Yandex CA	`2020-09-29` - `2021-03-30`	6 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.tns-counter.ru GlobalSign ECC OV SSL CA 2018	`2020-11-10` - `2021-12-12`	a year	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2019-09-11` - `2021-09-24`	2 years	crt.sh
smi2.net R3	`2021-02-05` - `2021-05-06`	3 months	crt.sh
my.aidata.me Sectigo RSA Domain Validation Secure Server CA	`2020-02-25` - `2022-02-25`	2 years	crt.sh
*.mail.ru GeoTrust ECC CA 2018	`2020-11-13` - `2021-11-17`	a year	crt.sh
mc.yandex.ru Yandex CA	`2020-09-29` - `2021-03-11`	5 months	crt.sh
counter.yadro.ru R3	`2021-01-13` - `2021-04-13`	3 months	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-07-17` - `2021-06-02`	a year	crt.sh
*.vk.com GlobalSign Organization Validation CA - SHA256 - G2	`2020-06-09` - `2022-06-10`	2 years	crt.sh
defaults.kp.ru R3	`2021-02-20` - `2021-05-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
matchid.adfox.yandex.ru Yandex CA	`2020-09-29` - `2021-03-24`	6 months	crt.sh
bs.yandex.ru Yandex CA	`2020-12-17` - `2021-06-17`	6 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-01-30` - `2021-04-28`	3 months	crt.sh
stat.media R3	`2020-12-07` - `2021-03-07`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-01-30` - `2021-04-28`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
sync.dmp.otm-r.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-07` - `2021-08-07`	a year	crt.sh
*.adfox.ru Yandex CA	`2020-09-29` - `2021-03-11`	5 months	crt.sh
*.ingest.sentry.io R3	`2020-12-28` - `2021-03-28`	3 months	crt.sh
*.avatars.mds.yandex.net Yandex CA	`2020-09-29` - `2021-03-30`	6 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
ysa-static.passport.yandex.net Yandex CA	`2020-09-30` - `2021-03-31`	6 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.turn.com DigiCert SHA2 Secure Server CA	`2020-03-18` - `2021-04-19`	a year	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
tr.blismedia.com GTS CA 1D2	`2021-01-03` - `2021-04-03`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.o2online.de DigiCert TLS RSA SHA256 2020 CA1	`2021-01-19` - `2022-02-19`	a year	crt.sh
*.xn--d1acpjx3f.xn--p1ai Yandex CA	`2020-10-01` - `2021-04-01`	6 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh

This page contains 23 frames:

Primary Page: https://www.kp.by/
Frame ID: 710D848130D98AD3CF5730CF4F327D8E
Requests: 150 HTTP requests in this frame

Frame: https://matchid.adfox.yandex.ru/getcookie
Frame ID: B458BD077FB4DC9A2D3249EF25E7B734
Requests: 8 HTTP requests in this frame

Frame: https://x01.aidata.io/stats?pixel=7304081&v=1614273385157&pid=7304081&js=1&bounce=1&pid=7304081&js=1&sid=40940914e62a473696876f1483def48e&__upin=Jsz4R65DBhRtVy+8NTWIsA&id=https://www.kp.by/&payload=%7B%22event%22%3A%22referrer%22%2C%22type%22%3A%22referrer%22%2C%22data%22%3A%7B%22value%22%3A%22%22%7D%7D
Frame ID: 71C01E25ED9FEDF5C1A8D67E370AC5F1
Requests: 14 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.kp.by
Frame ID: 6BA7D6845206C876667DF1342661D479
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: A58D4CD1244B6FE6252425E376866301
Requests: 11 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: AABD39E51879D8476D2FB5AB0D9EFA69
Requests: 11 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 2A2D3F011082B1C708EA2A0FBEF15DC5
Requests: 11 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.80/1-1-0/render.html
Frame ID: 13A0EBAF4970BA353CED9A71CB2F592F
Requests: 23 HTTP requests in this frame

Frame: https://268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Frame ID: F67D2B7E1E9D9DB7ED9C570BC272BF15
Requests: 15 HTTP requests in this frame

Frame: https://d40dcff76d8fde160d82e59583d19251.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Frame ID: 8F5D6E8CF7C921809F1039939815E7A2
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Frame ID: 32696116DBAF226AF54D46033B1DA435
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQ1K6oAhi_rviVATAB&v=APEucNVBARCstmVroyre_xKvlKQpY_-qgG4Ys3QrJD4_7YAmq58IBDi_ItawY5gn_yhRlSg__0_5WJ1yM7NqUntYEGPtrv7BCDQgut1N_PMjCuetj8o-n7vd7D6gG4uXQWYQ9AUPS1Q-OfqnNLjo6L36IJzUwbCJCpuh1KWO0Jnmj7uvB9xD6hzFMtRLZKwFVvnu1GsRm0xq
Frame ID: D883F297A9931EEF38577CB27BAE60B3
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjWvryZATAB&v=APEucNUOIT_3smG0PQ4ogvH3y7Ea_Aa7PyoD9reBvi16wHVo8XWDF60la2MnqecLZj7XCa9gIyxc0ZC8bl-qhuznM_IUk2xHyM9q7RMwaL6sMs4w_DSKB6lsKXqEpnvVPPXEM3Gw_Eb5LtM2kmIL9Y8hU8zKIG_8Py-wKzv3t_YLolAxWzypXc-fQkRTJcX3w0yOWCs5UyAS
Frame ID: DDB4032E9AB385C1CE3075E6C5DE26DF
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-At7qS4d3qoWvtN694-kfWA-DR4WZwK73mVdo1FbIRQlZBsKJlFamC6FMpk6FRZSR8dpMyFpprkPbkJkZCYZOZiwopqcnunJvkMPEnEBXZfkP4YOye_b7v0bE6XyCK4M0s0ceEFreNPk4anBdhBX022s6bP6g&dbm_d=AKAmf-DJtWKXb6SCg-z3LFZu451RsIbZG0JTVyitUnVKQbHpugqWmAN-5bsIIVJaswstdSkUcKEurGz3s-pAoXfhVacC-RZKiEs156okvKcjCZhrY28KvpHjqYwwlFLja_e2L6at4vwBy8pL_werUrMwtt21k_dFwkHcNZNG_iKuNg1DYs4V1hNw29BMdObqdZan61JSlIE8ErGskvrRHfrCKR0a_KENItjuWGuEbT2V6HC_vfKJ2gArX20P59BHRSx_zaMFAXv1_oF4D9Wo8oxbWLXNvsm7exf0BVmkECeGwt8SBwB36AI5-c01xGg0B40s79hIObmiYpAOI8GJjyO8kXDEZB71Y9AkFSjtFuGK8U_rR2qPpVI0pM-tlRzyQ5R4Et7jr12d_L3B4dcPd7OMlShgqfuTAxeB8FgvD0SCdoOJhlpjnxdQ99U1BmYsuS1IzVuce1H1hThnYmUc4ISGnk41dABbkGaC8u3KaAcBarKs02vHlwTtKMHe3sXQgpjMI6J2tMzi2PotkvGsbUp0FbFd0-gfXPeJxmxqXNppS7OFSXGCUv71JVbSiCC1P9juw54LOqRIlLkl66Pn16mNhETvZ2jXw-EWW5p9HW-CVF_x4Bk_GDwPI3z7Lp2FMW6WnmA1rC1ignwzN7Por-1HI19bs0RnYB_9mb4aVr8wj9LL3zna76OuXnpMqY5htwLBVtJMTLfNTkVpYw-Dytua68dLgTZx2BjAEcarXJvAkkCudkXGt4X-7kNU1Fw7pIPWP6KRkQVdGmkkYmbEWjIbzyoTCFBGOYKdwIbj9-smyuFztNr_bsJJoxeLv5i9WG40_WCtumH-khhzv6qiOEO-_9-638wJxKJcbvi2JPDAp_ZlOHruLxCz14u-rl4ljqDr3Gop0vU2yoijsS3R1pArdTdXYleKeGm7iXqM3dHedAaYUr1Ro_o_ROfCW9qdaqK6bC5Tp01meJWHF_kdhy3HTqAJcTTgem5aJTbmsHRoncTqPuCzC4guEjV7bbb1aWPlUT6Yeiwxu1zLqybW8rbLqMvBK8c9mz4NIKynBLnU1djB_JoNxdHA8cQ5EgGoZGzw4BnlbR3S_ShVncO4v_XfQ2Vj2ip8MODIduENq4axSbfhqkoKrEZK6awR6UJRZDArSTp_fY8YqOsRM492z4o2hTa5Ky2CXSWkYx4vqDIHmuR0jQtQjW7YR-G6z6lewvruuAsj9sWAqsZ0c3yhwPcWQgV9rI74cZVHdIIT7gPT8ckgiZansrsBthjyAN8DTijKb7orBwAjjyb3PDOnUoVGSZqq8MflEgZdD7Uxt_OVWhgz5v_IuPPIRFh7q4W4Df110I6-Wvp9o8A6xh59kCgufkhd23g2l0UHrti0sJCv3c7KCFD5oiqE202mT-hJWVwtO-hORBKn5urmIvt3Hufh0WnyzEPOH_QAPPg-qTitK_qzq2LVrwnvCoEWw2Az7GkP3m_GYDEICpkZipjWmwmRMq2ouPI3C2_4F6DkoBFrZfgeLc2cZeUx3HA332DhI0RRQYa79F57zKmFDJJV7Bz4V3IC91eZ0OVkaYbf5p9rZo0j0HCcsyuRxcwJr-ObJkuJbfx8KHGOmCu5CxNxKBYgD8yEJmePUFGSA5iM_I_z-cHPAXw_7uAlYFLcetdry-c5jiQkL7lk7FCaVLlBw0VWrsZTH7iKWxOsMmmjHHgIu2H50O0GPoDRWJHyGNW01B6PjLm88pwLKEGB05txOMvAtyYCgN7ccovfmYMdQEk1e3vzC_ApmhwhY1RdpBXV3Z82qeqtdFBSiWP4TUwxPbg9KASu3QG3LZM-8D5iJxfdRH6idVdxIcgz65T7dIV_2gNQKRUBA38sDiJuWfmXbOq-Ntj9EfbYkvjeKGHiiTOWUPhLdKqGqUM3iICNMn69L4pVPFhrx1_FNeFb5JlWNGFkWdGHT7vXAWjFXRMYvXFeHCWgQiELPQQszaGHlJIonjzNE_zPMV10acNL2tOFI_HvM8t7qHXJ0w5fqxviMNEazAmc8gxL4O02KmSNZGFh9G2HQF7aERgOl9Ytt8-Z4z6AL-759miwYo7qcJxUYlvzuxC3kJ5_isrYHbV90SCbM2UZt6QRvmqzuoSdsXCXqb5B2Wyn6r-rTV3fHiER5Yhho1YAqL9v8zx_K781E1cWmZi9XHOQNo5epgxXOlpbFXOfHUl42QFNJqFusX4WNaOFw_GvAEBvgdtIWDcpneEQFq0U4NtRaRdpawRZ_jsxne1nikDcIs7V8klsVhCJNksdEvvBoL8v9aDFdo3Hbuc6pdgfKaBva9By-o2F8YHcLMu0pNduR4wWaHAwVUPakM9CdnYagV75h_PSKTTGphPwMfx6fMpdtFCe7rwR3jL9b1hbXlZl_xyXwmFY1ZMe-oQ67vYxwc_XOuZb60hsYtJsOaTbxwvu_nIAhs9OdLJmyJj1NyooKNg0Mk1EUHSy6Gnx-tWpONxduWyS455CCD9KjzFxUZcBoPEJHvRJcjuNed6C8908Dd1NOvtFBNj86rM3XrxMSWHMX8NaawxNta1IaNfG8JzWsZ1iGuGgA4KZw3oqkxa02Un19OLf9XsPgtCQoTgaBRL3LiA6d6XjWDI0zpdEUXqWyv1izReqD1L9RPXNZ3u9XkbrmNMnYtDwRBVJL_O264GD6fuDedpRVzRfw0wwqJGvr3ENbBlmpL9-gLEPN3i8mocSIcUd42vFfQpyMlk5vN2eJp6zuWDA49WOMqXGOOnp0oMBSR-4ZBhpl7EHdGYX6KWzBQ&cid=CAASEuRocDTMNXJ5hsTqv5vsIbSNnw&rfl=3%2Chttps%253A%252F%252Fwww.kp.by%242%2Chttps%253A%252F%252Fwww.kp.by%252F%240
Frame ID: D9E4B525C6DBDB5679A88F428F83D6AE
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 90572AADF47AA5A3106578D6169BE7A7
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 5E9FAB251823C3AC844B8217F65B89C1
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 6E3AFBDCA4396268E2B6787D0A7CB45D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6F63533CB9338BB4502B7CED63490736
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: DD06E28C61F4358AF2958B038894127B
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B0442557DC4CA0B8A7AA2FAE9411661F
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/60607747/20201218063454514/728x090.html?e=69&leftOffset=0&topOffset=0&c=Bzpd8Sj7kX&t=1&renderingType=2
Frame ID: 18CF776616F7DA3BFA42A63A9DC3AB14
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C55EA3B0CC55354038BDF2201D07E472
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gYCzj-4M8Ect_HrGpifqy4m-MJzktZmRntqmlBTHKuc.js
Frame ID: 2BE08025A85FC9C41852A4EEB033FF57
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /https?:\/\/an\.yandex\.ru\//i

Gemius () Expand

Overall confidence: %
Detected patterns

script /hit\.gemius\.pl\/xgemius\.js/i
script /hit\.gemius\.pl/i
script /xgemius\.js/i

Page Statistics

303
Requests

99 %
HTTPS

38 %
IPv6

56
Domains

86
Subdomains

54
IPs

8
Countries

4388 kB
Transfer

10443 kB
Size

17
Cookies

32 Outgoing links

These are links going to different origins than the main page.

URL: https://www.kp.ru/putevoditel/
Title: Путеводитель

Search URL Search Domain Scan URL

URL: https://www.kp.ru/promokod/
Title: Промокоды

Search URL Search Domain Scan URL

URL: https://radiokp.ru/
Title: Радио КП

Search URL Search Domain Scan URL

URL: http://advert.kp.ru/by/kr/4291/
Title: Реклама

Search URL Search Domain Scan URL

URL: http://advert.kp.ru/by/kr/4291
Title: Реклама

Search URL Search Domain Scan URL

URL: https://an.yandex.ru/count/WieejI_zOCO21HO092H2Vv5Ph7RRsGK0nWCGW8200J5hspTW000003Zks26ApxF0w1200PA05uW1suYnXroG0TxHfAdBW8200fW1tj6agKkW0TQe0TQu0R35vVWWm042s06GhUsM0U01aF774EW1ZWCOc0BkjxCMe0BmjxCMkG99PugJCxK6VF02Wz28q0oO0y24FPmB-0I7l1s81UZh7905XxmTe0M-hGYe1Rwj2B05lgq8k0M-hGZ01VM6AyB70y01g0R00Sa6QlSBHDavdKxP1W00091vNEoVnxEA2xW7W0Ma3yBusvd92jC8lbmjv-K_CAeB47yXpKTvN000VGRKJooyw0lewnpm2mQ83FZXthu1gGm0vmgmoZg0l-WCcmQO3VFCIJ_gxg-WbBlEpawW3i24FVcumVxv-Ap52zaFW138bDyRa12ex93zeRo-Wvu1y8YNf0hW4OdKo07e4PY2xU7ytf2voK34s43y1BiN1QRK0gWJaB6mb_cYmxCMu1E-hGY859Y7gfh2Z9BnzG6W5Bwj2AWKXxpevyF_1U0K0UWKZ0BG5UZdm_y5s1N1YlRieu-y_6FmW1QLaE2CW81ye1RGvB211h0MsWJ95j0M-E7UlW615vWN--694QWN2RWN0S0NjGBO5y24FUWN0PaOe1WAi1Zvbz-11hWO0T0O4FWOiiwuq8ZBgCcp0O0PYHax6P0P0Q0Pm06m6RWPqXaIUM5YSrzpPN9sPN8lSZKmCoqqu1a2w1c0mWFm6O320u4Q___RA3YEZI2G6e200ISWK28nHcHgQBO1UDiucCgnU10DLfmbo20b4WybOdFBdj7siCo7enaeUVll9GGVvFO6OKO2u2PQo9YOxOahydMIIz1NP_pz1E1vqOCzjLblRHB01kw-XHglSa98wZC71qfgj7HaCDT1Xju4vJAdIY43G1Iku5uYn6pRoWC0~1?stat-id=24&test-tag=339749285946881&format-type=89&actual-format=73&pcodever=13930&banner-test-tags=eyI3MjA1NzYwNDE0NzU0OTI5NSI6IjU3MzYxIn0%3D

Search URL Search Domain Scan URL

URL: https://direct.yandex.ru/?partner
Title: Яндекс.Директ

Search URL Search Domain Scan URL

URL: https://rodniki.kp.by/
Title: РОДНИКИ БЕЛАРУСИ

Search URL Search Domain Scan URL

URL: https://kp.by/society/
Title: Общество

Search URL Search Domain Scan URL

URL: https://kp.by/incidents/
Title: Происшествия

Search URL Search Domain Scan URL

URL: https://kp.by/sport/
Title: Спорт

Search URL Search Domain Scan URL

URL: https://kp.by/economics/
Title: Экономика

Search URL Search Domain Scan URL

URL: https://kp.by/daily/koronavirus/
Title: Коронавирус Covid-19

Search URL Search Domain Scan URL

URL: https://kp.by/politics/
Title: Политика

Search URL Search Domain Scan URL

URL: http://kp.by/online/news/4201059/?utm_campaign=external&utm_medium=main_top&utm_source=quote_preview&utm_term=1

Search URL Search Domain Scan URL

URL: https://kp.by/daily/minsk/
Title: Минск

Search URL Search Domain Scan URL

URL: http://kp.by/online/news/4200449/?utm_campaign=external&utm_medium=main_top&utm_source=quote_preview&utm_term=5

Search URL Search Domain Scan URL

URL: http://kp.by/online/news/4200186/?utm_campaign=external&utm_medium=main_top&utm_source=quote_preview&utm_term=6
Title: В Бресте огласили приговор убитому Геннадию Шутову и его другу Александру Кордюкову

Search URL Search Domain Scan URL

URL: http://kp.by/online/news/4200379/?utm_campaign=external&utm_medium=main_top&utm_source=quote_preview&utm_term=7

Search URL Search Domain Scan URL

URL: http://kp.by/online/news/4200112/?utm_campaign=external&utm_medium=main_top&utm_source=quote_preview&utm_term=8

Search URL Search Domain Scan URL

URL: http://kp.by/online/news/4200050/?utm_campaign=external&utm_medium=main_top&utm_source=quote_preview&utm_term=9

Search URL Search Domain Scan URL

URL: http://kp.by/online/news/4199636/?utm_campaign=external&utm_medium=main_top&utm_source=quote_preview&utm_term=11

Search URL Search Domain Scan URL

URL: http://kp.by/online/news/4199501/?utm_campaign=external&utm_medium=main_top&utm_source=quote_preview&utm_term=12

Search URL Search Domain Scan URL

URL: https://icq.com/chat/kpru

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/kpru

Search URL Search Domain Scan URL

URL: https://flipboard.com/@KPNews

Search URL Search Domain Scan URL

URL: https://invite.viber.com/?g2=AQBef3U8V4SaYEjP%2F7tOf03cSgkQH3b5fwDdjB%2FXNsbH1L2kVXkZNP0w9%2FPly%2Fx9&lang=ru

Search URL Search Domain Scan URL

URL: https://vk.com/club22644451

Search URL Search Domain Scan URL

URL: https://www.facebook.com/onlinekpby

Search URL Search Domain Scan URL

URL: https://ok.ru/group/50586088702092

Search URL Search Domain Scan URL

URL: https://twitter.com/kpby/

Search URL Search Domain Scan URL

URL: https://www.agima.ru/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://x01.aidata.io/pixel.js?pixel=7304081&v=1614273385157 HTTP 302
https://x01.aidata.io/pixel.js?pixel=7304081&v=1614273385157&pid=7304081&js=1&id=https://www.kp.by/&bounce=1

Request Chain 38

https://counter.yadro.ru/hit;kp/kpall/kpby?r;s1600*1200*24;uhttps%3A//www.kp.by/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0411%u0435%u043B%u0430%u0440%u0443%u0441%u0438.%20%u041A%u043E%u043C%u0441%u043E%u043C%u043E%u043B%u044C%u0441%u043A%u0430%u044F%20%u041F%u0440%u0430%u0432%u0434%u0430%20%u0432%20%u0411%u0435%u043B%u0430%u0440%u0443%u0441%u0438%20//%20KP.BY;0.38480316675188275 HTTP 302
https://counter.yadro.ru/hit;kp/kpall/kpby?q;r;s1600*1200*24;uhttps%3A//www.kp.by/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0411%u0435%u043B%u0430%u0440%u0443%u0441%u0438.%20%u041A%u043E%u043C%u0441%u043E%u043C%u043E%u043B%u044C%u0441%u043A%u0430%u044F%20%u041F%u0440%u0430%u0432%u0434%u0430%20%u0432%20%u0411%u0435%u043B%u0430%u0440%u0443%u0441%u0438%20//%20KP.BY;0.38480316675188275

Request Chain 39

https://sb.scorecardresearch.com/b?c1=2&c2=16803468&ns__t=1614273385155&ns_c=UTF-8&c8=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8.%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%2F%2F%20KP.BY&c7=https%3A%2F%2Fwww.kp.by%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=16803468&ns__t=1614273385155&ns_c=UTF-8&c8=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8.%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%2F%2F%20KP.BY&c7=https%3A%2F%2Fwww.kp.by%2F&c9=&cs_ak_ss=1

Request Chain 58

https://www.tns-counter.ru/V13a***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/22373070 HTTP 302
https://www.tns-counter.ru/V13b***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/22373070

Request Chain 64

https://mc.yandex.ru/watch/1051362?wmode=7&page-url=https%3A%2F%2Fwww.kp.by%2F&nohit=1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Acaxsklyqnpvsij3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A433%3Acn%3A1%3Adp%3A0%3Als%3A1031984453183%3Ahid%3A246502172%3Az%3A60%3Ai%3A20210225181626%3Aet%3A1614273386%3Ac%3A1%3Arn%3A313767402%3Au%3A1614273386335967376%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1614273384290%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1614273386%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8.%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%2F%2F%20KP.BY HTTP 302
https://mc.yandex.ru/watch/1051362/1?wmode=7&page-url=https%3A%2F%2Fwww.kp.by%2F&nohit=1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Acaxsklyqnpvsij3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A433%3Acn%3A1%3Adp%3A0%3Als%3A1031984453183%3Ahid%3A246502172%3Az%3A60%3Ai%3A20210225181626%3Aet%3A1614273386%3Ac%3A1%3Arn%3A313767402%3Au%3A1614273386335967376%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1614273384290%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1614273386%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8.%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%2F%2F%20KP.BY

Request Chain 65

https://mc.yandex.ru/watch/38305645?wmode=7&page-url=https%3A%2F%2Fwww.kp.by%2F&nohit=1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Acaxsklyqnpvsij3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A433%3Acn%3A2%3Adp%3A0%3Als%3A905758923303%3Ahid%3A246502172%3Az%3A60%3Ai%3A20210225181626%3Aet%3A1614273386%3Ac%3A1%3Arn%3A59477376%3Au%3A1614273386335967376%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1614273384290%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1614273386%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8.%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%2F%2F%20KP.BY HTTP 302
https://mc.yandex.ru/watch/38305645/1?wmode=7&page-url=https%3A%2F%2Fwww.kp.by%2F&nohit=1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Acaxsklyqnpvsij3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A433%3Acn%3A2%3Adp%3A0%3Als%3A905758923303%3Ahid%3A246502172%3Az%3A60%3Ai%3A20210225181626%3Aet%3A1614273386%3Ac%3A1%3Arn%3A59477376%3Au%3A1614273386335967376%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1614273384290%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1614273386%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8.%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%2F%2F%20KP.BY

Request Chain 66

https://mc.yandex.ru/watch/1007185?wmode=7&page-url=https%3A%2F%2Fwww.kp.by%2F&nohit=1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Acaxsklyqnpvsij3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A433%3Acn%3A3%3Adp%3A0%3Als%3A550198222292%3Ahid%3A246502172%3Az%3A60%3Ai%3A20210225181626%3Aet%3A1614273386%3Ac%3A1%3Arn%3A828645135%3Au%3A1614273386335967376%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1614273384290%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1614273386%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8.%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%2F%2F%20KP.BY HTTP 302
https://mc.yandex.ru/watch/1007185/1?wmode=7&page-url=https%3A%2F%2Fwww.kp.by%2F&nohit=1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Acaxsklyqnpvsij3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A433%3Acn%3A3%3Adp%3A0%3Als%3A550198222292%3Ahid%3A246502172%3Az%3A60%3Ai%3A20210225181626%3Aet%3A1614273386%3Ac%3A1%3Arn%3A828645135%3Au%3A1614273386335967376%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1614273384290%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1614273386%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8.%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%2F%2F%20KP.BY

Request Chain 92

https://gaby.hit.gemius.pl/_1614273386610/rexdot.js?l=100&id=baowRE9xyvJjcPSCclDOh5SqLbpuyc7E.ppV8i3VvbX.z7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=https%3A%2F%2Fwww.kp.by%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=sSnWtPG_2nFmVANd4UzYnf7.tlgFLL4Z90X9HbK9JyH.57&vis=1 HTTP 301
https://gaby.hit.gemius.pl/__/_1614273386610/rexdot.js?l=100&id=baowRE9xyvJjcPSCclDOh5SqLbpuyc7E.ppV8i3VvbX.z7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=https%3A%2F%2Fwww.kp.by%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=sSnWtPG_2nFmVANd4UzYnf7.tlgFLL4Z90X9HbK9JyH.57&vis=1

Request Chain 126

https://cm.g.doubleclick.net/pixel?google_nid=aidata_ddp&back=1STPARTY&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=aidata_ddp&back=1STPARTY&google_cm=&google_tc= HTTP 302
https://x01.aidata.io/0.gif?pid=GOOGLE&back=1STPARTY&google_gid=CAESEL4jPRmlbAkQgXHIbThUy8s&google_cver=1

Request Chain 127

https://px.adhigh.net/p/cm/aidata?u=Jsz4R65DBhRtVy%2B8NTWIsA&back=1STPARTY HTTP 302
https://px.adhigh.net/p/cm/aidata?u=Jsz4R65DBhRtVy%2B8NTWIsA&back=1STPARTY&bounced=1 HTTP 302
https://x01.aidata.io/0.gif?pid=GETINTENT&id=8aYLPoosWgY.AikABlF32jFZgw&back=1STPARTY

Request Chain 128

https://otclick-adv.ru/core/match.gif?s=24&id=Jsz4R65DBhRtVy%2B8NTWIsA&reference=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3DOTCLICK%26id%3D%23%7BUID%7D%26back=1STPARTY HTTP 302
https://idntfy.ru/token?e=base64&u=aHR0cHM6Ly9vdGNsaWNrLWFkdi5ydS9jb3JlL21hdGNoLmdpZj9zPTI0JmlkPUpzejRSNjVEQmhSdFZ5JTJCOE5UV0lzQSZyZWZlcmVuY2U9aHR0cHMlM0ElMkYlMkZ4MDEuYWlkYXRhLmlvJTJGMC5naWYlM0ZwaWQlM0RPVENMSUNLJTI2aWQlM0QlMjMlN0JVSUQlN0QlMjZiYWNrPTFTVFBBUlRZJnZpZHNldHVwPTE=&p=idntfy&n=otclick HTTP 302
https://otclick-adv.ru/core/match.gif?s=24&id=Jsz4R65DBhRtVy%2B8NTWIsA&reference=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3DOTCLICK%26id%3D%23%7BUID%7D%26back=1STPARTY&vidsetup=1&idntfy=VO6MGEyb4XrFOwR HTTP 302
https://x01.aidata.io/0.gif?pid=OTCLICK&id=VO6MGEyb4XrFOwR&back=1STPARTY

Request Chain 129

https://counter.yadro.ru/id-redir/aidata.gif HTTP 302
https://x01.aidata.io/0.gif?pid=LIVE&id=E25697C8F643645B6811&

Request Chain 130

https://sync.crwdcntrl.net/map/c=7645/tp=AIDA/?https://x01.aidata.io/0.gif?pid=LOTAME&id=Jsz4R65DBhRtVy%2B8NTWIsA&back=1STPARTY HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=7645/tp=AIDA/?https://x01.aidata.io/0.gif?pid=LOTAME&id=Jsz4R65DBhRtVy%2B8NTWIsA&back=1STPARTY HTTP 302
https://x01.aidata.io/0.gif?pid=LOTAME&id=Jsz4R65DBhRtVy+8NTWIsA&back=1STPARTY

Request Chain 131

https://exchange.buzzoola.com/aidata_pixel?back=1STPARTY HTTP 307
https://exchange.buzzoola.com/aidata_pixel?back=1STPARTY&set_buzzoola_cookie=t HTTP 307
https://x01.aidata.io/0.gif?back=1STPARTY&id=b963ef8b-eed1-4096-78ab-a8439aae611f&pid=BUZZOOLA&set_buzzoola_cookie=t

Request Chain 133

https://sync.upravel.com/aidata/sync?back=1STPARTY HTTP 302
https://sync.upravel.com/aidata/sync?back=1STPARTY&session_tpt=eyJoZWFkZXJzIjp7fX0 HTTP 302
https://0e40bcd1-d702-4fb2-b7a1-de475d7f3a94.sync.upravel.com/aidata/sync?back=1STPARTY&ud_tpt=eyJoZWFkZXJzIjp7fX0 HTTP 302
https://x01.aidata.io/0.gif?pid=MGCOM&id=0e40bcd1-d702-4fb2-b7a1-de475d7f3a94&back=1STPARTY

Request Chain 134

https://aidata-sync.rutarget.ru/sync?back=1STPARTY HTTP 302
https://x01.aidata.io/0.gif?pid=SEGMENTO&id=2i0QKziMg9Yy&back=1STPARTY

Request Chain 135

https://cm.p.altergeo.ru/aidata?aid=Jsz4R65DBhRtVy%2B8NTWIsA&nc=853&url=https%3A//x01.aidata.io/0.gif%3Fpid%3DALTERGEO%26id%3D%24%7BUSER_ID%7D%26rnd%3D%24%7BRANDOM%7D%26back%3D1STPARTY HTTP 302
https://x01.aidata.io/0.gif?pid=ALTERGEO&id=CMdG4M1zH3Sum9K6gMgLbbDQ==&rnd=741439df&back=1STPARTY

Request Chain 136

https://an.yandex.ru/mapuid/dmpaidatame/Jsz4R65DBhRtVy%2B8NTWIsA?sign=738621324&location=https%3A//x01.aidata.io/0.gif%3Fpid%3D1STPARTY HTTP 302
https://x01.aidata.io/0.gif?pid=1STPARTY

Request Chain 219

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 231

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_sc&google_dbm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm=&google_sc=&google_dbm=&google_tc= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENDdtvXC7fBHiJDzgXkUOzg&google_cver=1

Request Chain 232

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_sc%26google_hm%3D&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_sc&google_hm=YDfbbO6gY-9y-P3d4baKywAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENDdtvXC7fBHiJDzgXkUOzg&google_cver=1

Request Chain 233

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_sc&google_dbm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm=&google_sc=&google_dbm=&google_tc= HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAlJTTVFTVbxbTZtb7nzIvk&google_cver=1

Request Chain 234

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA4OTEwMzg4NDQzMTI3MTkwMA%3D%3D

Request Chain 235

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc&google_dbm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_dbm=&google_tc= HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELcAjZpIgnjRlXkflnnBf9E&google_cver=1

Request Chain 236

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Yzg4ZjcxNGUtN2RjYy0yYmMxLWZiNjEtMDNlYTBiMjIyNWU0

Request Chain 250

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHXB92ZY7KWb2SJVdAvVRcc&google_cver=1&google_push=AQvitULHjkZZvgo9KHR6Qpid7WEUOKsHjFtg2YnoxYlPNdNLGxw1bW9uEm0mwAhABsPNSPg4kLkrPiqy4P30tDlpZLtOQ4zOLvY HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHXB92ZY7KWb2SJVdAvVRcc&google_cver=1&google_push=AQvitULHjkZZvgo9KHR6Qpid7WEUOKsHjFtg2YnoxYlPNdNLGxw1bW9uEm0mwAhABsPNSPg4kLkrPiqy4P30tDlpZLtOQ4zOLvY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=U01pTW85YVgxTGZrZnk1&google_gid=CAESEHXB92ZY7KWb2SJVdAvVRcc&google_cver=1&google_push=AQvitULHjkZZvgo9KHR6Qpid7WEUOKsHjFtg2YnoxYlPNdNLGxw1bW9uEm0mwAhABsPNSPg4kLkrPiqy4P30tDlpZLtOQ4zOLvY

Request Chain 251

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEC_bl5DlPwW5XGgD1lM4uWU&google_cver=1&google_push=AQvitUIXTVKUeS3KmRb9io3ffwMieJGazdheQCCHSjUJkPUjcHZZdYMpGrIUt-ByrOm_-oSxl5vheBkSKWNpiTSy7wnb8QR_px8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUIXTVKUeS3KmRb9io3ffwMieJGazdheQCCHSjUJkPUjcHZZdYMpGrIUt-ByrOm_-oSxl5vheBkSKWNpiTSy7wnb8QR_px8&google_hm=VkMDhcpKTTST0xMlHh6CkR4

Request Chain 254

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEL2a9ihvObhLJWyepCabseI&google_cver=1&google_push=AQvitULK03HPR7jVK3AW0f9yLVLuxy-w6Aq3lf73ySorI4d7SsWpZYkTM0Bt1CQhAtlATBJa5Xyk1xfKKuFk738-XnuiwXw3sA3A HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEL2a9ihvObhLJWyepCabseI&google_cver=1&google_push=AQvitULK03HPR7jVK3AW0f9yLVLuxy-w6Aq3lf73ySorI4d7SsWpZYkTM0Bt1CQhAtlATBJa5Xyk1xfKKuFk738-XnuiwXw3sA3A&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=PuaM7e5NRAq1WlBCb5NGIA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULK03HPR7jVK3AW0f9yLVLuxy-w6Aq3lf73ySorI4d7SsWpZYkTM0Bt1CQhAtlATBJa5Xyk1xfKKuFk738-XnuiwXw3sA3A

Request Chain 255

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJNYMM650X78ooIybT94BGc&google_cver=1&google_push=AQvitUKFxQCtiBUwAPQW4P5naelxLp8b9JEzneaU4Ki2KU7rUrOXAqbFMpnc_Gq-aXNVptXChUhC9Sh9bop3MwUJTL_jJjU6pqK2uw HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJNYMM650X78ooIybT94BGc&google_cver=1&google_push=AQvitUKFxQCtiBUwAPQW4P5naelxLp8b9JEzneaU4Ki2KU7rUrOXAqbFMpnc_Gq-aXNVptXChUhC9Sh9bop3MwUJTL_jJjU6pqK2uw&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1KTXV3d1FOMWwyWWs0QUFDd3I0ZHdJSkcxODhTajdWcQ%3D%3D&google_push=AQvitUKFxQCtiBUwAPQW4P5naelxLp8b9JEzneaU4Ki2KU7rUrOXAqbFMpnc_Gq-aXNVptXChUhC9Sh9bop3MwUJTL_jJjU6pqK2uw

Request Chain 259

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAHDnYJvXOmUOVA8bkgC2io&google_cver=1&google_push=AQvitUKCQyGx3zAHIG055Q8nRspR-jsoMOJqcrVVLwnExJaqIgMVwtxKsRP_7qryeMicve9W7Gc-zIk0ra-vMiu2iHi6lkMmxvE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzczNDUyMTkyMjE3MzYyMTk3Mg== HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESENkB4gqtg0r6TyKOTRdfu_c&google_cver=1

Request Chain 261

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEOmKQ8b2lyljUyFCyzH9tfM&google_cver=1&google_push=AQvitUIPkzZM4rWzWEm_riGPrx5ahuhwPdBO6iHx9Jso3lRCN91vHja5mTMfQEb9CPNrM5Y83MT60UJP3-QkUkIA1j6dwDtjZWA HTTP 302
https://cm.g.doubleclick.net/pixel?google_ula=1293153&google_nid=ssc&google_push=AQvitUIPkzZM4rWzWEm_riGPrx5ahuhwPdBO6iHx9Jso3lRCN91vHja5mTMfQEb9CPNrM5Y83MT60UJP3-QkUkIA1j6dwDtjZWA&google_sc&google_hm=EBAQEA

Request Chain 263

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGsruv0cD0JLnl8VkoZ93KM&google_cver=1&google_push=AQvitULM4dR1-QKf9WJJLs6FP9zeYIMw0n-mLeFYYhU38Mg0UYanPzKGeYIhjZ22PMVeS2nRX-E1dY5d6itrAv7nJo06674k5SE HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEGsruv0cD0JLnl8VkoZ93KM&google_cver=1&google_push=AQvitULM4dR1-QKf9WJJLs6FP9zeYIMw0n-mLeFYYhU38Mg0UYanPzKGeYIhjZ22PMVeS2nRX-E1dY5d6itrAv7nJo06674k5SE HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=1759bf41-ab9d-4134-b73e-c52adc6cd462&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitULM4dR1-QKf9WJJLs6FP9zeYIMw0n-mLeFYYhU38Mg0UYanPzKGeYIhjZ22PMVeS2nRX-E1dY5d6itrAv7nJo06674k5SE&google_hm=wZJAdg6iQnSmfBcOcT8u_g==

Request Chain 265

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEHCstSO9f2n-O3AUeGutDDY&google_cver=1&google_push=AQvitUKqXiP3cUTmi1SS0eWMQEJD8GZbMgJ69H2W0plidwuR5k9_5_orrvfnc6RU0Md8FsWHf81_fvgyqrLMKoSLkwCoAFlqvgC8 HTTP 302
https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEHCstSO9f2n-O3AUeGutDDY&google_cver=1&google_push=AQvitUKqXiP3cUTmi1SS0eWMQEJD8GZbMgJ69H2W0plidwuR5k9_5_orrvfnc6RU0Md8FsWHf81_fvgyqrLMKoSLkwCoAFlqvgC8&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEHCstSO9f2n-O3AUeGutDDY&google_cver=1&google_push=AQvitUKqXiP3cUTmi1SS0eWMQEJD8GZbMgJ69H2W0plidwuR5k9_5_orrvfnc6RU0Md8FsWHf81_fvgyqrLMKoSLkwCoAFlqvgC8&apid=UP324f1702-778d-11eb-b430-02fe8f2673d2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAzMjRmMTcwMi03NzhkLTExZWItYjQzMC0wMmZlOGYyNjczZDI%3D&google_push=AQvitUKqXiP3cUTmi1SS0eWMQEJD8GZbMgJ69H2W0plidwuR5k9_5_orrvfnc6RU0Md8FsWHf81_fvgyqrLMKoSLkwCoAFlqvgC8

Request Chain 295

https://www.googleadservices.com/pagead/conversion/1014923426/?label=hzaUCJ-7nWMQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=hzaUCJ-7nWMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=bds3YOOZKZCtzAatxrrYBg&random=1992291265&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=hzaUCJ-7nWMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1992291265&crd=&is_vtc=1&random=34952678 HTTP 302
https://www.google.de/pagead/1p-user-list/1014923426/?label=hzaUCJ-7nWMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1992291265&crd=&is_vtc=1&random=34952678&ipr=y

Request Chain 296

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=bds3YOWdKcrmzAbA77jQCg&random=1731026017&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1731026017&crd=&is_vtc=1&random=2810821639 HTTP 302
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1731026017&crd=&is_vtc=1&random=2810821639&ipr=y

Request Chain 297

https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fwww.kp.by%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A%3Avf%3Aqtcqyojs4f5z2n%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A433%3Acn%3A1%3Adp%3A0%3Als%3A1216553588373%3Ahid%3A379153387%3Az%3A60%3Ai%3A20210225181629%3Aet%3A1614273390%3Ac%3A1%3Arn%3A347324772%3Au%3A1614273390232092832%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1614273387466%3Ads%3A0%2C0%2C45%2C0%2C0%2C0%2C%2C22%2C0%2C71%2C71%2C0%2C71%3Adsn%3A0%2C0%2C45%2C0%2C0%2C0%2C%2C25%2C0%2C71%2C71%2C0%2C71%3Ati%3A2%3Ast%3A1614273390 HTTP 302
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fwww.kp.by%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A%3Avf%3Aqtcqyojs4f5z2n%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A433%3Acn%3A1%3Adp%3A0%3Als%3A1216553588373%3Ahid%3A379153387%3Az%3A60%3Ai%3A20210225181629%3Aet%3A1614273390%3Ac%3A1%3Arn%3A347324772%3Au%3A1614273390232092832%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1614273387466%3Ads%3A0%2C0%2C45%2C0%2C0%2C0%2C%2C22%2C0%2C71%2C71%2C0%2C71%3Adsn%3A0%2C0%2C45%2C0%2C0%2C0%2C%2C25%2C0%2C71%2C71%2C0%2C71%3Ati%3A2%3Ast%3A1614273390

303 HTTP transactions
21 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
www.kp.by/ 571 KB
80 KB 554ms
372ms Document
text/html 178.159.244.92
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kp.by/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.159.244.92 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),

Reverse DNS

Software

unity/0.6.31 production/2.0.100 (js/2.0.100) (api/0.1.1) /

Resource Hash

1ad24c5aeee6aefe4368ed6bd5fa78eeb21ef8614da7a081ee53c8c5715410b3

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src wss: https:
X-Frame-Options	SAMEORIGIN

Request headers

Host: www.kp.by
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 25 Feb 2021 17:16:24 -0000
Content-Type: text/html; charset=utf-8
Server: unity/0.6.31 production/2.0.100 (js/2.0.100) (api/0.1.1)
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: default-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src wss: https:
Set-Cookie: w3k=5c1e8f1d-71a5-4645-9573-35a20129395e; httponly; Path=/; SameSite=None; Secure; Expires=Thu, 04 Mar 2021 17:16:24 GMT; Domain=kp.by w3t=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOiI1YzFlOGYxZC03MWE1LTQ2NDUtOTU3My0zNWEyMDEyOTM5NWUiLCJqdGkiOiI3NmU2NTEzOC00OTgxLTRjYTctYmM1Ny0zYWEzOTY3YTYzODQiLCJzdWIiOiJzZXNzaW9uIiwiZXhwIjoxNjE0ODc4MTg0LCJpYXQiOjE2MTQyNzMzODQsIm5iZiI6MTYxNDI3MzM4NCwiX3ZlcnNpb24iOjEsIl9wYXRoIjoiLyIsImlzcyI6eyJlc3NlbnRpYWwiOnRydWUsInZhbHVlcyI6WyJ3d3cua3AuYnkiXX0sIl90cmFjZSI6ImRkNjU3MzlmMTdhM2Q0MjZhZjhmYzcxNmQxYTI2MWM1IiwiX3BheWxvYWRzIjp7ImdlbyI6eyJjb2RlciI6eyJyZWdpb24iOjAsInVwZGF0ZWQiOiIyMDIxLTAyLTI1VDE3OjE2OjI0Ljc2ODIxNSJ9fX19.iQdjCVUzbVsp8xkKaBM3xGZfj2-3fLdDE1_6qVC0aEOvdM5WeALXplz9Qj4TyzCC93v2LgTgXEJzQBbW2vRmKJLQMwktdUBkJHNxoRJI8b64Bt4Q5L-VIcW3-s0jSo8RkMAGOxWS2XIayNl2wBVOtFRDXzi06-uDEO2NZZpYCAz4qkKWqgIQ8iKeXCbdAaKW1W3HUpnLNzq3mKpvDQHNgh1UHHeI_nvvEXKPsDHkd_52B00XaRr1-eRAqAgF9BiMmBz9Jp5DsttStGIhdBBid1KC52ngyPEjbzAy7REJeqpeKvzm10Hwnihl7zZySp98eWDxp09QqHl9WBiKjdmcYQ; Path=/; SameSite=Lax; Secure; Expires=Thu, 04 Mar 2021 17:16:24 GMT; Domain=kp.by
Content-Length: 80304
Connection: close

GET
H2 200 vendors~adaptive.js Show response
s3.stc.all.kpcdn.net/s0/2.0.100/adaptive/ 434 KB
136 KB 84ms
12ms Script
application/javascript 5.254.23.204
VOXILITY

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.stc.all.kpcdn.net/s0/2.0.100/adaptive/vendors~adaptive.js
Requested by: Host: www.kp.by
URL: https://www.kp.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.254.23.204 Frankfurt am Main, Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: nginx /
Resource Hash: 85074e37aaa1740c305218817c2c924dc2b4f9a2f7caf86995cb67e99edb26e8

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:24 GMT
content-encoding: gzip
last-modified: Thu, 25 Feb 2021 09:58:12 GMT
server: nginx
etag: "1110758396"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=15552000
accept-ranges: bytes
content-length: 138957
expires: Tue, 24 Aug 2021 10:00:59 GMT

GET
H2 200 adaptive.js Show response
s3.stc.all.kpcdn.net/s0/2.0.100/adaptive/ 832 KB
252 KB 93ms
21ms Script
application/javascript 5.254.23.204
VOXILITY

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.stc.all.kpcdn.net/s0/2.0.100/adaptive/adaptive.js
Requested by: Host: www.kp.by
URL: https://www.kp.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.254.23.204 Frankfurt am Main, Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: nginx /
Resource Hash: 2d201a4f96c5a13348d387453d5da19aad07e575f06837c95574bbc75e239a89

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:24 GMT
content-encoding: gzip
last-modified: Thu, 25 Feb 2021 09:58:12 GMT
server: nginx
etag: "1144028380"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=15552000
accept-ranges: bytes
content-length: 257633
expires: Tue, 24 Aug 2021 09:29:28 GMT

GET
H2 200 main.js Show response
s3.stc.all.kpcdn.net/s0/2.0.100/adaptive/ 3 KB
2 KB 50ms
21ms Script
application/javascript 5.254.23.204
VOXILITY

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.stc.all.kpcdn.net/s0/2.0.100/adaptive/main.js
Requested by: Host: www.kp.by
URL: https://www.kp.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.254.23.204 Frankfurt am Main, Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: nginx /
Resource Hash: a2a92b21a620185b98530f1526313dc0ebfef004bed64762a3998c31ecaf0c50

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:24 GMT
content-encoding: gzip
last-modified: Thu, 25 Feb 2021 09:58:12 GMT
server: nginx
etag: "3638833348"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=15552000
accept-ranges: bytes
content-length: 1523
expires: Tue, 24 Aug 2021 10:01:01 GMT

GET
H2 200 vendors~digest-area.js Show response
s3.stc.all.kpcdn.net/s0/2.0.100/adaptive/ 92 KB
25 KB 50ms
21ms Script
application/javascript 5.254.23.204
VOXILITY

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.stc.all.kpcdn.net/s0/2.0.100/adaptive/vendors~digest-area.js
Requested by: Host: www.kp.by
URL: https://www.kp.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.254.23.204 Frankfurt am Main, Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: nginx /
Resource Hash: c56753d65523d8f283bc5c91a2138be0fe30179ad6235101e325242c5d264f13

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:24 GMT
content-encoding: gzip
last-modified: Thu, 25 Feb 2021 09:58:12 GMT
server: nginx
etag: "2550191332"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=15552000
accept-ranges: bytes
content-length: 25358
expires: Tue, 24 Aug 2021 10:01:01 GMT

GET
H2 200 digest-area.js Show response
s3.stc.all.kpcdn.net/s0/2.0.100/adaptive/ 34 KB
9 KB 49ms
21ms Script
application/javascript 5.254.23.204
VOXILITY

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.stc.all.kpcdn.net/s0/2.0.100/adaptive/digest-area.js
Requested by: Host: www.kp.by
URL: https://www.kp.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.254.23.204 Frankfurt am Main, Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: nginx /
Resource Hash: 249b8d7e6b46b3ca57c38a40099ca03c19e9ba1db01c97038b63384a3ffc6678

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:24 GMT
content-encoding: gzip
last-modified: Thu, 25 Feb 2021 09:58:12 GMT
server: nginx
etag: "405328580"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=15552000
accept-ranges: bytes
content-length: 8869
expires: Tue, 24 Aug 2021 10:01:10 GMT

GET
H2 200 loader.js Show response
yastatic.net/pcode/adfox/ 180 KB
41 KB 169ms
82ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/pcode/adfox/loader.js

Requested by

Host: www.kp.by
URL: https://www.kp.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

9455997c8dab866ac14c864efc2ccc1f9d52634e7120e674e3f8ff2876a15b46

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://www.kp.by
Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:25 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 41479
last-modified: Thu, 25 Feb 2021 15:33:10 GMT
server: nginx/1.17.9
etag: "056b2ffff4388fa99a0e34b1f8c132d2"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Feb 2021 18:13:09 GMT

GET
H2 200 header-bidding.js Show response
yastatic.net/pcode/adfox/ 162 KB
37 KB 179ms
84ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/pcode/adfox/header-bidding.js

Requested by

Host: www.kp.by
URL: https://www.kp.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

ca9c59926a557a02c88f80af382d13bd979ec26f31d532ab841cd5c64a7a6acf

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:25 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 37011
last-modified: Thu, 25 Feb 2021 15:33:10 GMT
server: nginx/1.17.9
etag: "bdc2d581d3c176d9586c26e9726bf3a5"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Feb 2021 18:13:31 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 249 KB
54 KB 36ms
16ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WCBNVW

Requested by

Host: www.kp.by
URL: https://www.kp.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d0d3334b0e03ecf1b038ce1c08691e2410f4de876ece521597c2a08ab0fcd65f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:24 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54828
x-xss-protection: 0
last-modified: Thu, 25 Feb 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 25 Feb 2021 17:16:24 GMT

GET
DATA 200
OK truncated
/ 588 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e35378520c304edafbf099cf697e897ad09fe7b3fa1395deb82b58b0f2be6b5c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc87a5ef62c49afd1f989d227b4c929a43f3e35f81150ba72d15533ae9980b80

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 725b83defc6d32236185e0cf72efcb9f.woff2
s2.stc.all.kpcdn.net/s0/2.0.100/adaptive/ 64 KB
64 KB 75ms
6ms Font
application/font-woff2 5.254.23.204
VOXILITY

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.stc.all.kpcdn.net/s0/2.0.100/adaptive/725b83defc6d32236185e0cf72efcb9f.woff2
Requested by: Host: www.kp.by
URL: https://www.kp.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.254.23.204 Frankfurt am Main, Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: nginx /
Resource Hash: 1aba1d012707078b584c1b0a52a441a43868fd16938423a184aa2785ce8ba72b

Request headers

Origin: https://www.kp.by
Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:25 GMT
content-encoding: gzip
last-modified: Thu, 25 Feb 2021 09:58:12 GMT
server: nginx
etag: "3627874293"
vary: Accept-Encoding
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=15552000
accept-ranges: bytes
content-length: 65296
expires: Tue, 24 Aug 2021 09:28:15 GMT

GET
H2 200 494124a62e91529bc55505b61beb7ec8.woff2
s2.stc.all.kpcdn.net/s0/2.0.100/adaptive/ 111 KB
112 KB 83ms
14ms Font
application/font-woff2 5.254.23.204
VOXILITY

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.stc.all.kpcdn.net/s0/2.0.100/adaptive/494124a62e91529bc55505b61beb7ec8.woff2
Requested by: Host: www.kp.by
URL: https://www.kp.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.254.23.204 Frankfurt am Main, Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: nginx /
Resource Hash: b6c55ebb9ef7d3666f5d6c7ba431080887188df15fe3cd0828d0a84fdfa6b6b1

Request headers

Origin: https://www.kp.by
Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:25 GMT
content-encoding: gzip
last-modified: Thu, 25 Feb 2021 09:58:12 GMT
server: nginx
etag: "3231765733"
vary: Accept-Encoding
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=15552000
accept-ranges: bytes
content-length: 114123
expires: Tue, 24 Aug 2021 09:28:15 GMT

GET
H2 200 140b1f6b8d5c048399df29b8a3f94ea1.woff2
s2.stc.all.kpcdn.net/s0/2.0.100/adaptive/ 105 KB
106 KB 60ms
15ms Font
application/font-woff2 5.254.23.204
VOXILITY

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.stc.all.kpcdn.net/s0/2.0.100/adaptive/140b1f6b8d5c048399df29b8a3f94ea1.woff2
Requested by: Host: www.kp.by
URL: https://www.kp.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.254.23.204 Frankfurt am Main, Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3c76a2c144a77c4a356216afd25c207af413cdebd28d78c480f98534f5797b2

Request headers

Origin: https://www.kp.by
Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:25 GMT
content-encoding: gzip
last-modified: Thu, 25 Feb 2021 09:58:12 GMT
server: nginx
etag: "1084538110"
vary: Accept-Encoding
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=15552000
accept-ranges: bytes
content-length: 107901
expires: Tue, 24 Aug 2021 10:01:04 GMT

GET
H2 200 wr-960.jpg
s12.stc.all.kpcdn.net/share/i/12/11793771/ 77 KB
77 KB 16ms
14ms Image
image/webp 5.254.23.204
VOXILITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s12.stc.all.kpcdn.net/share/i/12/11793771/wr-960.jpg
Requested by: Host: www.kp.by
URL: https://www.kp.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.254.23.204 Frankfurt am Main, Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: nginx /
Resource Hash: a19c3da3f27d44c18cdeeeff961e9a2941292f2d370992f4ecdc3422829de6e0

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:25 GMT
last-modified: Thu, 04 Feb 2021 05:45:21 -0000
server: nginx
etag: "197ead75be24ac1409101282858b08f7"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=86400, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
content-length: 78904
expires: Fri, 26 Feb 2021 15:50:16 -0000

GET
H2 200 wr-136.jpg
s10.stc.all.kpcdn.net/share/i/12/11825922/ 3 KB
4 KB 51ms
6ms Image
image/webp 5.254.23.204
VOXILITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s10.stc.all.kpcdn.net/share/i/12/11825922/wr-136.jpg
Requested by: Host: www.kp.by
URL: https://www.kp.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.254.23.204 Frankfurt am Main, Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: nginx /
Resource Hash: 31917fefe9860410e5f1045bd1ac5484d6eda992a11b0770d006c4a809a42cad

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:25 GMT
last-modified: Thu, 25 Feb 2021 11:36:16 -0000
server: nginx
etag: "ddf54980d1fc7af8a7d9ec83a98fa62a"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=86400, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
content-length: 3352
expires: Fri, 26 Feb 2021 15:50:16 -0000

GET
H2 200 wr-136.jpg
s12.stc.all.kpcdn.net/share/i/12/11821558/ 6 KB
6 KB 13ms
12ms Image
image/webp 5.254.23.204
VOXILITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s12.stc.all.kpcdn.net/share/i/12/11821558/wr-136.jpg
Requested by: Host: www.kp.by
URL: https://www.kp.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.254.23.204 Frankfurt am Main, Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: nginx /
Resource Hash: 47ed07052dd34ea075b75ec641566997d2f4f921c185eaf030a3f276084c83f7

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:25 GMT
last-modified: Mon, 22 Feb 2021 14:03:20 -0000
server: nginx
etag: "da6da56ae146aab96690b5f44add3c7b"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=86400, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
content-length: 6268
expires: Fri, 26 Feb 2021 08:16:27 -0000

GET
H2 200 wr-136.jpg
s13.stc.all.kpcdn.net/share/i/12/11825290/ 6 KB
7 KB 11ms
7ms Image
image/webp 5.254.23.204
VOXILITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s13.stc.all.kpcdn.net/share/i/12/11825290/wr-136.jpg
Requested by: Host: www.kp.by
URL: https://www.kp.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.254.23.204 Frankfurt am Main, Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: nginx /
Resource Hash: 15033df32a4476be8451b99b40bd5dba267b479166175979fcb384f070e7c112

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:25 GMT
last-modified: Thu, 25 Feb 2021 07:05:40 -0000
server: nginx
etag: "8917711aa53d99230acd826e9a3fd5b1"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=86400, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
content-length: 6482
expires: Fri, 26 Feb 2021 14:53:58 -0000

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb0ff5b0c239bfaaa61271b8c45625ce47ffbaa89fea390cc12451b31652a4eb

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 865256ac07510023e5644a18435a1c4e6ba5b885219868b3a032529d81e93ce4

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 wr-960.jpg
s13.stc.all.kpcdn.net/share/i/12/11821599/ 55 KB
55 KB 9ms
6ms Image
image/webp 5.254.23.204
VOXILITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s13.stc.all.kpcdn.net/share/i/12/11821599/wr-960.jpg
Requested by: Host: www.kp.by
URL: https://www.kp.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.254.23.204 Frankfurt am Main, Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: nginx /
Resource Hash: 87e66fd00cb9ec6acb9e8ef14ef9ca52e571522f3c0bfa93764e57382003b44b

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:25 GMT
last-modified: Mon, 22 Feb 2021 15:40:57 -0000
server: nginx
etag: "41f95a6f01bdd8e4d4aa3ed4d46335f8"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=86400, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
content-length: 56306
expires: Fri, 26 Feb 2021 10:29:48 -0000

GET
H2 200 wr-960.jpg
s15.stc.all.kpcdn.net/share/i/12/11825110/ 56 KB
57 KB 10ms
7ms Image
image/webp 5.254.23.204
VOXILITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s15.stc.all.kpcdn.net/share/i/12/11825110/wr-960.jpg
Requested by: Host: www.kp.by
URL: https://www.kp.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.254.23.204 Frankfurt am Main, Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: nginx /
Resource Hash: de72bca1a2c4df4956b365dd861dfccba620e9b8619500285b1602abc9d117e7

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:25 GMT
last-modified: Thu, 25 Feb 2021 05:56:05 -0000
server: nginx
etag: "89f5bd84e7b72904826b84a8449663ae"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=86400, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
content-length: 57786
expires: Fri, 26 Feb 2021 08:59:00 -0000

GET
H2 200 wr-136.jpg
s9.stc.all.kpcdn.net/share/i/12/11825026/ 3 KB
3 KB 11ms
9ms Image
image/webp 5.254.23.204
VOXILITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s9.stc.all.kpcdn.net/share/i/12/11825026/wr-136.jpg
Requested by: Host: www.kp.by
URL: https://www.kp.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.254.23.204 Frankfurt am Main, Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: nginx /
Resource Hash: 19a7a35799af01652db684fea04bf7ccce788dc9cda6f5fcd440d4589a63ed18

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:25 GMT
last-modified: Thu, 25 Feb 2021 05:25:05 -0000
server: nginx
etag: "d5b465a6de7346336ddf66a8b82f300c"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=86400, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
content-length: 2836
expires: Fri, 26 Feb 2021 15:50:06 -0000

GET
H2 200 wr-136.jpg
s16.stc.all.kpcdn.net/share/i/12/11824693/ 5 KB
5 KB 67ms
6ms Image
image/webp 5.254.23.204
VOXILITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s16.stc.all.kpcdn.net/share/i/12/11824693/wr-136.jpg
Requested by: Host: www.kp.by
URL: https://www.kp.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.254.23.204 Frankfurt am Main, Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: nginx /
Resource Hash: d6741300d879ccbb127695dea942f142a3bf74294d0dbff52189c14dc481b871

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:25 GMT
last-modified: Thu, 25 Feb 2021 03:03:21 -0000
server: nginx
etag: "560b7e1a5659d040156d9f4348f19701"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=86400, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
content-length: 4691
expires: Fri, 26 Feb 2021 07:57:41 -0000

GET
H2 200 wr-136.jpg
s11.stc.all.kpcdn.net/share/i/12/11825098/ 4 KB
4 KB 61ms
6ms Image
image/webp 5.254.23.204
VOXILITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s11.stc.all.kpcdn.net/share/i/12/11825098/wr-136.jpg
Requested by: Host: www.kp.by
URL: https://www.kp.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.254.23.204 Frankfurt am Main, Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: nginx /
Resource Hash: aff9add142c417eeaf8966893460863d55a62bc989a569149b4ec5ec76e28108

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:25 GMT
last-modified: Thu, 25 Feb 2021 05:51:08 -0000
server: nginx
etag: "b5cafb6442bd289c6d4777fa203bfb89"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=86400, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
content-length: 4234
expires: Fri, 26 Feb 2021 10:49:25 -0000

GET
H2 200 wr-136.jpg
s13.stc.all.kpcdn.net/share/i/12/11823434/ 6 KB
7 KB 9ms
7ms Image
image/webp 5.254.23.204
VOXILITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s13.stc.all.kpcdn.net/share/i/12/11823434/wr-136.jpg
Requested by: Host: www.kp.by
URL: https://www.kp.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.254.23.204 Frankfurt am Main, Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: nginx /
Resource Hash: c5fa5d3dccec9e1dbfce87adc8688a373556fde88eb68b9dcdae0455afe298eb

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:25 GMT
last-modified: Wed, 24 Feb 2021 07:27:24 -0000
server: nginx
etag: "9ac2c61b4fbdef28cc18b4971e430b02"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=86400, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
content-length: 6484
expires: Fri, 26 Feb 2021 11:01:56 -0000

GET
H2 200 wr-136.jpg
s13.stc.all.kpcdn.net/share/i/12/11824068/ 4 KB
4 KB 9ms
7ms Image
image/webp 5.254.23.204
VOXILITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s13.stc.all.kpcdn.net/share/i/12/11824068/wr-136.jpg
Requested by: Host: www.kp.by
URL: https://www.kp.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.254.23.204 Frankfurt am Main, Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: nginx /
Resource Hash: aaf5cc0ce8e17128a07f4de1b0df7cd7d26f494f28617d67b0e5d09b13b59ba4

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:25 GMT
last-modified: Wed, 24 Feb 2021 11:57:17 -0000
server: nginx
etag: "896e2900eae539658e65fedcf386a69c"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=86400, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
content-length: 3858
expires: Thu, 25 Feb 2021 21:03:33 -0000

GET
H2 200 wr-960.jpg
s14.stc.all.kpcdn.net/share/i/12/11823883/ 174 KB
175 KB 10ms
8ms Image
image/webp 5.254.23.204
VOXILITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s14.stc.all.kpcdn.net/share/i/12/11823883/wr-960.jpg
Requested by: Host: www.kp.by
URL: https://www.kp.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.254.23.204 Frankfurt am Main, Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: nginx /
Resource Hash: c43ec701452feed03d1029523af6c5689ac70be11e4a76c59c7bc08a848b5a0c

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:25 GMT
last-modified: Wed, 24 Feb 2021 10:33:50 -0000
server: nginx
etag: "ea2a310a093c2f15fb10d8d63b49c1ad"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=86400, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
content-length: 178506
expires: Fri, 26 Feb 2021 14:02:32 -0000

GET
H2 200 wr-960.jpg
s15.stc.all.kpcdn.net/share/i/12/11790579/ 90 KB
90 KB 9ms
8ms Image
image/webp 5.254.23.204
VOXILITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s15.stc.all.kpcdn.net/share/i/12/11790579/wr-960.jpg
Requested by: Host: www.kp.by
URL: https://www.kp.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.254.23.204 Frankfurt am Main, Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: nginx /
Resource Hash: 51365ede9b0d57dd92357a3772a42fc51b39ac76ab690793459ed1d7ea486f71

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:25 GMT
last-modified: Tue, 02 Feb 2021 08:05:21 -0000
server: nginx
etag: "57d2672aa9c7e88635685d3007d5f534"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=86400, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
content-length: 92048
expires: Fri, 26 Feb 2021 15:39:01 -0000

GET
H2 200 2d7a24c023f0d551eafdf2f8ab5fd049.woff2
s2.stc.all.kpcdn.net/s0/2.0.100/adaptive/ 111 KB
112 KB 23ms
14ms Font
application/font-woff2 5.254.23.204
VOXILITY

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.stc.all.kpcdn.net/s0/2.0.100/adaptive/2d7a24c023f0d551eafdf2f8ab5fd049.woff2
Requested by: Host: www.kp.by
URL: https://www.kp.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.254.23.204 Frankfurt am Main, Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: nginx /
Resource Hash: fcde081f00c04cd51c18db38f73887221d474c15bba5088b3f99e0ae7a7b9cff

Request headers

Origin: https://www.kp.by
Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:25 GMT
content-encoding: gzip
last-modified: Thu, 25 Feb 2021 09:58:12 GMT
server: nginx
etag: "1084282349"
vary: Accept-Encoding
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=15552000
accept-ranges: bytes
content-length: 114194
expires: Tue, 24 Aug 2021 09:29:29 GMT

GET
H2 200 3d5f17f241e326c9d8e49ef03d6e9d2a.woff2
s2.stc.all.kpcdn.net/s0/2.0.100/adaptive/ 112 KB
112 KB 23ms
15ms Font
application/font-woff2 5.254.23.204
VOXILITY

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.stc.all.kpcdn.net/s0/2.0.100/adaptive/3d5f17f241e326c9d8e49ef03d6e9d2a.woff2
Requested by: Host: www.kp.by
URL: https://www.kp.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.254.23.204 Frankfurt am Main, Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: nginx /
Resource Hash: 2f0114359c2a6f1e32c01576c374794c8d2ff3f5a5622e889b447fac1f23e6b0

Request headers

Origin: https://www.kp.by
Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:25 GMT
content-encoding: gzip
last-modified: Thu, 25 Feb 2021 09:58:12 GMT
server: nginx
etag: "1084281325"
vary: Accept-Encoding
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=15552000
accept-ranges: bytes
content-length: 114617
expires: Tue, 24 Aug 2021 10:01:02 GMT

GET
H2 200 8909082bb68e67d08db07095598962ae.woff2
s2.stc.all.kpcdn.net/s0/2.0.100/adaptive/ 63 KB
64 KB 22ms
14ms Font
application/font-woff2 5.254.23.204
VOXILITY

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.stc.all.kpcdn.net/s0/2.0.100/adaptive/8909082bb68e67d08db07095598962ae.woff2
Requested by: Host: www.kp.by
URL: https://www.kp.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.254.23.204 Frankfurt am Main, Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: nginx /
Resource Hash: 23f9e99f5fb4b863713c1f4f35f2fa61af22b9a58d3bdffb70266fe2fe0ce29b

Request headers

Origin: https://www.kp.by
Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:25 GMT
content-encoding: gzip
last-modified: Thu, 25 Feb 2021 09:58:12 GMT
server: nginx
etag: "3627864980"
vary: Accept-Encoding
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=15552000
accept-ranges: bytes
content-length: 64762
expires: Tue, 24 Aug 2021 10:01:04 GMT

GET
H2 200 tcounter.js Show response
www.tns-counter.ru/ 552 B
804 B 128ms
42ms Script
application/javascript 2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tns-counter.ru/tcounter.js
Requested by: Host: www.kp.by
URL: https://www.kp.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software: tns-counter-3.1.0/1.18.0 /
Resource Hash: 92a82d0233445685062df7115e244b34f3e71657d0c80f54cce716b5952eb8dc

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:25 GMT
last-modified: Wed, 17 Oct 2018 19:13:44 GMT
server: tns-counter-3.1.0/1.18.0
etag: "5bc789e8-228"
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR"
cache-control: max-age=20736000
accept-ranges: bytes
content-type: application/javascript
content-length: 552
expires: Sat, 23 Oct 2021 17:16:25 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 25ms
6ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WCBNVW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 4429
date: Thu, 25 Feb 2021 16:02:36 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Thu, 25 Feb 2021 18:02:36 GMT

GET
H2 200 xgemius.js Show response
gaby.hit.gemius.pl/ 39 KB
10 KB 34ms
8ms Script
application/x-javascript 149.202.199.193
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaby.hit.gemius.pl/xgemius.js
Requested by: Host: www.kp.by
URL: https://www.kp.by/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 149.202.199.193 , France, ASN16276 (OVH, FR),
Reverse DNS: ua1.host.hit.gemius.pl
Software: GHC /
Resource Hash: e638d0a2e34839411a00a5b34800a1dbf737b68fcea0b85c683e0d46414d3556

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:25 GMT
content-encoding: gzip
last-modified: Fri, 12 Feb 2021 13:31:51 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
accept-ranges: none
content-type: application/x-javascript
content-length: 10549
expires: Fri, 26 Feb 2021 05:16:25 GMT

GET
H/1.1 200
OK target.js Show response
target.smi2.net/client/ 3 KB
1 KB 124ms
40ms Script
application/x-javascript 82.202.225.229
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://target.smi2.net/client/target.js
Requested by: Host: www.kp.by
URL: https://www.kp.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.202.225.229 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: target2-1.ssel21.imcmdb.net
Software: nginx /
Resource Hash: 2ea6594700eadc561dce18df33d16ff9d07ff631d4f6f4eae734bfe34e900f0c

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 17:16:25 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Feb 2019 12:15:43 GMT
Server: nginx
ETag: W/"5c54386f-af9"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=259200, private
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 28 Feb 2021 17:16:25 GMT

GET
H/1.1

200
OK

pixel.js Show response
x01.aidata.io/
Redirect Chain

https://x01.aidata.io/pixel.js?pixel=7304081&v=1614273385157
https://x01.aidata.io/pixel.js?pixel=7304081&v=1614273385157&pid=7304081&js=1&id=https://www.kp.by/&bounce=1

19 KB
21 KB

98ms
98ms

Script
application/javascript

89.108.120.68
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://x01.aidata.io/pixel.js?pixel=7304081&v=1614273385157&pid=7304081&js=1&id=https://www.kp.by/&bounce=1
Requested by: Host: www.kp.by
URL: https://www.kp.by/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.108.120.68 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51803.reg.regrucolo.ru
Software: nginx /
Resource Hash: 0f9ce7e3db7da8c396aa907426f524a7825cdc95afa14144b0b2a670d3125471

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Feb 2021 17:16:25 GMT
Last-Modified: Thu, 25 Feb 2021 17:16:24 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Type: application/javascript
Expires: Thu, 25 Feb 2021 17:16:24 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 25 Feb 2021 17:16:25 GMT
Last-Modified: Thu, 25 Feb 2021 17:16:24 GMT
Server: nginx
P3P: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
Location: https://x01.aidata.io/pixel.js?pixel=7304081&v=1614273385157&pid=7304081&js=1&id=https://www.kp.by/&bounce=1
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 25 Feb 2021 17:16:24 GMT

GET
H/1.1 200
OK code.js Show response
top-fwz1.mail.ru/js/ 21 KB
9 KB 165ms
54ms Script
application/javascript 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/js/code.js

Requested by

Host: www.kp.by
URL: https://www.kp.by/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

94cf658d2c7345f5472d9d4514ade118d9f9bed0d50a5fc4a02fb9dcd2c8d8c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 17:16:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection: keep-alive
Access-Control-Allow-Headers: *
AMP-Access-Control-Allow-Source-Origin: *
Last-Modified: Wed, 09 Dec 2020 16:09:03 GMT
Server: nginx
ETag: W/"5fd0f69f-5361"
Access-Control-Allow-Methods: GET, POST, HEAD, PUT, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Cache-Control: max-age=3600, private
Access-Control-Allow-Credentials: true
Accept-CH-Lifetime: 86400
Accept-CH: DPR, Width, Viewport-Width, Downlink, Device-Memory
Timing-Allow-Origin: *
Keep-Alive: timeout=60
Expires: Thu, 25 Feb 2021 18:16:25 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 209 KB
66 KB 135ms
43ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: www.kp.by
URL: https://www.kp.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

ea298c43d616acadef7f98793c8eab993b8d7e02dbcee7413716eb119385a89c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:25 GMT
content-encoding: br
last-modified: Sat, 20 Feb 2021 13:25:23 GMT
etag: "60310dc3-105d4"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 67028
expires: Thu, 25 Feb 2021 18:16:25 GMT

GET
H/1.1

200
OK

kpby
counter.yadro.ru/hit;kp/kpall/
Redirect Chain

https://counter.yadro.ru/hit;kp/kpall/kpby?r;s1600*1200*24;uhttps%3A//www.kp.by/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0411%u0435%u043B%u0430%u0440%u0443%u0441%u0438.%20%u041A%u043E%u043C...
https://counter.yadro.ru/hit;kp/kpall/kpby?q;r;s1600*1200*24;uhttps%3A//www.kp.by/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0411%u0435%u043B%u0430%u0440%u0443%u0441%u0438.%20%u041A%u043E%u04...

43 B
496 B

46ms
46ms

Image
image/gif

88.212.201.210
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit;kp/kpall/kpby?q;r;s1600*1200*24;uhttps%3A//www.kp.by/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0411%u0435%u043B%u0430%u0440%u0443%u0441%u0438.%20%u041A%u043E%u043C%u0441%u043E%u043C%u043E%u043B%u044C%u0441%u043A%u0430%u044F%20%u041F%u0440%u0430%u0432%u0434%u0430%20%u0432%20%u0411%u0435%u043B%u0430%u0440%u0443%u0441%u0438%20//%20KP.BY;0.38480316675188275

Requested by

Host: www.kp.by
URL: https://www.kp.by/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.210 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host210.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Feb 2021 17:16:25 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 25 Feb 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 25 Feb 2021 17:16:25 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit;kp/kpall/kpby?q;r;s1600*1200*24;uhttps%3A//www.kp.by/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0411%u0435%u043B%u0430%u0440%u0443%u0441%u0438.%20%u041A%u043E%u043C%u0441%u043E%u043C%u043E%u043B%u044C%u0441%u043A%u0430%u044F%20%u041F%u0440%u0430%u0432%u0434%u0430%20%u0432%20%u0411%u0435%u043B%u0430%u0440%u0443%u0441%u0438%20//%20KP.BY;0.38480316675188275
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Tue, 25 Feb 2020 21:00:00 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=16803468&ns__t=1614273385155&ns_c=UTF-8&c8=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8.%20%D0%9A%D0%BE%D...
https://sb.scorecardresearch.com/b2?c1=2&c2=16803468&ns__t=1614273385155&ns_c=UTF-8&c8=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8.%20%D0%9A%D0%BE%...

0
528 B

8ms
8ms

Image
text/plain

184.25.115.49
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=16803468&ns__t=1614273385155&ns_c=UTF-8&c8=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8.%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%2F%2F%20KP.BY&c7=https%3A%2F%2Fwww.kp.by%2F&c9=&cs_ak_ss=1
Requested by: Host: www.kp.by
URL: https://www.kp.by/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.25.115.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-25-115-49.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Feb 2021 17:16:25 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=16803468&ns__t=1614273385155&ns_c=UTF-8&c8=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8.%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%2F%2F%20KP.BY&c7=https%3A%2F%2Fwww.kp.by%2F&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Thu, 25 Feb 2021 17:16:25 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rtrg
vk.com/ 49 B
446 B 123ms
45ms Image
image/gif 87.240.190.72
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vk.com/rtrg?r=EVlukoJDhfkXXR*oGPX*BHmlZlofZ4OagndGj7AXxrMcwf8pm78d*zBpgwTaf6oIrxt2L9NUwswwqukvG4sqXyJpgOs*c29*loDF2INlZ4GULVmG9dMwm2VzMCK1MeuLC*22bvADz/VCzbT2r/nyQM45UPU91NcIK1A33mvH/mY-&pixel_id=1000035220

Requested by

Host: www.kp.by
URL: https://www.kp.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.190.72 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),

Reverse DNS

srv72-190-240-87.vk.com

Software

kittenx / KPHP/7.4.106226

Resource Hash

2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:25 GMT
content-encoding: gzip
x-frontend: front204304
server: kittenx
x-powered-by: KPHP/7.4.106226
strict-transport-security: max-age=15768000
content-type: image/gif
access-control-expose-headers: X-Frontend
cache-control: no-store
content-length: 65

GET
H/1.1 200
OK token.json Show response
identity.kp.house/identity/api/2/auth/ 754 B
3 KB 192ms
58ms Fetch
application/json 95.163.94.178
KP-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://identity.kp.house/identity/api/2/auth/token.json?callback=data&client_name=prod&sub=1
Requested by: Host: s3.stc.all.kpcdn.net
URL: https://s3.stc.all.kpcdn.net/s0/2.0.100/adaptive/vendors~adaptive.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.94.178 , Russian Federation, ASN198226 (KP-AS, RU),
Reverse DNS
Software: hircus/0.0.27 /
Resource Hash: 33242c90b73ced11978583b168b05c528f21a314c2671235d853ff39fbd7f553

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 17:16:25 -0000
Content-Encoding: gzip
Last-Modified: Thu, 25 Feb 2021 17:16:25 -0000
Server: hircus/0.0.27
Etag: "72925fedae1b5cbe0bfb6bd6185e91f0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.kp.by
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Set-Cookie,Cookie
Content-Length: 609

GET
H/1.1 200
OK / Show response
www.kp.by/content/api/1/pages/get.json/result/ 113 KB
11 KB 225ms
90ms Fetch
application/json 178.159.244.92
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kp.by/content/api/1/pages/get.json/result/?pages.age.month=2&pages.age.year=2021&pages.direction=last&pages.target.class=100&pages.target.id=3
Requested by: Host: s3.stc.all.kpcdn.net
URL: https://s3.stc.all.kpcdn.net/s0/2.0.100/adaptive/vendors~adaptive.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.159.244.92 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: api/0.1.1 /
Resource Hash: e716be8447c1d8191ec07facf7d6c4fb5bd9573060af1acd3a799fbe5079ce1d

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
sentry-trace: fb3fa64a118e4e199c7b603ae4e013a7-a944ed15840462d9-1

Response headers

Date: Thu, 25 Feb 2021 17:16:25 -0000
Content-Encoding: gzip
Last-Modified: Thu, 25 Feb 2021 17:16:25 -0000
Server: api/0.1.1
Etag: "ed54b92c347b46967f066d5b84e84579"
Content-Type: application/json; charset=UTF-8
Cache-Control: max-age=60, must-revalidate
Connection: close
Content-Length: 10700
Expires: Thu, 25 Feb 2021 17:17:25 -0000

GET
H/1.1 200
OK / Show response
www.kp.by/content/api/1/pages/get.json/result/ 10 KB
3 KB 230ms
65ms Fetch
application/json 178.159.244.92
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kp.by/content/api/1/pages/get.json/result/?pages.advertising=1&pages.direction=current&pages.spot=3&pages.target.class=1&pages.target.id=38
Requested by: Host: s3.stc.all.kpcdn.net
URL: https://s3.stc.all.kpcdn.net/s0/2.0.100/adaptive/vendors~adaptive.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.159.244.92 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: api/0.1.1 /
Resource Hash: 2ba116d3a7e2f67f7664eaa57c7ea21c2a5285e324cf678f0b7155f6c5ef45f9

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
sentry-trace: fb3fa64a118e4e199c7b603ae4e013a7-9eb6a2dfd4b96547-1

Response headers

Date: Thu, 25 Feb 2021 17:16:25 -0000
Content-Encoding: gzip
Last-Modified: Thu, 25 Feb 2021 17:16:25 -0000
Server: api/0.1.1
Etag: "87ca616463e9076f2b63a28ab2cd72b6"
Content-Type: application/json; charset=UTF-8
Cache-Control: max-age=60, must-revalidate
Connection: close
Content-Length: 2324
Expires: Thu, 25 Feb 2021 17:17:25 -0000

GET
H/1.1 200
OK / Show response
www.kp.by/content/api/1/pages/get.json/result/ 2 KB
819 B 236ms
65ms Fetch
application/json 178.159.244.92
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kp.by/content/api/1/pages/get.json/result/?pages.direction=last&pages.spot=3&pages.target.class=65&pages.target.id=3
Requested by: Host: s3.stc.all.kpcdn.net
URL: https://s3.stc.all.kpcdn.net/s0/2.0.100/adaptive/vendors~adaptive.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.159.244.92 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: api/0.1.1 /
Resource Hash: 50b44d7cac5522a01742c296a6e40e45d2e7d9b7c121f1f65d13253f8e7bd0af

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
sentry-trace: fb3fa64a118e4e199c7b603ae4e013a7-a79080682a3e4366-1

Response headers

Date: Thu, 25 Feb 2021 17:16:25 -0000
Content-Encoding: gzip
Last-Modified: Thu, 25 Feb 2021 17:16:25 -0000
Server: api/0.1.1
Etag: "062903bba4e589f117936fa02eca5eed"
Content-Type: application/json; charset=UTF-8
Cache-Control: max-age=60, must-revalidate
Connection: close
Content-Length: 455
Expires: Thu, 25 Feb 2021 17:17:25 -0000

HEAD
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 53ms
34ms Fetch
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: s3.stc.all.kpcdn.net
URL: https://s3.stc.all.kpcdn.net/s0/2.0.100/adaptive/vendors~adaptive.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Feb 2021 17:16:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
etag: 7228393843791157387
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private, max-age=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Thu, 25 Feb 2021 17:16:25 GMT

GET
H2 200 footer.js Show response
s2.stc.all.kpcdn.net/s0/2.0.100/adaptive/ 95 KB
59 KB 8ms
8ms Script
application/javascript 5.254.23.204
VOXILITY

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.stc.all.kpcdn.net/s0/2.0.100/adaptive/footer.js
Requested by: Host: s3.stc.all.kpcdn.net
URL: https://s3.stc.all.kpcdn.net/s0/2.0.100/adaptive/adaptive.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.254.23.204 Frankfurt am Main, Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: nginx /
Resource Hash: 1b1db222b077acfb267dc5868a08d7f6148d922fdaa8510e00dfec63f0bca537

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:25 GMT
content-encoding: gzip
last-modified: Thu, 25 Feb 2021 09:58:12 GMT
server: nginx
etag: "402700012"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=15552000
accept-ranges: bytes
content-length: 60606
expires: Tue, 24 Aug 2021 09:29:29 GMT

OPTIONS
H2 200 getcookie
matchid.adfox.yandex.ru/ Frame 0
0 147ms
47ms Other 2a02:6b8::16b
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://matchid.adfox.yandex.ru/getcookie

Protocol

Server

2a02:6b8::16b Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.kp.by
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
access-control-allow-headers: accept, accept-encoding, accept-language, cache-control, content-type, dnt, origin, x-requested-with
access-control-allow-credentials: true
date: Thu, 25 Feb 2021 17:16:26 GMT
timing-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.kp.by
x-content-type-options: nosniff

POST
H2 200 getcookie Show response
matchid.adfox.yandex.ru/ Frame B458 112 B
394 B 148ms
51ms XHR
application/json 2a02:6b8::16b
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://matchid.adfox.yandex.ru/getcookie

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::16b Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

0bf02cb0a87a382a7e50202ee57fae4db8c8ff64c8a4c2beb999ea17867bcf52

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.kp.by
date: Thu, 25 Feb 2021 17:16:26 GMT
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 112
x-content-type-options: nosniff
content-type: application/json

GET
H2 200 banners.js Show response
yastatic.net/pcode-bundles/0.1.3040/ 116 KB
27 KB 52ms
51ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/pcode-bundles/0.1.3040/banners.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

047fdbf3dd63585f86c0bd61891f3add77bb4d21fc5d25ac4d2c41732ba2b465

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://www.kp.by
Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:26 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 27574
last-modified: Thu, 25 Feb 2021 14:01:33 GMT
server: nginx/1.17.9
etag: "84a5f4cf1d9fd5fd1a5912e4d0cbadf6"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Feb 2051 23:50:11 GMT

GET
H2 200 context.js Show response
an.yandex.ru/system/ 126 KB
36 KB 140ms
54ms Script
text/javascript 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/system/context.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

237cebced8b55f2d47fa3329d5de75bb0ec8275f57af6339caa4476060924cae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
strict-transport-security: max-age=31536000
content-encoding: br
etag: 996201693
x-yandex-req-id: 1614273386127773-781273030756654012400140-production-app-host-iva-pcode-72.iva.yp-c.yandex.net
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 25 Feb 2021 18:16:26 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 114 KB
37 KB 66ms
23ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 69e31d53d95f965695db3712f85925810e90cc839a793c87adfcb21eb637673e

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:26 GMT
content-encoding: gzip
last-modified: Tue, 23 Feb 2021 11:00:30 GMT
server: nginx
etag: W/"6034e04e-1c974"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Fri, 26 Feb 2021 17:16:26 GMT

GET
H2 200 fpdata.js Show response
gaby.hit.gemius.pl/ 274 B
410 B 8ms
8ms Script
application/x-javascript 149.202.199.193
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaby.hit.gemius.pl/fpdata.js?href=www.kp.by
Requested by: Host: gaby.hit.gemius.pl
URL: https://gaby.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 149.202.199.193 , France, ASN16276 (OVH, FR),
Reverse DNS: ua1.host.hit.gemius.pl
Software: GHC /
Resource Hash: 007a727b8a054a2275b69102803a7ae2dbd79a36828b62fbf96cf4281fd4be20

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:26 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: private, max-age=2592000
accept-ranges: none
content-type: application/x-javascript
content-length: 274
expires: Sat, 27 Mar 2021 17:16:26 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 41ms
15ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-23870775-1&cid=736874391.1614273386&jid=752765362&gjid=464663035&_gid=1060767860.1614273386&_u=YGBAgAABAAAAAE~&z=456129368

Requested by

Host: s3.stc.all.kpcdn.net
URL: https://s3.stc.all.kpcdn.net/s0/2.0.100/adaptive/vendors~adaptive.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 25 Feb 2021 17:16:26 GMT
content-type: text/plain
access-control-allow-origin: https://www.kp.by
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
64 B 13ms
13ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1241767613&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kp.by%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8.%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%2F%2F%20KP.BY&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAAAABAAAAAG~&jid=42298399&gjid=1864257782&cid=736874391.1614273386&tid=UA-5200037-32&_gid=1060767860.1614273386&_r=1&gtm=2wg2h0WCBNVW&cg1=main&cg5=main&cd3=main&cd4=main&z=759506702

Requested by

Host: s3.stc.all.kpcdn.net
URL: https://s3.stc.all.kpcdn.net/s0/2.0.100/adaptive/vendors~adaptive.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kp.by
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
25 B 13ms
13ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1241767613&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kp.by%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8.%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%2F%2F%20KP.BY&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAAAABAAAAAG~&jid=23068763&gjid=149943367&cid=736874391.1614273386&tid=UA-23870775-13&_gid=1060767860.1614273386&_r=1&gtm=2wg2h0WCBNVW&cg1=main&cg5=main&z=1112386127

Requested by

Host: s3.stc.all.kpcdn.net
URL: https://s3.stc.all.kpcdn.net/s0/2.0.100/adaptive/vendors~adaptive.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kp.by
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
25 B 13ms
13ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1241767613&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kp.by%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8.%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%2F%2F%20KP.BY&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAAAABAAAAAG~&jid=1839579060&gjid=1905337144&cid=736874391.1614273386&tid=UA-23870775-31&_gid=1060767860.1614273386&_r=1&gtm=2wg2h0WCBNVW&cd1=isSlotViads&z=355394571

Requested by

Host: s3.stc.all.kpcdn.net
URL: https://s3.stc.all.kpcdn.net/s0/2.0.100/adaptive/vendors~adaptive.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kp.by
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
86 B 6ms
5ms Image
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=1241767613&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kp.by%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8.%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%2F%2F%20KP.BY&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=752765362&gjid=464663035&cid=736874391.1614273386&tid=UA-23870775-1&_gid=1060767860.1614273386&gtm=2wg2h0WCBNVW&cg1=main&cg5=main&cd3=main&cd4=main&z=2014576464

Requested by

Host: www.kp.by
URL: https://www.kp.by/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 05:11:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 43512
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

22373070
www.tns-counter.ru/V13b***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/
Redirect Chain

https://www.tns-counter.ru/V13a***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/22373070
https://www.tns-counter.ru/V13b***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/22373070

43 B
297 B

42ms
42ms

Image
image/gif

2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tns-counter.ru/V13b***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/22373070
Requested by: Host: www.kp.by
URL: https://www.kp.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software: tns-counter-3.1.0/1.18.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:26 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: tns-counter-3.1.0/1.18.0
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:26 GMT
server: tns-counter-3.1.0/1.18.0
strict-transport-security: max-age=2678400
content-type: image/gif
location: https://www.tns-counter.ru/V13b***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/22373070
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK sm.js Show response
stat.media/ 79 KB
29 KB 13ms
4ms Script
application/x-javascript 136.243.42.249
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/sm.js
Requested by: Host: target.smi2.net
URL: https://target.smi2.net/client/target.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.42.249 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: sm-server1-1.sfa51.imcmdb.net
Software: nginx /
Resource Hash: 83245e30d6ee857fc3e799c70c42d06267e2302803bfadfe9f130eabf9975aad

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 17:16:26 GMT
Content-Encoding: gzip
Last-Modified: Thu, 25 Feb 2021 11:34:02 GMT
Server: nginx
ETag: W/"60378b2a-13dc3"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, must-revalidate, proxy-revalidate, max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK /
target.smi2.net/init/ 95 B
463 B 41ms
41ms Image
image/png 82.202.225.229
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://target.smi2.net/init/?siteid=31456&count=site&bw=1600&bh=1200&xurl=https%3A%2F%2Fwww.kp.by%2F&rnd=2203994740795
Requested by: Host: www.kp.by
URL: https://www.kp.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.202.225.229 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: target2-1.ssel21.imcmdb.net
Software: nginx / HHVM/3.9.1
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Target-Version: 2
Date: Thu, 25 Feb 2021 17:16:26 GMT
X-Target-Final: 20210225201626-0
Server: nginx
X-Target-Host: target2-1.ssel21
X-Powered-By: HHVM/3.9.1
X-Time-Request: 0.00023
Content-Type: image/png
Cache-Control: no-cache, private
Connection: keep-alive
Content-Length: 95
Expires: Thu, 25 Feb 2021 17:16:25 GMT

POST
H/1.1 200
OK counter
top-fwz1.mail.ru/ 43 B
1 KB 54ms
54ms Other
image/gif 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/counter?js=13;id=3084308;u=https%3A//www.kp.by/;st=1614273385024;title=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8.%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%2F%2F%20KP.BY;s=1600*1200;vp=1600*1200;touch=0;hds=1;flash=;sid=1fd95e1685b1fc81;ver=60.3.0;tz=-60%2FEurope%2FBerlin;ni=9.4//4g/0/0/;lvid=1614273386062%3A1614273386080%3A1%3A630016224165cf3b83b938b8ae4abbf6;opts=dl;_=0.6546020845327338

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 25 Feb 2021 17:16:26 GMT
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Access-Control-Allow-Headers: *
AMP-Access-Control-Allow-Source-Origin: https://www.kp.by
Server: nginx
Access-Control-Allow-Methods: GET, POST, HEAD, PUT, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.kp.by
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Cache-Control: private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials: true
Accept-CH-Lifetime: 86400
Accept-CH: DPR, Width, Viewport-Width, Downlink, Device-Memory
Timing-Allow-Origin: https://www.kp.by
Keep-Alive: timeout=60

GET
H2 200 vendors~autobahn.js Show response
s2.stc.all.kpcdn.net/s0/2.0.100/adaptive/ 635 KB
194 KB 7ms
6ms Script
application/javascript 5.254.23.204
VOXILITY

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.stc.all.kpcdn.net/s0/2.0.100/adaptive/vendors~autobahn.js
Requested by: Host: s3.stc.all.kpcdn.net
URL: https://s3.stc.all.kpcdn.net/s0/2.0.100/adaptive/adaptive.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.254.23.204 Frankfurt am Main, Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: nginx /
Resource Hash: 9603ebabc2d4e9a219f2a672b03af997e2d6d7388270c4c91ec271653fad0059

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:26 GMT
content-encoding: gzip
last-modified: Thu, 25 Feb 2021 09:58:12 GMT
server: nginx
etag: "1127241373"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=15552000
accept-ranges: bytes
content-length: 197999
expires: Tue, 24 Aug 2021 10:01:02 GMT

GET
H2 200 autobahn.js Show response
s2.stc.all.kpcdn.net/s0/2.0.100/adaptive/ 368 B
393 B 8ms
8ms Script
application/javascript 5.254.23.204
VOXILITY

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.stc.all.kpcdn.net/s0/2.0.100/adaptive/autobahn.js
Requested by: Host: s3.stc.all.kpcdn.net
URL: https://s3.stc.all.kpcdn.net/s0/2.0.100/adaptive/adaptive.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.254.23.204 Frankfurt am Main, Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: nginx /
Resource Hash: 137fe4bbbc68587f4ace933695e76f6a41120254b59d20513fde2ad70430b15e

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:26 GMT
content-encoding: gzip
last-modified: Thu, 25 Feb 2021 09:58:12 GMT
server: nginx
etag: "1491228654"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=15552000
accept-ranges: bytes
content-length: 143
expires: Tue, 24 Aug 2021 10:01:03 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/1051362/
Redirect Chain

https://mc.yandex.ru/watch/1051362?wmode=7&page-url=https%3A%2F%2Fwww.kp.by%2F&nohit=1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Acaxsklyqnpvsij3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A...
https://mc.yandex.ru/watch/1051362/1?wmode=7&page-url=https%3A%2F%2Fwww.kp.by%2F&nohit=1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Acaxsklyqnpvsij3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%...

258 B
802 B

50ms
50ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/1051362/1?wmode=7&page-url=https%3A%2F%2Fwww.kp.by%2F&nohit=1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Acaxsklyqnpvsij3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A433%3Acn%3A1%3Adp%3A0%3Als%3A1031984453183%3Ahid%3A246502172%3Az%3A60%3Ai%3A20210225181626%3Aet%3A1614273386%3Ac%3A1%3Arn%3A313767402%3Au%3A1614273386335967376%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1614273384290%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1614273386%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8.%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%2F%2F%20KP.BY

Requested by

Host: www.kp.by
URL: https://www.kp.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

0a260d517ea104ee7b816495317d16f1f8eedf48eb3a057380abbfaa3f7cfe02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:26 GMT
x-content-type-options: nosniff
last-modified: Thu, 25-Feb-2021 17:16:26 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.kp.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 258
x-xss-protection: 1; mode=block
expires: Thu, 25-Feb-2021 17:16:26 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:26 GMT
last-modified: Thu, 25-Feb-2021 17:16:26 GMT
location: /watch/1051362/1?wmode=7&page-url=https%3A%2F%2Fwww.kp.by%2F&nohit=1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Acaxsklyqnpvsij3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A433%3Acn%3A1%3Adp%3A0%3Als%3A1031984453183%3Ahid%3A246502172%3Az%3A60%3Ai%3A20210225181626%3Aet%3A1614273386%3Ac%3A1%3Arn%3A313767402%3Au%3A1614273386335967376%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1614273384290%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1614273386%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8.%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%2F%2F%20KP.BY
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.kp.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: Thu, 25-Feb-2021 17:16:26 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/38305645/
Redirect Chain

https://mc.yandex.ru/watch/38305645?wmode=7&page-url=https%3A%2F%2Fwww.kp.by%2F&nohit=1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Acaxsklyqnpvsij3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3...
https://mc.yandex.ru/watch/38305645/1?wmode=7&page-url=https%3A%2F%2Fwww.kp.by%2F&nohit=1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Acaxsklyqnpvsij3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av...

219 B
256 B

54ms
54ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/38305645/1?wmode=7&page-url=https%3A%2F%2Fwww.kp.by%2F&nohit=1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Acaxsklyqnpvsij3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A433%3Acn%3A2%3Adp%3A0%3Als%3A905758923303%3Ahid%3A246502172%3Az%3A60%3Ai%3A20210225181626%3Aet%3A1614273386%3Ac%3A1%3Arn%3A59477376%3Au%3A1614273386335967376%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1614273384290%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1614273386%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8.%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%2F%2F%20KP.BY

Requested by

Host: www.kp.by
URL: https://www.kp.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

77d5e22593e3b596d3cdca1ce035cda03982e9fb9fc0dee308fe452c19869ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:26 GMT
x-content-type-options: nosniff
last-modified: Thu, 25-Feb-2021 17:16:26 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.kp.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 219
x-xss-protection: 1; mode=block
expires: Thu, 25-Feb-2021 17:16:26 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:26 GMT
last-modified: Thu, 25-Feb-2021 17:16:26 GMT
location: /watch/38305645/1?wmode=7&page-url=https%3A%2F%2Fwww.kp.by%2F&nohit=1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Acaxsklyqnpvsij3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A433%3Acn%3A2%3Adp%3A0%3Als%3A905758923303%3Ahid%3A246502172%3Az%3A60%3Ai%3A20210225181626%3Aet%3A1614273386%3Ac%3A1%3Arn%3A59477376%3Au%3A1614273386335967376%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1614273384290%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1614273386%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8.%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%2F%2F%20KP.BY
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.kp.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: Thu, 25-Feb-2021 17:16:26 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/1007185/
Redirect Chain

https://mc.yandex.ru/watch/1007185?wmode=7&page-url=https%3A%2F%2Fwww.kp.by%2F&nohit=1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Acaxsklyqnpvsij3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A...
https://mc.yandex.ru/watch/1007185/1?wmode=7&page-url=https%3A%2F%2Fwww.kp.by%2F&nohit=1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Acaxsklyqnpvsij3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%...

186 B
224 B

55ms
55ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/1007185/1?wmode=7&page-url=https%3A%2F%2Fwww.kp.by%2F&nohit=1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Acaxsklyqnpvsij3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A433%3Acn%3A3%3Adp%3A0%3Als%3A550198222292%3Ahid%3A246502172%3Az%3A60%3Ai%3A20210225181626%3Aet%3A1614273386%3Ac%3A1%3Arn%3A828645135%3Au%3A1614273386335967376%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1614273384290%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1614273386%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8.%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%2F%2F%20KP.BY

Requested by

Host: www.kp.by
URL: https://www.kp.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

531a8ab53503f3c2c0575708f669a69965f7f4b525d5e9fe78128e6d75267781

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:26 GMT
x-content-type-options: nosniff
last-modified: Thu, 25-Feb-2021 17:16:26 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.kp.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 186
x-xss-protection: 1; mode=block
expires: Thu, 25-Feb-2021 17:16:26 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:26 GMT
last-modified: Thu, 25-Feb-2021 17:16:26 GMT
location: /watch/1007185/1?wmode=7&page-url=https%3A%2F%2Fwww.kp.by%2F&nohit=1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Acaxsklyqnpvsij3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A433%3Acn%3A3%3Adp%3A0%3Als%3A550198222292%3Ahid%3A246502172%3Az%3A60%3Ai%3A20210225181626%3Aet%3A1614273386%3Ac%3A1%3Arn%3A828645135%3Au%3A1614273386335967376%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1614273384290%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1614273386%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8.%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%2F%2F%20KP.BY
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.kp.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: Thu, 25-Feb-2021 17:16:26 GMT

GET
H2 200 / Show response
s8.stc.m.kpcdn.net/content/api/1/pages/get.json/result/ 106 KB
9 KB 1458ms
1345ms Fetch
application/json 5.254.23.204
VOXILITY

General

Check archive.org

Show headers Download Go to

Full URL: https://s8.stc.m.kpcdn.net/content/api/1/pages/get.json/result/?pages.age.month=2&pages.age.year=2021&pages.direction=page&pages.number=56&pages.target.class=100&pages.target.id=3
Requested by: Host: s3.stc.all.kpcdn.net
URL: https://s3.stc.all.kpcdn.net/s0/2.0.100/adaptive/vendors~adaptive.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.254.23.204 Frankfurt am Main, Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: nginx /
Resource Hash: 17b306004e039418cd04d64cd0028f33ec0b74633d634179f2578c4a83fd480d

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:27 GMT
content-encoding: gzip
last-modified: Thu, 25 Feb 2021 17:16:26 -0000
server: nginx
etag: "f776551ef9acfb081e616c977c6a44e6"
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60, must-revalidate
content-length: 9398
expires: Thu, 25 Feb 2021 17:17:26 -0000

GET
DATA 200
OK truncated
/ 58 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6cc283b26200ccfd30ab67d3c9477ee18bd937ab41591eddf5bc099b49529f6c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c2592aa4f66105c0e0938f1154c81cac1bb3049031bb7aad0e4884c39d9d5038

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 684 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4a82aad9404ab8f8614d01ddfb7ddd90a2711fb5871ff8444d57d72f7e62c8db

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 346 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f92e31b2bc6a4466fe64796c9131d8b99d27c7e2a5bb68ab30ee480fc5a649af

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d9dabf6e58fba15accb0e0a5c52c9d7bb717ee1efae2868a682bdeeeee4be01

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bbecfe7e2b6c94c6dad55abb37a606b004c98bb953db243969598a5f7553cd09

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 498 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4e19393324693a6908036b447a1e1a1b6b9cef7609b7a2ef2b25583a2ebcf89

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 520fc7c9151fef58715a4c07afb0c01e45153c5e539ad57a428fa45213c5cea5

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5982d3e517c48f6b8ba0ee9cf575a2d5ead50f8687149be79c346cbfd3994385

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 337 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3622d2f55f5ab177594a4b9d1bb0c8642b3f8289e373ac0d5afd3435b1015930

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 376 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9ecb2486715e96c25c80f6ac9339fc28b78331929022753cfbf255c254bb36b6

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9517287e593128dc687fbf684614a4156c6722e2d8bbc9d8698170fdab874d72

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 579 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 618182c87a3fa8698c9e9c466d1d5f3b11e55150668f446cb4ac7e4e7ec180e2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 833 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c581b8540d83167365a7f04f90b4f7aaf118650047a15b395501cfb531f2fe73

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 9712945f98a89ad7d4c3fa46e5398e69.woff2
s2.stc.all.kpcdn.net/s0/2.0.100/adaptive/ 63 KB
64 KB 6ms
6ms Font
application/font-woff2 5.254.23.204
VOXILITY

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.stc.all.kpcdn.net/s0/2.0.100/adaptive/9712945f98a89ad7d4c3fa46e5398e69.woff2
Requested by: Host: www.kp.by
URL: https://www.kp.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.254.23.204 Frankfurt am Main, Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: nginx /
Resource Hash: 8b42cf99b0a59168669878da7557e478a79bce6fcdbc16b3cf3ab078633dddd4

Request headers

Origin: https://www.kp.by
Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:26 GMT
content-encoding: gzip
last-modified: Thu, 25 Feb 2021 09:58:12 GMT
server: nginx
etag: "3627865076"
vary: Accept-Encoding
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=15552000
accept-ranges: bytes
content-length: 64720
expires: Tue, 24 Aug 2021 09:29:29 GMT

GET
H2 200 13dd9be15b68e40103eb002b1acdc7b6.woff2
s2.stc.all.kpcdn.net/s0/2.0.100/adaptive/ 63 KB
63 KB 7ms
6ms Font
application/font-woff2 5.254.23.204
VOXILITY

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.stc.all.kpcdn.net/s0/2.0.100/adaptive/13dd9be15b68e40103eb002b1acdc7b6.woff2
Requested by: Host: www.kp.by
URL: https://www.kp.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.254.23.204 Frankfurt am Main, Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: nginx /
Resource Hash: 21236e65d3312d0ee4887280f9fe66294b15d41414469a26adcd77c0a424c8e1

Request headers

Origin: https://www.kp.by
Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:26 GMT
content-encoding: gzip
last-modified: Thu, 25 Feb 2021 09:58:12 GMT
server: nginx
etag: "3627866084"
vary: Accept-Encoding
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=15552000
accept-ranges: bytes
content-length: 64343
expires: Tue, 24 Aug 2021 09:29:30 GMT

GET
H/1.1 200
OK / Show response
www.kp.by/content/api/1/pages/get.json/result/ 132 KB
13 KB 1718ms
1551ms Fetch
application/json 178.159.244.92
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kp.by/content/api/1/pages/get.json/result/?pages.direction=current&pages.spot=3&pages.target.class=207&pages.target.id=5
Requested by: Host: s3.stc.all.kpcdn.net
URL: https://s3.stc.all.kpcdn.net/s0/2.0.100/adaptive/vendors~adaptive.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.159.244.92 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: api/0.1.1 /
Resource Hash: 4173109b1a62ff1ff40fd35ec9db17b4756eff50103b69b6f7e9063af4045220

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
sentry-trace: fb3fa64a118e4e199c7b603ae4e013a7-8e681219523e5027-1

Response headers

Date: Thu, 25 Feb 2021 17:16:28 -0000
Content-Encoding: gzip
Last-Modified: Thu, 25 Feb 2021 17:16:28 -0000
Server: api/0.1.1
Etag: "3112353bc126a904b23565b037f058e6"
Content-Type: application/json; charset=UTF-8
Cache-Control: max-age=60, must-revalidate
Connection: close
Content-Length: 12526
Expires: Thu, 25 Feb 2021 17:17:28 -0000

GET
H/1.1 200
OK / Show response
www.kp.by/content/api/1/pages/get.json/result/ 2 B
385 B 292ms
90ms Fetch
application/json 178.159.244.92
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kp.by/content/api/1/pages/get.json/result/?pages.advertising=4&pages.direction=current&pages.spot=3&pages.target.class=207&pages.target.id=5
Requested by: Host: s3.stc.all.kpcdn.net
URL: https://s3.stc.all.kpcdn.net/s0/2.0.100/adaptive/vendors~adaptive.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.159.244.92 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: api/0.1.1 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
sentry-trace: fb3fa64a118e4e199c7b603ae4e013a7-927d8d23e3144324-1

Response headers

Date: Thu, 25 Feb 2021 17:16:26 -0000
Content-Encoding: gzip
Last-Modified: Thu, 25 Feb 2021 17:16:26 -0000
Server: api/0.1.1
Etag: "99914b932bd37a50b983c5e7c90ae93b"
Content-Type: application/json; charset=UTF-8
Cache-Control: max-age=60, must-revalidate
Connection: close
Content-Length: 22
Expires: Thu, 25 Feb 2021 17:17:26 -0000

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
30 B 41ms
15ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-23870775-13&cid=736874391.1614273386&jid=23068763&gjid=149943367&_gid=1060767860.1614273386&_u=YGDAAAABAAAAAG~&z=939452284

Requested by

Host: s3.stc.all.kpcdn.net
URL: https://s3.stc.all.kpcdn.net/s0/2.0.100/adaptive/vendors~adaptive.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 25 Feb 2021 17:16:26 GMT
content-type: text/plain
access-control-allow-origin: https://www.kp.by
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
418 B 40ms
15ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-23870775-31&cid=736874391.1614273386&jid=1839579060&gjid=1905337144&_gid=1060767860.1614273386&_u=YGDAAAABAAAAAG~&z=232308004

Requested by

Host: s3.stc.all.kpcdn.net
URL: https://s3.stc.all.kpcdn.net/s0/2.0.100/adaptive/vendors~adaptive.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 25 Feb 2021 17:16:26 GMT
content-type: text/plain
access-control-allow-origin: https://www.kp.by
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
505 B 50ms
29ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-23870775-1&cid=736874391.1614273386&jid=752765362&_u=YGBAgAABAAAAAE~&z=384901677

Requested by

Host: www.kp.by
URL: https://www.kp.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
505 B 49ms
29ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-23870775-1&cid=736874391.1614273386&jid=752765362&_u=YGBAgAABAAAAAE~&z=384901677

Requested by

Host: www.kp.by
URL: https://www.kp.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
232 B 44ms
43ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: www.kp.by
URL: https://www.kp.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:26 GMT
last-modified: Sat, 20 Feb 2021 13:25:23 GMT
etag: "60310dc3-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Feb 2021 18:16:26 GMT

GET
H/1.1 200
OK settings Show response
stat.media/counter/ 442 B
1 KB 25ms
25ms Script
application/javascript 136.243.42.249
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/settings?payload=COD1AQ&cb=_callbacks____0kll4p0tt
Requested by: Host: stat.media
URL: https://stat.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.42.249 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: sm-server1-1.sfa51.imcmdb.net
Software: nginx /
Resource Hash: bb30a8d67f0f4946fc31e28de4113a5a4952df19d6b7aa55945484fa06a080fb

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 17:16:26 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: application/javascript

GET
H2

200

rexdot.js Show response
gaby.hit.gemius.pl/__/_1614273386610/
Redirect Chain

https://gaby.hit.gemius.pl/_1614273386610/rexdot.js?l=100&id=baowRE9xyvJjcPSCclDOh5SqLbpuyc7E.ppV8i3VvbX.z7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=https%3A%2F%2Fwww.kp.by...
https://gaby.hit.gemius.pl/__/_1614273386610/rexdot.js?l=100&id=baowRE9xyvJjcPSCclDOh5SqLbpuyc7E.ppV8i3VvbX.z7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=https%3A%2F%2Fwww.kp...

169 B
427 B

8ms
8ms

Script
application/x-javascript

149.202.199.193
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaby.hit.gemius.pl/__/_1614273386610/rexdot.js?l=100&id=baowRE9xyvJjcPSCclDOh5SqLbpuyc7E.ppV8i3VvbX.z7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=https%3A%2F%2Fwww.kp.by%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=sSnWtPG_2nFmVANd4UzYnf7.tlgFLL4Z90X9HbK9JyH.57&vis=1
Requested by: Host: www.kp.by
URL: https://www.kp.by/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 149.202.199.193 , France, ASN16276 (OVH, FR),
Reverse DNS: ua1.host.hit.gemius.pl
Software: GHC /
Resource Hash: b84221e0bd5dbd7dc93c1ad32010405c36c8049ab8b6c64ab7353cbf96541073

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:26 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-type: application/x-javascript
content-length: 169
expires: Wed, 24 Feb 2021 17:16:26 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:26 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1614273386610/rexdot.js?l=100&id=baowRE9xyvJjcPSCclDOh5SqLbpuyc7E.ppV8i3VvbX.z7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=https%3A%2F%2Fwww.kp.by%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=sSnWtPG_2nFmVANd4UzYnf7.tlgFLL4Z90X9HbK9JyH.57&vis=1
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-length: 0
expires: Wed, 24 Feb 2021 17:16:26 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ 155 B
356 B 49ms
18ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=105&profileId=184&cb=26681794524
Requested by: Host: s3.stc.all.kpcdn.net
URL: https://s3.stc.all.kpcdn.net/s0/2.0.100/adaptive/vendors~adaptive.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: c54109a2c7e819afc5ec62cf3d3509642c4bd383182cfdeb46c5d90187ba9fa4

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 25 Feb 2021 17:16:26 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.kp.by
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 155

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
139 B 45ms
15ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=105&profileId=184&cb=99508755618
Requested by: Host: s3.stc.all.kpcdn.net
URL: https://s3.stc.all.kpcdn.net/s0/2.0.100/adaptive/vendors~adaptive.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.kp.by
date: Thu, 25 Feb 2021 17:16:26 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
139 B 44ms
14ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=105&profileId=184&cb=57483288609
Requested by: Host: s3.stc.all.kpcdn.net
URL: https://s3.stc.all.kpcdn.net/s0/2.0.100/adaptive/vendors~adaptive.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.kp.by
date: Thu, 25 Feb 2021 17:16:26 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 a05c2321d5026a2ae93c.js Show response
yastatic.net/partner-code-bundles/13930/ 12 KB
5 KB 43ms
42ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/13930/a05c2321d5026a2ae93c.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

7e127248e337984b3c6e76679419309e7ce47a080c61b443e15a2a05f173cf65

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://www.kp.by
Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:26 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4197
last-modified: Thu, 18 Feb 2021 17:45:34 GMT
server: nginx/1.17.9
etag: "3c847fa0fc46b45a57ec5380e12856e0"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Feb 2051 23:48:24 GMT

GET
H2 200 9d4b34913b2ca833f62b.js Show response
yastatic.net/partner-code-bundles/13930/ 386 KB
81 KB 55ms
54ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/13930/9d4b34913b2ca833f62b.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

533ae756b74e13b1ee953a81f64ca9d04903a3eeac2a95f27ae1798c2a0b45d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://www.kp.by
Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:26 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 81968
last-modified: Thu, 18 Feb 2021 17:45:34 GMT
server: nginx/1.17.9
etag: "26b77fc30b8d200ff6005132bf7e02a4"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Feb 2051 23:48:30 GMT

GET
H2 200 c706d912f660beb6151e.js Show response
yastatic.net/partner-code-bundles/13930/ 270 KB
45 KB 113ms
113ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/13930/c706d912f660beb6151e.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

72faac096aec54962ef22049b08b78c210fb45dc9817d93b9b7e1bc6fdedd4fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://www.kp.by
Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:26 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 45347
last-modified: Thu, 18 Feb 2021 17:45:34 GMT
server: nginx/1.17.9
etag: "ac10c7dda0d3a22f58890e7afb02a871"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Feb 2051 23:48:22 GMT

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
483 B 56ms
44ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-23870775-13&cid=736874391.1614273386&jid=23068763&_u=YGDAAAABAAAAAG~&z=6577791

Requested by

Host: www.kp.by
URL: https://www.kp.by/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.de/ads/ 42 B
483 B 60ms
46ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-23870775-13&cid=736874391.1614273386&jid=23068763&_u=YGDAAAABAAAAAG~&z=6577791

Requested by

Host: www.kp.by
URL: https://www.kp.by/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
139 B 14ms
14ms Other
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm/events
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.kp.by
date: Thu, 25 Feb 2021 17:16:26 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
260 B 23ms
23ms Image
image/gif 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=1
Requested by: Host: www.kp.by
URL: https://www.kp.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:26 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sun, 20 Feb 2022 17:16:26 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
260 B 23ms
23ms Image
image/gif 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=2
Requested by: Host: www.kp.by
URL: https://www.kp.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:26 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sun, 20 Feb 2022 17:16:26 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
139 B 16ms
14ms Other
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm/events
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.kp.by
date: Thu, 25 Feb 2021 17:16:25 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 v2 Show response
an.yandex.ru/adfox/232598/getBulk/ Frame B458 47 KB
16 KB 461ms
461ms XHR
application/json 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/232598/getBulk/v2?dl=https%3A%2F%2Fwww.kp.by%2F%3Fsection%3Dsociety&date=2021-02-25T18%3A16%3A26.752%2B01%3A00&pd=25&pdh=1200&pdw=1600&pr1=775708881&pr=1173022738&prr=&pv=18&pw=4&extid_loader=MTYxNDI3MzM4NjMzNTk2NzM3Ng%3D%3D&extid_tag_loader=www.kp.by&ylv=0.3041&ybv=0.3040&ytt=545357794117653&is-turbo=0&skip-token=&ad-session-id=5458961614273386756&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.4%2C%22w%22%3A240%2C%22h%22%3A0%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A350%2C%22top%22%3A1465%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=0&matchid-cookies=fEO4cFbeMKCWJQW-UwWUfn8v8HaeUt88HlWarv69DYM1y0iwkVRogg%3D%3D&matchid-cookies-sign=ftEGM6sFpnpZYfrBzJurAw%3D%3D&pp=g&p2=fxjd&ps=cfab&puid1=adv-1614273385680-395&puid2=society%3Ainteresting%3Azenyandex%3Aeconomics%3Abelarus%3Aincident%3Apolitics%3Acelebrity&puid3=top&puid5=&slotNumber=1&matchid-direct=1&bids=W3siY2FtcGFpZ25faWQiOjcyMjU3MywicmVzcG9uc2VfdGltZSI6NzMwLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMTI4MjMxMSJ9XQ%3D%3D&grab=dNCd0L7QstC-0YHRgtC4INCR0LXQu9Cw0YDRg9GB0LguINCa0L7QvNGB0L7QvNC-0LvRjNGB0LrQsNGPINCf0YDQsNCy0LTQsCDQsiDQkdC10LvQsNGA0YPRgdC4IC8vIEtQLkJZCjHQndC-0LLQvtGB0YLQuCAyNCAKMtCR0LXQu9Cw0YDRg9GB0YwgCg%3D%3D&utf8=%E2%9C%93&duid=MTYxNDI3MzM4NjMzNTk2NzM3Ng%3D%3D

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

cf4fd69acb1565846efb8bd5dbea06795e9eaea7c26b394378e7096aa58bbbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:27 GMT
content-encoding: gzip
last-modified: Thu, 25 Feb 2021 17:16:27 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://www.kp.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 25 Feb 2021 17:16:27 GMT

GET
H2 200 v2 Show response
an.yandex.ru/adfox/232598/getBulk/ Frame B458 8 KB
2 KB 227ms
226ms XHR
application/json 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/232598/getBulk/v2?dl=https%3A%2F%2Fwww.kp.by%2F%3Fsection%3Dsociety&date=2021-02-25T18%3A16%3A26.763%2B01%3A00&pd=25&pdh=1200&pdw=1600&pr1=874823709&pr=1173022738&prr=&pv=18&pw=4&extid_loader=MTYxNDI3MzM4NjMzNTk2NzM3Ng%3D%3D&extid_tag_loader=www.kp.by&ylv=0.3041&ybv=0.3040&ytt=545357794117653&is-turbo=0&skip-token=&ad-session-id=5458961614273386756&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.4%2C%22w%22%3A300%2C%22h%22%3A0%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A1250%2C%22top%22%3A791%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=0&matchid-cookies=fEO4cFbeMKCWJQW-UwWUfn8v8HaeUt88HlWarv69DYM1y0iwkVRogg%3D%3D&matchid-cookies-sign=ftEGM6sFpnpZYfrBzJurAw%3D%3D&pp=hrs&p2=fbao&ps=cfab&puid1=adv-1614273385730-102&puid2=society%3Ainteresting%3Azenyandex%3Aeconomics%3Abelarus%3Aincident%3Apolitics%3Acelebrity&puid3=top&puid5=&slotNumber=2&matchid-direct=1&bids=W3siY2FtcGFpZ25faWQiOjcyMjU3MywicmVzcG9uc2VfdGltZSI6NzI5LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMTI4MjMwOCJ9XQ%3D%3D&grab=dNCd0L7QstC-0YHRgtC4INCR0LXQu9Cw0YDRg9GB0LguINCa0L7QvNGB0L7QvNC-0LvRjNGB0LrQsNGPINCf0YDQsNCy0LTQsCDQsiDQkdC10LvQsNGA0YPRgdC4IC8vIEtQLkJZCjHQndC-0LLQvtGB0YLQuCAyNCAKMtCR0LXQu9Cw0YDRg9GB0YwgCg%3D%3D&utf8=%E2%9C%93&duid=MTYxNDI3MzM4NjMzNTk2NzM3Ng%3D%3D

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e9cbc2bbd8dc23ccdb0b5b456630494a5ac8ab482eb473d3b4ce4dfd07b9d15b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:26 GMT
content-encoding: gzip
last-modified: Thu, 25 Feb 2021 17:16:26 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://www.kp.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 25 Feb 2021 17:16:26 GMT

GET
H2 200 v2 Show response
an.yandex.ru/adfox/232598/getBulk/ Frame B458 8 KB
2 KB 249ms
249ms XHR
application/json 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/232598/getBulk/v2?dl=https%3A%2F%2Fwww.kp.by%2F%3Fsection%3Dsociety&date=2021-02-25T18%3A16%3A26.767%2B01%3A00&pd=25&pdh=1200&pdw=1600&pr1=3587060862&pr=1173022738&prr=&pv=18&pw=4&extid_loader=MTYxNDI3MzM4NjMzNTk2NzM3Ng%3D%3D&extid_tag_loader=www.kp.by&ylv=0.3041&ybv=0.3040&ytt=545357794117653&is-turbo=0&skip-token=&ad-session-id=5458961614273386756&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.4%2C%22w%22%3A1130%2C%22h%22%3A0%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A800%2C%22top%22%3A4177%2C%22req_no%22%3A2%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=0&matchid-cookies=fEO4cFbeMKCWJQW-UwWUfn8v8HaeUt88HlWarv69DYM1y0iwkVRogg%3D%3D&matchid-cookies-sign=ftEGM6sFpnpZYfrBzJurAw%3D%3D&pp=g&p2=gvdq&ps=cfab&puid1=adv-1614273385733-727&puid2=society%3Ainteresting%3Azenyandex%3Aeconomics%3Abelarus%3Aincident%3Apolitics%3Acelebrity&puid3=top&puid5=&slotNumber=3&matchid-direct=1&bids=W3siY2FtcGFpZ25faWQiOjcyMjU3MywicmVzcG9uc2VfdGltZSI6NzIyLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMTUyNjgwMiJ9XQ%3D%3D&grab=dNCd0L7QstC-0YHRgtC4INCR0LXQu9Cw0YDRg9GB0LguINCa0L7QvNGB0L7QvNC-0LvRjNGB0LrQsNGPINCf0YDQsNCy0LTQsCDQsiDQkdC10LvQsNGA0YPRgdC4IC8vIEtQLkJZCjHQndC-0LLQvtGB0YLQuCAyNCAKMtCR0LXQu9Cw0YDRg9GB0YwgCg%3D%3D&utf8=%E2%9C%93&duid=MTYxNDI3MzM4NjMzNTk2NzM3Ng%3D%3D

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

1122981b6fc5a2be8221d3727550a88c740658463fcb4df25e5e9ae8ee2efbad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:26 GMT
content-encoding: gzip
last-modified: Thu, 25 Feb 2021 17:16:26 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://www.kp.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 25 Feb 2021 17:16:26 GMT

GET
H2 200 v2 Show response
an.yandex.ru/adfox/232598/getBulk/ Frame B458 962 B
437 B 362ms
362ms XHR
application/json 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/232598/getBulk/v2?dl=https%3A%2F%2Fwww.kp.by%2F%3F&date=2021-02-25T18%3A16%3A26.770%2B01%3A00&pd=25&pdh=1200&pdw=1600&pr1=3702230529&pr=1173022738&prr=&pv=18&pw=4&extid_loader=MTYxNDI3MzM4NjMzNTk2NzM3Ng%3D%3D&extid_tag_loader=www.kp.by&ylv=0.3041&ybv=0.3040&ytt=545357794117653&is-turbo=0&skip-token=&ad-session-id=5458961614273386756&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.4%2C%22w%22%3A1560%2C%22h%22%3A0%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A800%2C%22top%22%3A245%2C%22req_no%22%3A3%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=0&matchid-cookies=fEO4cFbeMKCWJQW-UwWUfn8v8HaeUt88HlWarv69DYM1y0iwkVRogg%3D%3D&matchid-cookies-sign=ftEGM6sFpnpZYfrBzJurAw%3D%3D&pp=g&p2=fban&ps=cfab&puid1=adv-1614273385559-832&puid2=&puid3=&puid5=&slotNumber=4&matchid-direct=1&bids=W10%3D&grab=dNCd0L7QstC-0YHRgtC4INCR0LXQu9Cw0YDRg9GB0LguINCa0L7QvNGB0L7QvNC-0LvRjNGB0LrQsNGPINCf0YDQsNCy0LTQsCDQsiDQkdC10LvQsNGA0YPRgdC4IC8vIEtQLkJZCjHQndC-0LLQvtGB0YLQuCAyNCAKMtCR0LXQu9Cw0YDRg9GB0YwgCg%3D%3D&utf8=%E2%9C%93&duid=MTYxNDI3MzM4NjMzNTk2NzM3Ng%3D%3D

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

bb6562181af5855351ff3e9d1eadd59fd71bf6cbb31cc7b40de2b3cbc87533ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:27 GMT
content-encoding: gzip
last-modified: Thu, 25 Feb 2021 17:16:27 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://www.kp.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 25 Feb 2021 17:16:27 GMT

GET
H2 200 v2 Show response
an.yandex.ru/adfox/232598/getBulk/ Frame B458 7 KB
2 KB 302ms
302ms XHR
application/json 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/232598/getBulk/v2?dl=https%3A%2F%2Fwww.kp.by%2F%3F&date=2021-02-25T18%3A16%3A26.772%2B01%3A00&pd=25&pdh=1200&pdw=1600&pr1=2657900103&pr=1173022738&prr=&pv=18&pw=4&extid_loader=MTYxNDI3MzM4NjMzNTk2NzM3Ng%3D%3D&extid_tag_loader=www.kp.by&ylv=0.3041&ybv=0.3040&ytt=545357794117653&is-turbo=0&skip-token=&ad-session-id=5458961614273386756&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.4%2C%22w%22%3A160%2C%22h%22%3A0%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A1410%2C%22top%22%3A389%2C%22req_no%22%3A4%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=0&matchid-cookies=fEO4cFbeMKCWJQW-UwWUfn8v8HaeUt88HlWarv69DYM1y0iwkVRogg%3D%3D&matchid-cookies-sign=ftEGM6sFpnpZYfrBzJurAw%3D%3D&pp=g&p2=gftf&ps=cfab&puid1=adv-1614273385581-550&puid2=&puid3=&puid5=&slotNumber=5&matchid-direct=1&bids=W10%3D&grab=dNCd0L7QstC-0YHRgtC4INCR0LXQu9Cw0YDRg9GB0LguINCa0L7QvNGB0L7QvNC-0LvRjNGB0LrQsNGPINCf0YDQsNCy0LTQsCDQsiDQkdC10LvQsNGA0YPRgdC4IC8vIEtQLkJZCjHQndC-0LLQvtGB0YLQuCAyNCAKMtCR0LXQu9Cw0YDRg9GB0YwgCg%3D%3D&utf8=%E2%9C%93&duid=MTYxNDI3MzM4NjMzNTk2NzM3Ng%3D%3D

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

0194c4c6ff7c124aca3d93c4f51a4ee8d70e337a7985ec7897fe4c8923c038b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:27 GMT
content-encoding: gzip
last-modified: Thu, 25 Feb 2021 17:16:27 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://www.kp.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 25 Feb 2021 17:16:27 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
139 B 14ms
14ms Other
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm/events
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.kp.by
date: Thu, 25 Feb 2021 17:16:26 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 200 1 Show response
mc.yandex.ru/watch/1051362/ 43 B
73 B 46ms
46ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/1051362/1?page-url=https%3A%2F%2Fwww.kp.by%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Acaxsklyqnpvsij3%3Afp%3A822%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A433%3Acn%3A1%3Adp%3A1%3Als%3A1031984453183%3Ahid%3A246502172%3Az%3A60%3Ai%3A20210225181626%3Aet%3A1614273387%3Ac%3A1%3Arn%3A990176113%3Au%3A1614273386335967376%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1614273384290%3Awv%3A2%3Ads%3A0%2C181%2C371%2C74%2C0%2C0%2C%2C171%2C0%2C%2C%2C%2C734%3Adsn%3A1%2C180%2C372%2C73%2C0%2C0%2C%2C107%2C0%2C%2C%2C%2C734%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1614273387

Requested by

Host: s3.stc.all.kpcdn.net
URL: https://s3.stc.all.kpcdn.net/s0/2.0.100/adaptive/vendors~adaptive.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:26 GMT
last-modified: Thu, 25-Feb-2021 17:16:26 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.kp.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 25-Feb-2021 17:16:26 GMT

POST
H2 200 1 Show response
mc.yandex.ru/watch/38305645/ 43 B
73 B 51ms
51ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/38305645/1?page-url=https%3A%2F%2Fwww.kp.by%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Acaxsklyqnpvsij3%3Afp%3A822%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A433%3Acn%3A2%3Adp%3A1%3Als%3A905758923303%3Ahid%3A246502172%3Az%3A60%3Ai%3A20210225181626%3Aet%3A1614273387%3Ac%3A1%3Arn%3A809322931%3Au%3A1614273386335967376%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1614273384290%3Awv%3A2%3Ads%3A0%2C181%2C371%2C74%2C0%2C0%2C%2C171%2C0%2C%2C%2C%2C734%3Adsn%3A1%2C180%2C372%2C73%2C0%2C0%2C%2C107%2C0%2C%2C%2C%2C734%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1614273387

Requested by

Host: s3.stc.all.kpcdn.net
URL: https://s3.stc.all.kpcdn.net/s0/2.0.100/adaptive/vendors~adaptive.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:26 GMT
last-modified: Thu, 25-Feb-2021 17:16:26 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.kp.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 25-Feb-2021 17:16:26 GMT

POST
H2 200 1 Show response
mc.yandex.ru/watch/1007185/ 43 B
73 B 52ms
52ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/1007185/1?page-url=https%3A%2F%2Fwww.kp.by%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Acaxsklyqnpvsij3%3Afp%3A822%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A433%3Acn%3A3%3Adp%3A1%3Als%3A550198222292%3Ahid%3A246502172%3Az%3A60%3Ai%3A20210225181626%3Aet%3A1614273387%3Ac%3A1%3Arn%3A304272985%3Au%3A1614273386335967376%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1614273384290%3Awv%3A2%3Ads%3A0%2C181%2C371%2C74%2C0%2C0%2C%2C171%2C0%2C%2C%2C%2C734%3Adsn%3A1%2C180%2C372%2C73%2C0%2C0%2C%2C107%2C0%2C%2C%2C%2C734%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1614273387

Requested by

Host: s3.stc.all.kpcdn.net
URL: https://s3.stc.all.kpcdn.net/s0/2.0.100/adaptive/vendors~adaptive.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:26 GMT
last-modified: Thu, 25-Feb-2021 17:16:26 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.kp.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 25-Feb-2021 17:16:26 GMT

GET
H2 200 1051362 Show response
mc.yandex.ru/watch/ 43 B
229 B 53ms
52ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/1051362?page-url=https%3A%2F%2Fwww.kp.by%2F&charset=utf-8&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Acaxsklyqnpvsij3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A433%3Acn%3A1%3Adp%3A1%3Als%3A1031984453183%3Ahid%3A246502172%3Az%3A60%3Ai%3A20210225181626%3Aet%3A1614273387%3Ac%3A1%3Arn%3A453343574%3Au%3A1614273386335967376%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1614273384290%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1614273387%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8.%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%2F%2F%20KP.BY

Requested by

Host: s3.stc.all.kpcdn.net
URL: https://s3.stc.all.kpcdn.net/s0/2.0.100/adaptive/vendors~adaptive.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:26 GMT
last-modified: Thu, 25-Feb-2021 17:16:26 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.kp.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 25-Feb-2021 17:16:26 GMT

GET
H2 200 38305645 Show response
mc.yandex.ru/watch/ 43 B
226 B 47ms
47ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/38305645?page-url=https%3A%2F%2Fwww.kp.by%2F&charset=utf-8&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Acaxsklyqnpvsij3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A433%3Acn%3A2%3Adp%3A1%3Als%3A905758923303%3Ahid%3A246502172%3Az%3A60%3Ai%3A20210225181626%3Aet%3A1614273387%3Ac%3A1%3Arn%3A439135953%3Au%3A1614273386335967376%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1614273384290%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1614273387%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8.%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%2F%2F%20KP.BY

Requested by

Host: s3.stc.all.kpcdn.net
URL: https://s3.stc.all.kpcdn.net/s0/2.0.100/adaptive/vendors~adaptive.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:26 GMT
last-modified: Thu, 25-Feb-2021 17:16:26 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.kp.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 25-Feb-2021 17:16:26 GMT

POST
H2 200 1 Show response
mc.yandex.ru/watch/1051362/ 43 B
73 B 55ms
55ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/1051362/1?page-url=https%3A%2F%2Fwww.kp.by%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Acaxsklyqnpvsij3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A433%3Acn%3A1%3Adp%3A1%3Als%3A1031984453183%3Ahid%3A246502172%3Az%3A60%3Ai%3A20210225181626%3Aet%3A1614273387%3Ac%3A1%3Arn%3A615603704%3Au%3A1614273386335967376%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1614273384290%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1614273387

Requested by

Host: s3.stc.all.kpcdn.net
URL: https://s3.stc.all.kpcdn.net/s0/2.0.100/adaptive/vendors~adaptive.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:26 GMT
last-modified: Thu, 25-Feb-2021 17:16:26 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.kp.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 25-Feb-2021 17:16:26 GMT

POST
H2 200 1 Show response
mc.yandex.ru/watch/38305645/ 43 B
73 B 80ms
80ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/38305645/1?page-url=https%3A%2F%2Fwww.kp.by%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Acaxsklyqnpvsij3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A433%3Acn%3A2%3Adp%3A1%3Als%3A905758923303%3Ahid%3A246502172%3Az%3A60%3Ai%3A20210225181626%3Aet%3A1614273387%3Ac%3A1%3Arn%3A761398359%3Au%3A1614273386335967376%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1614273384290%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1614273387

Requested by

Host: s3.stc.all.kpcdn.net
URL: https://s3.stc.all.kpcdn.net/s0/2.0.100/adaptive/vendors~adaptive.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:26 GMT
last-modified: Thu, 25-Feb-2021 17:16:26 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.kp.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 25-Feb-2021 17:16:26 GMT

POST
H2 200 1 Show response
mc.yandex.ru/watch/38305645/ 43 B
73 B 79ms
79ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/38305645/1?page-url=https%3A%2F%2Fwww.kp.by%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Acaxsklyqnpvsij3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A433%3Acn%3A2%3Adp%3A1%3Als%3A905758923303%3Ahid%3A246502172%3Az%3A60%3Ai%3A20210225181626%3Aet%3A1614273387%3Ac%3A1%3Arn%3A877850013%3Au%3A1614273386335967376%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1614273384290%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1614273387

Requested by

Host: s3.stc.all.kpcdn.net
URL: https://s3.stc.all.kpcdn.net/s0/2.0.100/adaptive/vendors~adaptive.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:26 GMT
last-modified: Thu, 25-Feb-2021 17:16:26 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.kp.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 25-Feb-2021 17:16:26 GMT

GET
H2 200 1007185 Show response
mc.yandex.ru/watch/ 43 B
228 B 82ms
81ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/1007185?page-url=https%3A%2F%2Fwww.kp.by%2F&charset=utf-8&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Acaxsklyqnpvsij3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A433%3Acn%3A3%3Adp%3A1%3Als%3A550198222292%3Ahid%3A246502172%3Az%3A60%3Ai%3A20210225181626%3Aet%3A1614273387%3Ac%3A1%3Arn%3A807081760%3Au%3A1614273386335967376%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1614273384290%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1614273387%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8.%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%2F%2F%20KP.BY

Requested by

Host: s3.stc.all.kpcdn.net
URL: https://s3.stc.all.kpcdn.net/s0/2.0.100/adaptive/vendors~adaptive.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:26 GMT
last-modified: Thu, 25-Feb-2021 17:16:26 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.kp.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 25-Feb-2021 17:16:26 GMT

POST
H2 200 1 Show response
mc.yandex.ru/watch/1007185/ 43 B
73 B 82ms
82ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/1007185/1?page-url=https%3A%2F%2Fwww.kp.by%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Acaxsklyqnpvsij3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A433%3Acn%3A3%3Adp%3A1%3Als%3A550198222292%3Ahid%3A246502172%3Az%3A60%3Ai%3A20210225181626%3Aet%3A1614273387%3Ac%3A1%3Arn%3A587281364%3Au%3A1614273386335967376%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1614273384290%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1614273387

Requested by

Host: s3.stc.all.kpcdn.net
URL: https://s3.stc.all.kpcdn.net/s0/2.0.100/adaptive/vendors~adaptive.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:26 GMT
last-modified: Thu, 25-Feb-2021 17:16:26 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.kp.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 25-Feb-2021 17:16:26 GMT

GET
H/1.1 200
OK /
smi2.net/cookiematching/ 43 B
229 B 126ms
41ms Image
image/gif 82.202.225.240
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smi2.net/cookiematching/?payload=CkIKB19zbV91aWQSJDUwNjFhMTEwLTA4OGQtNDcyNC1hOTNhLWFjZWUyY2IxZWU1NhoJLnNtaTIubmV0IgEvKIDnhA8KKwoHX3NtX3VkdBINMTYxNDI3MzM4NjYyOBoJLnNtaTIubmV0IgEvKIDnhA8KQAoHX3NtX3NpZBIkZmZiNzk5ODctNTZiOS00NTc4LTkwNTEtNDA2Yzk0NGM2ZmQ1Ggkuc21pMi5uZXQiAS8oiA4%3D&rnd=1614273386794
Requested by: Host: www.kp.by
URL: https://www.kp.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.202.225.240 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 17:16:26 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

POST
H/1.1 204
No Content view Show response
stat.media/counter/ 0
135 B 5ms
3ms XHR
text/plain 136.243.42.249
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/view
Requested by: Host: s3.stc.all.kpcdn.net
URL: https://s3.stc.all.kpcdn.net/s0/2.0.100/adaptive/vendors~adaptive.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.42.249 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: sm-server1-1.sfa51.imcmdb.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
Date: Thu, 25 Feb 2021 17:16:26 GMT
Server: nginx
Connection: keep-alive

GET
H/1.1 200
OK cs.js Show response
sb.scorecardresearch.com/c2/16803468/ 0
400 B 9ms
8ms Script
application/x-javascript 184.25.115.49
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/c2/16803468/cs.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WCBNVW
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.25.115.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-25-115-49.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 17:16:26 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Apr 2011 23:11:26 GMT
ETag: "d41d8cd98f00b204e9800998ecf8427e:1349196464"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=259200
Connection: keep-alive
Content-Length: 20
Expires: Sun, 28 Feb 2021 17:16:26 GMT

POST
H/1.1 200
OK tracker
top-fwz1.mail.ru/ 43 B
1 KB 54ms
54ms Other
image/gif 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=3084308;u=https%3A//www.kp.by/;st=1614273385024;s=1600*1200;vp=1600*1200;touch=0;hds=1;flash=;sid=1fd95e1685b1fc81;ver=60.3.0;tz=-60%2FEurope%2FBerlin;nt=0/0/1614273384290/////0/1/1/1/182/35/182/553/627/563/734/734/734/2634/2634/;ni=9.4//4g/0/0/;lvid=1614273386062%3A1614273386925%3A2%3A630016224165cf3b83b938b8ae4abbf6;opts=dl;_=0.16051640051573934;e=RT/load;et=1614273386924

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 25 Feb 2021 17:16:26 GMT
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Access-Control-Allow-Headers: *
AMP-Access-Control-Allow-Source-Origin: https://www.kp.by
Server: nginx
Access-Control-Allow-Methods: GET, POST, HEAD, PUT, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.kp.by
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Cache-Control: private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials: true
Accept-CH-Lifetime: 86400
Accept-CH: DPR, Width, Viewport-Width, Downlink, Device-Memory
Timing-Allow-Origin: https://www.kp.by
Keep-Alive: timeout=60

GET
H/1.1 204
No Content stats
x01.aidata.io/ Frame 71C0 0
103 B 50ms
49ms Image
text/plain 89.108.120.68
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/stats?pixel=7304081&v=1614273385157&pid=7304081&js=1&bounce=1&pid=7304081&js=1&sid=40940914e62a473696876f1483def48e&__upin=Jsz4R65DBhRtVy+8NTWIsA&id=https://www.kp.by/&payload=%7B%22event%22%3A%22referrer%22%2C%22type%22%3A%22referrer%22%2C%22data%22%3A%7B%22value%22%3A%22%22%7D%7D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.108.120.68 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51803.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Connection: keep-alive
Date: Thu, 25 Feb 2021 17:16:26 GMT
Server: nginx

GET
H/1.1

204
No Content

0.gif
x01.aidata.io/ Frame 71C0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=aidata_ddp&back=1STPARTY&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=aidata_ddp&back=1STPARTY&google_cm=&google_tc=
https://x01.aidata.io/0.gif?pid=GOOGLE&back=1STPARTY&google_gid=CAESEL4jPRmlbAkQgXHIbThUy8s&google_cver=1

0
584 B

90ms
44ms

Image
text/plain

89.108.120.68
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/0.gif?pid=GOOGLE&back=1STPARTY&google_gid=CAESEL4jPRmlbAkQgXHIbThUy8s&google_cver=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.108.120.68 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51803.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Feb 2021 17:16:27 GMT
Last-Modified: Thu, 25 Feb 2021 17:16:26 GMT
Server: nginx
P3P: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 25 Feb 2021 17:16:26 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:27 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://x01.aidata.io/0.gif?pid=GOOGLE&back=1STPARTY&google_gid=CAESEL4jPRmlbAkQgXHIbThUy8s&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204
No Content

0.gif
x01.aidata.io/ Frame 71C0
Redirect Chain

https://px.adhigh.net/p/cm/aidata?u=Jsz4R65DBhRtVy%2B8NTWIsA&back=1STPARTY
https://px.adhigh.net/p/cm/aidata?u=Jsz4R65DBhRtVy%2B8NTWIsA&back=1STPARTY&bounced=1
https://x01.aidata.io/0.gif?pid=GETINTENT&id=8aYLPoosWgY.AikABlF32jFZgw&back=1STPARTY

0
584 B

63ms
50ms

Image
text/plain

89.108.120.68
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/0.gif?pid=GETINTENT&id=8aYLPoosWgY.AikABlF32jFZgw&back=1STPARTY
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.108.120.68 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51803.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Feb 2021 17:16:27 GMT
Last-Modified: Thu, 25 Feb 2021 17:16:26 GMT
Server: nginx
P3P: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 25 Feb 2021 17:16:26 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:43 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f8-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://x01.aidata.io/0.gif?pid=GETINTENT&id=8aYLPoosWgY.AikABlF32jFZgw&back=1STPARTY
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

204
No Content

0.gif
x01.aidata.io/ Frame 71C0
Redirect Chain

https://otclick-adv.ru/core/match.gif?s=24&id=Jsz4R65DBhRtVy%2B8NTWIsA&reference=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3DOTCLICK%26id%3D%23%7BUID%7D%26back=1STPARTY
https://idntfy.ru/token?e=base64&u=aHR0cHM6Ly9vdGNsaWNrLWFkdi5ydS9jb3JlL21hdGNoLmdpZj9zPTI0JmlkPUpzejRSNjVEQmhSdFZ5JTJCOE5UV0lzQSZyZWZlcmVuY2U9aHR0cHMlM0ElMkYlMkZ4MDEuYWlkYXRhLmlvJTJGMC5naWYlM0ZwaW...
https://otclick-adv.ru/core/match.gif?s=24&id=Jsz4R65DBhRtVy%2B8NTWIsA&reference=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3DOTCLICK%26id%3D%23%7BUID%7D%26back=1STPARTY&vidsetup=1&idntfy=VO6MGEyb4X...
https://x01.aidata.io/0.gif?pid=OTCLICK&id=VO6MGEyb4XrFOwR&back=1STPARTY

0
584 B

51ms
50ms

Image
text/plain

89.108.120.68
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/0.gif?pid=OTCLICK&id=VO6MGEyb4XrFOwR&back=1STPARTY
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.108.120.68 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51803.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Feb 2021 17:16:27 GMT
Last-Modified: Thu, 25 Feb 2021 17:16:26 GMT
Server: nginx
P3P: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 25 Feb 2021 17:16:26 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:27 GMT
server: nginx/1.18.0
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
location: https://x01.aidata.io/0.gif?pid=OTCLICK&id=VO6MGEyb4XrFOwR&back=1STPARTY
cache-control: no-cache, max-age=0, must-revalidate, no-store
content-length: 124
expires: Thursday, 01-Jan-1970 00:00:00 GMT

GET
H/1.1

204
No Content

0.gif
x01.aidata.io/ Frame 71C0
Redirect Chain

https://counter.yadro.ru/id-redir/aidata.gif
https://x01.aidata.io/0.gif?pid=LIVE&id=E25697C8F643645B6811&

0
584 B

98ms
51ms

Image
text/plain

89.108.120.68
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/0.gif?pid=LIVE&id=E25697C8F643645B6811&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.108.120.68 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51803.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Feb 2021 17:16:27 GMT
Last-Modified: Thu, 25 Feb 2021 17:16:26 GMT
Server: nginx
P3P: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 25 Feb 2021 17:16:26 GMT

Redirect headers

Location: https://x01.aidata.io/0.gif?pid=LIVE&id=E25697C8F643645B6811&
Date: Thu, 25 Feb 2021 17:16:26 GMT
Server: nginx/1.17.9
Connection: keep-alive
Content-Length: 335
Strict-Transport-Security: max-age=86400
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1

204
No Content

0.gif
x01.aidata.io/ Frame 71C0
Redirect Chain

https://sync.crwdcntrl.net/map/c=7645/tp=AIDA/?https://x01.aidata.io/0.gif?pid=LOTAME&id=Jsz4R65DBhRtVy%2B8NTWIsA&back=1STPARTY
https://sync.crwdcntrl.net/map/ct=y/c=7645/tp=AIDA/?https://x01.aidata.io/0.gif?pid=LOTAME&id=Jsz4R65DBhRtVy%2B8NTWIsA&back=1STPARTY
https://x01.aidata.io/0.gif?pid=LOTAME&id=Jsz4R65DBhRtVy+8NTWIsA&back=1STPARTY

0
584 B

79ms
51ms

Image
text/plain

89.108.120.68
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/0.gif?pid=LOTAME&id=Jsz4R65DBhRtVy+8NTWIsA&back=1STPARTY
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.108.120.68 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51803.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Feb 2021 17:16:27 GMT
Last-Modified: Thu, 25 Feb 2021 17:16:26 GMT
Server: nginx
P3P: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 25 Feb 2021 17:16:26 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:27 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://x01.aidata.io/0.gif?pid=LOTAME&id=Jsz4R65DBhRtVy+8NTWIsA&back=1STPARTY
cache-control: no-cache
x-server: 10.45.14.159
content-length: 0
expires: 0

GET
H/1.1

204
No Content

0.gif
x01.aidata.io/ Frame 71C0
Redirect Chain

https://exchange.buzzoola.com/aidata_pixel?back=1STPARTY
https://exchange.buzzoola.com/aidata_pixel?back=1STPARTY&set_buzzoola_cookie=t
https://x01.aidata.io/0.gif?back=1STPARTY&id=b963ef8b-eed1-4096-78ab-a8439aae611f&pid=BUZZOOLA&set_buzzoola_cookie=t

0
584 B

83ms
49ms

Image
text/plain

89.108.120.68
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/0.gif?back=1STPARTY&id=b963ef8b-eed1-4096-78ab-a8439aae611f&pid=BUZZOOLA&set_buzzoola_cookie=t
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.108.120.68 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51803.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Feb 2021 17:16:26 GMT
Last-Modified: Thu, 25 Feb 2021 17:16:25 GMT
Server: nginx
P3P: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 25 Feb 2021 17:16:25 GMT

Redirect headers

location: https://x01.aidata.io/0.gif?back=1STPARTY&id=b963ef8b-eed1-4096-78ab-a8439aae611f&pid=BUZZOOLA&set_buzzoola_cookie=t
date: Thu, 25 Feb 2021 17:16:26 GMT
server: nginx
content-length: 164
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2 204 aidata
sync.dmp.otm-r.com/match/ Frame 71C0 0
69 B 11ms
2ms Image
text/plain 195.201.106.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/aidata?back=1STPARTY&rp=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3DOTM%26id%3D%7Bpid%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.201.106.117 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.106.201.195.clients.your-server.de
Software: nginx/1.15.9 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 25 Feb 2021 17:16:26 GMT
server: nginx/1.15.9

GET
H/1.1

204
No Content

0.gif
x01.aidata.io/ Frame 71C0
Redirect Chain

https://sync.upravel.com/aidata/sync?back=1STPARTY
https://sync.upravel.com/aidata/sync?back=1STPARTY&session_tpt=eyJoZWFkZXJzIjp7fX0
https://0e40bcd1-d702-4fb2-b7a1-de475d7f3a94.sync.upravel.com/aidata/sync?back=1STPARTY&ud_tpt=eyJoZWFkZXJzIjp7fX0
https://x01.aidata.io/0.gif?pid=MGCOM&id=0e40bcd1-d702-4fb2-b7a1-de475d7f3a94&back=1STPARTY

0
584 B

89ms
43ms

Image
text/plain

89.108.120.68
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/0.gif?pid=MGCOM&id=0e40bcd1-d702-4fb2-b7a1-de475d7f3a94&back=1STPARTY
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.108.120.68 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51803.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Feb 2021 17:16:27 GMT
Last-Modified: Thu, 25 Feb 2021 17:16:26 GMT
Server: nginx
P3P: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 25 Feb 2021 17:16:26 GMT

Redirect headers

date: Thu, 25 Feb 2021 17:16:27 GMT
server: nginx
location: https://x01.aidata.io/0.gif?pid=MGCOM&id=0e40bcd1-d702-4fb2-b7a1-de475d7f3a94&back=1STPARTY
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
content-type: image/png
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 0

GET
H/1.1

204
No Content

0.gif
x01.aidata.io/ Frame 71C0
Redirect Chain

https://aidata-sync.rutarget.ru/sync?back=1STPARTY
https://x01.aidata.io/0.gif?pid=SEGMENTO&id=2i0QKziMg9Yy&back=1STPARTY

0
584 B

51ms
50ms

Image
text/plain

89.108.120.68
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/0.gif?pid=SEGMENTO&id=2i0QKziMg9Yy&back=1STPARTY
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.108.120.68 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51803.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Feb 2021 17:16:27 GMT
Last-Modified: Thu, 25 Feb 2021 17:16:26 GMT
Server: nginx
P3P: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 25 Feb 2021 17:16:26 GMT

Redirect headers

Location: https://x01.aidata.io/0.gif?pid=SEGMENTO&id=2i0QKziMg9Yy&back=1STPARTY
Date: Thu, 25 Feb 2021 17:16:27 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H/1.1

204
No Content

0.gif
x01.aidata.io/ Frame 71C0
Redirect Chain

https://cm.p.altergeo.ru/aidata?aid=Jsz4R65DBhRtVy%2B8NTWIsA&nc=853&url=https%3A//x01.aidata.io/0.gif%3Fpid%3DALTERGEO%26id%3D%24%7BUSER_ID%7D%26rnd%3D%24%7BRANDOM%7D%26back%3D1STPARTY
https://x01.aidata.io/0.gif?pid=ALTERGEO&id=CMdG4M1zH3Sum9K6gMgLbbDQ==&rnd=741439df&back=1STPARTY

0
584 B

127ms
49ms

Image
text/plain

89.108.120.68
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/0.gif?pid=ALTERGEO&id=CMdG4M1zH3Sum9K6gMgLbbDQ==&rnd=741439df&back=1STPARTY
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.108.120.68 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51803.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Feb 2021 17:16:27 GMT
Last-Modified: Thu, 25 Feb 2021 17:16:26 GMT
Server: nginx
P3P: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 25 Feb 2021 17:16:26 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 25 Feb 2021 17:16:19 GMT
Server: nginx/1.16.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://x01.aidata.io/0.gif?pid=ALTERGEO&id=CMdG4M1zH3Sum9K6gMgLbbDQ==&rnd=741439df&back=1STPARTY
Cache-Control: max-age=0, no-cache, no-store
Connection: close
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204
No Content

0.gif
x01.aidata.io/ Frame 71C0
Redirect Chain

https://an.yandex.ru/mapuid/dmpaidatame/Jsz4R65DBhRtVy%2B8NTWIsA?sign=738621324&location=https%3A//x01.aidata.io/0.gif%3Fpid%3D1STPARTY
https://x01.aidata.io/0.gif?pid=1STPARTY

0
584 B

78ms
50ms

Image
text/plain

89.108.120.68
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/0.gif?pid=1STPARTY
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.108.120.68 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51803.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Feb 2021 17:16:27 GMT
Last-Modified: Thu, 25 Feb 2021 17:16:26 GMT
Server: nginx
P3P: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 25 Feb 2021 17:16:26 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:26 GMT
content-encoding: gzip
last-modified: Thu, 25 Feb 2021 17:16:26 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://x01.aidata.io/0.gif?pid=1STPARTY
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 25 Feb 2021 17:16:26 GMT

GET
H/1.1 200
OK cm.gif
ad.mail.ru/ Frame 71C0 43 B
323 B 140ms
48ms Image
image/gif 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mail.ru/cm.gif?p=18&id=Jsz4R65DBhRtVy%2B8NTWIsA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 17:16:27 GMT
Last-Modified: Thu, 25 Feb 2021 17:16:27 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: max-age=21600
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
Expires: Thu, 25 Feb 2021 23:16:27 GMT

GET
H/1.1 200
OK counter
top-fwz1.mail.ru/ Frame 71C0 43 B
1 KB 55ms
54ms Image
image/gif 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter?id=3202981;pid=Jsz4R65DBhRtVy%2B8NTWIsA

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 17:16:27 GMT
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Access-Control-Allow-Headers: *
AMP-Access-Control-Allow-Source-Origin: *
Server: nginx
Access-Control-Allow-Methods: GET, POST, HEAD, PUT, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Cache-Control: private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials: true
Accept-CH-Lifetime: 86400
Accept-CH: DPR, Width, Viewport-Width, Downlink, Device-Memory
Timing-Allow-Origin: *
Keep-Alive: timeout=60

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 6BA7 0
150 B 39ms
13ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.kp.by

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=www.kp.by
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kp.by/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.kp.by/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
server-processing-duration-in-ticks: 1789
date: Thu, 25 Feb 2021 17:16:26 GMT
content-length: 0

POST
H/1.1 204
No Content view Show response
stat.media/counter/ 0
135 B 4ms
4ms XHR
text/plain 136.243.42.249
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/view
Requested by: Host: s3.stc.all.kpcdn.net
URL: https://s3.stc.all.kpcdn.net/s0/2.0.100/adaptive/vendors~adaptive.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.42.249 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: sm-server1-1.sfa51.imcmdb.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
Date: Thu, 25 Feb 2021 17:16:26 GMT
Server: nginx
Connection: keep-alive

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame A58D 56 KB
19 KB 61ms
42ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode-bundles/0.1.3040/banners.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc44b384c5b2bfc76cfe7513d0990c80fc0d8d77c15d03988c9557145e81a1a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "794 / 305 of 1000 / last-modified: 1614255136"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19401
x-xss-protection: 0
expires: Thu, 25 Feb 2021 17:16:27 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
14 B 163ms
65ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=ca8f2028ddac8870&pm=bmo&pxo=8m-7uDtiKio92X2SJYFH_2gx-S6EpCI0BD_7ZWz7R4NG-oI8xWlNH3GVi9MLhWOykfU8kQculuFsTUdTSqDsTXuK86SUp1RRjDKTVUrCxgUOgb8txdbEyNRACSm_tvh8ou8ngGtrNLl-qSJYoa8pWHS2VXjbyBfKwZVQ8GB2iNffGQcD&p5=gwaok&ad-session-id=5458961614273386756&lts=ffwnijy&ytt=545357794117653&ybv=0.3040&ylv=0.3041&dl=https%3A%2F%2Fwww.kp.by%2F%3Fsection%3Dsociety&rqs=avcLRNk5nU5q2zdgbp7ct197nzEuv_n2&pr=dusyate&puid3=top&rtb-si=b&puid2=society%3Ainteresting%3Azenyandex%3Aeconomics%3Abelarus%3Aincident%3Apolitics%3Acelebrity&p2=fbao&rand=mnirqwe&sj=2gx0iLk8rBQKtU7-kR6t9Hb6MTWx0pdDb42ld2-ZPybXSDHqWtR19CDY7OkL3Q%3D%3D&puid1=adv-1614273385730-102&p1=bufue

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 25 Feb 2021 17:16:27 GMT
x-content-type-options: nosniff
timing-allow-origin: *

POST
H2 429 / Show response
o442949.ingest.sentry.io/api/5415742/envelope/ 45 B
349 B 37ms
17ms Fetch
application/json 34.120.195.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://o442949.ingest.sentry.io/api/5415742/envelope/?sentry_key=b9fc6bdb18af47cda69ab9bc1170f1b6&sentry_version=7

Requested by

Host: s3.stc.all.kpcdn.net
URL: https://s3.stc.all.kpcdn.net/s0/2.0.100/adaptive/vendors~adaptive.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

77e29e7c2ef665fb66daa4adbd5a877ad518b9698c165e1a486813acf9ee84f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 25 Feb 2021 17:16:27 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.kp.by
access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: clear
content-length: 45
x-sentry-rate-limits: 31:transaction:organization:transaction_usage_exceeded
retry-after: 31

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame AABD 56 KB
19 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode-bundles/0.1.3040/banners.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

345da7c19b56d35e255a18ce8efe26a10e0908e56d0e1e8117cbf3bdea320d74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "794 / 498 of 1000 / last-modified: 1614255136"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19392
x-xss-protection: 0
expires: Thu, 25 Feb 2021 17:16:27 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
107 B 135ms
57ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=71efaaebf653153a&pm=bmo&pxo=8AXCW7Zk7n2fXzaIaXK-ogE6oMkRdxkz-hbJeBJcHvwZBGm9JA0dSF_f5IVGrweptlmiG0tYdXk9lSOFP_NgUB5fMFWYz7s6WwJ4iPKzY1JvLgyhdZyRK1dxEwil6f4noN8UwBltQxyIIAo9FjYCVGGUJc2EnOuNq7weNqvdoiskMDnNQw%3D%3D&p5=igntn&ad-session-id=5458961614273386756&lts=ffwnijy&ytt=545357794117653&ybv=0.3040&ylv=0.3041&dl=https%3A%2F%2Fwww.kp.by%2F%3Fsection%3Dsociety&rqs=avcLRNk5nU5q2zdgms3fbJdXOtgeJzel&pr=dusyate&puid3=top&rtb-si=b&puid2=society%3Ainteresting%3Azenyandex%3Aeconomics%3Abelarus%3Aincident%3Apolitics%3Acelebrity&p2=gvdq&rand=etpjcew&sj=ERmhc8dwHYROJeeXDbOCEPiuPCmoXSaLpLPChp7PvjVEwRLIraUVdFjQPtNUVQ%3D%3D&puid1=adv-1614273385733-727&p1=cljxt

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 25 Feb 2021 17:16:27 GMT
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 2A2D 56 KB
19 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode-bundles/0.1.3040/banners.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc44b384c5b2bfc76cfe7513d0990c80fc0d8d77c15d03988c9557145e81a1a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "794 / 403 of 1000 / last-modified: 1614255136"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19401
x-xss-protection: 0
expires: Thu, 25 Feb 2021 17:16:27 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
14 B 133ms
64ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=ada18844ddb08df0&pm=bmo&pxo=_o_NiIwHqZZxU7H5On5dy31dTUi7Q9kinXwxiN9GIyismtj07o2YPrgHoOvWu59hP3iY2ukz96eV4qoND0xuLFVmu1M1HSX5Tw5KuvzWyolJEq5s-Uq4Mobm8NamtAZqwgQhmTIQRm7vrtUVV1dqQwSTLmw05jxT6afWlNGYXAd4ifh_dQ%3D%3D&p5=gwdbk&ad-session-id=5458961614273386756&lts=ffwnijy&ytt=545357794117653&ybv=0.3040&ylv=0.3041&dl=https%3A%2F%2Fwww.kp.by%2F%3F&rtb-si=b&p2=gftf&rand=kefwzmx&sj=G-xD_MEFtqEcC2StBWZGc6pD-sLFcpHrdBFoG5gweW3J2OCR0gaiYr7WfLqikA%3D%3D&puid1=adv-1614273385581-550&pr=dusyate&p1=cdiyj&rqs=avcLRNk5nU5q2zdgfa0K80ZypRR4p9wk

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 25 Feb 2021 17:16:27 GMT
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 200 ab9cb5f399b70f87c370.js Show response
yastatic.net/pcode-bundles/0.1.3040/ 406 B
772 B 41ms
41ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/pcode-bundles/0.1.3040/ab9cb5f399b70f87c370.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode-bundles/0.1.3040/banners.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

6b961d8c573b508ec9ae7c9ab8536e78b09dbf0555b7962e475ab541ee3d4e5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://www.kp.by
Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:27 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 224
last-modified: Thu, 25 Feb 2021 14:01:33 GMT
server: nginx/1.17.9
etag: "b5a0fe8771be162fef1e0a64561dff90"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Feb 2051 23:50:20 GMT

GET
H2 200 pubads_impl_2021022401.js Show response
securepubads.g.doubleclick.net/gpt/ Frame A58D 288 KB
101 KB 63ms
43ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022401.js?31060295

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

sffe /

Resource Hash

5ed61e775baaa0c010e0d575e6ffd15948898fd583abb85d8657214e0dbeb311

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 24 Feb 2021 09:37:53 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103521
x-xss-protection: 0
expires: Thu, 25 Feb 2021 17:16:27 GMT

GET
H2 200 pubads_impl_2021022301.js Show response
securepubads.g.doubleclick.net/gpt/ Frame AABD 290 KB
102 KB 41ms
39ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

sffe /

Resource Hash

870b2aa31c41ba833e28e8e1eb5d6e4ed828cadf9d40a40a6ebf343a0abdc4b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 23 Feb 2021 09:41:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104129
x-xss-protection: 0
expires: Thu, 25 Feb 2021 17:16:27 GMT

GET
H2 200 pubads_impl_2021022401.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 2A2D 288 KB
101 KB 49ms
49ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022401.js?31060295

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

sffe /

Resource Hash

5ed61e775baaa0c010e0d575e6ffd15948898fd583abb85d8657214e0dbeb311

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 24 Feb 2021 09:37:53 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103521
x-xss-protection: 0
expires: Thu, 25 Feb 2021 17:16:27 GMT

GET
H2 200 v2 Show response
an.yandex.ru/adfox/239538/getBulk/ Frame B458 1 KB
645 B 79ms
78ms XHR
application/json 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/239538/getBulk/v2?dl=partner&date=2021-02-25T18%3A16%3A26.770%2B01%3A00&pd=25&pdh=1200&pdw=1600&pr1=3575837238&pr=1173022738&prr=&pv=18&pw=4&extid_loader=MTYxNDI3MzM4NjMzNTk2NzM3Ng%3D%3D&extid_tag_loader=www.kp.by&ylv=0.3041&ybv=0.3040&ytt=545357794117653&is-turbo=0&skip-token=&ad-session-id=5458961614273386756&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.4%2C%22w%22%3A1560%2C%22h%22%3A0%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A800%2C%22top%22%3A245%2C%22req_no%22%3A5%2C%22ad_no%22%3A4%7D&enable-flat-highlight=1&pcode-version=0&matchid-cookies=fEO4cFbeMKCWJQW-UwWUfn8v8HaeUt88HlWarv69DYM1y0iwkVRogg%3D%3D&matchid-cookies-sign=ftEGM6sFpnpZYfrBzJurAw%3D%3D&p1=ciuln&p2=y&puid1=adv-1614273385559-832&puid2=&puid3=&puid4=&puid5=&puid6=&puid7=1-dsail%3A&puid8=&puid9=&puid10=&pke=1&pk=1-dsail%20&slotNumber=4&matchid-direct=1&grab=dNCd0L7QstC-0YHRgtC4INCR0LXQu9Cw0YDRg9GB0LguINCa0L7QvNGB0L7QvNC-0LvRjNGB0LrQsNGPINCf0YDQsNCy0LTQsCDQsiDQkdC10LvQsNGA0YPRgdC4IC8vIEtQLkJZCjHQndC-0LLQvtGB0YLQuCAyNCAKMtCR0LXQu9Cw0YDRg9GB0YwgCg%3D%3D&utf8=%E2%9C%93&duid=MTYxNDI3MzM4NjMzNTk2NzM3Ng%3D%3D

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

a69ee9b06c1b080f8188a443bb68770b37fa5f30a4dd1727893d85aa83d8225e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:27 GMT
content-encoding: gzip
last-modified: Thu, 25 Feb 2021 17:16:27 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://www.kp.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 25 Feb 2021 17:16:27 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.80/ 29 KB
8 KB 43ms
42ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.80/host.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

9a10b1418ae87e1667a44c85f39b5e1af9b8a24279d9a2743c0859d478f3f925

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://www.kp.by
Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:27 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8120
last-modified: Wed, 13 Jan 2021 14:53:48 GMT
server: nginx/1.17.9
etag: "7fa61ab429a981f415ba1c49d1babdbb"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Feb 2051 23:49:14 GMT

GET
H2 200 shadow.svg
yastatic.net/pcode-static/resources/42/leaderboard/ 333 B
769 B 43ms
42ms Image
image/svg+xml 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yastatic.net/pcode-static/resources/42/leaderboard/shadow.svg

Requested by

Host: www.kp.by
URL: https://www.kp.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

f1e572871055c1d0e152936f664d5fb075f505b99b412a4776f65a7abe80b505

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:27 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 224
last-modified: Mon, 29 Jun 2020 12:10:53 GMT
server: nginx/1.17.9
etag: "3138ca97d43c761e6ae0b4965549eec1"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=216013
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Feb 2021 05:14:50 GMT

GET
H2 200 y300
avatars.mds.yandex.net/get-direct/2798850/AKTpBEZ1Xoe1uB5xRyp7rA/ 14 KB
14 KB 149ms
48ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/2798850/AKTpBEZ1Xoe1uB5xRyp7rA/y300
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: f708d626a9dae05c55d1d522802185d96a374ff8170922fbd58e864dea81680b

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:27 GMT
last-modified: Fri, 02 Oct 2020 13:09:40 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 14094
x-request-id: 7ed3b39838cbaf45

GET
H2 200 276023 Show response
mc.yandex.ru/watch/ 35 B
141 B 43ms
43ms XHR
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/276023?wmode=7&page-url=https%3A%2F%2Fwww.kp.by%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Acaxsklyqnpvsij3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A433%3Acn%3A4%3Adp%3A1%3Als%3A1541913239857%3Ahid%3A246502172%3Az%3A60%3Ai%3A20210225181627%3Aet%3A1614273387%3Ac%3A1%3Arn%3A376595132%3Au%3A1614273386335967376%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1614273384290%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1614273387%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8.%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%2F%2F%20KP.BY

Requested by

Host: s3.stc.all.kpcdn.net
URL: https://s3.stc.all.kpcdn.net/s0/2.0.100/adaptive/vendors~adaptive.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:27 GMT
x-content-type-options: nosniff
last-modified: Thu, 25-Feb-2021 17:16:27 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.kp.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 35
x-xss-protection: 1; mode=block
expires: Thu, 25-Feb-2021 17:16:27 GMT

GET
H2 200 v2 Show response
an.yandex.ru/adfox/232598/getBulk/ Frame B458 10 KB
5 KB 159ms
158ms XHR
application/json 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/232598/getBulk/v2?dl=partner&date=2021-02-25T18%3A16%3A26.770%2B01%3A00&pd=25&pdh=1200&pdw=1600&pr1=3749297755&pr=1173022738&prr=&pv=18&pw=4&extid_loader=MTYxNDI3MzM4NjMzNTk2NzM3Ng%3D%3D&extid_tag_loader=www.kp.by&ylv=0.3041&ybv=0.3040&ytt=545357794117653&is-turbo=0&skip-token=yabs.NzIwNTc2MDM3NjI0Mzc5NDI%3D&ad-session-id=5458961614273386756&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.4%2C%22w%22%3A1560%2C%22h%22%3A0%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A800%2C%22top%22%3A245%2C%22req_no%22%3A6%2C%22ad_no%22%3A7%7D&enable-flat-highlight=1&pcode-version=0&matchid-cookies=fEO4cFbeMKCWJQW-UwWUfn8v8HaeUt88HlWarv69DYM1y0iwkVRogg%3D%3D&matchid-cookies-sign=ftEGM6sFpnpZYfrBzJurAw%3D%3D&pp=g&ps=cfab&p2=fban&puid1=adv-1614273385559-832&puid2=&puid3=&puid4=&puid5=&puid6=&puid7=1-dsail%3A1-dsail%3A&puid8=&puid9=&puid10=&pke=1&pk=1-dsail&slotNumber=4&matchid-direct=1&grab=dNCd0L7QstC-0YHRgtC4INCR0LXQu9Cw0YDRg9GB0LguINCa0L7QvNGB0L7QvNC-0LvRjNGB0LrQsNGPINCf0YDQsNCy0LTQsCDQsiDQkdC10LvQsNGA0YPRgdC4IC8vIEtQLkJZCjHQndC-0LLQvtGB0YLQuCAyNCAKMtCR0LXQu9Cw0YDRg9GB0YwgCg%3D%3D&utf8=%E2%9C%93&duid=MTYxNDI3MzM4NjMzNTk2NzM3Ng%3D%3D

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

fb7e801532f5d5e68a0573dac476805a5484dadc08840e7500e622bdf0adb5db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:27 GMT
content-encoding: gzip
last-modified: Thu, 25 Feb 2021 17:16:27 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://www.kp.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 25 Feb 2021 17:16:27 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame A58D 107 B
799 B 48ms
27ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.kp.by

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022401.js?31060295

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Feb 2021 17:16:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame A58D 107 B
553 B 46ms
28ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.kp.by

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022401.js?31060295

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Feb 2021 17:16:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame A58D 40 KB
10 KB 452ms
439ms XHR
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=880416831108035&correlator=23837192177310&output=ldjh&impl=fifs&eid=21068891%2C31060295%2C21069809%2C44733567%2C21066612&vrg=2021022401&ptt=17&sc=1&sfv=1-0-37&ecs=20210225&iu_parts=94805857%2Ckp.by_2_new&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&cust_params=kp.by_2_new%3Dkp.by_2_new_9&cookie_enabled=1&cdm=www.kp.by&bc=31&abxe=1&lmt=1614273387&dt=1614273387390&dlt=1614273387010&idt=364&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=600&oid=3&adxs=1100&adys=491&adks=597425137&ucis=3n6s0e438o1&ifi=1&ifk=1545222464&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.kp.by%2F&top=https%3A%2F%2Fwww.kp.by%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x600&msz=300x-1&ga_vid=736874391.1614273386&ga_sid=1614273387&ga_hid=908782970&ga_fc=true&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022401.js?31060295

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

d26e14a485c00fd48c1f5974e29e9b62682d8682830256d8fd8499e1c1de4691

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10404
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kp.by
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
3c021f42f589682000f52b6d36135318.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame A58D 0
0 48ms
13ms Other
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://3c021f42f589682000f52b6d36135318.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022401.js?31060295
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame A58D 0
0 26ms
6ms Other
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022401.js?31060295
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame AABD 107 B
165 B 27ms
27ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.kp.by

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Feb 2021 17:16:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame AABD 107 B
165 B 27ms
27ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.kp.by

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Feb 2021 17:16:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame AABD 19 KB
9 KB 402ms
402ms XHR
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2106699465371909&correlator=3789339288045508&output=ldjh&impl=fifs&eid=21068891%2C21069918%2C31060169%2C31060294%2C44734254&vrg=2021022301&ptt=17&sc=1&sfv=1-0-37&ecs=20210225&iu_parts=94805857%2Ckp.by_DM2_8(desktop)&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&cust_params=kp.by_DM2_8_desktop%3Dkp.by_DM2_8_desktop_9&cookie_enabled=1&cdm=www.kp.by&bc=31&abxe=1&lmt=1614273387&dt=1614273387420&dlt=1614273387030&idt=371&ea=0&frm=23&biw=1600&bih=1200&isw=970&ish=250&oid=3&adxs=315&adys=4052&adks=1423833398&ucis=yjfbyywdd13t&ifi=1&ifk=1655910507&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.kp.by%2F&top=https%3A%2F%2Fwww.kp.by%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x250&msz=970x-1&ga_vid=736874391.1614273386&ga_sid=1614273387&ga_hid=1794516510&ga_fc=true&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

91743453d0664861bc3a6e483f2694a9d63e8d4ba913568269297a521f67e73e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9372
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kp.by
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
d40dcff76d8fde160d82e59583d19251.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame AABD 0
0 28ms
13ms Other
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d40dcff76d8fde160d82e59583d19251.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame AABD 0
0 34ms
20ms Other
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame 2A2D 107 B
777 B 55ms
42ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.kp.by

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022401.js?31060295

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Feb 2021 17:16:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 2A2D 107 B
531 B 55ms
41ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.kp.by

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022401.js?31060295

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Feb 2021 17:16:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 2A2D 15 KB
9 KB 337ms
335ms XHR
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2876396792412151&correlator=496337855292997&output=ldjh&impl=fifs&eid=21068891%2C21069724%2C31060295%2C21068607%2C31060010&vrg=2021022401&ptt=17&sc=1&sfv=1-0-37&ecs=20210225&iu_parts=94805857%2Ckp.by_4_small_new&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&cust_params=kp.by_4_small_new%3Dkp.by_4_small_new_9&cookie_enabled=1&cdm=www.kp.by&bc=31&abxe=1&lmt=1614273387&dt=1614273387435&dlt=1614273387081&idt=348&ea=0&frm=23&biw=1600&bih=1200&isw=160&ish=600&oid=3&adxs=1410&adys=389&adks=445563806&ucis=2enao2sggq5o&ifi=1&ifk=2411865094&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.kp.by%2F&top=https%3A%2F%2Fwww.kp.by%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=160x600&msz=160x-1&ga_vid=736874391.1614273386&ga_sid=1614273387&ga_hid=2143780360&ga_fc=true&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022401.js?31060295

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

1572ad6ead12c30c9c138ad297b18369ebbe3efc66d651ff16bb298106cb1b18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8722
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kp.by
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 2A2D 0
0 29ms
13ms Other
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022401.js?31060295
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 2A2D 0
0 21ms
21ms Other
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022401.js?31060295
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

POST
H2 200 1 Show response
mc.yandex.ru/watch/276023/ 43 B
73 B 45ms
44ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/276023/1?page-url=https%3A%2F%2Fwww.kp.by%2F&charset=utf-8&cnt-class=1&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Acaxsklyqnpvsij3%3Afp%3A822%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A433%3Acn%3A4%3Adp%3A1%3Als%3A1541913239857%3Ahid%3A246502172%3Az%3A60%3Ai%3A20210225181627%3Aet%3A1614273387%3Ac%3A1%3Arn%3A391176536%3Au%3A1614273386335967376%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1614273384290%3Awv%3A2%3Ads%3A0%2C181%2C371%2C74%2C0%2C0%2C%2C171%2C0%2C2634%2C2634%2C16%2C734%3Adsn%3A1%2C180%2C372%2C73%2C0%2C0%2C%2C107%2C0%2C2634%2C2634%2C16%2C734%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1614273387

Requested by

Host: s3.stc.all.kpcdn.net
URL: https://s3.stc.all.kpcdn.net/s0/2.0.100/adaptive/vendors~adaptive.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:27 GMT
last-modified: Thu, 25-Feb-2021 17:16:27 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.kp.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 25-Feb-2021 17:16:27 GMT

GET
H2 200 276023 Show response
mc.yandex.ru/watch/ 43 B
73 B 53ms
51ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/276023?page-url=https%3A%2F%2Fwww.kp.by%2F&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Acaxsklyqnpvsij3%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A433%3Acn%3A4%3Adp%3A1%3Als%3A1541913239857%3Ahid%3A246502172%3Az%3A60%3Ai%3A20210225181627%3Aet%3A1614273387%3Ac%3A1%3Arn%3A968986252%3Au%3A1614273386335967376%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1614273384290%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1614273387%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8.%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%2F%2F%20KP.BY

Requested by

Host: s3.stc.all.kpcdn.net
URL: https://s3.stc.all.kpcdn.net/s0/2.0.100/adaptive/vendors~adaptive.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:27 GMT
last-modified: Thu, 25-Feb-2021 17:16:27 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.kp.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 25-Feb-2021 17:16:27 GMT

GET
H2 200 render.html Show response
yastatic.net/safeframe-bundles/0.80/1-1-0/ Frame 13A0 22 KB
6 KB 45ms
45ms Document
text/html 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.80/1-1-0/render.html

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.80/host.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

40cc818c8b06374b11230d18b2b54f8c7f2a7668b94ac9ee00d6a106cf0efd8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

:method: GET
:authority: yastatic.net
:scheme: https
:path: /safeframe-bundles/0.80/1-1-0/render.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kp.by/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.kp.by/

Response headers

server: nginx/1.17.9
date: Thu, 25 Feb 2021 17:16:27 GMT
content-type: text/html
content-length: 6026
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "f883bd7781c332870c9968db60e89349"
expires: Sat, 25 Feb 2051 23:49:16 GMT
last-modified: Wed, 13 Jan 2021 14:53:48 GMT
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes

GET
H2 200 4ddad0935cc2866df666.js Show response
yastatic.net/partner-code-bundles/13930/ 280 KB
45 KB 45ms
45ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/13930/4ddad0935cc2866df666.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

be0d0030b779aa63a7208db3452dfe70ea323adeb7cc9c655100988a9324df1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://www.kp.by
Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:27 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 45964
last-modified: Thu, 18 Feb 2021 17:45:34 GMT
server: nginx/1.17.9
etag: "4feeeaa1a1f47a4230fb6408dbaa5617"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Feb 2051 23:52:27 GMT

GET
H/1.1 200
Ok d.png
ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/ Frame 13A0 95 B
400 B 144ms
48ms Image
image/png 2a02:6b8::5:114
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::5:114 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

Referer: https://yastatic.net/safeframe-bundles/0.80/1-1-0/render.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 17:16:27 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=315360000; includeSubDomains
X-RT-IH: 0.0001
Content-Type: image/png
Cache-Control: private
Connection: close
X-RT-IQ: 0.0000
Content-Length: 95
Expires: Fri, 26 Feb 2021 17:16:27 GMT

GET
H2 200 wx1080
avatars.mds.yandex.net/get-direct/2799532/Cmbg7CMWfFPzK8FfmLBGpA/ 194 KB
194 KB 48ms
48ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/2799532/Cmbg7CMWfFPzK8FfmLBGpA/wx1080
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 1ba975279ab0e870cd496604c41e1955e56d7b54bc9135f150c916862d51ef59

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:27 GMT
last-modified: Wed, 22 Apr 2020 15:51:17 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 198288
x-request-id: c731344c0ea2bb9e

GET
H3-Q050 200 container.html Show response
268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame F67D 6 KB
3 KB 37ms
23ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022401.js?31060295

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kp.by/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.kp.by/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Thu, 25 Feb 2021 17:16:27 GMT
expires: Fri, 25 Feb 2022 17:16:27 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 event
ads.adfox.ru/232598/ 0
14 B 55ms
55ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=7f84bd73d5f84e27&pm=bmu&pxo=_o_NiIwHqZZxU7H5On5dy31dTUi7Q9kinXwxiN9GIyismtj07o2YPrgHoOvWu59hP3iY2ukz96eV4qoND0xuLFVmu1M1HSX5Tw5KuvzWyolJEq5s-Uq4Mobm8NamtAZqwgQhmTIQRm7vrtUVV1dqQwSTLmw05jxT6afWlNGYXAd4ifh_dQ%3D%3D&p5=gwdbk&ad-session-id=5458961614273386756&lts=ffwnijy&ytt=545357794117653&ybv=0.3040&ylv=0.3041&dl=https%3A%2F%2Fwww.kp.by%2F%3F&rtb-si=b&p2=gftf&rand=efcgbju&sj=G-xD_MEFtqEcC2StBWZGc6pD-sLFcpHrdBFoG5gweW3J2OCR0gaiYr7WfLqikA%3D%3D&puid1=adv-1614273385581-550&pr=dusyate&p1=cdiyj&rqs=avcLRNk5nU5q2zdgfa0K80ZypRR4p9wk&resp-time=740

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 25 Feb 2021 17:16:27 GMT
x-content-type-options: nosniff
timing-allow-origin: *

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2A2D 74 KB
28 KB 69ms
55ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022401.js?31060295

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ba484681d0972c8f5fdd10ab0986c9fa68a6511ef29684db473cc2fab186e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614169937710944"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28419
x-xss-protection: 0
expires: Thu, 25 Feb 2021 17:16:27 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 2A2D 8 KB
7 KB 61ms
47ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021022401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022401.js?31060295

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

29cb071ee699d6d768f10a89c71856cbb45d6727909427d230ed22c79583fc34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Feb 2021 17:16:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6516
x-xss-protection: 0

GET
H3-Q050 200 container.html Show response
d40dcff76d8fde160d82e59583d19251.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 8F5D 6 KB
3 KB 19ms
19ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d40dcff76d8fde160d82e59583d19251.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: d40dcff76d8fde160d82e59583d19251.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kp.by/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.kp.by/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Thu, 25 Feb 2021 17:16:27 GMT
expires: Fri, 25 Feb 2022 17:16:27 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 event
ads.adfox.ru/232598/ 0
14 B 65ms
65ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=bd8b3ac3e6b45c64&pm=bmu&pxo=8AXCW7Zk7n2fXzaIaXK-ogE6oMkRdxkz-hbJeBJcHvwZBGm9JA0dSF_f5IVGrweptlmiG0tYdXk9lSOFP_NgUB5fMFWYz7s6WwJ4iPKzY1JvLgyhdZyRK1dxEwil6f4noN8UwBltQxyIIAo9FjYCVGGUJc2EnOuNq7weNqvdoiskMDnNQw%3D%3D&p5=igntn&ad-session-id=5458961614273386756&lts=ffwnijy&ytt=545357794117653&ybv=0.3040&ylv=0.3041&dl=https%3A%2F%2Fwww.kp.by%2F%3Fsection%3Dsociety&rqs=avcLRNk5nU5q2zdgms3fbJdXOtgeJzel&pr=dusyate&puid3=top&rtb-si=b&puid2=society%3Ainteresting%3Azenyandex%3Aeconomics%3Abelarus%3Aincident%3Apolitics%3Acelebrity&p2=gvdq&rand=ezflogo&sj=ERmhc8dwHYROJeeXDbOCEPiuPCmoXSaLpLPChp7PvjVEwRLIraUVdFjQPtNUVQ%3D%3D&puid1=adv-1614273385733-727&p1=cljxt&resp-time=814

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 25 Feb 2021 17:16:27 GMT
x-content-type-options: nosniff
timing-allow-origin: *

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame AABD 74 KB
28 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ba484681d0972c8f5fdd10ab0986c9fa68a6511ef29684db473cc2fab186e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614169937710944"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28419
x-xss-protection: 0
expires: Thu, 25 Feb 2021 17:16:27 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame AABD 8 KB
6 KB 39ms
39ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021022301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e7950fb3f4467022e1188330ad9949ba500cd3e30106d5b312a4e13caa8a57b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Feb 2021 17:16:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6395
x-xss-protection: 0

GET
H2 200 wx1080
avatars.mds.yandex.net/get-direct/2799532/Cmbg7CMWfFPzK8FfmLBGpA/ 194 KB
194 KB 49ms
48ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/2799532/Cmbg7CMWfFPzK8FfmLBGpA/wx1080
Requested by: Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/13930/9d4b34913b2ca833f62b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 1ba975279ab0e870cd496604c41e1955e56d7b54bc9135f150c916862d51ef59

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:27 GMT
last-modified: Wed, 22 Apr 2020 15:51:17 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 198288
x-request-id: c731344c0ea2bb9e

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A58D 0
433 B 68ms
53ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=880416831108035&r=300x600&w=300&h=600&a=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012010270040000/ Frame 3269 180 KB
51 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022401.js?31060295

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 181374
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51478
x-xss-protection: 0
server: sffe
date: Tue, 23 Feb 2021 14:53:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0305d7d21a7fe4a1"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Feb 2022 14:53:33 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 3269 13 KB
5 KB 39ms
16ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022401.js?31060295

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 181374
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4850
x-xss-protection: 0
server: sffe
date: Tue, 23 Feb 2021 14:53:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "77bd676d834aaa8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Feb 2022 14:53:33 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 3269 90 KB
27 KB 39ms
16ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022401.js?31060295

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 181374
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27668
x-xss-protection: 0
server: sffe
date: Tue, 23 Feb 2021 14:53:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1304c1c0caf7ca3c"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Feb 2022 14:53:33 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 3269 3 KB
1 KB 41ms
19ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022401.js?31060295

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 181374
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1350
x-xss-protection: 0
server: sffe
date: Tue, 23 Feb 2021 14:53:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "12c034eb739190af"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Feb 2022 14:53:33 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 3269 41 KB
13 KB 42ms
19ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022401.js?31060295

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 181374
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13075
x-xss-protection: 0
server: sffe
date: Tue, 23 Feb 2021 14:53:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e8a1dae72af56cd"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Feb 2022 14:53:33 GMT

GET
DATA 200
OK truncated
/ Frame 3269 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc1d24054895fb0e8e4214645705fb503908e52b24cff5c5e0051618479a1ea5

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 1969757983395490319
tpc.googlesyndication.com/daca_images/simgad/ Frame 3269 60 KB
60 KB 9ms
8ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/1969757983395490319

Requested by

Host: www.kp.by
URL: https://www.kp.by/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55d22383548d78053ceefdeaf85b256a754ecdac7f9a88a6b03dd69a0b1ae499

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 23:25:08 GMT
x-content-type-options: nosniff
age: 323479
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61622
x-xss-protection: 0
last-modified: Thu, 01 Oct 2020 13:10:14 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Feb 2022 23:25:08 GMT

GET
H3-Q050 200 ru.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 3269 3 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/ru.png

Requested by

Host: www.kp.by
URL: https://www.kp.by/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Feb 2021 10:22:27 GMT
x-content-type-options: nosniff
server: cafe
age: 24840
etag: 6726277462267614359
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3041
x-xss-protection: 0
expires: Fri, 26 Feb 2021 10:22:27 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 3269 344 B
439 B 8ms
7ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.kp.by
URL: https://www.kp.by/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Feb 2021 06:19:42 GMT
x-content-type-options: nosniff
server: cafe
age: 39405
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Fri, 26 Feb 2021 06:19:42 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 3269 0
0 14ms
14ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQjBCUqsk11x7I_qCHbJfWUnmMHrsu6y7GUQWwhnid2KDJLpA9utqzg9XaBYmenkqeqCo83HHqSYDx_8kB0vNb0Nu125w
Requested by: Host: www.kp.by
URL: https://www.kp.by/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3269 0
0 44ms
43ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CYHUxa9s3YN3TG8WbrASl96S4Da3P48Zh4sfWos8LhMG1q64BEAEg8cvnQmCVAqAB8NGF7APIAQKpAmQcJiwthLQ-4AIAqAMByAMIqgTFAU_QbQvoFd-o9u7d-Jqy26MDjiu6sniBhEeqrLgSAV8sZuw1YrsO1sbmRRG_AVdZY2zq2BsLGC93afPLCF8EaBVYxesqz7URx8YtnM04UwUIzUrtR-_3_Eot8BRVqmYJRvVZ0o_Ul2Tg1jiez9IejolJzpqqpbXemAs0kNwxgVxqV4ijXtn4ZazMc4QmHpbT2yxUAdpbetU-ZSyqIp5F3kkE0bEW_FF_6qiUcfxAmxX-nUoOAhdTQ8S5MbBeYCynzKnCXZDvwAS0oI_YkgPgBAGSBQQIBBgBkgUECAUYBKAGAoAH-K36E6gH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBCY2znSCAkIgOGAEBABGB2ACgPICwHYEwKYFgGyFxoKGAgAEhRwdWItNzE3MjczMzQwODQ1NTY5Mg&sigh=XDxjQtRYKDA&tpd=AGWhJmvFtcl8qTjGM9S-gQBdDoH2YQMmtsMXSBtvjsLh56vnIg
Requested by: Host: www.kp.by
URL: https://www.kp.by/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s21-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 204 event
ads.adfox.ru/232598/ 0
14 B 69ms
69ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=61575a4d1bc49928&pm=bmu&pxo=8m-7uDtiKio92X2SJYFH_2gx-S6EpCI0BD_7ZWz7R4NG-oI8xWlNH3GVi9MLhWOykfU8kQculuFsTUdTSqDsTXuK86SUp1RRjDKTVUrCxgUOgb8txdbEyNRACSm_tvh8ou8ngGtrNLl-qSJYoa8pWHS2VXjbyBfKwZVQ8GB2iNffGQcD&p5=gwaok&ad-session-id=5458961614273386756&lts=ffwnijy&ytt=545357794117653&ybv=0.3040&ylv=0.3041&dl=https%3A%2F%2Fwww.kp.by%2F%3Fsection%3Dsociety&rqs=avcLRNk5nU5q2zdgbp7ct197nzEuv_n2&pr=dusyate&puid3=top&rtb-si=b&puid2=society%3Ainteresting%3Azenyandex%3Aeconomics%3Abelarus%3Aincident%3Apolitics%3Acelebrity&p2=fbao&rand=hreglma&sj=2gx0iLk8rBQKtU7-kR6t9Hb6MTWx0pdDb42ld2-ZPybXSDHqWtR19CDY7OkL3Q%3D%3D&puid1=adv-1614273385730-102&p1=bufue&resp-time=860

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 25 Feb 2021 17:16:27 GMT
x-content-type-options: nosniff
timing-allow-origin: *

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame A58D 8 KB
6 KB 39ms
39ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021022401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022401.js?31060295

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7b3be6202c39c011cff76f83cf36d0917e4f26d2deacb0a83d618b111b39759

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Feb 2021 17:16:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6453
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D883 510 B
697 B 43ms
18ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQ1K6oAhi_rviVATAB&v=APEucNVBARCstmVroyre_xKvlKQpY_-qgG4Ys3QrJD4_7YAmq58IBDi_ItawY5gn_yhRlSg__0_5WJ1yM7NqUntYEGPtrv7BCDQgut1N_PMjCuetj8o-n7vd7D6gG4uXQWYQ9AUPS1Q-OfqnNLjo6L36IJzUwbCJCpuh1KWO0Jnmj7uvB9xD6hzFMtRLZKwFVvnu1GsRm0xq

Requested by

Host: 268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com
URL: https://268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ec204561656bab028c2fb1d77312a95e26333f39b4a2a274049423f023acf5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CMXlgQEQ1K6oAhi_rviVATAB&v=APEucNVBARCstmVroyre_xKvlKQpY_-qgG4Ys3QrJD4_7YAmq58IBDi_ItawY5gn_yhRlSg__0_5WJ1yM7NqUntYEGPtrv7BCDQgut1N_PMjCuetj8o-n7vd7D6gG4uXQWYQ9AUPS1Q-OfqnNLjo6L36IJzUwbCJCpuh1KWO0Jnmj7uvB9xD6hzFMtRLZKwFVvnu1GsRm0xq
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUknD7EaOF-8LNn3lO51h4RYHiGZnjwVNT2JtMOE4_in9eo5WDE41065Oto0bS4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 25 Feb 2021 17:16:27 GMT
server: cafe
cache-control: private
content-length: 236
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame F67D 39 KB
19 KB 62ms
37ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BSQPHe8MYGNsAnJaKVQZb-eIzEq9W8HKn9QbWMMluprG9k1i3EjBBcpmwTxh85pvFxEyxfMzuYBL1-4nWE5VgSNAf24DYO1Ww6B0Re14RjODHE3xZ_fBELNgI2GTBabN6ZnlWy_6JxNj5oSFmMvF9MFlhgig&dbm_d=AKAmf-COc3oVrvlY0QMGO_efQw-WNrSTMZFCXxnxlETo0KV6umZFnt1Ih1_HcRoGRZQzSrxZRhQ4KLoWWKtrHy5gvVG3TvJt5odE0zROW6o7P2E6ySav0BZ86c1M7hy-3-b1htJKB3gi_XjNfjsMd5ixdSifz4JkS02d3qB1pSo23ohr395-j-HQq7yX3DxESTxbMCK5Q1k-JB7xtTEawh8Eu1ukeEBZ8WNVqupPAfvR5NBTzLiNiGW2tq0Y-SiVkn-LTjrC1kKe_i5X8H_XguGo4M7Joe4hCvs5uOV91Nz9a0d8Rs26N7rwjlVEawuzS-BsFyaqhvUMwqcw0dwoojYAFgXMmmneWTCXSZHIQ1XrYNvH1s_PV55E2eoTsn2Ig55pxGA8nlSiT09nviXrm6xmODcjDWoRvF1_adHI29uh6-dQu1j4NySx9hp3m42SbJbuidw2Ef-yOqTmDrxyIAR_qqE9q8XOyUaJJXU2rqS1DaSqAssC_cZPqz9RpGBjtSm52pgAS07-P2LKoqizgFGoELphqTQ9biaioiN6nm51Dt8ozjv36-brDBSaVY6Sq_scQ2DMLgUeTwXGcMQqokmt1bYyDtY13A6nA4aOP1Mn3ENvV3cM8p_uAv20ARauPZpKDfdC9-ZLWL-lGFNuFBTNlBNWGHzZMnXsHTZSfucOdv50yRPUT2ahrUDhLjH25zFzLKjny-c4Ty4IYRsmyZuEKoxSnlT0QrQK8S5SSckyqGfuRamxA_OYL-GKUjQPPhTRnP_tb7NHQH5GPTR5k7zutNIyqYymawLOZL7njAgNiAi9ZLRAUx_CJKPTIqg9DnS8kpM9CbY4ngSF3CsHylkiDFUreYZ-0_Hgm2u0fz7-ARGdPlZYbF9KuzHvWRhoiQCPoZlWtyb87j7yc9hT3vGCzTa08rKBhxi8tbt4vngfgX0ZCwU3dQC4-zjegbr6nfevuTlXfMkgRY_9LjQ-ufNnP0RpnSoW9_WvgKG_pQ8S5qQSU6jw79PmR5tk1LOPvspUVf_ZborNqySiNSKD1zI98s44vLF6n-w5EGCGhBZ1D1BGUhakPJE8p5h5Vt5AglYQDcyC20GDDMKj93fDMVbMKzdNopu1OKD6M_AN2U0QmU5HfP3LIklENItfq9vk0P2lFnGF0MIupRzim5AzjRPw5gHXMqiFJCe2IL2wW3vWu46XZlWJMBG5Oj4s6m0WX3-AfxL2yfu49tO2xlRGBLWZhBMnjjfSLwHn7Qj-T_IqR5AO1yw1rl1n72iURrBeqzPpKqUfr76mG_Y4cPQi74z6uVMpTsmd0o_vk4MdyAnpDt6fJW7Q-tl026Vmqy3W0aC8niUEo5wIjubcil1U8FUJQHy0uEw1ysqfkXvdScNQlIW4WycnISwwckfjCAuVrN-vunjkT88iQr8DUGBnvfZcidbH8oHZVdLFeH1Y1z28ixhULYEMfl0GjA8aq7F__2U7SQuURCVu7-ku-a09tnw25hOKUqus5fKhKmRpKbKjMatQXPBIITB1jcO3KIuQb08YnDuKPcx22_ZNUeZSQmpnBL-rH0eAtN93WQipJ2nfXR29a3LLPjJSiBocquCBuSPcPFPTLa68eoQqnmbYJc4QNaXKVwmkPhCpDkg7lnktSCsGw-jevX6XXhgLzHXk0WvQuTUdkJGJYffjHihV6VSXdEHYdnHplr6E6Lr1t9Gsb2RTk5ywtAj_5frKOhUp0NsIJyIeAtZ1fSm_UGyIw22jD7cjjYRgRr-iyIRB8G1ygN3aEUr2P2bYfjRrYDD8TqhX6IZooABX986seBNboysil-pFYJ8EEfPg2JLRWtBhXj7lrllboEjHEg9DTaCCMG03aeWa_9t-WhwqwjANmpde6sIb7xe3vbYiUbtoHlWt2KcfQB3-zYKV7r5FH8WRlObD4bB6nWRVvhosDYpqHdJY2RBZRaS95cHA4b0hCyBrp4dlTEsCjA00Xx0siXgKKq4ZlUOvCMZMlFneXUf3zSAKYKsF3W0KKs0Pq4NCVbHJts4GU-mRXCf3el-o16hh_3uHgSi3o5hpvzQ5lYck-80-11B_PdNcxijeXjKhUAe1gPb-0n_2aFA5XZzaMIQCFZzBIaZdbP7SVU9iNWIeOpNHKBbLl5lS5NovdWacmSHIpGzyjdCBBmkuP9fMbEb7K-ItgnTJaNBAvVKXaj4lX5UWYc4jDC18XzQtHmuSbZ_bIf9dIscpmIJV--bF3kk0ShglToT_WaONSvr7eB8NAPnYYTl-doDcK9Jisnkus_tm54Wnofn5xWPUfARrN-ryiWTZTFJKmJOVFI3WS-w8PKPk1255GFmVi3Zllme8Z9xTLu75395W2gQwCIjEWgdG1msF_9MbXbowWvG1DoqO1k9syyS4PskbP8c_C5Uh5M2BIgRkffPAmypwNrVeqzfh9SXxjr1JQbHs-zIE3yccjvhNstmkXDh9yF0jBbzAJj4cxkWfct14JUnPDP0zuBX6DPaVePM99XN_PmVJzFxM-4HE2-NsrmIMmWcGQSVf2wpW9x0MK4O01r8Efc2NGCoDtEyATlHzp_3UHNLEF5jtAKVGJqUjNQmCCrHFoI_AhBnTMK2CUpOTObs57fqimpIZ4v3JFDZMB4uWDv70gTETf_cR45s-XZaYofzVjxLkcjrpCgsBLDTHheYc9f8wk9FSJ7AFxdXKNcbtpEmfFEerPzKhOakHu3Yga_uH2xaXYNtqP73ixU5X0v0bwxrotERUaxYtIxAC3Z2vpYfg_9TMczntJv0bIFgcWR4S94g6-scidjQjHdhNHjMSjqzTpWi0IKC5Qt4RulAlgJAclPBs0Po-YvoX8CEQd-7UVN8d9GjLL9C9TK9ATCi0NPIqvX_juQx6zIb1ghH6f4uCsC9YERPb41-Dzf-5_S6aD_KWHwut5VKlIEY5BHq1NPoODbBLv2BVJuKf_lWDoOrLuPFEMrAMamraCkBLcwPDXe9-lbKm6jFDWOZLTQh0rCTysvmWbviulOO1Uc16POO1m_b79nXtd8FknCGXew&cid=CAASEuRoAdGQpLldPgCUctkmZqhNlA&rfl=2%2Chttps%253A%252F%252Fwww.kp.by%242%2Chttps%253A%252F%252Fwww.kp.by%252F%240

Requested by

Host: www.kp.by
URL: https://www.kp.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37f7a934f714bf265769789b8514887586b3e5747bfba9ea5c792a506454bcd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18967
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F67D 42 B
68 B 40ms
39ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DpbGVvLmJK3iFXChrq6CQXp7Yu4bH8GQ0sIBfoPvcRXVGCExCbfFn6ibcAbDtUUgstaakGnO2rZQfzaCXLSF9pFN-jesKBREYFP2FYrHBybdY8zOU

Requested by

Host: 268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com
URL: https://268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210223/r20110914/client/ Frame F67D 3 KB
2 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210223/r20110914/client/window_focus_fy2019.js

Requested by

Host: 268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com
URL: https://268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 16:41:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2089
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Mar 2021 16:41:38 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F67D 107 KB
33 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com
URL: https://268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c2fd04bc7557ff3208e06324dba5f6e0538554a026630abba81dbb398a5a27d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614169956137819"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33369
x-xss-protection: 0
expires: Thu, 25 Feb 2021 17:16:27 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210223/r20110914/client/ Frame F67D 14 KB
6 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210223/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com
URL: https://268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 16:47:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1708
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 4905056106247604317
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Mar 2021 16:47:59 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame F67D 0
0 16ms
15ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTLOeUpBa3P_Dey_3CJFWW9tZT0Rv4JFXpdCysW2iiYty0PreoS1GM09_ZXDBfrWkvu0aGhDzSYGhN_A6eEr96bZkxVuw
Requested by: Host: 268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com
URL: https://268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame DDB4 631 B
367 B 42ms
25ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjWvryZATAB&v=APEucNUOIT_3smG0PQ4ogvH3y7Ea_Aa7PyoD9reBvi16wHVo8XWDF60la2MnqecLZj7XCa9gIyxc0ZC8bl-qhuznM_IUk2xHyM9q7RMwaL6sMs4w_DSKB6lsKXqEpnvVPPXEM3Gw_Eb5LtM2kmIL9Y8hU8zKIG_8Py-wKzv3t_YLolAxWzypXc-fQkRTJcX3w0yOWCs5UyAS

Requested by

Host: www.kp.by
URL: https://www.kp.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b1d4ea37cd015a22a5720e4e4916d54ad57a86c181eb26adeb5fb2ec4d403f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CPvjgQEQ_aOOARjWvryZATAB&v=APEucNUOIT_3smG0PQ4ogvH3y7Ea_Aa7PyoD9reBvi16wHVo8XWDF60la2MnqecLZj7XCa9gIyxc0ZC8bl-qhuznM_IUk2xHyM9q7RMwaL6sMs4w_DSKB6lsKXqEpnvVPPXEM3Gw_Eb5LtM2kmIL9Y8hU8zKIG_8Py-wKzv3t_YLolAxWzypXc-fQkRTJcX3w0yOWCs5UyAS
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://d40dcff76d8fde160d82e59583d19251.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUknD7EaOF-8LNn3lO51h4RYHiGZnjwVNT2JtMOE4_in9eo5WDE41065Oto0bS4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://d40dcff76d8fde160d82e59583d19251.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 25 Feb 2021 17:16:27 GMT
server: cafe
cache-control: private
content-length: 300
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame D9E4 57 KB
22 KB 73ms
56ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-At7qS4d3qoWvtN694-kfWA-DR4WZwK73mVdo1FbIRQlZBsKJlFamC6FMpk6FRZSR8dpMyFpprkPbkJkZCYZOZiwopqcnunJvkMPEnEBXZfkP4YOye_b7v0bE6XyCK4M0s0ceEFreNPk4anBdhBX022s6bP6g&dbm_d=AKAmf-DJtWKXb6SCg-z3LFZu451RsIbZG0JTVyitUnVKQbHpugqWmAN-5bsIIVJaswstdSkUcKEurGz3s-pAoXfhVacC-RZKiEs156okvKcjCZhrY28KvpHjqYwwlFLja_e2L6at4vwBy8pL_werUrMwtt21k_dFwkHcNZNG_iKuNg1DYs4V1hNw29BMdObqdZan61JSlIE8ErGskvrRHfrCKR0a_KENItjuWGuEbT2V6HC_vfKJ2gArX20P59BHRSx_zaMFAXv1_oF4D9Wo8oxbWLXNvsm7exf0BVmkECeGwt8SBwB36AI5-c01xGg0B40s79hIObmiYpAOI8GJjyO8kXDEZB71Y9AkFSjtFuGK8U_rR2qPpVI0pM-tlRzyQ5R4Et7jr12d_L3B4dcPd7OMlShgqfuTAxeB8FgvD0SCdoOJhlpjnxdQ99U1BmYsuS1IzVuce1H1hThnYmUc4ISGnk41dABbkGaC8u3KaAcBarKs02vHlwTtKMHe3sXQgpjMI6J2tMzi2PotkvGsbUp0FbFd0-gfXPeJxmxqXNppS7OFSXGCUv71JVbSiCC1P9juw54LOqRIlLkl66Pn16mNhETvZ2jXw-EWW5p9HW-CVF_x4Bk_GDwPI3z7Lp2FMW6WnmA1rC1ignwzN7Por-1HI19bs0RnYB_9mb4aVr8wj9LL3zna76OuXnpMqY5htwLBVtJMTLfNTkVpYw-Dytua68dLgTZx2BjAEcarXJvAkkCudkXGt4X-7kNU1Fw7pIPWP6KRkQVdGmkkYmbEWjIbzyoTCFBGOYKdwIbj9-smyuFztNr_bsJJoxeLv5i9WG40_WCtumH-khhzv6qiOEO-_9-638wJxKJcbvi2JPDAp_ZlOHruLxCz14u-rl4ljqDr3Gop0vU2yoijsS3R1pArdTdXYleKeGm7iXqM3dHedAaYUr1Ro_o_ROfCW9qdaqK6bC5Tp01meJWHF_kdhy3HTqAJcTTgem5aJTbmsHRoncTqPuCzC4guEjV7bbb1aWPlUT6Yeiwxu1zLqybW8rbLqMvBK8c9mz4NIKynBLnU1djB_JoNxdHA8cQ5EgGoZGzw4BnlbR3S_ShVncO4v_XfQ2Vj2ip8MODIduENq4axSbfhqkoKrEZK6awR6UJRZDArSTp_fY8YqOsRM492z4o2hTa5Ky2CXSWkYx4vqDIHmuR0jQtQjW7YR-G6z6lewvruuAsj9sWAqsZ0c3yhwPcWQgV9rI74cZVHdIIT7gPT8ckgiZansrsBthjyAN8DTijKb7orBwAjjyb3PDOnUoVGSZqq8MflEgZdD7Uxt_OVWhgz5v_IuPPIRFh7q4W4Df110I6-Wvp9o8A6xh59kCgufkhd23g2l0UHrti0sJCv3c7KCFD5oiqE202mT-hJWVwtO-hORBKn5urmIvt3Hufh0WnyzEPOH_QAPPg-qTitK_qzq2LVrwnvCoEWw2Az7GkP3m_GYDEICpkZipjWmwmRMq2ouPI3C2_4F6DkoBFrZfgeLc2cZeUx3HA332DhI0RRQYa79F57zKmFDJJV7Bz4V3IC91eZ0OVkaYbf5p9rZo0j0HCcsyuRxcwJr-ObJkuJbfx8KHGOmCu5CxNxKBYgD8yEJmePUFGSA5iM_I_z-cHPAXw_7uAlYFLcetdry-c5jiQkL7lk7FCaVLlBw0VWrsZTH7iKWxOsMmmjHHgIu2H50O0GPoDRWJHyGNW01B6PjLm88pwLKEGB05txOMvAtyYCgN7ccovfmYMdQEk1e3vzC_ApmhwhY1RdpBXV3Z82qeqtdFBSiWP4TUwxPbg9KASu3QG3LZM-8D5iJxfdRH6idVdxIcgz65T7dIV_2gNQKRUBA38sDiJuWfmXbOq-Ntj9EfbYkvjeKGHiiTOWUPhLdKqGqUM3iICNMn69L4pVPFhrx1_FNeFb5JlWNGFkWdGHT7vXAWjFXRMYvXFeHCWgQiELPQQszaGHlJIonjzNE_zPMV10acNL2tOFI_HvM8t7qHXJ0w5fqxviMNEazAmc8gxL4O02KmSNZGFh9G2HQF7aERgOl9Ytt8-Z4z6AL-759miwYo7qcJxUYlvzuxC3kJ5_isrYHbV90SCbM2UZt6QRvmqzuoSdsXCXqb5B2Wyn6r-rTV3fHiER5Yhho1YAqL9v8zx_K781E1cWmZi9XHOQNo5epgxXOlpbFXOfHUl42QFNJqFusX4WNaOFw_GvAEBvgdtIWDcpneEQFq0U4NtRaRdpawRZ_jsxne1nikDcIs7V8klsVhCJNksdEvvBoL8v9aDFdo3Hbuc6pdgfKaBva9By-o2F8YHcLMu0pNduR4wWaHAwVUPakM9CdnYagV75h_PSKTTGphPwMfx6fMpdtFCe7rwR3jL9b1hbXlZl_xyXwmFY1ZMe-oQ67vYxwc_XOuZb60hsYtJsOaTbxwvu_nIAhs9OdLJmyJj1NyooKNg0Mk1EUHSy6Gnx-tWpONxduWyS455CCD9KjzFxUZcBoPEJHvRJcjuNed6C8908Dd1NOvtFBNj86rM3XrxMSWHMX8NaawxNta1IaNfG8JzWsZ1iGuGgA4KZw3oqkxa02Un19OLf9XsPgtCQoTgaBRL3LiA6d6XjWDI0zpdEUXqWyv1izReqD1L9RPXNZ3u9XkbrmNMnYtDwRBVJL_O264GD6fuDedpRVzRfw0wwqJGvr3ENbBlmpL9-gLEPN3i8mocSIcUd42vFfQpyMlk5vN2eJp6zuWDA49WOMqXGOOnp0oMBSR-4ZBhpl7EHdGYX6KWzBQ&cid=CAASEuRocDTMNXJ5hsTqv5vsIbSNnw&rfl=3%2Chttps%253A%252F%252Fwww.kp.by%242%2Chttps%253A%252F%252Fwww.kp.by%252F%240

Requested by

Host: www.kp.by
URL: https://www.kp.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e11856e6f59e090cb14b9b9e4e038909efdcabdf93f8cd8ce040ce3cb6aee74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d40dcff76d8fde160d82e59583d19251.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22728
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210223/r20110914/client/ Frame D9E4 3 KB
2 KB 12ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210223/r20110914/client/window_focus_fy2019.js

Requested by

Host: www.kp.by
URL: https://www.kp.by/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d40dcff76d8fde160d82e59583d19251.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 16:41:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2089
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Mar 2021 16:41:38 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D9E4 107 KB
33 KB 44ms
42ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.kp.by
URL: https://www.kp.by/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c2fd04bc7557ff3208e06324dba5f6e0538554a026630abba81dbb398a5a27d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d40dcff76d8fde160d82e59583d19251.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614169956137819"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33369
x-xss-protection: 0
expires: Thu, 25 Feb 2021 17:16:27 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210223/r20110914/client/ Frame D9E4 14 KB
6 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210223/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: www.kp.by
URL: https://www.kp.by/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d40dcff76d8fde160d82e59583d19251.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 16:47:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1708
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 4905056106247604317
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Mar 2021 16:47:59 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame D9E4 0
0 16ms
14ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRpX9v5rz8UaC8XeBG8KKURMxezGIpS2oS-ISzUFEI6bmLndIVjkYUAUzDl39bfqswjI5sqSGhD__Dfhqe1MkOiQGWqUg
Requested by: Host: www.kp.by
URL: https://www.kp.by/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://d40dcff76d8fde160d82e59583d19251.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D9E4 42 B
65 B 44ms
39ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BPh8zafwRaB_DuBupesUvNi5kdB8jstHXlDWzX59eYwQEwptGNvUE8IGEnT1vkc8EDyyW6l__jIoKfDsncxFLCUnmJK932wM8xoyv5j_3GgvCkx60

Requested by

Host: www.kp.by
URL: https://www.kp.by/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d40dcff76d8fde160d82e59583d19251.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 2A2D 17 KB
6 KB 17ms
14ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022401.js?31060295

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Thu, 25 Feb 2021 17:16:27 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame AABD 17 KB
6 KB 20ms
14ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js?31060294

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Thu, 25 Feb 2021 17:16:27 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame A58D 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022401.js?31060295

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Thu, 25 Feb 2021 17:16:27 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 3269
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

42ms
42ms

Image
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.kp.by
URL: https://www.kp.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Thu, 25 Feb 2021 17:16:28 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 9057 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kp.by/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.kp.by/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Thu, 25 Feb 2021 16:25:00 GMT
expires: Fri, 25 Feb 2022 16:25:00 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3088
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 5E9F 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kp.by/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.kp.by/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Thu, 25 Feb 2021 16:15:45 GMT
expires: Fri, 25 Feb 2022 16:15:45 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3643
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210223/r20110914/ Frame F67D 23 KB
9 KB 43ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210223/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BSQPHe8MYGNsAnJaKVQZb-eIzEq9W8HKn9QbWMMluprG9k1i3EjBBcpmwTxh85pvFxEyxfMzuYBL1-4nWE5VgSNAf24DYO1Ww6B0Re14RjODHE3xZ_fBELNgI2GTBabN6ZnlWy_6JxNj5oSFmMvF9MFlhgig&dbm_d=AKAmf-COc3oVrvlY0QMGO_efQw-WNrSTMZFCXxnxlETo0KV6umZFnt1Ih1_HcRoGRZQzSrxZRhQ4KLoWWKtrHy5gvVG3TvJt5odE0zROW6o7P2E6ySav0BZ86c1M7hy-3-b1htJKB3gi_XjNfjsMd5ixdSifz4JkS02d3qB1pSo23ohr395-j-HQq7yX3DxESTxbMCK5Q1k-JB7xtTEawh8Eu1ukeEBZ8WNVqupPAfvR5NBTzLiNiGW2tq0Y-SiVkn-LTjrC1kKe_i5X8H_XguGo4M7Joe4hCvs5uOV91Nz9a0d8Rs26N7rwjlVEawuzS-BsFyaqhvUMwqcw0dwoojYAFgXMmmneWTCXSZHIQ1XrYNvH1s_PV55E2eoTsn2Ig55pxGA8nlSiT09nviXrm6xmODcjDWoRvF1_adHI29uh6-dQu1j4NySx9hp3m42SbJbuidw2Ef-yOqTmDrxyIAR_qqE9q8XOyUaJJXU2rqS1DaSqAssC_cZPqz9RpGBjtSm52pgAS07-P2LKoqizgFGoELphqTQ9biaioiN6nm51Dt8ozjv36-brDBSaVY6Sq_scQ2DMLgUeTwXGcMQqokmt1bYyDtY13A6nA4aOP1Mn3ENvV3cM8p_uAv20ARauPZpKDfdC9-ZLWL-lGFNuFBTNlBNWGHzZMnXsHTZSfucOdv50yRPUT2ahrUDhLjH25zFzLKjny-c4Ty4IYRsmyZuEKoxSnlT0QrQK8S5SSckyqGfuRamxA_OYL-GKUjQPPhTRnP_tb7NHQH5GPTR5k7zutNIyqYymawLOZL7njAgNiAi9ZLRAUx_CJKPTIqg9DnS8kpM9CbY4ngSF3CsHylkiDFUreYZ-0_Hgm2u0fz7-ARGdPlZYbF9KuzHvWRhoiQCPoZlWtyb87j7yc9hT3vGCzTa08rKBhxi8tbt4vngfgX0ZCwU3dQC4-zjegbr6nfevuTlXfMkgRY_9LjQ-ufNnP0RpnSoW9_WvgKG_pQ8S5qQSU6jw79PmR5tk1LOPvspUVf_ZborNqySiNSKD1zI98s44vLF6n-w5EGCGhBZ1D1BGUhakPJE8p5h5Vt5AglYQDcyC20GDDMKj93fDMVbMKzdNopu1OKD6M_AN2U0QmU5HfP3LIklENItfq9vk0P2lFnGF0MIupRzim5AzjRPw5gHXMqiFJCe2IL2wW3vWu46XZlWJMBG5Oj4s6m0WX3-AfxL2yfu49tO2xlRGBLWZhBMnjjfSLwHn7Qj-T_IqR5AO1yw1rl1n72iURrBeqzPpKqUfr76mG_Y4cPQi74z6uVMpTsmd0o_vk4MdyAnpDt6fJW7Q-tl026Vmqy3W0aC8niUEo5wIjubcil1U8FUJQHy0uEw1ysqfkXvdScNQlIW4WycnISwwckfjCAuVrN-vunjkT88iQr8DUGBnvfZcidbH8oHZVdLFeH1Y1z28ixhULYEMfl0GjA8aq7F__2U7SQuURCVu7-ku-a09tnw25hOKUqus5fKhKmRpKbKjMatQXPBIITB1jcO3KIuQb08YnDuKPcx22_ZNUeZSQmpnBL-rH0eAtN93WQipJ2nfXR29a3LLPjJSiBocquCBuSPcPFPTLa68eoQqnmbYJc4QNaXKVwmkPhCpDkg7lnktSCsGw-jevX6XXhgLzHXk0WvQuTUdkJGJYffjHihV6VSXdEHYdnHplr6E6Lr1t9Gsb2RTk5ywtAj_5frKOhUp0NsIJyIeAtZ1fSm_UGyIw22jD7cjjYRgRr-iyIRB8G1ygN3aEUr2P2bYfjRrYDD8TqhX6IZooABX986seBNboysil-pFYJ8EEfPg2JLRWtBhXj7lrllboEjHEg9DTaCCMG03aeWa_9t-WhwqwjANmpde6sIb7xe3vbYiUbtoHlWt2KcfQB3-zYKV7r5FH8WRlObD4bB6nWRVvhosDYpqHdJY2RBZRaS95cHA4b0hCyBrp4dlTEsCjA00Xx0siXgKKq4ZlUOvCMZMlFneXUf3zSAKYKsF3W0KKs0Pq4NCVbHJts4GU-mRXCf3el-o16hh_3uHgSi3o5hpvzQ5lYck-80-11B_PdNcxijeXjKhUAe1gPb-0n_2aFA5XZzaMIQCFZzBIaZdbP7SVU9iNWIeOpNHKBbLl5lS5NovdWacmSHIpGzyjdCBBmkuP9fMbEb7K-ItgnTJaNBAvVKXaj4lX5UWYc4jDC18XzQtHmuSbZ_bIf9dIscpmIJV--bF3kk0ShglToT_WaONSvr7eB8NAPnYYTl-doDcK9Jisnkus_tm54Wnofn5xWPUfARrN-ryiWTZTFJKmJOVFI3WS-w8PKPk1255GFmVi3Zllme8Z9xTLu75395W2gQwCIjEWgdG1msF_9MbXbowWvG1DoqO1k9syyS4PskbP8c_C5Uh5M2BIgRkffPAmypwNrVeqzfh9SXxjr1JQbHs-zIE3yccjvhNstmkXDh9yF0jBbzAJj4cxkWfct14JUnPDP0zuBX6DPaVePM99XN_PmVJzFxM-4HE2-NsrmIMmWcGQSVf2wpW9x0MK4O01r8Efc2NGCoDtEyATlHzp_3UHNLEF5jtAKVGJqUjNQmCCrHFoI_AhBnTMK2CUpOTObs57fqimpIZ4v3JFDZMB4uWDv70gTETf_cR45s-XZaYofzVjxLkcjrpCgsBLDTHheYc9f8wk9FSJ7AFxdXKNcbtpEmfFEerPzKhOakHu3Yga_uH2xaXYNtqP73ixU5X0v0bwxrotERUaxYtIxAC3Z2vpYfg_9TMczntJv0bIFgcWR4S94g6-scidjQjHdhNHjMSjqzTpWi0IKC5Qt4RulAlgJAclPBs0Po-YvoX8CEQd-7UVN8d9GjLL9C9TK9ATCi0NPIqvX_juQx6zIb1ghH6f4uCsC9YERPb41-Dzf-5_S6aD_KWHwut5VKlIEY5BHq1NPoODbBLv2BVJuKf_lWDoOrLuPFEMrAMamraCkBLcwPDXe9-lbKm6jFDWOZLTQh0rCTysvmWbviulOO1Uc16POO1m_b79nXtd8FknCGXew&cid=CAASEuRoAdGQpLldPgCUctkmZqhNlA&rfl=2%2Chttps%253A%252F%252Fwww.kp.by%242%2Chttps%253A%252F%252Fwww.kp.by%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8bcd3d517334fd01be59447e7ad8539bdadd71a297c686e90018b671851d5a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 16:46:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1795
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 8954
x-xss-protection: 0
server: cafe
etag: 9971097261821457981
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Mar 2021 16:46:33 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210223/r20110914/elements/html/ Frame F67D 9 KB
3 KB 49ms
11ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210223/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4b3a2a3d13b57f07aa855cf974c90cad593a53ac0f53cdc58d5f49c91eb2092

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 16:41:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2111
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 3412
x-xss-protection: 0
server: cafe
etag: 11901405240610023202
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Mar 2021 16:41:17 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame F67D 0
484 B 85ms
49ms Other
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvN8GdZrn1oNfDuJcJq9Upy7WOZpSwxXS9PekDyMpXv0NFgkAOG960tF8H-Mh2ZZl0QpllGoZsJPDFwZyV-M3UJr4mwzFPVWoSS5zaA0jC03pEWXBjYbcUuI60pUinB-O1bkBBCSxGBbTvdPD4PExULfhJ0Fw4D9lyJp1m6vJIg1uhLTD38XrknYHk3w2WWekkGqHJ94GTxCnpq_9KWOutxtu4p2Znru_W3IzCcZC3golOmvbCyKZgjHeHZkbSKInx9xZTOWk-pTOOcmX4B_RcnKOsTMbbaJMmIdxc6lwaWULXK_CEGqZ-UKcNT7hW7bcxEjSO-Xd32hacaGjTaWTIWpikUdxwBPQZCRGXVpmSrO3Pgd0dnNOPO75n7AP6yPq2mwOaS2fiMdymJmyvkMihMDcy_1qmiT8pdYyyBgYRoKz9vyvdVHKk86b_iuXaX7kM8LzWYxcFndkv293sbHm98w6KyeFmUvK-ZZIaJb6e1me-q-DDSSITpCppSasOv0DFPhUvyT5tuOmMaKYsBaZI0OrPWL65Z3QhGMxuXfK9lCF_BsfTzbJR6v3O8n7taqt2LXtyWFfhuhoJu632HWqwUj4sestvr_YYPSg1eq5ThSPN4gXXdYdcWwp32Hsl737s50BmynvEUufVJiNYlDdAEW2Or0ZMODgwuoH4cFev0wIErp4Zwh-BbMMjHSiEQRdyw7g07BG6sovvKXGVmklkCZtszWEvsNPbGWcVWP-DATQ6yG0UijB06Q0liZXM12QBPCbUSBNUrW65IWsvpIVkOUFkpBp8fZeHztnvK7eHow6brw28IKggBEijnBuPhGEgKr5gsCgA_l4njGkZJOZuZj_EgCfSircGI4ILEYjBvafagVKN1ZAtfIv0237eyKgDcSdVEJDUmCexkXjRp1JMdEjiYSQs9CyH4AESrindgIe5wXTILpIbw_b42248AhdCu8jPZ6aDzYtu_WdNSfkjOarPPK5N6_UaELPJcj9_xZdxfiqoYYapjMEgq9Fmf0jkZpCQCyjqry7sSJmGsdH7kKasI8Ro3cj8oc0wEvqPPl-UZoMwOSp0Pks8Q1yslssxNqABJ4-o8e1z3NtYgEOBdmbqlkh8NYl4wJZDxFRLTvLvtLBHiitE9PVdrD77tvrlCrBNPTf3sxmr_20r8_LTbrWWELQcC&sai=AMfl-YTambcM-3eaynjLLGKvOkO3AKxkchCaD0HMzAgrt-OxxM9IoNzYYyvbPguO0VV5SQOfoQC_OhhEBkZ2IGZC67Tfk7qrgKZn0u_KEzWcxkQoTCqQO2THU_VK76tJDr5uG0FOTnppqmwrb_azsTXNvtYwOHXnRNXb0AZNyYHLr4J5VzQQSSDYag&sig=Cg0ArKJSzAzrF7Y-nitnEAE&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210223.62076&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 25 Feb 2021 17:16:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame F67D 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 14:48:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95268
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Feb 2022 14:48:40 GMT

GET
H2 200 11172020-102937856-DE_Off_M1_GDN_160x600.png
s0.2mdn.net/9504762/ Frame F67D 15 KB
16 KB 44ms
8ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9504762/11172020-102937856-DE_Off_M1_GDN_160x600.png

Requested by

Host: 268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com
URL: https://268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12191786b7f1885effe5f390c48f9f485180e04e2bf165b7b535de11af2be1b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 13:35:06 GMT
x-content-type-options: nosniff
last-modified: Tue, 17 Nov 2020 18:29:37 GMT
server: sffe
age: 13282
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15527
x-xss-protection: 0
expires: Fri, 26 Feb 2021 13:35:06 GMT

GET
H2 200 html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame D9E4 176 KB
61 KB 51ms
6ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js

Requested by

Host: www.kp.by
URL: https://www.kp.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2f126a8957c32db99e94d1bf7c9ed09fcd38ba99bd632ebd048f01f9c5f9c9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://d40dcff76d8fde160d82e59583d19251.safeframe.googlesyndication.com
Referer: https://d40dcff76d8fde160d82e59583d19251.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 14:11:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11070
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62241
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:47 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Feb 2021 14:11:58 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210223/r20110914/elements/html/ Frame D9E4 9 KB
3 KB 43ms
11ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210223/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-At7qS4d3qoWvtN694-kfWA-DR4WZwK73mVdo1FbIRQlZBsKJlFamC6FMpk6FRZSR8dpMyFpprkPbkJkZCYZOZiwopqcnunJvkMPEnEBXZfkP4YOye_b7v0bE6XyCK4M0s0ceEFreNPk4anBdhBX022s6bP6g&dbm_d=AKAmf-DJtWKXb6SCg-z3LFZu451RsIbZG0JTVyitUnVKQbHpugqWmAN-5bsIIVJaswstdSkUcKEurGz3s-pAoXfhVacC-RZKiEs156okvKcjCZhrY28KvpHjqYwwlFLja_e2L6at4vwBy8pL_werUrMwtt21k_dFwkHcNZNG_iKuNg1DYs4V1hNw29BMdObqdZan61JSlIE8ErGskvrRHfrCKR0a_KENItjuWGuEbT2V6HC_vfKJ2gArX20P59BHRSx_zaMFAXv1_oF4D9Wo8oxbWLXNvsm7exf0BVmkECeGwt8SBwB36AI5-c01xGg0B40s79hIObmiYpAOI8GJjyO8kXDEZB71Y9AkFSjtFuGK8U_rR2qPpVI0pM-tlRzyQ5R4Et7jr12d_L3B4dcPd7OMlShgqfuTAxeB8FgvD0SCdoOJhlpjnxdQ99U1BmYsuS1IzVuce1H1hThnYmUc4ISGnk41dABbkGaC8u3KaAcBarKs02vHlwTtKMHe3sXQgpjMI6J2tMzi2PotkvGsbUp0FbFd0-gfXPeJxmxqXNppS7OFSXGCUv71JVbSiCC1P9juw54LOqRIlLkl66Pn16mNhETvZ2jXw-EWW5p9HW-CVF_x4Bk_GDwPI3z7Lp2FMW6WnmA1rC1ignwzN7Por-1HI19bs0RnYB_9mb4aVr8wj9LL3zna76OuXnpMqY5htwLBVtJMTLfNTkVpYw-Dytua68dLgTZx2BjAEcarXJvAkkCudkXGt4X-7kNU1Fw7pIPWP6KRkQVdGmkkYmbEWjIbzyoTCFBGOYKdwIbj9-smyuFztNr_bsJJoxeLv5i9WG40_WCtumH-khhzv6qiOEO-_9-638wJxKJcbvi2JPDAp_ZlOHruLxCz14u-rl4ljqDr3Gop0vU2yoijsS3R1pArdTdXYleKeGm7iXqM3dHedAaYUr1Ro_o_ROfCW9qdaqK6bC5Tp01meJWHF_kdhy3HTqAJcTTgem5aJTbmsHRoncTqPuCzC4guEjV7bbb1aWPlUT6Yeiwxu1zLqybW8rbLqMvBK8c9mz4NIKynBLnU1djB_JoNxdHA8cQ5EgGoZGzw4BnlbR3S_ShVncO4v_XfQ2Vj2ip8MODIduENq4axSbfhqkoKrEZK6awR6UJRZDArSTp_fY8YqOsRM492z4o2hTa5Ky2CXSWkYx4vqDIHmuR0jQtQjW7YR-G6z6lewvruuAsj9sWAqsZ0c3yhwPcWQgV9rI74cZVHdIIT7gPT8ckgiZansrsBthjyAN8DTijKb7orBwAjjyb3PDOnUoVGSZqq8MflEgZdD7Uxt_OVWhgz5v_IuPPIRFh7q4W4Df110I6-Wvp9o8A6xh59kCgufkhd23g2l0UHrti0sJCv3c7KCFD5oiqE202mT-hJWVwtO-hORBKn5urmIvt3Hufh0WnyzEPOH_QAPPg-qTitK_qzq2LVrwnvCoEWw2Az7GkP3m_GYDEICpkZipjWmwmRMq2ouPI3C2_4F6DkoBFrZfgeLc2cZeUx3HA332DhI0RRQYa79F57zKmFDJJV7Bz4V3IC91eZ0OVkaYbf5p9rZo0j0HCcsyuRxcwJr-ObJkuJbfx8KHGOmCu5CxNxKBYgD8yEJmePUFGSA5iM_I_z-cHPAXw_7uAlYFLcetdry-c5jiQkL7lk7FCaVLlBw0VWrsZTH7iKWxOsMmmjHHgIu2H50O0GPoDRWJHyGNW01B6PjLm88pwLKEGB05txOMvAtyYCgN7ccovfmYMdQEk1e3vzC_ApmhwhY1RdpBXV3Z82qeqtdFBSiWP4TUwxPbg9KASu3QG3LZM-8D5iJxfdRH6idVdxIcgz65T7dIV_2gNQKRUBA38sDiJuWfmXbOq-Ntj9EfbYkvjeKGHiiTOWUPhLdKqGqUM3iICNMn69L4pVPFhrx1_FNeFb5JlWNGFkWdGHT7vXAWjFXRMYvXFeHCWgQiELPQQszaGHlJIonjzNE_zPMV10acNL2tOFI_HvM8t7qHXJ0w5fqxviMNEazAmc8gxL4O02KmSNZGFh9G2HQF7aERgOl9Ytt8-Z4z6AL-759miwYo7qcJxUYlvzuxC3kJ5_isrYHbV90SCbM2UZt6QRvmqzuoSdsXCXqb5B2Wyn6r-rTV3fHiER5Yhho1YAqL9v8zx_K781E1cWmZi9XHOQNo5epgxXOlpbFXOfHUl42QFNJqFusX4WNaOFw_GvAEBvgdtIWDcpneEQFq0U4NtRaRdpawRZ_jsxne1nikDcIs7V8klsVhCJNksdEvvBoL8v9aDFdo3Hbuc6pdgfKaBva9By-o2F8YHcLMu0pNduR4wWaHAwVUPakM9CdnYagV75h_PSKTTGphPwMfx6fMpdtFCe7rwR3jL9b1hbXlZl_xyXwmFY1ZMe-oQ67vYxwc_XOuZb60hsYtJsOaTbxwvu_nIAhs9OdLJmyJj1NyooKNg0Mk1EUHSy6Gnx-tWpONxduWyS455CCD9KjzFxUZcBoPEJHvRJcjuNed6C8908Dd1NOvtFBNj86rM3XrxMSWHMX8NaawxNta1IaNfG8JzWsZ1iGuGgA4KZw3oqkxa02Un19OLf9XsPgtCQoTgaBRL3LiA6d6XjWDI0zpdEUXqWyv1izReqD1L9RPXNZ3u9XkbrmNMnYtDwRBVJL_O264GD6fuDedpRVzRfw0wwqJGvr3ENbBlmpL9-gLEPN3i8mocSIcUd42vFfQpyMlk5vN2eJp6zuWDA49WOMqXGOOnp0oMBSR-4ZBhpl7EHdGYX6KWzBQ&cid=CAASEuRocDTMNXJ5hsTqv5vsIbSNnw&rfl=3%2Chttps%253A%252F%252Fwww.kp.by%242%2Chttps%253A%252F%252Fwww.kp.by%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4b3a2a3d13b57f07aa855cf974c90cad593a53ac0f53cdc58d5f49c91eb2092

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d40dcff76d8fde160d82e59583d19251.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 16:41:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2111
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 3412
x-xss-protection: 0
server: cafe
etag: 11901405240610023202
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Mar 2021 16:41:17 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210223/r20110914/ Frame D9E4 23 KB
9 KB 36ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210223/r20110914/abg_lite.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8bcd3d517334fd01be59447e7ad8539bdadd71a297c686e90018b671851d5a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d40dcff76d8fde160d82e59583d19251.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 16:46:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1795
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 8954
x-xss-protection: 0
server: cafe
etag: 9971097261821457981
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Mar 2021 16:46:33 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame D883 170 B
243 B 17ms
16ms Image
image/png 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQ1K6oAhi_rviVATAB&v=APEucNVBARCstmVroyre_xKvlKQpY_-qgG4Ys3QrJD4_7YAmq58IBDi_ItawY5gn_yhRlSg__0_5WJ1yM7NqUntYEGPtrv7BCDQgut1N_PMjCuetj8o-n7vd7D6gG4uXQWYQ9AUPS1Q-OfqnNLjo6L36IJzUwbCJCpuh1KWO0Jnmj7uvB9xD6hzFMtRLZKwFVvnu1GsRm0xq

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQ1K6oAhi_rviVATAB&v=APEucNVBARCstmVroyre_xKvlKQpY_-qgG4Ys3QrJD4_7YAmq58IBDi_ItawY5gn_yhRlSg__0_5WJ1yM7NqUntYEGPtrv7BCDQgut1N_PMjCuetj8o-n7vd7D6gG4uXQWYQ9AUPS1Q-OfqnNLjo6L36IJzUwbCJCpuh1KWO0Jnmj7uvB9xD6hzFMtRLZKwFVvnu1GsRm0xq
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D883
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_sc&google_dbm
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm=&google_sc=&google_dbm=&google_tc=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENDdtvXC7fBHiJDzgXkUOzg&google_cver=1

43 B
894 B

24ms
13ms

Image
image/gif

184.30.20.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENDdtvXC7fBHiJDzgXkUOzg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQ1K6oAhi_rviVATAB&v=APEucNVBARCstmVroyre_xKvlKQpY_-qgG4Ys3QrJD4_7YAmq58IBDi_ItawY5gn_yhRlSg__0_5WJ1yM7NqUntYEGPtrv7BCDQgut1N_PMjCuetj8o-n7vd7D6gG4uXQWYQ9AUPS1Q-OfqnNLjo6L36IJzUwbCJCpuh1KWO0Jnmj7uvB9xD6hzFMtRLZKwFVvnu1GsRm0xq
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQ1K6oAhi_rviVATAB&v=APEucNVBARCstmVroyre_xKvlKQpY_-qgG4Ys3QrJD4_7YAmq58IBDi_ItawY5gn_yhRlSg__0_5WJ1yM7NqUntYEGPtrv7BCDQgut1N_PMjCuetj8o-n7vd7D6gG4uXQWYQ9AUPS1Q-OfqnNLjo6L36IJzUwbCJCpuh1KWO0Jnmj7uvB9xD6hzFMtRLZKwFVvnu1GsRm0xq
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Feb 2021 17:16:28 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 25 Feb 2021 17:16:28 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:28 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENDdtvXC7fBHiJDzgXkUOzg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D883
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_sc%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_sc%26google_hm%3D&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_sc&google_hm=YDfbbO6gY-9y-P3d4baKywAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENDdtvXC7fBHiJDzgXkUOzg&google_cver=1

43 B
894 B

17ms
14ms

Image
image/gif

184.30.20.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENDdtvXC7fBHiJDzgXkUOzg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQ1K6oAhi_rviVATAB&v=APEucNVBARCstmVroyre_xKvlKQpY_-qgG4Ys3QrJD4_7YAmq58IBDi_ItawY5gn_yhRlSg__0_5WJ1yM7NqUntYEGPtrv7BCDQgut1N_PMjCuetj8o-n7vd7D6gG4uXQWYQ9AUPS1Q-OfqnNLjo6L36IJzUwbCJCpuh1KWO0Jnmj7uvB9xD6hzFMtRLZKwFVvnu1GsRm0xq
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQ1K6oAhi_rviVATAB&v=APEucNVBARCstmVroyre_xKvlKQpY_-qgG4Ys3QrJD4_7YAmq58IBDi_ItawY5gn_yhRlSg__0_5WJ1yM7NqUntYEGPtrv7BCDQgut1N_PMjCuetj8o-n7vd7D6gG4uXQWYQ9AUPS1Q-OfqnNLjo6L36IJzUwbCJCpuh1KWO0Jnmj7uvB9xD6hzFMtRLZKwFVvnu1GsRm0xq
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Feb 2021 17:16:28 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 25 Feb 2021 17:16:28 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:28 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENDdtvXC7fBHiJDzgXkUOzg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame DDB4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_sc&google_dbm
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm=&google_sc=&google_dbm=&google_tc=
https://ib.adnxs.com/setuid?entity=101&code=CAESEAlJTTVFTVbxbTZtb7nzIvk&google_cver=1

43 B
1022 B

12ms
12ms

Image
image/gif

37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEAlJTTVFTVbxbTZtb7nzIvk&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjWvryZATAB&v=APEucNUOIT_3smG0PQ4ogvH3y7Ea_Aa7PyoD9reBvi16wHVo8XWDF60la2MnqecLZj7XCa9gIyxc0ZC8bl-qhuznM_IUk2xHyM9q7RMwaL6sMs4w_DSKB6lsKXqEpnvVPPXEM3Gw_Eb5LtM2kmIL9Y8hU8zKIG_8Py-wKzv3t_YLolAxWzypXc-fQkRTJcX3w0yOWCs5UyAS

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjWvryZATAB&v=APEucNUOIT_3smG0PQ4ogvH3y7Ea_Aa7PyoD9reBvi16wHVo8XWDF60la2MnqecLZj7XCa9gIyxc0ZC8bl-qhuznM_IUk2xHyM9q7RMwaL6sMs4w_DSKB6lsKXqEpnvVPPXEM3Gw_Eb5LtM2kmIL9Y8hU8zKIG_8Py-wKzv3t_YLolAxWzypXc-fQkRTJcX3w0yOWCs5UyAS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Feb 2021 17:16:28 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.71:80
AN-X-Request-Uuid: 37db4fa2-876b-4891-8e50-e09cb8a706a9
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:28 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEAlJTTVFTVbxbTZtb7nzIvk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame DDB4
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA4OTEwMzg4NDQzMTI3MTkwMA%3D%3D

170 B
201 B

16ms
15ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA4OTEwMzg4NDQzMTI3MTkwMA%3D%3D

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjWvryZATAB&v=APEucNUOIT_3smG0PQ4ogvH3y7Ea_Aa7PyoD9reBvi16wHVo8XWDF60la2MnqecLZj7XCa9gIyxc0ZC8bl-qhuznM_IUk2xHyM9q7RMwaL6sMs4w_DSKB6lsKXqEpnvVPPXEM3Gw_Eb5LtM2kmIL9Y8hU8zKIG_8Py-wKzv3t_YLolAxWzypXc-fQkRTJcX3w0yOWCs5UyAS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 25 Feb 2021 17:16:28 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.72:80
AN-X-Request-Uuid: fdec4a4c-7b9b-47ac-b9c9-6278b8372a53
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA4OTEwMzg4NDQzMTI3MTkwMA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame DDB4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc&google_dbm
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_dbm=&google_tc=
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELcAjZpIgnjRlXkflnnBf9E&google_cver=1

43 B
172 B

26ms
26ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELcAjZpIgnjRlXkflnnBf9E&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjWvryZATAB&v=APEucNUOIT_3smG0PQ4ogvH3y7Ea_Aa7PyoD9reBvi16wHVo8XWDF60la2MnqecLZj7XCa9gIyxc0ZC8bl-qhuznM_IUk2xHyM9q7RMwaL6sMs4w_DSKB6lsKXqEpnvVPPXEM3Gw_Eb5LtM2kmIL9Y8hU8zKIG_8Py-wKzv3t_YLolAxWzypXc-fQkRTJcX3w0yOWCs5UyAS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjWvryZATAB&v=APEucNUOIT_3smG0PQ4ogvH3y7Ea_Aa7PyoD9reBvi16wHVo8XWDF60la2MnqecLZj7XCa9gIyxc0ZC8bl-qhuznM_IUk2xHyM9q7RMwaL6sMs4w_DSKB6lsKXqEpnvVPPXEM3Gw_Eb5LtM2kmIL9Y8hU8zKIG_8Py-wKzv3t_YLolAxWzypXc-fQkRTJcX3w0yOWCs5UyAS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:28 GMT
via: 1.1 google
server: OXGW/16.202.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:28 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELcAjZpIgnjRlXkflnnBf9E&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame DDB4
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Yzg4ZjcxNGUtN2RjYy0yYmMxLWZiNjEtMDNlYTBiMjIyNWU0

170 B
190 B

15ms
15ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Yzg4ZjcxNGUtN2RjYy0yYmMxLWZiNjEtMDNlYTBiMjIyNWU0

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjWvryZATAB&v=APEucNUOIT_3smG0PQ4ogvH3y7Ea_Aa7PyoD9reBvi16wHVo8XWDF60la2MnqecLZj7XCa9gIyxc0ZC8bl-qhuznM_IUk2xHyM9q7RMwaL6sMs4w_DSKB6lsKXqEpnvVPPXEM3Gw_Eb5LtM2kmIL9Y8hU8zKIG_8Py-wKzv3t_YLolAxWzypXc-fQkRTJcX3w0yOWCs5UyAS
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 25 Feb 2021 17:16:28 GMT
content-encoding: gzip
server: OXGW/16.202.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Yzg4ZjcxNGUtN2RjYy0yYmMxLWZiNjEtMDNlYTBiMjIyNWU0
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 6E3A 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kp.by/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.kp.by/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Thu, 25 Feb 2021 16:15:45 GMT
expires: Fri, 25 Feb 2022 16:15:45 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3643
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame D9E4 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: d40dcff76d8fde160d82e59583d19251.safeframe.googlesyndication.com
URL: https://d40dcff76d8fde160d82e59583d19251.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d40dcff76d8fde160d82e59583d19251.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 14:48:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95268
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Feb 2022 14:48:40 GMT

GET
H3-Q050 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6F63 1 KB
869 B 6ms
6ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: d40dcff76d8fde160d82e59583d19251.safeframe.googlesyndication.com
URL: https://d40dcff76d8fde160d82e59583d19251.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://d40dcff76d8fde160d82e59583d19251.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://d40dcff76d8fde160d82e59583d19251.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 25 Feb 2021 15:30:58 GMT
expires: Fri, 26 Feb 2021 15:30:58 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 6330
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame D9E4 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9bda28c777edfbfbbcceda8c1ac485dd4c51e849014850f37fe70a169cf8cae1

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

POST
H3-Q050 200 view
googleads4.g.doubleclick.net/pcs/ Frame F67D 0
424 B 74ms
41ms Other
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Thu, 25 Feb 2021 17:16:28 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame DD06 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Thu, 25 Feb 2021 10:17:44 GMT
expires: Fri, 25 Feb 2022 10:17:44 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 25124
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B044 1 KB
750 B 6ms
6ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com
URL: https://268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 25 Feb 2021 15:30:58 GMT
expires: Fri, 26 Feb 2021 15:30:58 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 6330
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame F67D 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cb1d959930fb320fe89efd3735b30a395fb2ccefade85950ef1f0e7d9c22a0ee

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 728x090.html Show response
s0.2mdn.net/ads/richmedia/studio/pv2/60607747/20201218063454514/ Frame 18CF 82 KB
16 KB 42ms
29ms Document
text/html 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/60607747/20201218063454514/728x090.html?e=69&leftOffset=0&topOffset=0&c=Bzpd8Sj7kX&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ad84bc681177a52e62d763d427f952db5a80789241be7e6ea0c8b9d4baea46d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /ads/richmedia/studio/pv2/60607747/20201218063454514/728x090.html?e=69&leftOffset=0&topOffset=0&c=Bzpd8Sj7kX&t=1&renderingType=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://d40dcff76d8fde160d82e59583d19251.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://d40dcff76d8fde160d82e59583d19251.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 15594
date: Thu, 25 Feb 2021 17:16:28 GMT
expires: Fri, 26 Feb 2021 17:16:28 GMT
cache-control: public, max-age=86400
last-modified: Fri, 18 Dec 2020 14:34:54 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-Q050 200 view
googleads4.g.doubleclick.net/pcs/ Frame D9E4 0
69 B 48ms
48ms Other
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsutzmhtgGYNvUTxjah7OBCZjUtkNPfTdhRrb7p7cwnAL6MNrR-FZn4geAgIu4XTMIZz8t-AGMd6RvqbSCOt3oUCUkopT7UWsNgeaG7hH0yye5qMFaWSuBp6Xb-9-nDCXRBKmq03DDjVUuDOdgfGmTUoLhKfL5toQ7YuypbnD4gsmzc3MODroBz3stb7wj-b1_FpxVXjFcl6cbcG_BhOTXTwpG-8WCpPGhEdQ8fCGuKgcPiYm180Uz4A6aFMTFti8MtS5hcmisc6HwV2Nl3WAL47QaTHN-a6bWdWz150bHw7NLXRECkuoJV9ZzDYHxH5AZR2cuB5bOMAj76qDslEEnONOx6dx7TQXXa8uO-OJ4RGQXYE4NdAWv4uXYosKxwNeLmYdsv28TUq0v6iCxV4FxLb-gjRC_-j3qgf2FqsgOQSaT6p4L6kx-jBQ4FrxDuURNtOrNnMU98i-aaoXX2KhRT4wa92Cs9gap3OVkO02cTjdMPT8_38e8VfMv0P5WZp6J8k68HJgdVEcTpNRHj8jKsOnV8GtJlp0_jLS5fCYXsdaCj0MNSBhQbjbQR2LBg-7SEZJiw7O6OhRLiag4hePzTo2SX5NtSrx-0IWgomPcoEpKI6gfqe7iGVGvIb2hEPWuBxqsTwEeZhy1sVXtbJb6_dbXb7Wdk9s4idZhsT57r9nUwkVBtHh9AsKaTuQuF9dUHNSr_wIMrrhqOeLhsOms5cCfvCaugGd7fScBGWg1HL9RixpFTrv_cg2-1jgtWCz7zXlpMRQsvjRxz5O17sqlz3kR1HDz54C5OoUoCvu_3c_CWIHhCHhRKydJa3wMnEdzBM34xuGVUuupSOSCJOxjiE6G_On6FUCYJI4s05FccHqfKZ1J8nhHJXM5O5hb1zfs84nJW5extNJXTjsJdnxEGO61GUxYC8v3ka41VbkR6PDPe_C8623Uk94SY4S9RzoIcc8gBdb5nvS7ErSHJiFbUVvwyW2Fhb-Us391kzl_kf9D-lKgDDKYFJRLo-Q5_1AsUocqcBR39waF3dCU9hocdOjxnDD1R5XY-ohdD7L7IUlKeaiwwwj3niXyfBBml0ubDT184ZCq3prScvPzHdXXZR&sai=AMfl-YRkyUJ7zzCSaY97f_dO5WYm_s0_J6XxqDrVR09bvUHmH5ukMV8VPm8i8t80WxwQpbp2ysYEHEcXPRE_26ccxl1n8Y2xUJrL3mVoNjfEAOblG6DzHBBMzasAHN_2Sa5pJ8rwwrJO7DKBxODWZhcvVCm379dQAw&sig=Cg0ArKJSzIWE6Aqnfd2vEAE&urlfix=1&omid=0&rm=1&ctpt=203&cbvp=1&cstd=197&cisv=r20210223.13562&adurl=

Requested by

Host: www.kp.by
URL: https://www.kp.by/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d40dcff76d8fde160d82e59583d19251.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 25 Feb 2021 17:16:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame C55E 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://d40dcff76d8fde160d82e59583d19251.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://d40dcff76d8fde160d82e59583d19251.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Thu, 25 Feb 2021 10:17:44 GMT
expires: Fri, 25 Feb 2022 10:17:44 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 25124
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 gYCzj-4M8Ect_HrGpifqy4m-MJzktZmRntqmlBTHKuc.js Show response
pagead2.googlesyndication.com/bg/ Frame 9057 14 KB
6 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gYCzj-4M8Ect_HrGpifqy4m-MJzktZmRntqmlBTHKuc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8180b38fee0cf0472dfc7ac6a627eacb89be309ce4b599919edaa69414c72ae7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 15:00:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:15:00 GMT
server: sffe
age: 8173
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6234
x-xss-protection: 0
expires: Fri, 25 Feb 2022 15:00:15 GMT

GET /
google2waycm.netmng.com/cm/ Frame 6F63 0
0

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 6F63
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHXB92ZY7KWb2SJVdAvVRcc&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHXB92ZY7KWb2SJVdAvVRcc&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=U01pTW85YVgxTGZrZnk1&google_gid=CAESEHXB92ZY7KWb2SJVdAvVRcc&google_cver=1&google_push=AQvitULHjkZZvgo9KHR6Qpid7WEUOKsHjFtg2YnoxYlPNdN...

170 B
190 B

16ms
15ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=U01pTW85YVgxTGZrZnk1&google_gid=CAESEHXB92ZY7KWb2SJVdAvVRcc&google_cver=1&google_push=AQvitULHjkZZvgo9KHR6Qpid7WEUOKsHjFtg2YnoxYlPNdNLGxw1bW9uEm0mwAhABsPNSPg4kLkrPiqy4P30tDlpZLtOQ4zOLvY

Requested by

Host: d40dcff76d8fde160d82e59583d19251.safeframe.googlesyndication.com
URL: https://d40dcff76d8fde160d82e59583d19251.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 25 Feb 2021 17:16:27 GMT
Server: PingMatch/v2.0.30-619-g1028223#rel-ec2-master i-015d5badb48c29580@eu-central-1b@dxedge-app-eu-central-1-prod-asg
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=U01pTW85YVgxTGZrZnk1&google_gid=CAESEHXB92ZY7KWb2SJVdAvVRcc&google_cver=1&google_push=AQvitULHjkZZvgo9KHR6Qpid7WEUOKsHjFtg2YnoxYlPNdNLGxw1bW9uEm0mwAhABsPNSPg4kLkrPiqy4P30tDlpZLtOQ4zOLvY
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 6F63
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEC_bl5DlPwW5XGgD1lM4uWU&google_cver=1&google_push=AQvitUIXTVKUeS3KmRb9io3ffwMieJGazdheQCCHSjUJkPUjcHZZdYMpGrIUt-ByrOm_-oSxl5vheBkSKWN...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUIXTVKUeS3KmRb9io3ffwMieJGazdheQCCHSjUJkPUjcHZZdYMpGrIUt-ByrOm_-oSxl5vheBkSKWNpiTSy7wnb8QR_px8&google_hm=VkMDhcpKTTST0xMlHh6CkR4

170 B
190 B

16ms
15ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUIXTVKUeS3KmRb9io3ffwMieJGazdheQCCHSjUJkPUjcHZZdYMpGrIUt-ByrOm_-oSxl5vheBkSKWNpiTSy7wnb8QR_px8&google_hm=VkMDhcpKTTST0xMlHh6CkR4

Requested by

Host: d40dcff76d8fde160d82e59583d19251.safeframe.googlesyndication.com
URL: https://d40dcff76d8fde160d82e59583d19251.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:27 GMT
via: 1.1 google
server: Apache-Coyote/1.1
status: 302
p3p: CP="NOI DSP COR NID CUR OUR NOR"
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUIXTVKUeS3KmRb9io3ffwMieJGazdheQCCHSjUJkPUjcHZZdYMpGrIUt-ByrOm_-oSxl5vheBkSKWNpiTSy7wnb8QR_px8&google_hm=VkMDhcpKTTST0xMlHh6CkR4
cache-control: no-cache, must-revalidate
content-type: text/html;charset=UTF-8
alt-svc: clear
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET match
um.wbtrk.net/doubleclick/user/ Frame 6F63 0
0

GET
H3-Q050 200 dot.gif
s0.2mdn.net/ Frame 6F63 43 B
100 B 18ms
13ms Image
image/gif 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEEhnkMz5F-jym1YY-EgSLsM&google_cver=1&google_push=AQvitUL2Drgn4GkeVfHgKkCfshs2-VkCFT165dCnEx9w8UUlCZfm1O9h3szeEap6cmxP76E35zsC0Hkl29SicMQWjk1MVCtA1PD-

Requested by

Host: d40dcff76d8fde160d82e59583d19251.safeframe.googlesyndication.com
URL: https://d40dcff76d8fde160d82e59583d19251.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Fri, 26 Feb 2021 17:16:28 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 6F63
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=PuaM7e5NRAq1WlBCb5NGIA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
190 B

16ms
15ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=PuaM7e5NRAq1WlBCb5NGIA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULK03HPR7jVK3AW0f9yLVLuxy-w6Aq3lf73ySorI4d7SsWpZYkTM0Bt1CQhAtlATBJa5Xyk1xfKKuFk738-XnuiwXw3sA3A

Requested by

Host: d40dcff76d8fde160d82e59583d19251.safeframe.googlesyndication.com
URL: https://d40dcff76d8fde160d82e59583d19251.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=PuaM7e5NRAq1WlBCb5NGIA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULK03HPR7jVK3AW0f9yLVLuxy-w6Aq3lf73ySorI4d7SsWpZYkTM0Bt1CQhAtlATBJa5Xyk1xfKKuFk738-XnuiwXw3sA3A
Date: Thu, 25 Feb 2021 17:16:29 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 6F63
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJNYMM650X78ooIybT94BGc&google_cver=1&google_push=AQvitUKFxQCtiBUwAPQW4P5naelxLp8b9JEzneaU4Ki2KU7rUrOXAqbFMpnc_Gq-aXNVptXChU...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJNYMM650X78ooIybT94BGc&google_cver=1&google_push=AQvitUKFxQCtiBUwAPQW4P5naelxLp8b9JEzneaU4Ki2KU7rUrOXAqbFMpnc_Gq-aXNVptXChU...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1KTXV3d1FOMWwyWWs0QUFDd3I0ZHdJSkcxODhTajdWcQ%3D%3D&google_push=AQvitUKFxQCtiBUwAPQW4P5naelxLp8b9JEzneaU4Ki2KU7rUrOXA...

170 B
190 B

16ms
16ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1KTXV3d1FOMWwyWWs0QUFDd3I0ZHdJSkcxODhTajdWcQ%3D%3D&google_push=AQvitUKFxQCtiBUwAPQW4P5naelxLp8b9JEzneaU4Ki2KU7rUrOXAqbFMpnc_Gq-aXNVptXChUhC9Sh9bop3MwUJTL_jJjU6pqK2uw

Requested by

Host: d40dcff76d8fde160d82e59583d19251.safeframe.googlesyndication.com
URL: https://d40dcff76d8fde160d82e59583d19251.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 25 Feb 2021 17:16:28 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1KTXV3d1FOMWwyWWs0QUFDd3I0ZHdJSkcxODhTajdWcQ%3D%3D&google_push=AQvitUKFxQCtiBUwAPQW4P5naelxLp8b9JEzneaU4Ki2KU7rUrOXAqbFMpnc_Gq-aXNVptXChUhC9Sh9bop3MwUJTL_jJjU6pqK2uw
Connection: keep-alive
Content-Length: 0

GET
H3-Q050 204 attr
cm.g.doubleclick.net/pixel/ Frame 6F63 0
26 B 18ms
14ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JKmQUhw_mMPu7Tn9kRqxDS7t1Md5t2jq3Ef3y1nWdM5_6AlSMq5TPRG7xPaLIW2ESTMD-5EQ

Requested by

Host: d40dcff76d8fde160d82e59583d19251.safeframe.googlesyndication.com
URL: https://d40dcff76d8fde160d82e59583d19251.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:28 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-Q050 200 gYCzj-4M8Ect_HrGpifqy4m-MJzktZmRntqmlBTHKuc.js Show response
pagead2.googlesyndication.com/bg/ Frame 5E9F 14 KB
6 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gYCzj-4M8Ect_HrGpifqy4m-MJzktZmRntqmlBTHKuc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8180b38fee0cf0472dfc7ac6a627eacb89be309ce4b599919edaa69414c72ae7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 15:00:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:15:00 GMT
server: sffe
age: 8173
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6234
x-xss-protection: 0
expires: Fri, 25 Feb 2022 15:00:15 GMT

GET
H3-Q050 200 gYCzj-4M8Ect_HrGpifqy4m-MJzktZmRntqmlBTHKuc.js Show response
pagead2.googlesyndication.com/bg/ Frame 6E3A 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gYCzj-4M8Ect_HrGpifqy4m-MJzktZmRntqmlBTHKuc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8180b38fee0cf0472dfc7ac6a627eacb89be309ce4b599919edaa69414c72ae7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 15:00:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:15:00 GMT
server: sffe
age: 8173
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6234
x-xss-protection: 0
expires: Fri, 25 Feb 2022 15:00:15 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame B044
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAHDnYJvXOmUOVA8bkgC2io&google_cver=1&google_push=AQvitUKCQyGx3zAHIG055Q8nRspR-jsoMOJqcrVVLwnExJaqIgMVwtxKsRP_7qryeMicve9W7Gc-zIk0ra-vMiu2iHi6lkMmxvE
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzczNDUyMTkyMjE3MzYyMTk3Mg==
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESENkB4gqtg0r6TyKOTRdfu_c&google_cver=1

43 B
407 B

65ms
23ms

Image
image/gif

46.228.164.11
TURN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESENkB4gqtg0r6TyKOTRdfu_c&google_cver=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.228.164.11 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:28 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:28 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESENkB4gqtg0r6TyKOTRdfu_c&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame B044 70 B
265 B 92ms
29ms Image
image/gif 34.246.156.173
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEFyHz48s9mtsn0f4x0uVceU&google_cver=1&google_push=AQvitULNBxx1qFbY523pdrx8hrvCTINIFJ5xkoT5DmYAISNP4qTKrwNiG2cKZS5oYNuvG5yPfUuhkE5TTCKfRijVJd8VLlIOYMU
Requested by: Host: 268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com
URL: https://268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.156.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-156-173.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:28 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame B044
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEOmKQ8b2lyljUyFCyzH9tfM&google_cver=1&google_push=AQvitUIPkzZM4rWzWEm_riGPrx5ahuhwPdBO6iHx9Jso3lRCN91vHja5mTMfQEb9CPNrM5Y83MT60UJ...
https://cm.g.doubleclick.net/pixel?google_ula=1293153&google_nid=ssc&google_push=AQvitUIPkzZM4rWzWEm_riGPrx5ahuhwPdBO6iHx9Jso3lRCN91vHja5mTMfQEb9CPNrM5Y83MT60UJP3-QkUkIA1j6dwDtjZWA&google_sc&google...

170 B
190 B

15ms
15ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_ula=1293153&google_nid=ssc&google_push=AQvitUIPkzZM4rWzWEm_riGPrx5ahuhwPdBO6iHx9Jso3lRCN91vHja5mTMfQEb9CPNrM5Y83MT60UJP3-QkUkIA1j6dwDtjZWA&google_sc&google_hm=EBAQEA

Requested by

Host: 268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com
URL: https://268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:27 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://cm.g.doubleclick.net/pixel?google_ula=1293153&google_nid=ssc&google_push=AQvitUIPkzZM4rWzWEm_riGPrx5ahuhwPdBO6iHx9Jso3lRCN91vHja5mTMfQEb9CPNrM5Y83MT60UJP3-QkUkIA1j6dwDtjZWA&google_sc&google_hm=EBAQEA
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame B044 0
136 B 31ms
14ms Image
text/plain 34.96.105.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEJCbEa9hEpJUABfYdgjksJ0&google_cver=1&google_push=AQvitUKSwRy3Nj9aR7_8e8yscituPreqHCeiNTCHlvAw_00ISb1yNuNbK5b27SdPmxR6njgWWkbBh1522Nfoy9I333H35dU7n44
Requested by: Host: 268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com
URL: https://268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:28 GMT
via: 1.1 google
alt-svc: clear

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame B044
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGsruv0cD0JLnl8VkoZ93KM&google_cver=1&google_push=AQvitULM4dR1-QKf9WJJLs6FP9zeYIMw0n-mLeFYYhU38Mg0UYanPzKGeYIhjZ22PMVeS2nRX-E1dY5d6itrAv7nJo06...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEGsruv0cD0JLnl8VkoZ93KM&google_cver=1&google_push=AQvitULM4dR1-QKf9WJJLs6FP9zeYIMw0n-mLeFYYhU38Mg0UYanPzKGeYIhjZ22PMVeS2nRX-E1dY5d6itrAv...
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=1759bf41-ab9d-4134-b73e-c52adc6cd462&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitULM4dR1-QKf9WJJLs6FP9zeYIMw0n-mLeFYYhU38Mg0UYanPzKGeYIhjZ22PMVeS2nRX-E1dY5d6itrAv7nJo06674k5SE&google_hm=wZJAdg6iQnSmfBcOcT8u_g==

170 B
190 B

16ms
15ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitULM4dR1-QKf9WJJLs6FP9zeYIMw0n-mLeFYYhU38Mg0UYanPzKGeYIhjZ22PMVeS2nRX-E1dY5d6itrAv7nJo06674k5SE&google_hm=wZJAdg6iQnSmfBcOcT8u_g==

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitULM4dR1-QKf9WJJLs6FP9zeYIMw0n-mLeFYYhU38Mg0UYanPzKGeYIhjZ22PMVeS2nRX-E1dY5d6itrAv7nJo06674k5SE&google_hm=wZJAdg6iQnSmfBcOcT8u_g==
date: Thu, 25 Feb 2021 17:16:28 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3-Q050 200 dot.gif
s0.2mdn.net/ Frame B044 43 B
66 B 16ms
15ms Image
image/gif 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEEhnkMz5F-jym1YY-EgSLsM&google_cver=1&google_push=AQvitUJo1i63yATJbYtqqqTWr3HfKbQPLV7cx9Q7bitdfKQXaI0Kf8SF_gCteREPet3-T8uxSYwE0Ehx284BYLOKRVAfD-AD0qM

Requested by

Host: 268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com
URL: https://268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Fri, 26 Feb 2021 17:16:28 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame B044
Redirect Chain

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEHCstSO9f2n-O3AUeGutDDY&google_cver=1&google_push=AQvitUKqXiP3cUTmi1SS0eWMQEJD8GZbMgJ69H2W0plidwuR5k9_5_or...
https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEHCstSO9f2n-O3AUeGutDDY&google_cver=1&google_push=AQvitUKqXiP3cUTmi1SS0eWMQEJD8GZbMgJ69H2W0plidwuR5k9_5_or...
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEHCstSO9f2n-O3AUeGutDDY&google_cver=1&google_push=AQvitUKqXiP3cUTmi1SS0eWMQEJD8GZbMgJ69H2W0plidwuR5k9_5_...
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAzMjRmMTcwMi03NzhkLTExZWItYjQzMC0wMmZlOGYyNjczZDI%3D&google_push=AQvitUKqXiP3cUTmi1SS0eWMQEJD8GZbMgJ69H2W0plidwuR5k9_5_orrvfnc6RU0M...

170 B
190 B

17ms
17ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAzMjRmMTcwMi03NzhkLTExZWItYjQzMC0wMmZlOGYyNjczZDI%3D&google_push=AQvitUKqXiP3cUTmi1SS0eWMQEJD8GZbMgJ69H2W0plidwuR5k9_5_orrvfnc6RU0Md8FsWHf81_fvgyqrLMKoSLkwCoAFlqvgC8

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 25 Feb 2021 17:16:28 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAzMjRmMTcwMi03NzhkLTExZWItYjQzMC0wMmZlOGYyNjczZDI%3D&google_push=AQvitUKqXiP3cUTmi1SS0eWMQEJD8GZbMgJ69H2W0plidwuR5k9_5_orrvfnc6RU0Md8FsWHf81_fvgyqrLMKoSLkwCoAFlqvgC8
Connection: keep-alive
Content-Length: 0

GET
H3-Q050 204 attr
cm.g.doubleclick.net/pixel/ Frame B044 0
16 B 14ms
13ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LHfcjtfdiBudY5n0xkS7OY26JeWcBBkidJPNh-q9KshzkIz0lu8x547UKriQJ0GiZ8BfuHxg

Requested by

Host: 268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com
URL: https://268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:28 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-Q050 200 gYCzj-4M8Ect_HrGpifqy4m-MJzktZmRntqmlBTHKuc.js Show response
pagead2.googlesyndication.com/bg/ Frame DD06 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gYCzj-4M8Ect_HrGpifqy4m-MJzktZmRntqmlBTHKuc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8180b38fee0cf0472dfc7ac6a627eacb89be309ce4b599919edaa69414c72ae7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 15:00:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:15:00 GMT
server: sffe
age: 8173
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6234
x-xss-protection: 0
expires: Fri, 25 Feb 2022 15:00:15 GMT

GET
H3-Q050 200 Enabler_01_245.js Show response
s0.2mdn.net/879366/ Frame 18CF 110 KB
38 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_245.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/60607747/20201218063454514/728x090.html?e=69&leftOffset=0&topOffset=0&c=Bzpd8Sj7kX&t=1&renderingType=2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/60607747/20201218063454514/728x090.html?e=69&leftOffset=0&topOffset=0&c=Bzpd8Sj7kX&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 15:06:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7811
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 19:32:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Feb 2021 15:06:17 GMT

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.5.1/ Frame 18CF 60 KB
22 KB 26ms
12ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.5.1/gsap.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/60607747/20201218063454514/728x090.html?e=69&leftOffset=0&topOffset=0&c=Bzpd8Sj7kX&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/60607747/20201218063454514/728x090.html?e=69&leftOffset=0&topOffset=0&c=Bzpd8Sj7kX&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 694999
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21845
cf-request-id: 087bca3769000096e0e10b7000000001
timing-allow-origin: *
last-modified: Wed, 26 Aug 2020 23:14:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f46ecc0-eeae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mhtnO8H1qAkh1kIKiDaVO%2F35ZkI%2FNr4KMJcJMNnIDtCQlOiUQo536X6PMZcZQL%2F0xxCgniRBNCTDvbS0eRjHtDsJPKjvpKCVEUOqPGdrMyItNjHPf%2BMiYNYrAyFXisV7Mw%3D%3D"}],"max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 627313057daf96e0-FRA
expires: Tue, 15 Feb 2022 17:16:28 GMT

GET
H3-Q050 200 gYCzj-4M8Ect_HrGpifqy4m-MJzktZmRntqmlBTHKuc.js Show response
pagead2.googlesyndication.com/bg/ Frame C55E 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gYCzj-4M8Ect_HrGpifqy4m-MJzktZmRntqmlBTHKuc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8180b38fee0cf0472dfc7ac6a627eacb89be309ce4b599919edaa69414c72ae7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 15:00:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:15:00 GMT
server: sffe
age: 8173
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6234
x-xss-protection: 0
expires: Fri, 25 Feb 2022 15:00:15 GMT

POST
H3-Q050 200 view
googleads4.g.doubleclick.net/pcs/ Frame D9E4 0
22 B 42ms
41ms Other
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.kp.by
URL: https://www.kp.by/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d40dcff76d8fde160d82e59583d19251.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Thu, 25 Feb 2021 17:16:28 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 FrutigerLTW05-55Roman.woff
s0.2mdn.net/creatives/assets/3807343/ Frame 18CF 32 KB
32 KB 6ms
6ms Font
font/woff 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3807343/FrutigerLTW05-55Roman.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/60607747/20201218063454514/728x090.html?e=69&leftOffset=0&topOffset=0&c=Bzpd8Sj7kX&t=1&renderingType=2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff4d9197cfd4b9f28300e0652a527c652c0c2b746231a490bd042c04132c0309

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/60607747/20201218063454514/728x090.html?e=69&leftOffset=0&topOffset=0&c=Bzpd8Sj7kX&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:07:12 GMT
x-content-type-options: nosniff
last-modified: Thu, 09 Jul 2020 08:13:39 GMT
server: sffe
age: 556
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32429
x-xss-protection: 0
expires: Thu, 25 Feb 2021 17:22:12 GMT

GET
H3-Q050 200 FrutigerLTW05-65Bold.woff
s0.2mdn.net/creatives/assets/3807343/ Frame 18CF 32 KB
32 KB 7ms
6ms Font
font/woff 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3807343/FrutigerLTW05-65Bold.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/60607747/20201218063454514/728x090.html?e=69&leftOffset=0&topOffset=0&c=Bzpd8Sj7kX&t=1&renderingType=2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2cae88100e4c402e454488ec7d17eab3d98f569a559596b764716c5503b7fa1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/60607747/20201218063454514/728x090.html?e=69&leftOffset=0&topOffset=0&c=Bzpd8Sj7kX&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:01:42 GMT
x-content-type-options: nosniff
last-modified: Thu, 09 Jul 2020 08:13:42 GMT
server: sffe
age: 886
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32719
x-xss-protection: 0
expires: Thu, 25 Feb 2021 17:16:42 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 18CF 5 KB
4 KB 36ms
36ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_245&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b410ef6d62ed13d6e982fe375482a1814759c8b0a454c318f94bf6ec01cd8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/60607747/20201218063454514/728x090.html?e=69&leftOffset=0&topOffset=0&c=Bzpd8Sj7kX&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Feb 2021 17:16:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4068
x-xss-protection: 0

GET
H3-Q050 200 60005582_20210223065633039_Mega-Daten_Horizontal.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 18CF 12 KB
12 KB 7ms
6ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210223065633039_Mega-Daten_Horizontal.png

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e58c465f8667fdf42631f146c6ed33417598c9971f0f0244e9b27766bcc6b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/60607747/20201218063454514/728x090.html?e=69&leftOffset=0&topOffset=0&c=Bzpd8Sj7kX&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 15:10:25 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Feb 2021 14:56:33 GMT
server: sffe
age: 7563
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12109
x-xss-protection: 0
expires: Fri, 26 Feb 2021 15:10:25 GMT

GET
H3-Q050 200 60005582_20210201070650326_stoerer_tab.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 18CF 6 KB
6 KB 8ms
7ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210201070650326_stoerer_tab.png

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f2f2833f59843f55c545e231d2c2a7f454241e1c55fbcd57e6c648d0f58b1c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/60607747/20201218063454514/728x090.html?e=69&leftOffset=0&topOffset=0&c=Bzpd8Sj7kX&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 15:54:59 GMT
x-content-type-options: nosniff
last-modified: Mon, 01 Feb 2021 15:06:50 GMT
server: sffe
age: 4889
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6027
x-xss-protection: 0
expires: Fri, 26 Feb 2021 15:54:59 GMT

GET
H3-Q050 200 60005582_20210205050315073_SAM_S21Ultra_Tab.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 18CF 44 KB
44 KB 8ms
7ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210205050315073_SAM_S21Ultra_Tab.png

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe21c2c189a5efc6aa35a4f84b39029b92e9fe70bd63ebe4f243b34f75a2a321

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/60607747/20201218063454514/728x090.html?e=69&leftOffset=0&topOffset=0&c=Bzpd8Sj7kX&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 15:41:31 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 13:03:15 GMT
server: sffe
age: 5697
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45146
x-xss-protection: 0
expires: Fri, 26 Feb 2021 15:41:31 GMT

GET
H/1.1 200
OK postview.gif
portal.o2online.de/nws/img/ Frame 18CF 43 B
607 B 25ms
8ms Image
image/gif 82.113.101.132
TDDE-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14114_PV&mediacode=25124645_4307561_291119599_99613760_-0&ref=25124645_4307561_291119599_99613760_-0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 82.113.101.132 Offenbach, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS
Software: Apache /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/60607747/20201218063454514/728x090.html?e=69&leftOffset=0&topOffset=0&c=Bzpd8Sj7kX&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Feb 2021 17:16:28 GMT
Last-Modified: Wed, 26 Aug 2020 10:11:24 GMT
Server: Apache
ETag: "2b-5adc50abeeb00"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: close
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 18CF 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/60607747/20201218063454514/728x090.html?e=69&leftOffset=0&topOffset=0&c=Bzpd8Sj7kX&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Thu, 25 Feb 2021 17:16:28 GMT

GET
H3-Q050 200 gYCzj-4M8Ect_HrGpifqy4m-MJzktZmRntqmlBTHKuc.js Show response
pagead2.googlesyndication.com/bg/ Frame 2BE0 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gYCzj-4M8Ect_HrGpifqy4m-MJzktZmRntqmlBTHKuc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8180b38fee0cf0472dfc7ac6a627eacb89be309ce4b599919edaa69414c72ae7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 15:00:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:15:00 GMT
server: sffe
age: 8173
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6234
x-xss-protection: 0
expires: Fri, 25 Feb 2022 15:00:15 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2A2D 0
46 B 41ms
41ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021022401&jk=2876396792412151&bg=!ZWalZiXNAAXB_3NtwTsAKQB2-Dxa4GUIlIgMn-sIRAeOThhF73Vj0R8v5HCCxfJ1bNi1_0_tAzXUAgAAAX5SAAAAP2gBBwoBp3-blWsOp2zfiwUuomSiY3I_xChsq843CL1N4AJxTptm61q_oLOe62DLzQOngo2UAxAV6j8nQkxUg53XCrMVmvR-pzympHs8iiX83lTOaIqBb5n0lU0wjM-4e4OpX_cwmmk3nAqXsGMxPCa8m24YXXViiFHVtS3kuD1AldGz1xGcHPEFe9Syh3ynp9tdHbKKJlpP-ic5V1nGDHOjXIajxdpKWYK9rtudgJSXxClVklwRGBYvO7JJ3BpaPIrpnSisrA7IkCzZvYk3L1FzXmPzYg_D9eFfwlgEBfdVNn2JyEYakZgcQMaoGHpCVClo89wVlAalIGSpIGwMNKsXx9Syo7i1OyKiZCvLfi4HWZoI2P6NRGtQ6qJnL3QpzdKjFAw35PWchDYL7BlIiN7FCjOBtM-9be-q0FEFtb09GulypqAOhdaxW_G3CQ5Io7CNTFe0NHCseFeYEJIOBCW5MBEMD6h91kwi3Vy2NEXMJ9bpyWBtMWHGvpy38fJKMbpFs7Kjit4rQn2sDiwFxTdj4fWpfC7No4E0aQ-wu_UxAHeygeIr1goy7UTKXpkB3xDu3fBAzwCb8oVGSUKKmn1ZKifxHeCWJOKgp4Qwawdx4Qne04bn1o8QT97EsXvKlubK0coMNZga89YqdyKViI9F8oMuOqaVjLSnlXdljfAaIhJBpTWfkP7Tfgy-1y2dWLGvkDULHBrNoo74tfDSpisgUV-08Z3ggFO0ACO-8q8YBYlkqEvy8I0JVMpZoi1TCPDiq2vyX3iipmaywwoy_pR-VjQ-WBof1A9n_r9p2HWakmUL6FcUuAsQYOap9LjW_FqjArzorcA5LKY_O2FbGyY2uEX5vbNBnatzqxWEhVJ_g2w81ZzdniBGRPnjiDAWq1NpB8U5WelzyKGNlGxfJeQ4DVY1I-67L5YN6dIHs_aJT7u3OpOpcR29dy7w3kVQX_BQ31e_bsVGjopL4LtRTQKqo--5JqXE3iuAIfsxf0bvKFT7Q7CXHV2hAQCYlO3B9zahCbLx8ZmJ00vBSnR1oCza0JS-ZT75oR49_iuBaj51uFQh8M7RfcohHACiGwBFiWsIhlybWLAhAnjiCkJF3sBzlcWDTcYex0ZLzhncQi8p_cVXjaBvlrnjmccHWfYOUPEg1VQKD-VdQk1jUK3aaCCwywIDfBGlSxFjHjGoYoXsypwOwM5UPsJjEvk6rJFt

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AABD 0
23 B 40ms
40ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021022301&jk=2106699465371909&bg=!yMuly4jNAAXB_3NtwTsAKQB2-DxaupnSAUmaD6QMqy-HZFY_Ac9JRLVfaDLJi-KknGJqNDMlHUHEAgAAAYxSAAAAOGgBBwoBfGbdc1Crm0ygaKcRCe1jpGGEO7_G4OEUBggnm2TAEhGI9v0HlXEmaKAyEG7Wn50036kdta-E4VaYnlZw_ElKuiHsC3TyHBwnxfhEVlZ03xIpx88aTWiBaBRF9ME5WFETJIBoYkPoFJowYpfZMimZ_edn9KhNfuagew1z0MtyErncvOMBRbR1EGWPCZcjplch8B9qOACLueqLutRc6CODktuLLTi3BrCh14BGph7uk6aD5IyXlX0zOm1KSKvCvqjB75KNZ0fCP3K1qA_vZXVJ1GIcExX6xpLA8TFsMHa68-3Q9xubTG5J4_fyFPRYg8Kpchnb2zqCmo2GjdM6LUB7ZkFMSO7O7FpY_bIystUDDsi0cMhI0oDSIFkOtSOVfw9fFAmsrfbO3Nks5vt2quWjMqh4xKd5r3G_g5IITPl4AV72JTHFsb978bCObGWqQMSvMLM9_d4JtGawI9qEHhf3Q6s9HQqO1OOPSI3XRlC-DZpj6SGviOibDLOomZ49mQHbuchyyt76fkzpN6nrYMTQLwsDLC1aVi60rfODyytFpExoXGaDQLh2NwpQWmu47Mi1VuoVXDVqk2R4o8PJJli_pX_oV39vQplTOkEuKrov8ByZiI6o8MFEB89aAYg52_57vE3wMZ1fundsfb9DCVLVgbWyxy-0_gsQnCtrKnqVd-db4teC82Fvvg0js5-o78KFBWtxnEaNpYsCcfPAbizcW3bM0V7fjMa6TnJqK9E4kEA0a021uqQreUlcgsd83ShZx0q4weVspMEPgwGwH0C3ngqy_6GuiQTA6tpnkm_xAzKW8qNZ2yw8hsw5ITChIA8V9NMKz1ccxtmX_fgBEvwEW_EJlGsDFrIuwgc2OzLZVEujHFeD2JzHGgLGdX1NqKotijAt-eUKvp5Vx57sFsF83eW3MypN8cHBy-VyPnT2s3hd4eLVVs0ZOnv1P2JyaWFamZWJhs2og-r0gyz0fa0nnregKhILXF06sG8STwXxWKRPdp7ptjwWVuqK7zVg8XPihOqqkzWiLjfS0fSJgkAZihqfc0mQWIFP1ApgnpepWAgAoA9gNteov-zdON02AxYuqlMLgISi1tD159Z9AmMP9MqIaLf3psfcVeXpEz-dT1csh9uDTk6ZgglnqA

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DD06 0
23 B 41ms
41ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BxY33a9s3YNjDONyB2fcP5fGGiA8AAAAAOAHgBAI&bg=!0dKl0pHNAAXB_3NtwTsAKQB2-DxajRnKnz2KEALftTe83eIGjgFHHt90imoNNkGV0-iCSWFoGYEPAgAAAXtSAAAARmgBB5kChRNvsF0PZRe06VD06A_ediCkHA-Vz4tGJujJaiS3HOn9k-mxuSP19I1tBYpBRgFVO7Im8bGJVPCniYLV0ydRrIm0IUv95NIpXZ5Sl4fE2PmB2DMDoY1-vV0_uCMDhnh08fLymRKUCrvQvbiki1kRaHcaCHReQwzy-3B4B75vPuJT8ks9XJrmAfjU8vIYs8dMwh9P1O5khl1qM-DgkiUdW3kPDt8PHHAmFHXWnymYwWE-fkiULyozsX0CV4B3nEn1fFLrL20jZ3Gatn__D9Uu0v1AgSnZ0zzUoNPXXlUyBVKd-rlfIXdT03KGZFf3QN_hZGkDHCTUMEj38qhNKzmZe6n5qdwWPD73DPS9ohHu_wt_tQZqWRaSs0y56GBjDhR_CrvlTyUPHJT0wQiUSJsvpkIZM2GlmVm_VlkcnbbbbNZUYCGHgb6bMXsVhVXyiqlht4Zo8H7pA8_8Q5ethM3YMu46Fdn9Muh6aVQ-qPeY2oakP9NpWKeRmi2_oKdIxL-DP_XFX4B_kxZ646LU8YVDju6mgqrxNI1-_TMqdpF6tPUF8nFFCug_mlVwxPSooiz4fBaMf-H-bP43C6Zo6Tg27dCnc4UVn80Oz4pB16eo-b4KQHyFUqoMKi--EWkFaoTmdjRxiTC3LoETK_NukNabRN2rRI1j2y1GAutGaxUAdcSowJXhXo6yMf_o2Qw5ujwCFshzUgNRQFs-m75N7fq4g6iuUoc1QVGidI-Wlg8jxARjdaayD5NpGAHXtFrUak8UwL63Dg7uxbRapH-9CDlQzihnjoad-yhx9TkvB0qRJwgIlazbGFxpEeSu00siMdAsb1afDT9kd-jCCjvaZDDDUCV8snvDuA

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A58D 0
23 B 41ms
40ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021022401&jk=880416831108035&bg=!sbKlsvHNAAXB_3NtwTsAKQB2-DxaaKTv4b7TiW-iYy70yMSbdp3n7R5btNu7hWH4pjlTh5FfaQxTAgAAAYJSAAAAOmgBBwoAfOWJKbVovZTFkqgxt1b6KHCvRlDq-NXkWzZPLd9KGUJrcNlFfn_eN7AVsySlkoYkngETiP0NCFWkWRDmig9RDYdNf5NHrlHt5PQJju1Y1gZyniSgVPhFDsvnTwAonyXD6g5DdnPUSQuhOe3UATjHqEo2gnt31Upto3vzmjmZAd2dI27rM3rT99WPxwJ7BxP0d-axMn7BjBlvywLNtcY1FvaNCWyL97_unYmqjd_U8qVbEn9k2F2LW4Mp2hEPcDQ546f6DXpPe0tC4YUjoSqOB5rzY89clbGmiAsrk4mjYNMrzz7Z2N373psFfsf0i8wN89T95iwhy_jfr8fnvZOB0kLiJSX15FBKLhKpIIvzhOCmMXYDtuyCeSH-BXMkL-clNc5boc0cNXyWsIuhpY_35SwNhFKVXzAdRTxkSrkOR5KQ038sjBoDf29sRBQm3fq_pUqYcU_NLS3oPDDQepUN1uj6eFVMMPHHtrZeY7I4GsjxkGQqIlmjNkrtxb7QjZ2gUlyZOFJtZOVOD5wy1Rc0EH9lYCBziXTL2FMgDc_dsiYbwyOw3nvnfG2QZjb-xQ0EM9Rm_mHukB4e52ZT8T2uqRjL9WtJLmeAN50u49ertDmc-7FdEun3T-gJyV8cbcIiGD7EqE8wV4TgG2qMDOo4FYkvh5YGCUZhkzZUOxBRamHnncewZP6Dha8O05Vd-B-4dryNgmli4jH-09WW9QDeqAnvxhDHUwWe_TLrxIrb6BF5VzHbWNO73b-ZVWwr5NK6M7px0g84qXP476EZC8u8wphUM3K-bjxpLLvOZPA

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C55E 0
23 B 42ms
41ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BrMzaa9s3YNKCOYjNzAbJ5LKgCQAAAAA4AeAEAg&bg=!aWqlainNAAXB_3NtwTsAKQB2-DxamvPmuFa8Ya_9vltswWj7d8r0PfM_OsTAZ3ab3LDMZMEliL6QAgAAAW1SAAAALGgBBwoAZKxddn8j2GpZHq7TzY3TvO2YmyyVbfNPA4NZ4j333kASsPeOiZKkRm-zTcjUDKYcLcKxzPWhqZvYqtDL2gUSCLey7Upa0RPvvey4WH_2ioe9Khaf30AYmEKiB8ElBUUViwdxYDKZAsOv23rb5j5cY76pQKamXUXyZTdRPLpXp3XZlFnZwYIvAgAXP3UY3V6HNWb5OspEYPqwwcvq5MbIUWLITQKnsHmaljUxOKDc98jVkQP8NrYYeIt49m8zRPO7yvL6NVroSk2We9GrxqZ2Sdd8-KGuX_cQUjpTwmowtgt6Jqyo3MXIJKOMAfOiWy65FHfDVv74_TTGNLa4060N18tgerLT0TV-hQLFOYJIIJAJjdRgJqi0ZRy2p6p9K0uzTbqxo_5SAPWHEELrxcwNa7mU1H9hVxa_gbXI7ncbntONiSaKhvHLcoSEGxD5feLIrci1S7sGHT6rHl_2ptutaOKFofymzUR2u15kuboMfZVzZXm2Ahy9V3RY1oCCDRIUP3PPBghOr5Gl0FVhOG-3RLOXWofTUhx04wyiiNFqyjcpzDlnqhHaSRDlrdzOfbsGu4Wu6e7VwGozoqS2Dt3ES5Sl3phDLV0A-720YUtNfjUx4nD4ww1EfleBMIaMP34mMwvUdTuZMXEAYdviWgStJsJ9pYZDk-bfkH91xGvzYL8U1WR1lqFzM7zg_K7tdS8EIt6vxfxtZcBa0oSgIg1a7ksWFXiVZTKBGpL-zlfT20RwCYvenAjjS0HntHZakvhpFGbvKCcQKJ4HqrBTsMKRptbQAmyb0iIBRsr4fdr6bUFkyfamDgYbeisY9c6tPv3W3MRnxAiuQkx-UcsqDG_bk0aPSJwmMiGgFpz7ZyTifK1c932rB6DGD-w8MAwTAHrrGZzyfp014vb6IuPVFki8M5SacG4jZAR78jIR_xxP2e6I-gd7nT09f_-gaUv7dk3bk5n-3PaS2AZuEjCf64GtvDpDztUSkOOZdbNoOY_grCANlHfyMKv-yBdTgkcLJ-QHYQYZajqkE5tUFAi4zr6AwqZsJYRcEX-LsE69dFIZtkCH5PEv6pcBzHTRGA

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
38 B 58ms
58ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=d5bf4b2a116f1855&pm=bmp&pxo=8m-7uDtiKio92X2SJYFH_2gx-S6EpCI0BD_7ZWz7R4NG-oI8xWlNH3GVi9MLhWOykfU8kQculuFsTUdTSqDsTXuK86SUp1RRjDKTVUrCxgUOgb8txdbEyNRACSm_tvh8ou8ngGtrNLl-qSJYoa8pWHS2VXjbyBfKwZVQ8GB2iNffGQcD&p5=gwaok&ad-session-id=5458961614273386756&lts=ffwnijy&ytt=545357794117653&ybv=0.3040&ylv=0.3041&dl=https%3A%2F%2Fwww.kp.by%2F%3Fsection%3Dsociety&rqs=avcLRNk5nU5q2zdgbp7ct197nzEuv_n2&pr=dusyate&puid3=top&rtb-si=b&puid2=society%3Ainteresting%3Azenyandex%3Aeconomics%3Abelarus%3Aincident%3Apolitics%3Acelebrity&p2=fbao&rand=ebzmycy&sj=2gx0iLk8rBQKtU7-kR6t9Hb6MTWx0pdDb42ld2-ZPybXSDHqWtR19CDY7OkL3Q%3D%3D&puid1=adv-1614273385730-102&p1=bufue

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 25 Feb 2021 17:16:29 GMT
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 204 event
ads.adfox.ru/232598/ 0
14 B 63ms
63ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=4729857c63d5b0ab&pm=bmp&pxo=8AXCW7Zk7n2fXzaIaXK-ogE6oMkRdxkz-hbJeBJcHvwZBGm9JA0dSF_f5IVGrweptlmiG0tYdXk9lSOFP_NgUB5fMFWYz7s6WwJ4iPKzY1JvLgyhdZyRK1dxEwil6f4noN8UwBltQxyIIAo9FjYCVGGUJc2EnOuNq7weNqvdoiskMDnNQw%3D%3D&p5=igntn&ad-session-id=5458961614273386756&lts=ffwnijy&ytt=545357794117653&ybv=0.3040&ylv=0.3041&dl=https%3A%2F%2Fwww.kp.by%2F%3Fsection%3Dsociety&rqs=avcLRNk5nU5q2zdgms3fbJdXOtgeJzel&pr=dusyate&puid3=top&rtb-si=b&puid2=society%3Ainteresting%3Azenyandex%3Aeconomics%3Abelarus%3Aincident%3Apolitics%3Acelebrity&p2=gvdq&rand=hetyrzd&sj=ERmhc8dwHYROJeeXDbOCEPiuPCmoXSaLpLPChp7PvjVEwRLIraUVdFjQPtNUVQ%3D%3D&puid1=adv-1614273385733-727&p1=cljxt

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 25 Feb 2021 17:16:29 GMT
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 204 event
ads.adfox.ru/232598/ 0
14 B 55ms
55ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=f58656abf6269bd7&pm=bmp&pxo=_o_NiIwHqZZxU7H5On5dy31dTUi7Q9kinXwxiN9GIyismtj07o2YPrgHoOvWu59hP3iY2ukz96eV4qoND0xuLFVmu1M1HSX5Tw5KuvzWyolJEq5s-Uq4Mobm8NamtAZqwgQhmTIQRm7vrtUVV1dqQwSTLmw05jxT6afWlNGYXAd4ifh_dQ%3D%3D&p5=gwdbk&ad-session-id=5458961614273386756&lts=ffwnijy&ytt=545357794117653&ybv=0.3040&ylv=0.3041&dl=https%3A%2F%2Fwww.kp.by%2F%3F&rtb-si=b&p2=gftf&rand=hxwzgys&sj=G-xD_MEFtqEcC2StBWZGc6pD-sLFcpHrdBFoG5gweW3J2OCR0gaiYr7WfLqikA%3D%3D&puid1=adv-1614273385581-550&pr=dusyate&p1=cdiyj&rqs=avcLRNk5nU5q2zdgfa0K80ZypRR4p9wk

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 25 Feb 2021 17:16:29 GMT
x-content-type-options: nosniff
timing-allow-origin: *

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 3269 42 B
91 B 45ms
45ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssY2WRqVgqJT6K-Ye9xP3hSVx1Cd7jaQdIRMpSNl29v1b1zOF1ys0-W2ZVsDIgV9jwvfHk_DmuvzF08__mk-MOpTz52Wn3DWcTmYr6kAym_2Z554kLEToB4pbKrlA&sai=AMfl-YSGF8AF9rwt-pgAXDeTm4sopvEUciklDPlo_tBH9SA8Z2Oj6n0OHvup8mf7hJyc33dJ6ITHdFnUR8kJL0yIZiGz7EgkHXFaX-XjuyjOxEM_4RADzoTDGqynGtNO&sig=Cg0ArKJSzMFAud5GL40dEAE&cid=CAASF-RoTqUXAkkpDg3CqajxjB-nDqJoX3uG&id=ampim&o=1100,491&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=198&tls=1198&g=100&h=100&tt=1198&r=v&avms=ampa&adk=597425137

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F67D 42 B
155 B 45ms
44ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssMa-qKjKYJ08aAMHkTD7ZMOUHPq9EXV9ndxsZIuJxF9AqL04xsE8n42IKMJ4Knqloh17FjDGd5HzJrqzLMHh-WG7BXQfC8evr4j7py6khjRh4Mt73HaThGDWvVWw&sai=AMfl-YS0BQrTJ6VqzFeClRsIfag5Cmd-DltxPXyNLkT-NYGHWtk1FA8tVy67uKjFJwauTHuZbcABGtCD9vb0EM1F8H-ViQcvkxVTPG3z3Z32BnWHU7i3mmyJSWOxkVc&sig=Cg0ArKJSzJ1pfYGw9usPEAE&cid=CAASEuRoAdGQpLldPgCUctkmZqhNlA&id=osdim&mcvt=1000&p=0,0,604,160&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20210224&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&app=0&itpl=20&adk=445563806&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1614273387823&dlt=48&rpt=421&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bundle.js Show response
yastatic.net/q/set/s/rsya-tag-users/ Frame 13A0 105 KB
106 KB 53ms
53ms Script
application/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js
Requested by: Host: www.kp.by
URL: https://www.kp.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx/1.17.9 /
Resource Hash: e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264

Request headers

Referer: https://yastatic.net/safeframe-bundles/0.80/1-1-0/render.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:29 GMT
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
server: nginx/1.17.9
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1213
timing-allow-origin: *
content-length: 107764
expires: Thu, 25 Feb 2021 17:33:47 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ Frame 13A0 122 KB
43 KB 44ms
43ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

3eee3b037e3951c286d8baa2d4e436090bc58602786f73803d6901effe2875ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://yastatic.net/safeframe-bundles/0.80/1-1-0/render.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:29 GMT
content-encoding: br
last-modified: Sat, 20 Feb 2021 13:25:23 GMT
etag: "60310dc3-a99f"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 43423
expires: Thu, 25 Feb 2021 18:16:29 GMT

GET
H2 200 data Show response
yandex.ru/set/s/rsya-tag-users/ Frame 13A0 400 B
1 KB 225ms
129ms Fetch
application/json 2a02:6b8:a::a
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/set/s/rsya-tag-users/data?referrer=https%3A%2F%2Fwww.kp.by%2F

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

f3ebb728dbde19de6789f60b2992531733435d95914ec996fff3cd842ff47a3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://yastatic.net/safeframe-bundles/0.80/1-1-0/render.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:29 GMT
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: public,max-age=300
access-control-allow-credentials: true
content-length: 400
x-xss-protection: 1; mode=block

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 13A0 31 KB
12 KB 36ms
17ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

b4ceacee581031a4014c658e33aa47874612b4c25c1aed8ef682cada98b99d6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/safeframe-bundles/0.80/1-1-0/render.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12348
x-xss-protection: 0
server: cafe
etag: 7672817363517198860
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 25 Feb 2021 17:16:29 GMT

GET
H3-Q050

200

/
www.google.de/pagead/1p-user-list/1014923426/ Frame 13A0
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=hzaUCJ-7nWMQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=hzaUCJ-7nWMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=bds3YOOZKZCtzAatxrrYBg...
https://www.google.com/pagead/1p-user-list/1014923426/?label=hzaUCJ-7nWMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1992291265&crd=&is_vtc=1&random=34952678
https://www.google.de/pagead/1p-user-list/1014923426/?label=hzaUCJ-7nWMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1992291265&crd=&is_vtc=1&random=34952678&ipr=y

42 B
66 B

19ms
19ms

Image
image/gif

2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1014923426/?label=hzaUCJ-7nWMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1992291265&crd=&is_vtc=1&random=34952678&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/safeframe-bundles/0.80/1-1-0/render.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:29 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/1014923426/?label=hzaUCJ-7nWMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1992291265&crd=&is_vtc=1&random=34952678&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-user-list/1014923426/ Frame 13A0
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=bds3YOWdKcrmzAbA77jQCg...
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1731026017&crd=&is_vtc=1&random=2810821639
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1731026017&crd=&is_vtc=1&random=2810821639&ipr=y

42 B
108 B

20ms
19ms

Image
image/gif

2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1731026017&crd=&is_vtc=1&random=2810821639&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/safeframe-bundles/0.80/1-1-0/render.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:29 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1731026017&crd=&is_vtc=1&random=2810821639&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/3/ Frame 13A0
Redirect Chain

https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fwww.kp.by%2F&charset=utf-8&browser-info=pv%3A1%3Agdp...
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fwww.kp.by%2F&charset=utf-8&browser-info=pv%3A1%3Ag...

35 B
89 B

51ms
50ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fwww.kp.by%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A%3Avf%3Aqtcqyojs4f5z2n%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A433%3Acn%3A1%3Adp%3A0%3Als%3A1216553588373%3Ahid%3A379153387%3Az%3A60%3Ai%3A20210225181629%3Aet%3A1614273390%3Ac%3A1%3Arn%3A347324772%3Au%3A1614273390232092832%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1614273387466%3Ads%3A0%2C0%2C45%2C0%2C0%2C0%2C%2C22%2C0%2C71%2C71%2C0%2C71%3Adsn%3A0%2C0%2C45%2C0%2C0%2C0%2C%2C25%2C0%2C71%2C71%2C0%2C71%3Ati%3A2%3Ast%3A1614273390

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://yastatic.net/safeframe-bundles/0.80/1-1-0/render.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:29 GMT
x-content-type-options: nosniff
last-modified: Thu, 25-Feb-2021 17:16:29 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 35
x-xss-protection: 1; mode=block
expires: Thu, 25-Feb-2021 17:16:29 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:29 GMT
last-modified: Thu, 25-Feb-2021 17:16:29 GMT
location: /watch/3/1?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fwww.kp.by%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A%3Avf%3Aqtcqyojs4f5z2n%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A433%3Acn%3A1%3Adp%3A0%3Als%3A1216553588373%3Ahid%3A379153387%3Az%3A60%3Ai%3A20210225181629%3Aet%3A1614273390%3Ac%3A1%3Arn%3A347324772%3Au%3A1614273390232092832%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1614273387466%3Ads%3A0%2C0%2C45%2C0%2C0%2C0%2C%2C22%2C0%2C71%2C71%2C0%2C71%3Adsn%3A0%2C0%2C45%2C0%2C0%2C0%2C%2C25%2C0%2C71%2C71%2C0%2C71%3Ati%3A2%3Ast%3A1614273390
strict-transport-security: max-age=31536000
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: Thu, 25-Feb-2021 17:16:29 GMT

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame 13A0 3 KB
1 KB 120ms
120ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1614273389691&cv=9&fst=1614273389691&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dmacos%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.kp.by%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3bdd07f0912ef5ab5a0731134d70c332eab1e39be16bfaf1d659806ca61007cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/safeframe-bundles/0.80/1-1-0/render.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1111
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame 13A0 3 KB
1 KB 119ms
119ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1614273389695&cv=9&fst=1614273389695&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dmacos%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.kp.by%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a32abc5aa41813453d0aac84e80928b7f23457bdc7453912256795079a2c1666

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/safeframe-bundles/0.80/1-1-0/render.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1111
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame 13A0 3 KB
1 KB 118ms
118ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1614273389698&cv=9&fst=1614273389698&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dmacos%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.kp.by%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e60a618361b9174867ccde0acf961f83f6b2ef73c8bdfc45a0a8d794609e7ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/safeframe-bundles/0.80/1-1-0/render.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1111
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame 13A0 3 KB
1 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1614273389699&cv=9&fst=1614273389699&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dmacos%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.kp.by%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d522074d39550efb149464f9c57d7a0592b428b4a326e0891e3205cc07126b5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/safeframe-bundles/0.80/1-1-0/render.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1108
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame 13A0 42 B
135 B 20ms
19ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1614273389699&cv=9&fst=1614272400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dmacos%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.kp.by%2F&async=1&fmt=3&is_vtc=1&random=2120404664&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/safeframe-bundles/0.80/1-1-0/render.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/693627671/ Frame 13A0 42 B
154 B 35ms
35ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/693627671/?random=1614273389699&cv=9&fst=1614272400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dmacos%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.kp.by%2F&async=1&fmt=3&is_vtc=1&random=2120404664&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/safeframe-bundles/0.80/1-1-0/render.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ Frame 13A0 43 B
150 B 44ms
43ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://yastatic.net/safeframe-bundles/0.80/1-1-0/render.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 17:16:29 GMT
last-modified: Sat, 20 Feb 2021 13:25:23 GMT
etag: "60310dc3-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Feb 2021 18:16:29 GMT

GET
H2 200 37412095 Show response
mc.yandex.ru/watch/ Frame 13A0 186 B
347 B 45ms
45ms XHR
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fwww.kp.by%2F&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%22%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22macos%22%2C%22browser%22%3A%22chrome%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Agdpr%3A6%3Avf%3Aqtcqyojs4f5z2n%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A433%3Acn%3A2%3Adp%3A1%3Als%3A366532776003%3Ahid%3A379153387%3Az%3A60%3Ai%3A20210225181629%3Aet%3A1614273390%3Ac%3A1%3Arn%3A1020342011%3Au%3A161427339038650209%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1614273387466%3Ads%3A0%2C0%2C45%2C0%2C0%2C0%2C%2C22%2C0%2C71%2C71%2C0%2C71%3Adsn%3A0%2C0%2C45%2C0%2C0%2C0%2C%2C25%2C0%2C71%2C71%2C0%2C71%3Arqnl%3A1%3Ati%3A2%3Ast%3A1614273390%3At%3A

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

335a55bb9a771b542590144d144f0b5dfe51613284d0394eea9a095324c05b78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://yastatic.net/safeframe-bundles/0.80/1-1-0/render.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:29 GMT
x-content-type-options: nosniff
last-modified: Thu, 25-Feb-2021 17:16:29 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 186
x-xss-protection: 1; mode=block
expires: Thu, 25-Feb-2021 17:16:29 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame 13A0 42 B
66 B 22ms
21ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1614273389691&cv=9&fst=1614272400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dmacos%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.kp.by%2F&async=1&fmt=3&is_vtc=1&random=3690715734&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/safeframe-bundles/0.80/1-1-0/render.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/947884341/ Frame 13A0 42 B
66 B 21ms
20ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/947884341/?random=1614273389691&cv=9&fst=1614272400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dmacos%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.kp.by%2F&async=1&fmt=3&is_vtc=1&random=3690715734&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/safeframe-bundles/0.80/1-1-0/render.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame 13A0 42 B
66 B 23ms
22ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1614273389695&cv=9&fst=1614272400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dmacos%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.kp.by%2F&async=1&fmt=3&is_vtc=1&random=4011441158&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/safeframe-bundles/0.80/1-1-0/render.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/693627671/ Frame 13A0 42 B
135 B 20ms
19ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/693627671/?random=1614273389695&cv=9&fst=1614272400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dmacos%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.kp.by%2F&async=1&fmt=3&is_vtc=1&random=4011441158&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/safeframe-bundles/0.80/1-1-0/render.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame 13A0 42 B
66 B 20ms
20ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1614273389698&cv=9&fst=1614272400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dmacos%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.kp.by%2F&async=1&fmt=3&is_vtc=1&random=2091055949&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/safeframe-bundles/0.80/1-1-0/render.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/947884341/ Frame 13A0 42 B
66 B 23ms
22ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/947884341/?random=1614273389698&cv=9&fst=1614272400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dmacos%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.kp.by%2F&async=1&fmt=3&is_vtc=1&random=2091055949&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yastatic.net/safeframe-bundles/0.80/1-1-0/render.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1TrGtufU0Pa100000000U9nJpFhExNBJSgwVOMNCXVd7DtTnMsRVDazW009Fc4XevCHwfrXpCnQ6L4QWU6Pbp1kmUAa4a5SBKjlA22Ad0cKL66Oo2YOpWC52HhKW26ib8wiwXBKHPCA4TY2nbr4-N9BXA5ZcAYD8-2uZWmm3mr_6MKmC37EPG29hcNu1oRDC_u7WA...
an.yandex.ru/rtbcount/ 43 B
161 B 47ms
47ms Image
image/gif 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/rtbcount/1TrGtufU0Pa100000000U9nJpFhExNBJSgwVOMNCXVd7DtTnMsRVDazW009Fc4XevCHwfrXpCnQ6L4QWU6Pbp1kmUAa4a5SBKjlA22Ad0cKL66Oo2YOpWC52HhKW26ib8wiwXBKHPCA4TY2nbr4-N9BXA5ZcAYD8-2uZWmm3mr_6MKmC37EPG29hcNu1oRDC_u7WATCBPWQ6Lqm2x3CExwcCOM0uttZPNsSFAyDV9bQG4vX1P2-p0CWXp23DSvcPG5O3IGM8rSmiaawXgnGEUPzaXldwAbZbNJ3vazd1YH-iSXQBGc9Pia-GNxPfNgXfaL5LIhffZaLAQbbWaQ-JSMHuLKx6GXPEBIEmuXKi4uynxc1XEi32U85bmiODqtykEhnPx2OBnByVx1-of871FVktB22_Jc2TEk51JqD3pG9MpfEirf8GTLzPGNwSmFRgtVe5KtQVE-S70A5BTFO0?confirmTime=2100000&confirmRatio=1000000&test-tag=339749092982786&format-type=89&actual-format=73&rnd=8506235923674&renderWidth=1560&renderHeight=200

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:29 GMT
content-encoding: gzip
last-modified: Thu, 25 Feb 2021 17:16:29 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 25 Feb 2021 17:16:29 GMT

GET
H2 200 WHyejI_zO980hGW0f0r2Vv5PGV_HaGK0aW4GW8200J5hspTW000003Zks2680XYv0abdYfCpjGPyy0A3q8ZG3F050Q06m0791cht2qJPEPrEXtbSx9_7iueBg0he1uWBCAeB47yXpKTvN000VGRKJooyy0i6c0xgxg-WbBlEpawe3_cumVxv-Ap52v0GgEoG_Q6yl...
an.yandex.ru/count/ 43 B
152 B 56ms
55ms Image
image/gif 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/count/WHyejI_zO980hGW0f0r2Vv5PGV_HaGK0aW4GW8200J5hspTW000003Zks2680XYv0abdYfCpjGPyy0A3q8ZG3F050Q06m0791cht2qJPEPrEXtbSx9_7iueBg0he1uWBCAeB47yXpKTvN000VGRKJooyy0i6c0xgxg-WbBlEpawe3_cumVxv-Ap52v0GgEoG_Q6yleEU0V28bwJW507O5S6AzkoZZxpyO_205fMGu8o0W7p95l0_WHUe5mcP6D0O4FWOW1cm6RWPqXaIUM5YSrzpPN9sPN8lSZKmCoqqw1c0mWFm6O320n80TcoiD0L3mKOe6YRHBOGi4yDpsKgopAtu02B9y55kq22LRuYC3LRjd2aIrSEAyCSoQ6oeP60Z2W00~1=WXCejI_zO9m1JH0051lbQE0Id0AApxF0w1200PA05uW1suYnXroG0TxHfAdBW8200fW1tj6agKkW0TQe0TQu0R35vVWWs06GhUsM0U01aF774EW1ZWFu0PIwthu1c0BkjxCMe0BmjxCMc0F0X3sm0vmBY0NewnoG1OUy7R05lgq8k0M-hGZ01VM6AyB70-05TwW6m06u1u05f0_n1m00mlZRcSaAqmY-N2tdvJ_W2e29UjaBULpidyUpYWle2-Zh78WC-E7UlW6f303d2h3AEe2_w0oR1fWDyyn9Fw0Em8GzsG-04CYKtnkXu169rCW1w16OWktX_DwGkSb0nDX0_0Ix5mMcr3-O4mAe4v2ni9VveiEp5k0Jlgq8Y1IOXwgQmeoIyVK1e1I-hGYe58UywEV3_mNe58m2q1NevyF_1TWLmOhsxAEFlFnZe1RGvB211h0MsWJ95j0M-E7UlW615vWN--694RWN0S0NjGBO5y24FUWN0PaOe1WAi1Zvbz-11hWO0VWOiiwuq8ZBgCcp0O0PYHax6P0P0Q0Pm06u6V___m7W6GBe6O320_0PWC83WHh__zieE8wD890QW8017006nJXJ1vaDPHIA21eYeNo41hrP_GusaDoNvbqb4rXWjRWpf9Si44n6h8B6q89Gsq0wu8H5eCPln218l19Yz1o3VF39vHXHyv1TAPqRMFUQX0JR11m0~1?stat-id=24&test-tag=339749285946881&format-type=89&actual-format=73&pcodever=13930&banner-test-tags=eyI3MjA1NzYwNDE0NzU0OTI5NSI6IjU3MzYxIn0%3D&renderWidth=1560&renderHeight=200&confirmTime=2100000&confirmRatio=1000000&wmode=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:30 GMT
content-encoding: gzip
last-modified: Thu, 25 Feb 2021 17:16:30 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 25 Feb 2021 17:16:30 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
37 B 54ms
54ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=e21d8ee272829014&pm=bmn&pxo=_o_NiIwHqZZxU7H5On5dy31dTUi7Q9kinXwxiN9GIyismtj07o2YPrgHoOvWu59hP3iY2ukz96eV4qoND0xuLFVmu1M1HSX5Tw5KuvzWyolJEq5s-Uq4Mobm8NamtAZqwgQhmTIQRm7vrtUVV1dqQwSTLmw05jxT6afWlNGYXAd4ifh_dQ%3D%3D&p5=gwdbk&ad-session-id=5458961614273386756&lts=ffwnijy&ytt=545357794117653&ybv=0.3040&ylv=0.3041&dl=https%3A%2F%2Fwww.kp.by%2F%3F&rtb-si=b&p2=gftf&rand=iastymj&sj=G-xD_MEFtqEcC2StBWZGc6pD-sLFcpHrdBFoG5gweW3J2OCR0gaiYr7WfLqikA%3D%3D&puid1=adv-1614273385581-550&pr=dusyate&p1=cdiyj&rqs=avcLRNk5nU5q2zdgfa0K80ZypRR4p9wk

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 25 Feb 2021 17:16:30 GMT
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 204 event
ads.adfox.ru/232598/ 0
14 B 60ms
59ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=f015ec9422291a68&pm=bmn&pxo=8m-7uDtiKio92X2SJYFH_2gx-S6EpCI0BD_7ZWz7R4NG-oI8xWlNH3GVi9MLhWOykfU8kQculuFsTUdTSqDsTXuK86SUp1RRjDKTVUrCxgUOgb8txdbEyNRACSm_tvh8ou8ngGtrNLl-qSJYoa8pWHS2VXjbyBfKwZVQ8GB2iNffGQcD&p5=gwaok&ad-session-id=5458961614273386756&lts=ffwnijy&ytt=545357794117653&ybv=0.3040&ylv=0.3041&dl=https%3A%2F%2Fwww.kp.by%2F%3Fsection%3Dsociety&rqs=avcLRNk5nU5q2zdgbp7ct197nzEuv_n2&pr=dusyate&puid3=top&rtb-si=b&puid2=society%3Ainteresting%3Azenyandex%3Aeconomics%3Abelarus%3Aincident%3Apolitics%3Acelebrity&p2=fbao&rand=dnefapp&sj=2gx0iLk8rBQKtU7-kR6t9Hb6MTWx0pdDb42ld2-ZPybXSDHqWtR19CDY7OkL3Q%3D%3D&puid1=adv-1614273385730-102&p1=bufue

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 25 Feb 2021 17:16:30 GMT
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 204 event
ads.adfox.ru/232598/ 0
37 B 68ms
68ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=2339dfb09d570715&pm=bmq&pxo=8m-7uDtiKio92X2SJYFH_2gx-S6EpCI0BD_7ZWz7R4NG-oI8xWlNH3GVi9MLhWOykfU8kQculuFsTUdTSqDsTXuK86SUp1RRjDKTVUrCxgUOgb8txdbEyNRACSm_tvh8ou8ngGtrNLl-qSJYoa8pWHS2VXjbyBfKwZVQ8GB2iNffGQcD&p5=gwaok&ad-session-id=5458961614273386756&lts=ffwnijy&ytt=545357794117653&ybv=0.3040&ylv=0.3041&dl=https%3A%2F%2Fwww.kp.by%2F%3Fsection%3Dsociety&rqs=avcLRNk5nU5q2zdgbp7ct197nzEuv_n2&pr=dusyate&puid3=top&rtb-si=b&puid2=society%3Ainteresting%3Azenyandex%3Aeconomics%3Abelarus%3Aincident%3Apolitics%3Acelebrity&p2=fbao&rand=bphfppo&sj=2gx0iLk8rBQKtU7-kR6t9Hb6MTWx0pdDb42ld2-ZPybXSDHqWtR19CDY7OkL3Q%3D%3D&puid1=adv-1614273385730-102&p1=bufue

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 25 Feb 2021 17:16:32 GMT
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 204 event
ads.adfox.ru/232598/ 0
14 B 70ms
69ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=97fd30f5c6aa06fe&pm=bmq&pxo=8AXCW7Zk7n2fXzaIaXK-ogE6oMkRdxkz-hbJeBJcHvwZBGm9JA0dSF_f5IVGrweptlmiG0tYdXk9lSOFP_NgUB5fMFWYz7s6WwJ4iPKzY1JvLgyhdZyRK1dxEwil6f4noN8UwBltQxyIIAo9FjYCVGGUJc2EnOuNq7weNqvdoiskMDnNQw%3D%3D&p5=igntn&ad-session-id=5458961614273386756&lts=ffwnijy&ytt=545357794117653&ybv=0.3040&ylv=0.3041&dl=https%3A%2F%2Fwww.kp.by%2F%3Fsection%3Dsociety&rqs=avcLRNk5nU5q2zdgms3fbJdXOtgeJzel&pr=dusyate&puid3=top&rtb-si=b&puid2=society%3Ainteresting%3Azenyandex%3Aeconomics%3Abelarus%3Aincident%3Apolitics%3Acelebrity&p2=gvdq&rand=npuqqm&sj=ERmhc8dwHYROJeeXDbOCEPiuPCmoXSaLpLPChp7PvjVEwRLIraUVdFjQPtNUVQ%3D%3D&puid1=adv-1614273385733-727&p1=cljxt

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 25 Feb 2021 17:16:32 GMT
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 204 event
ads.adfox.ru/232598/ 0
14 B 61ms
61ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=f6ff7b9ed96545c4&pm=bmq&pxo=_o_NiIwHqZZxU7H5On5dy31dTUi7Q9kinXwxiN9GIyismtj07o2YPrgHoOvWu59hP3iY2ukz96eV4qoND0xuLFVmu1M1HSX5Tw5KuvzWyolJEq5s-Uq4Mobm8NamtAZqwgQhmTIQRm7vrtUVV1dqQwSTLmw05jxT6afWlNGYXAd4ifh_dQ%3D%3D&p5=gwdbk&ad-session-id=5458961614273386756&lts=ffwnijy&ytt=545357794117653&ybv=0.3040&ylv=0.3041&dl=https%3A%2F%2Fwww.kp.by%2F%3F&rtb-si=b&p2=gftf&rand=gloyece&sj=G-xD_MEFtqEcC2StBWZGc6pD-sLFcpHrdBFoG5gweW3J2OCR0gaiYr7WfLqikA%3D%3D&puid1=adv-1614273385581-550&pr=dusyate&p1=cdiyj&rqs=avcLRNk5nU5q2zdgfa0K80ZypRR4p9wk

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 25 Feb 2021 17:16:32 GMT
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 204 event
ads.adfox.ru/232598/ 0
14 B 349ms
121ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=b30215049985b1b4&pm=bmr&pxo=8m-7uDtiKio92X2SJYFH_2gx-S6EpCI0BD_7ZWz7R4NG-oI8xWlNH3GVi9MLhWOykfU8kQculuFsTUdTSqDsTXuK86SUp1RRjDKTVUrCxgUOgb8txdbEyNRACSm_tvh8ou8ngGtrNLl-qSJYoa8pWHS2VXjbyBfKwZVQ8GB2iNffGQcD&p5=gwaok&ad-session-id=5458961614273386756&lts=ffwnijy&ytt=545357794117653&ybv=0.3040&ylv=0.3041&dl=https%3A%2F%2Fwww.kp.by%2F%3Fsection%3Dsociety&rqs=avcLRNk5nU5q2zdgbp7ct197nzEuv_n2&pr=dusyate&puid3=top&rtb-si=b&puid2=society%3Ainteresting%3Azenyandex%3Aeconomics%3Abelarus%3Aincident%3Apolitics%3Acelebrity&p2=fbao&rand=kfspuji&sj=2gx0iLk8rBQKtU7-kR6t9Hb6MTWx0pdDb42ld2-ZPybXSDHqWtR19CDY7OkL3Q%3D%3D&puid1=adv-1614273385730-102&p1=bufue

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 25 Feb 2021 17:16:37 GMT
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 204 event
ads.adfox.ru/232598/ 0
14 B 332ms
123ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=948f75c3d1b5654b&pm=bmr&pxo=8AXCW7Zk7n2fXzaIaXK-ogE6oMkRdxkz-hbJeBJcHvwZBGm9JA0dSF_f5IVGrweptlmiG0tYdXk9lSOFP_NgUB5fMFWYz7s6WwJ4iPKzY1JvLgyhdZyRK1dxEwil6f4noN8UwBltQxyIIAo9FjYCVGGUJc2EnOuNq7weNqvdoiskMDnNQw%3D%3D&p5=igntn&ad-session-id=5458961614273386756&lts=ffwnijy&ytt=545357794117653&ybv=0.3040&ylv=0.3041&dl=https%3A%2F%2Fwww.kp.by%2F%3Fsection%3Dsociety&rqs=avcLRNk5nU5q2zdgms3fbJdXOtgeJzel&pr=dusyate&puid3=top&rtb-si=b&puid2=society%3Ainteresting%3Azenyandex%3Aeconomics%3Abelarus%3Aincident%3Apolitics%3Acelebrity&p2=gvdq&rand=lhlchns&sj=ERmhc8dwHYROJeeXDbOCEPiuPCmoXSaLpLPChp7PvjVEwRLIraUVdFjQPtNUVQ%3D%3D&puid1=adv-1614273385733-727&p1=cljxt

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 25 Feb 2021 17:16:37 GMT
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 204 event
ads.adfox.ru/232598/ 0
107 B 273ms
115ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=74344f86944f46ba&pm=bmr&pxo=_o_NiIwHqZZxU7H5On5dy31dTUi7Q9kinXwxiN9GIyismtj07o2YPrgHoOvWu59hP3iY2ukz96eV4qoND0xuLFVmu1M1HSX5Tw5KuvzWyolJEq5s-Uq4Mobm8NamtAZqwgQhmTIQRm7vrtUVV1dqQwSTLmw05jxT6afWlNGYXAd4ifh_dQ%3D%3D&p5=gwdbk&ad-session-id=5458961614273386756&lts=ffwnijy&ytt=545357794117653&ybv=0.3040&ylv=0.3041&dl=https%3A%2F%2Fwww.kp.by%2F%3F&rtb-si=b&p2=gftf&rand=ldsxkpr&sj=G-xD_MEFtqEcC2StBWZGc6pD-sLFcpHrdBFoG5gweW3J2OCR0gaiYr7WfLqikA%3D%3D&puid1=adv-1614273385581-550&pr=dusyate&p1=cdiyj&rqs=avcLRNk5nU5q2zdgfa0K80ZypRR4p9wk

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kp.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 25 Feb 2021 17:16:37 GMT
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 200 dc_oe=ChMIkuTu_sSF7wIViCbTCh1JsgyUEAAYACDA-L8vQhMI3NrR_sSF7wIVaYZ3Ch0cDAMK;met=1;&timestamp=1614273398621;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame D9E4 42 B
498 B 165ms
75ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIkuTu_sSF7wIViCbTCh1JsgyUEAAYACDA-L8vQhMI3NrR_sSF7wIVaYZ3Ch0cDAMK;met=1;&timestamp=1614273398621;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d40dcff76d8fde160d82e59583d19251.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Feb 2021 17:16:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: google2waycm.netmng.com
URL: https://google2waycm.netmng.com/cm/?google_gid=CAESENgDI9uvQ6tgfg3F2ej_zgw&google_cver=1&google_push=AQvitUIbFu0Mm0N7o-eZbXn2LjMgOKmBYWvrc0ccyfryErqoHtcpJVuWIGklc46QmLjtKuaHVhGRUpnHktZP7HZnT7CTuQcclRA

Domain: um.wbtrk.net
URL: https://um.wbtrk.net/doubleclick/user/match?google_gid=CAESEIAshmFq08YbIoceJN9FAJw&google_cver=1&google_push=AQvitUL1ImsRcFy22DjekHB-2yfVMR1qdpXfCEdvHKtWtzD9ump4GV7L1KrdMgynfHDUVQ9ppySkbyQp-Fvrgw8afu9VQN7ErxDR

Verdicts & Comments Add Verdict or Comment

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.kp.by/	1970-01-20 00:24:04	Name: tmr_reqNum Value: 2
.kp.by/	1970-01-19 16:24:35	Name: _ym_visorc Value: b
.kp.by/	1970-01-20 01:10:09	Name: _ym_uid Value: 1614273386335967376
.kp.by/	1970-01-19 16:25:45	Name: _ym_isad Value: 2
.kp.by/	1970-01-20 00:24:04	Name: tmr_lvid Value: 630016224165cf3b83b938b8ae4abbf6
.kp.by/	1970-01-20 01:10:09	Name: _ym_d Value: 1614273386
.kp.by/	1970-01-19 16:24:33	Name: _gat_UA-23870775-31 Value: 1
.kp.by/	1970-01-19 16:24:33	Name: _gat_UA-23870775-13 Value: 1
.kp.by/	1970-01-19 16:24:33	Name: _gat_UA-5200037-32 Value: 1
.kp.by/	1970-01-20 09:55:45	Name: _ga Value: GA1.2.736874391.1614273386
.kp.by/	1970-01-20 00:24:04	Name: tmr_lvidTS Value: 1614273386062
.kp.by/	1970-01-20 09:55:45	Name: __upin Value: Jsz4R65DBhRtVy+8NTWIsA
.kp.by/	1970-01-19 16:24:33	Name: _dc_gtm_UA-23870775-1 Value: 1
.kp.by/	1970-01-20 16:24:33	Name: __gfp_64b Value: sSnWtPG_2nFmVANd4UzYnf7.tlgFLL4Z90X9HbK9JyH.57\|1614273386
.kp.by/	1970-01-19 16:34:38	Name: w3k Value: 5c1e8f1d-71a5-4645-9573-35a20129395e
.kp.by/	1970-01-19 16:25:59	Name: _gid Value: GA1.2.1060767860.1614273386
.kp.by/	1970-01-19 16:34:38	Name: w3t Value: eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOiI1YzFlOGYxZC03MWE1LTQ2NDUtOTU3My0zNWEyMDEyOTM5NWUiLCJqdGkiOiI3NmU2NTEzOC00OTgxLTRjYTctYmM1Ny0zYWEzOTY3YTYzODQiLCJzdWIiOiJzZXNzaW9uIiwiZXhwIjoxNjE0ODc4MTg0LCJpYXQiOjE2MTQyNzMzODQsIm5iZiI6MTYxNDI3MzM4NCwiX3ZlcnNpb24iOjEsIl9wYXRoIjoiLyIsImlzcyI6eyJlc3NlbnRpYWwiOnRydWUsInZhbHVlcyI6WyJ3d3cua3AuYnkiXX0sIl90cmFjZSI6ImRkNjU3MzlmMTdhM2Q0MjZhZjhmYzcxNmQxYTI2MWM1IiwiX3BheWxvYWRzIjp7ImdlbyI6eyJjb2RlciI6eyJyZWdpb24iOjAsInVwZGF0ZWQiOiIyMDIxLTAyLTI1VDE3OjE2OjI0Ljc2ODIxNSJ9fX19.iQdjCVUzbVsp8xkKaBM3xGZfj2-3fLdDE1_6qVC0aEOvdM5WeALXplz9Qj4TyzCC93v2LgTgXEJzQBbW2vRmKJLQMwktdUBkJHNxoRJI8b64Bt4Q5L-VIcW3-s0jSo8RkMAGOxWS2XIayNl2wBVOtFRDXzi06-uDEO2NZZpYCAz4qkKWqgIQ8iKeXCbdAaKW1W3HUpnLNzq3mKpvDQHNgh1UHHeI_nvvEXKPsDHkd_52B00XaRr1-eRAqAgF9BiMmBz9Jp5DsttStGIhdBBid1KC52ngyPEjbzAy7REJeqpeKvzm10Hwnihl7zZySp98eWDxp09QqHl9WBiKjdmcYQ

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://s3.stc.all.kpcdn.net/s0/2.0.100/adaptive/vendors~adaptive.js(Line 28) Message: ---> PUBLIC CALLBACK onBidsRecieved:
console-api	log	URL: https://s3.stc.all.kpcdn.net/s0/2.0.100/adaptive/vendors~adaptive.js(Line 28) Message: ---> PUBLIC CALLBACK onBidsRecieved: [object Object],[object Object],[object Object]
console-api	info	URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2010270040000 https://www.kp.by/

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src wss: https:
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0e40bcd1-d702-4fb2-b7a1-de475d7f3a94.sync.upravel.com
268db2211e8d97bc83b0d05c3ddf1ab3.safeframe.googlesyndication.com
3c021f42f589682000f52b6d36135318.safeframe.googlesyndication.com
a.sportradarserving.com
ad.mail.ru
ad.turn.com
ade.googlesyndication.com
ads.adfox.ru
adservice.google.com
adservice.google.de
aidata-sync.rutarget.ru
an.yandex.ru
avatars.mds.yandex.net
bidder.criteo.com
cdn.ampproject.org
cdnjs.cloudflare.com
cm.g.doubleclick.net
cm.p.altergeo.ru
counter.yadro.ru
d40dcff76d8fde160d82e59583d19251.safeframe.googlesyndication.com
dsum-sec.casalemedia.com
exchange.buzzoola.com
gaby.hit.gemius.pl
gcm.ctnsnet.com
google2waycm.netmng.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
identity.kp.house
idntfy.ru
image6.pubmatic.com
match.adsrvr.org
matchid.adfox.yandex.ru
mc.yandex.ru
o442949.ingest.sentry.io
otclick-adv.ru
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.advertising.com
pm.w55c.net
portal.o2online.de
px.adhigh.net
r.turn.com
s0.2mdn.net
s10.stc.all.kpcdn.net
s11.stc.all.kpcdn.net
s12.stc.all.kpcdn.net
s13.stc.all.kpcdn.net
s14.stc.all.kpcdn.net
s15.stc.all.kpcdn.net
s16.stc.all.kpcdn.net
s2.stc.all.kpcdn.net
s3.stc.all.kpcdn.net
s8.stc.m.kpcdn.net
s9.stc.all.kpcdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
smi2.net
stat.media
static.criteo.net
stats.g.doubleclick.net
sync.crwdcntrl.net
sync.dmp.otm-r.com
sync.upravel.com
target.smi2.net
top-fwz1.mail.ru
tpc.googlesyndication.com
tr.blismedia.com
um.wbtrk.net
ups.analytics.yahoo.com
us-u.openx.net
vk.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.kp.by
www.tns-counter.ru
x.bidswitch.net
x01.aidata.io
yandex.ru
yastatic.net
ysa-static.passport.yandex.ru
google2waycm.netmng.com
um.wbtrk.net
136.243.42.249
136.243.48.22
138.201.139.144
142.250.185.130
142.250.185.98
142.250.186.34
149.202.199.193
172.217.23.98
176.9.158.88
178.159.244.92
178.250.0.165
18.156.0.31
18.194.183.62
184.25.115.49
184.30.20.241
185.64.189.115
193.232.148.147
195.201.106.117
2001:678:cb4:bbbb::11
2001:6d0:4001::226
216.58.212.130
217.69.133.145
2606:4700::6810:125e
2a00:1148:db00::17
2a00:1450:4001:800::200e
2a00:1450:4001:801::2002
2a00:1450:4001:801::2008
2a00:1450:4001:809::2001
2a00:1450:4001:810::2002
2a00:1450:4001:810::2004
2a00:1450:4001:827::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2006
2a00:1450:400c:c07::9d
2a02:24b0:300:2::1
2a02:2638:1::13
2a02:2638::3
2a02:6b8:20::215
2a02:6b8::16b
2a02:6b8::184
2a02:6b8::1:119
2a02:6b8::5:114
2a02:6b8::90
2a02:6b8:a::a
3.127.88.255
34.120.195.249
34.246.156.173
34.96.105.8
34.98.64.218
35.186.193.173
37.252.172.250
46.228.164.11
46.46.137.179
5.254.23.204
52.58.146.86
52.59.28.101
66.155.71.25
77.88.21.179
80.64.106.149
82.113.101.132
82.202.225.229
82.202.225.240
87.240.190.72
88.198.16.238
88.212.201.210
89.108.120.68
95.163.94.178
99.80.128.92
007a727b8a054a2275b69102803a7ae2dbd79a36828b62fbf96cf4281fd4be20
0194c4c6ff7c124aca3d93c4f51a4ee8d70e337a7985ec7897fe4c8923c038b6
047fdbf3dd63585f86c0bd61891f3add77bb4d21fc5d25ac4d2c41732ba2b465
0a260d517ea104ee7b816495317d16f1f8eedf48eb3a057380abbfaa3f7cfe02
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bf02cb0a87a382a7e50202ee57fae4db8c8ff64c8a4c2beb999ea17867bcf52
0e11856e6f59e090cb14b9b9e4e038909efdcabdf93f8cd8ce040ce3cb6aee74
0e60a618361b9174867ccde0acf961f83f6b2ef73c8bdfc45a0a8d794609e7ac
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
0f9ce7e3db7da8c396aa907426f524a7825cdc95afa14144b0b2a670d3125471
1122981b6fc5a2be8221d3727550a88c740658463fcb4df25e5e9ae8ee2efbad
12191786b7f1885effe5f390c48f9f485180e04e2bf165b7b535de11af2be1b5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
137fe4bbbc68587f4ace933695e76f6a41120254b59d20513fde2ad70430b15e
15033df32a4476be8451b99b40bd5dba267b479166175979fcb384f070e7c112
1572ad6ead12c30c9c138ad297b18369ebbe3efc66d651ff16bb298106cb1b18
17b306004e039418cd04d64cd0028f33ec0b74633d634179f2578c4a83fd480d
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
19a7a35799af01652db684fea04bf7ccce788dc9cda6f5fcd440d4589a63ed18
1aba1d012707078b584c1b0a52a441a43868fd16938423a184aa2785ce8ba72b
1ad24c5aeee6aefe4368ed6bd5fa78eeb21ef8614da7a081ee53c8c5715410b3
1b1db222b077acfb267dc5868a08d7f6148d922fdaa8510e00dfec63f0bca537
1ba975279ab0e870cd496604c41e1955e56d7b54bc9135f150c916862d51ef59
1c2fd04bc7557ff3208e06324dba5f6e0538554a026630abba81dbb398a5a27d
21236e65d3312d0ee4887280f9fe66294b15d41414469a26adcd77c0a424c8e1
237cebced8b55f2d47fa3329d5de75bb0ec8275f57af6339caa4476060924cae
23f9e99f5fb4b863713c1f4f35f2fa61af22b9a58d3bdffb70266fe2fe0ce29b
249b8d7e6b46b3ca57c38a40099ca03c19e9ba1db01c97038b63384a3ffc6678
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
29cb071ee699d6d768f10a89c71856cbb45d6727909427d230ed22c79583fc34
2ba116d3a7e2f67f7664eaa57c7ea21c2a5285e324cf678f0b7155f6c5ef45f9
2d201a4f96c5a13348d387453d5da19aad07e575f06837c95574bbc75e239a89
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ea6594700eadc561dce18df33d16ff9d07ff631d4f6f4eae734bfe34e900f0c
2f0114359c2a6f1e32c01576c374794c8d2ff3f5a5622e889b447fac1f23e6b0
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
31917fefe9860410e5f1045bd1ac5484d6eda992a11b0770d006c4a809a42cad
33242c90b73ced11978583b168b05c528f21a314c2671235d853ff39fbd7f553
335a55bb9a771b542590144d144f0b5dfe51613284d0394eea9a095324c05b78
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
345da7c19b56d35e255a18ce8efe26a10e0908e56d0e1e8117cbf3bdea320d74
3622d2f55f5ab177594a4b9d1bb0c8642b3f8289e373ac0d5afd3435b1015930
37f7a934f714bf265769789b8514887586b3e5747bfba9ea5c792a506454bcd7
3bdd07f0912ef5ab5a0731134d70c332eab1e39be16bfaf1d659806ca61007cd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3eee3b037e3951c286d8baa2d4e436090bc58602786f73803d6901effe2875ab
40cc818c8b06374b11230d18b2b54f8c7f2a7668b94ac9ee00d6a106cf0efd8b
4173109b1a62ff1ff40fd35ec9db17b4756eff50103b69b6f7e9063af4045220
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb
47ed07052dd34ea075b75ec641566997d2f4f921c185eaf030a3f276084c83f7
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4a82aad9404ab8f8614d01ddfb7ddd90a2711fb5871ff8444d57d72f7e62c8db
4b1d4ea37cd015a22a5720e4e4916d54ad57a86c181eb26adeb5fb2ec4d403f3
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50b44d7cac5522a01742c296a6e40e45d2e7d9b7c121f1f65d13253f8e7bd0af
51365ede9b0d57dd92357a3772a42fc51b39ac76ab690793459ed1d7ea486f71
520fc7c9151fef58715a4c07afb0c01e45153c5e539ad57a428fa45213c5cea5
531a8ab53503f3c2c0575708f669a69965f7f4b525d5e9fe78128e6d75267781
533ae756b74e13b1ee953a81f64ca9d04903a3eeac2a95f27ae1798c2a0b45d5
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55d22383548d78053ceefdeaf85b256a754ecdac7f9a88a6b03dd69a0b1ae499
58b410ef6d62ed13d6e982fe375482a1814759c8b0a454c318f94bf6ec01cd8c
5982d3e517c48f6b8ba0ee9cf575a2d5ead50f8687149be79c346cbfd3994385
5ad84bc681177a52e62d763d427f952db5a80789241be7e6ea0c8b9d4baea46d
5e7950fb3f4467022e1188330ad9949ba500cd3e30106d5b312a4e13caa8a57b
5ed61e775baaa0c010e0d575e6ffd15948898fd583abb85d8657214e0dbeb311
618182c87a3fa8698c9e9c466d1d5f3b11e55150668f446cb4ac7e4e7ec180e2
69e31d53d95f965695db3712f85925810e90cc839a793c87adfcb21eb637673e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b961d8c573b508ec9ae7c9ab8536e78b09dbf0555b7962e475ab541ee3d4e5b
6cc283b26200ccfd30ab67d3c9477ee18bd937ab41591eddf5bc099b49529f6c
704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9
72faac096aec54962ef22049b08b78c210fb45dc9817d93b9b7e1bc6fdedd4fa
77d5e22593e3b596d3cdca1ce035cda03982e9fb9fc0dee308fe452c19869ce4
77e29e7c2ef665fb66daa4adbd5a877ad518b9698c165e1a486813acf9ee84f2
7e127248e337984b3c6e76679419309e7ce47a080c61b443e15a2a05f173cf65
7f2f2833f59843f55c545e231d2c2a7f454241e1c55fbcd57e6c648d0f58b1c1
8180b38fee0cf0472dfc7ac6a627eacb89be309ce4b599919edaa69414c72ae7
83245e30d6ee857fc3e799c70c42d06267e2302803bfadfe9f130eabf9975aad
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85074e37aaa1740c305218817c2c924dc2b4f9a2f7caf86995cb67e99edb26e8
865256ac07510023e5644a18435a1c4e6ba5b885219868b3a032529d81e93ce4
870b2aa31c41ba833e28e8e1eb5d6e4ed828cadf9d40a40a6ebf343a0abdc4b0
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
87e66fd00cb9ec6acb9e8ef14ef9ca52e571522f3c0bfa93764e57382003b44b
8b42cf99b0a59168669878da7557e478a79bce6fcdbc16b3cf3ab078633dddd4
8bcd3d517334fd01be59447e7ad8539bdadd71a297c686e90018b671851d5a10
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d9dabf6e58fba15accb0e0a5c52c9d7bb717ee1efae2868a682bdeeeee4be01
91743453d0664861bc3a6e483f2694a9d63e8d4ba913568269297a521f67e73e
92a82d0233445685062df7115e244b34f3e71657d0c80f54cce716b5952eb8dc
9455997c8dab866ac14c864efc2ccc1f9d52634e7120e674e3f8ff2876a15b46
94cf658d2c7345f5472d9d4514ade118d9f9bed0d50a5fc4a02fb9dcd2c8d8c6
9517287e593128dc687fbf684614a4156c6722e2d8bbc9d8698170fdab874d72
9603ebabc2d4e9a219f2a672b03af997e2d6d7388270c4c91ec271653fad0059
9a10b1418ae87e1667a44c85f39b5e1af9b8a24279d9a2743c0859d478f3f925
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ba484681d0972c8f5fdd10ab0986c9fa68a6511ef29684db473cc2fab186e38
9bda28c777edfbfbbcceda8c1ac485dd4c51e849014850f37fe70a169cf8cae1
9ec204561656bab028c2fb1d77312a95e26333f39b4a2a274049423f023acf5f
9ecb2486715e96c25c80f6ac9339fc28b78331929022753cfbf255c254bb36b6
a19c3da3f27d44c18cdeeeff961e9a2941292f2d370992f4ecdc3422829de6e0
a2a92b21a620185b98530f1526313dc0ebfef004bed64762a3998c31ecaf0c50
a32abc5aa41813453d0aac84e80928b7f23457bdc7453912256795079a2c1666
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b3a2a3d13b57f07aa855cf974c90cad593a53ac0f53cdc58d5f49c91eb2092
a69ee9b06c1b080f8188a443bb68770b37fa5f30a4dd1727893d85aa83d8225e
a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1
aaf5cc0ce8e17128a07f4de1b0df7cd7d26f494f28617d67b0e5d09b13b59ba4
aff9add142c417eeaf8966893460863d55a62bc989a569149b4ec5ec76e28108
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094
b2cae88100e4c402e454488ec7d17eab3d98f569a559596b764716c5503b7fa1
b4ceacee581031a4014c658e33aa47874612b4c25c1aed8ef682cada98b99d6d
b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42
b6c55ebb9ef7d3666f5d6c7ba431080887188df15fe3cd0828d0a84fdfa6b6b1
b84221e0bd5dbd7dc93c1ad32010405c36c8049ab8b6c64ab7353cbf96541073
b8e58c465f8667fdf42631f146c6ed33417598c9971f0f0244e9b27766bcc6b0
bb30a8d67f0f4946fc31e28de4113a5a4952df19d6b7aa55945484fa06a080fb
bb6562181af5855351ff3e9d1eadd59fd71bf6cbb31cc7b40de2b3cbc87533ad
bbecfe7e2b6c94c6dad55abb37a606b004c98bb953db243969598a5f7553cd09
bc1d24054895fb0e8e4214645705fb503908e52b24cff5c5e0051618479a1ea5
be0d0030b779aa63a7208db3452dfe70ea323adeb7cc9c655100988a9324df1f
c2592aa4f66105c0e0938f1154c81cac1bb3049031bb7aad0e4884c39d9d5038
c43ec701452feed03d1029523af6c5689ac70be11e4a76c59c7bc08a848b5a0c
c54109a2c7e819afc5ec62cf3d3509642c4bd383182cfdeb46c5d90187ba9fa4
c56753d65523d8f283bc5c91a2138be0fe30179ad6235101e325242c5d264f13
c581b8540d83167365a7f04f90b4f7aaf118650047a15b395501cfb531f2fe73
c5fa5d3dccec9e1dbfce87adc8688a373556fde88eb68b9dcdae0455afe298eb
ca9c59926a557a02c88f80af382d13bd979ec26f31d532ab841cd5c64a7a6acf
cb1d959930fb320fe89efd3735b30a395fb2ccefade85950ef1f0e7d9c22a0ee
cc44b384c5b2bfc76cfe7513d0990c80fc0d8d77c15d03988c9557145e81a1a8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf4fd69acb1565846efb8bd5dbea06795e9eaea7c26b394378e7096aa58bbbd7
d0d3334b0e03ecf1b038ce1c08691e2410f4de876ece521597c2a08ab0fcd65f
d26e14a485c00fd48c1f5974e29e9b62682d8682830256d8fd8499e1c1de4691
d522074d39550efb149464f9c57d7a0592b428b4a326e0891e3205cc07126b5e
d6741300d879ccbb127695dea942f142a3bf74294d0dbff52189c14dc481b871
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
dc87a5ef62c49afd1f989d227b4c929a43f3e35f81150ba72d15533ae9980b80
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de72bca1a2c4df4956b365dd861dfccba620e9b8619500285b1602abc9d117e7
e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264
e2f126a8957c32db99e94d1bf7c9ed09fcd38ba99bd632ebd048f01f9c5f9c9b
e35378520c304edafbf099cf697e897ad09fe7b3fa1395deb82b58b0f2be6b5c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c76a2c144a77c4a356216afd25c207af413cdebd28d78c480f98534f5797b2
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e4e19393324693a6908036b447a1e1a1b6b9cef7609b7a2ef2b25583a2ebcf89
e638d0a2e34839411a00a5b34800a1dbf737b68fcea0b85c683e0d46414d3556
e716be8447c1d8191ec07facf7d6c4fb5bd9573060af1acd3a799fbe5079ce1d
e7b3be6202c39c011cff76f83cf36d0917e4f26d2deacb0a83d618b111b39759
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
e9cbc2bbd8dc23ccdb0b5b456630494a5ac8ab482eb473d3b4ce4dfd07b9d15b
ea298c43d616acadef7f98793c8eab993b8d7e02dbcee7413716eb119385a89c
ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b
f1e572871055c1d0e152936f664d5fb075f505b99b412a4776f65a7abe80b505
f3ebb728dbde19de6789f60b2992531733435d95914ec996fff3cd842ff47a3e
f708d626a9dae05c55d1d522802185d96a374ff8170922fbd58e864dea81680b
f92e31b2bc6a4466fe64796c9131d8b99d27c7e2a5bb68ab30ee480fc5a649af
fb0ff5b0c239bfaaa61271b8c45625ce47ffbaa89fea390cc12451b31652a4eb
fb7e801532f5d5e68a0573dac476805a5484dadc08840e7500e622bdf0adb5db
fcde081f00c04cd51c18db38f73887221d474c15bba5088b3f99e0ae7a7b9cff
fe21c2c189a5efc6aa35a4f84b39029b92e9fe70bd63ebe4f243b34f75a2a321
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6
ff4d9197cfd4b9f28300e0652a527c652c0c2b746231a490bd042c04132c0309

www.kp.by Open in urlscan Pro 178.159.244.92 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

303 Requests

99 %HTTPS

38 %IPv6

56 Domains

86 Subdomains

54 IPs

8 Countries

4388 kBTransfer

10443 kBSize

17 Cookies

32 Outgoing links

Redirected requests

303 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 21 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.kp.by Open in urlscan Pro
178.159.244.92 Public Scan

Screenshot
Live screenshot

Full Image

303
Requests

99 %
HTTPS

38 %
IPv6

56
Domains

86
Subdomains

54
IPs

8
Countries

4388 kB
Transfer

10443 kB
Size

17
Cookies

303 HTTP transactions
21 data transactions