www.pressball.by Open in urlscan Pro
93.125.48.95 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://pressball.by/
Effective URL:
https://www.pressball.by/
Submission: On October 11 via api (October 11th 2020, 7:18:38 pm UTC) from GB

Summary HTTP 256 Redirects Links 31 Behaviour Indicators

Summary

This website contacted 47 IPs in 14 countries across 36 domains to perform 256 HTTP transactions. The main IP is 93.125.48.95, located in Belarus and belongs to BELPAK-AS BELPAK, BY. The main domain is www.pressball.by.
TLS certificate: Issued by RapidSSL RSA CA 2018 on September 12th 2019. Valid for: a year.

This is the only time www.pressball.by was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 143	93.125.48.95 93.125.48.95	6697 (BELPAK-AS...) (BELPAK-AS BELPAK)
3	2a02:6b8:20::215 2a02:6b8:20::215	13238 (YANDEX) (YANDEX)
6	87.240.190.72 87.240.190.72	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS http://vk.com)
1 1	87.240.129.187 87.240.129.187	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS http://vk.com)
1	2a00:1450:400... 2a00:1450:4001:819::2008	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1 5	217.69.133.145 217.69.133.145	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
2	81.19.89.16 81.19.89.16	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
1	2a00:1450:400... 2a00:1450:4001:81b::200a	15169 (GOOGLE) (GOOGLE)
1 3	2a02:6b8::16b 2a02:6b8::16b	13238 (YANDEX) (YANDEX)
5	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	2a02:6b8::90 2a02:6b8::90	13238 (YANDEX) (YANDEX)
1	178.250.0.166 178.250.0.166	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 4	149.202.199.193 149.202.199.193	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE)
3	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:81f::200e	15169 (GOOGLE) (GOOGLE)
1	149.202.222.105 149.202.222.105	16276 (OVH) (OVH)
1	193.239.68.97 193.239.68.97	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
2 6	54.38.133.137 54.38.133.137	16276 (OVH) (OVH)
2 7	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1	88.212.242.60 88.212.242.60	7979 (SERVERS-COM) (SERVERS-COM)
1	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 4	2a02:6b8::1:254 2a02:6b8::1:254	13238 (YANDEX) (YANDEX)
2	2a02:6b8::2:158 2a02:6b8::2:158	13238 (YANDEX) (YANDEX)
1 2	54.38.133.12 54.38.133.12	16276 (OVH) (OVH)
1	78.155.195.11 78.155.195.11	49505 (SELECTEL) (SELECTEL)
1	104.16.68.69 104.16.68.69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	65.9.95.127 65.9.95.127	16509 (AMAZON-02) (AMAZON-02)
1	37.157.6.246 37.157.6.246	198622 (ADFORM) (ADFORM)
1	23.210.249.164 23.210.249.164	16625 (AKAMAI-AS) (AKAMAI-AS)
2	185.33.220.240 185.33.220.240	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	188.42.29.196 188.42.29.196	7979 (SERVERS-COM) (SERVERS-COM)
1	69.173.144.140 69.173.144.140	26667 (RUBICONPR...) (RUBICONPROJECT)
1	18.195.63.250 18.195.63.250	16509 (AMAZON-02) (AMAZON-02)
1	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	172.217.22.98 172.217.22.98	15169 (GOOGLE) (GOOGLE)
2 3	77.88.21.179 77.88.21.179	13238 (YANDEX) (YANDEX)
1 2	52.95.123.167 52.95.123.167	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:819::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:81c::2004	15169 (GOOGLE) (GOOGLE)
1	85.206.143.247 85.206.143.247	43811 (TELIA-LIE...) (TELIA-LIETUVA)
256	47

143 93.125.48.95 (Belarus) 2 redirects

ASN6697 (BELPAK-AS BELPAK, BY)
PTR: 93-125-48-95.hoster.by

pressball.by	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.pressball.by	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forum.pressball.by	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8:20::215 (Russian Federation)

ASN13238 (YANDEX, RU)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 87.240.190.72 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU)
PTR: srv72-190-240-87.vk.com

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.240.129.187 (Russian Federation) 1 redirects

ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU)
PTR: srv187-129-240-87.vk.com

userapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 217.69.133.145 (Russian Federation) 1 redirects

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.19.89.16 (Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: kraken.rambler.ru

counter.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kraken.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8::16b (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

matchid.adfox.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::90 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.166 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtax.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 149.202.199.193 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ua1.host.hit.gemius.pl

gaby.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.202.222.105 (France)

ASN16276 (OVH, FR)
PTR: ovhfr9.host.hit.gemius.pl

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.239.68.97 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: c.bigmir.net

c.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.38.133.137 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ip137.ip-54-38-133.eu

lv.adocean.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::1:119 (Moscow, Russian Federation) 2 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.242.60 (Russian Federation)

ASN7979 (SERVERS-COM, US)

serve.5visions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::1:254 (Moscow, Russian Federation) 2 redirects

ASN13238 (YANDEX, RU)

mc.admetrica.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::2:158 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

banners.adfox.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.38.133.12 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip12.ip-54-38-133.eu

adlv.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.155.195.11 (Russian Federation)

ASN49505 (SELECTEL, RU)

get.5visions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.68.69 (United States)

ASN13335 (CLOUDFLARENET, US)

dmx.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.95.127 (Seattle, United States)

ASN16509 (AMAZON-02, US)

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.246 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.249.164 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-164.deploy.static.akamaitechnologies.com

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.240 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.29.196 (Luxembourg) 1 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.63.250 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-63-250.eu-central-1.compute.amazonaws.com

ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.30 (Poland)

ASN204995 (RTB-HOUSE-AMS, NL)
PTR: ip-185-184-8-30.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.22.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s18-in-f98.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 77.88.21.179 (Russian Federation) 2 redirects

ASN13238 (YANDEX, RU)
PTR: adfox-external-l3-engine.stable.qloud-b.yandex.net

ads.adfox.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.123.167 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a3b99ed8deebfb4f0aa7ec97384a7229.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.206.143.247 (Kaunas, Lithuania)

ASN43811 (TELIA-LIETUVA, LT)
PTR: 85-206-143-247.static.zebra.lt

node.setupad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
143	pressball.by 2 redirects pressball.by www.pressball.by forum.pressball.by	4 MB
17	yandex.ru 3 redirects matchid.adfox.yandex.ru an.yandex.ru mc.yandex.ru	250 KB
15	googlesyndication.com pagead2.googlesyndication.com a3b99ed8deebfb4f0aa7ec97384a7229.safeframe.googlesyndication.com tpc.googlesyndication.com	305 KB
7	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net securepubads.g.doubleclick.net	107 KB
7	gemius.pl 2 redirects gaby.hit.gemius.pl ls.hit.gemius.pl adlv.hit.gemius.pl	13 KB
6	adocean.pl 2 redirects lv.adocean.pl	191 KB
6	vk.com vk.com	72 KB
5	ampproject.org cdn.ampproject.org	108 KB
5	amazon-adsystem.com 1 redirects c.amazon-adsystem.com aax-eu.amazon-adsystem.com	33 KB
5	adfox.ru 2 redirects banners.adfox.ru ads.adfox.ru	189 KB
5	criteo.com rtax.criteo.com bidder.criteo.com gum.criteo.com	493 B
5	criteo.net static.criteo.net	83 KB
5	mail.ru 1 redirects top-fwz1.mail.ru	16 KB
4	admetrica.ru 2 redirects mc.admetrica.ru	2 KB
4	google.com 1 redirects adservice.google.com www.google.com	1 KB
3	yastatic.net yastatic.net	119 KB
2	betweendigital.com 1 redirects ads.betweendigital.com	1 KB
2	adnxs.com ib.adnxs.com	2 KB
2	5visions.com serve.5visions.com get.5visions.com	382 KB
2	googletagservices.com www.googletagservices.com	44 KB
2	google.de adservice.google.de	1 KB
2	google-analytics.com www.google-analytics.com	18 KB
2	gstatic.com fonts.gstatic.com	51 KB
2	rambler.ru counter.rambler.ru kraken.rambler.ru	62 KB
1	setupad.com node.setupad.com	208 B
1	pubmatic.com hbopenbid.pubmatic.com	117 B
1	creativecdn.com prebid-eu.creativecdn.com	170 B
1	360yield.com ice.360yield.com	512 B
1	rubiconproject.com fastlane.rubiconproject.com	2 KB
1	casalemedia.com as-sec.casalemedia.com	1 KB
1	adform.net adx.adform.net	450 B
1	districtm.io dmx.districtm.io
1	bigmir.net c.bigmir.net	426 B
1	googleapis.com fonts.googleapis.com	780 B
1	googletagmanager.com www.googletagmanager.com	36 KB
1	userapi.com 1 redirects userapi.com	170 B
256	36

	Domain	Requested by
137	www.pressball.by	www.pressball.by
8	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.pressball.by tpc.googlesyndication.com pagead2.googlesyndication.com
7	mc.yandex.ru	2 redirects www.pressball.by mc.yandex.ru
7	an.yandex.ru	yastatic.net an.yandex.ru
6	lv.adocean.pl	2 redirects www.pressball.by
6	pagead2.googlesyndication.com	www.pressball.by pagead2.googlesyndication.com securepubads.g.doubleclick.net
6	vk.com	www.pressball.by vk.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	static.criteo.net	yastatic.net www.pressball.by lv.adocean.pl static.criteo.net
5	top-fwz1.mail.ru	1 redirects www.pressball.by top-fwz1.mail.ru
5	pressball.by	2 redirects www.pressball.by
4	mc.admetrica.ru	2 redirects www.pressball.by
4	gaby.hit.gemius.pl	1 redirects www.pressball.by gaby.hit.gemius.pl
3	ads.adfox.ru	2 redirects www.pressball.by
3	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.pressball.by
3	c.amazon-adsystem.com	www.pressball.by c.amazon-adsystem.com
3	bidder.criteo.com	static.criteo.net lv.adocean.pl
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.pressball.by
3	matchid.adfox.yandex.ru	1 redirects yastatic.net
3	yastatic.net	www.pressball.by yastatic.net
2	www.google.com	1 redirects www.pressball.by
2	aax-eu.amazon-adsystem.com	1 redirects c.amazon-adsystem.com
2	ads.betweendigital.com	1 redirects www.pressball.by
2	ib.adnxs.com	lv.adocean.pl
2	adlv.hit.gemius.pl	1 redirects www.pressball.by
2	banners.adfox.ru	www.pressball.by
2	www.googletagservices.com	pagead2.googlesyndication.com www.pressball.by
2	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.gstatic.com	fonts.googleapis.com
1	node.setupad.com	www.pressball.by
1	a3b99ed8deebfb4f0aa7ec97384a7229.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	hbopenbid.pubmatic.com	lv.adocean.pl
1	prebid-eu.creativecdn.com	lv.adocean.pl
1	ice.360yield.com	lv.adocean.pl
1	fastlane.rubiconproject.com	lv.adocean.pl
1	as-sec.casalemedia.com	lv.adocean.pl
1	adx.adform.net	lv.adocean.pl
1	dmx.districtm.io	lv.adocean.pl
1	get.5visions.com	serve.5visions.com
1	gum.criteo.com	static.criteo.net
1	serve.5visions.com	www.pressball.by
1	kraken.rambler.ru	www.pressball.by
1	stats.g.doubleclick.net	www.google-analytics.com
1	c.bigmir.net	www.pressball.by
1	ls.hit.gemius.pl	gaby.hit.gemius.pl
1	rtax.criteo.com	www.pressball.by
1	fonts.googleapis.com	www.pressball.by
1	counter.rambler.ru	www.pressball.by
1	forum.pressball.by	www.pressball.by
1	www.googletagmanager.com	www.pressball.by
1	userapi.com	1 redirects
256	53

This site contains links to these domains. Also see Links.

Domain
ads.adfox.ru
forum.pressball.by
www.facebook.com
twitter.com
vkontakte.ru
www.instagram.com
t.me
www.pbliga.com
bff.by
hockey.by
www.livescore.in
maxline.by
www.bgk-meshkova.com
www.bigmir.net
top.mail.ru
top100.rambler.ru
www.db.by
rozumsoft.ru
www.webpay.by

Subject Issuer	Validity	Valid
pressball.by RapidSSL RSA CA 2018	`2019-09-12` - `2020-11-10`	a year	crt.sh
*.yastatic.net Yandex CA	`2020-09-29` - `2021-03-30`	6 months	crt.sh
*.vk.com GlobalSign Organization Validation CA - SHA256 - G2	`2020-06-09` - `2022-06-10`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
forum.pressball.by RapidSSL RSA CA 2018	`2019-09-12` - `2020-11-10`	a year	crt.sh
*.mail.ru GlobalSign Organization Validation CA - SHA256 - G2	`2019-01-18` - `2021-01-18`	2 years	crt.sh
*.rambler.ru RapidSSL RSA CA 2018	`2019-04-15` - `2021-06-13`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
matchid.adfox.yandex.ru Yandex CA	`2020-09-29` - `2021-03-24`	6 months	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2020-09-04` - `2020-12-03`	3 months	crt.sh
an.yandex.by Yandex CA	`2020-10-01` - `2021-04-01`	6 months	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2020-09-04` - `2020-12-03`	3 months	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2019-09-11` - `2021-09-24`	2 years	crt.sh
*.gstatic.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
c.bigmir.net Let's Encrypt Authority X3	`2020-10-03` - `2021-01-01`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.adocean.pl Sectigo ECC Domain Validation Secure Server CA	`2020-01-27` - `2022-02-05`	2 years	crt.sh
mc.yandex.ru Yandex CA	`2020-09-29` - `2021-03-11`	5 months	crt.sh
*.5visions.com Sectigo RSA Domain Validation Secure Server CA	`2019-11-18` - `2020-12-11`	a year	crt.sh
mc.admetrica.ru Yandex CA	`2020-09-29` - `2021-03-28`	6 months	crt.sh
*.games.s3.yandex.net Yandex CA	`2020-09-29` - `2021-03-30`	6 months	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-06` - `2022-02-16`	2 years	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.360yield.com Amazon	`2020-08-26` - `2021-09-26`	a year	crt.sh
*.creativecdn.com RapidSSL RSA CA 2018	`2019-01-11` - `2021-04-11`	2 years	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
*.adfox.ru Yandex CA	`2020-09-29` - `2021-03-11`	5 months	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2020-06-15` - `2021-06-15`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
node.setupad.com Let's Encrypt Authority X3	`2020-09-20` - `2020-12-19`	3 months	crt.sh

This page contains 21 frames:

Primary Page: https://www.pressball.by/
Frame ID: 76607AB892BECBCCC19CDCEDBB063BC6
Requests: 188 HTTP requests in this frame

Frame: https://www.pressball.by/includes/banners/load.php?id=1078
Frame ID: 98FE1C9A459F1C5D68E4EC9C6DBCEEC8
Requests: 2 HTTP requests in this frame

Frame: https://www.pressball.by/includes/banners/load.php?id=718
Frame ID: 99EBC440D4A70F9CD3D2D4E999827E31
Requests: 2 HTTP requests in this frame

Frame: https://www.pressball.by/includes/banners/load.php?id=741
Frame ID: 928430076FF0E3FE53C6BC7CB5A36E06
Requests: 2 HTTP requests in this frame

Frame: https://vk.com/widget_community.php?app=2869320&width=200px&_ver=1&gid=32932065&mode=3&color1=&color2=&color3=&class_name=&url=https%3A%2F%2Fwww.pressball.by%2F&referrer=&title=%D0%9F%D1%80%D0%B5%D1%81%D1%81%D0%B1%D0%BE%D0%BB%20-%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%B1%D0%B5%D0%BB%D0%BE%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%B3%D0%BE%20%D1%81%D0%BF%D0%BE%D1%80%D1%82%D0%B0&17519196411
Frame ID: 5F71C7C71831F2D3D5F9EC8F43EEDC85
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201007/r20190131/zrt_lookup.html
Frame ID: CCB76D929B80D57A8E45376BFB5D39DC
Requests: 1 HTTP requests in this frame

Frame: https://www.pressball.by/includes/banners/load.php?id=1078
Frame ID: 05E6AEF381A15BC2C9666FDE110872B9
Requests: 2 HTTP requests in this frame

Frame: https://www.pressball.by/includes/banners/load.php?id=718
Frame ID: F34D1C999DC0EADC0A984EAFB970D85B
Requests: 2 HTTP requests in this frame

Frame: https://www.pressball.by/includes/banners/load.php?id=741
Frame ID: FC0A19AECF0BA669E937D2E87ECC7674
Requests: 2 HTTP requests in this frame

Frame: https://vk.com/widget_community.php?app=2869320&width=200px&_ver=1&gid=32932065&mode=3&color1=&color2=&color3=&class_name=&url=https%3A%2F%2Fwww.pressball.by%2F&referrer=&title=%D0%9F%D1%80%D0%B5%D1%81%D1%81%D0%B1%D0%BE%D0%BB%20-%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%B1%D0%B5%D0%BB%D0%BE%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%B3%D0%BE%20%D1%81%D0%BF%D0%BE%D1%80%D1%82%D0%B0&17519196411
Frame ID: D21ECD993BDBE4D722E6DFC18EED4408
Requests: 1 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: EF6CA39E62AA79E831DDA9017D3F3B26
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1328253596984991&output=html&adk=1812271804&adf=3025194257&lmt=1602443896&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.pressball.by%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602443895880&bpp=20&bdt=884&idt=281&shv=r20201007&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6074519396904&frm=20&pv=2&ga_vid=1681610997.1602443896&ga_sid=1602443896&ga_hid=1929285742&ga_fc=0&iag=0&icsg=281200150907440&dssz=46&mdo=0&mso=512&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44729771%2C21067105%2C21066706&oid=3&pvsid=134891609860675&pem=240&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=301
Frame ID: FABF4B447900726C1063A567A820EAA6
Requests: 1 HTTP requests in this frame

Frame: https://lv.adocean.pl/files/js/aomini.js
Frame ID: 41EFD7FC841D851153E8E8AEB6A7B264
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.pressball.by
Frame ID: FA0D2C67FAD88FDE3BC3096ADF3B9BF3
Requests: 1 HTTP requests in this frame

Frame: https://mc.admetrica.ru/show?cmn_id=13579&plt_id=37246&crv_id=101542&evt_t=render&ad_type=banner&rnd=1150936239&redir=1
Frame ID: 43680D66B66E7C5782646A5340B9CDDF
Requests: 1 HTTP requests in this frame

Frame: https://mc.admetrica.ru/show?cmn_id=12430&plt_id=33568&crv_id=90304&evt_t=render&ad_type=banner&rnd=2022725842&redir=1
Frame ID: B7258E6C2494B8609529859D3807F9FE
Requests: 1 HTTP requests in this frame

Frame: https://lv.adocean.pl/files/x/qbm/mjjghng/tknhntsqez/ldt3Y37cfk_190527.js
Frame ID: 263B49E619C7BEC2FF60582D8F2D1CC0
Requests: 29 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=BO7IYi6O7IYi6AKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&dl=rbd_cnv&dcc=t
Frame ID: EFA99CB922B368603732A46A22CE6148
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012009282107000/amp4ads-v0.js
Frame ID: 2247189B2B2F93B42B0C76AAFF873A9E
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html
Frame ID: 6192EB741459F96CF441152EE5613558
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html
Frame ID: 0A5F3739C3B2E0D41D4AC8D8B2B7EB4E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://pressball.by/ HTTP 301
https://pressball.by/ HTTP 301
https://www.pressball.by/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /https?:\/\/an\.yandex\.ru\//i

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /mc\.yandex\.ru\/metrika\/watch\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
script /jquery-ui.*\.js/i

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
script /jquery-ui.*\.js/i

Gemius () Expand

Overall confidence: %
Detected patterns

script /hit\.gemius\.pl\/xgemius\.js/i
script /hit\.gemius\.pl/i
script /xgemius\.js/i

Page Statistics

256
Requests

98 %
HTTPS

40 %
IPv6

36
Domains

53
Subdomains

47
IPs

14
Countries

6378 kB
Transfer

9368 kB
Size

35
Cookies

31 Outgoing links

These are links going to different origins than the main page.

URL: https://ads.adfox.ru/239538/goLink?ad-session-id=4397341602443896127&hash=41da24d84e32f527&sj=8M8EZ41JzRoJziJaTHELd_X-Uf-r30epD_DraQZqxXUwFX5MEn7WQtflJIQPCyGqUx-LpFhUhVcMzF9790HFRjg9UlcCOokk0Cq6uryBGw%3D%3D&rand=cnuzqpy&rqs=d84l7YBhymh4WoNfW6-uWebwEr_o5qnp&pr=kmmjdrl&p1=ciugh&ytt=474439294126101&p5=inzzo&ybv=0.1887&p2=y&ylv=0.1888
Title:

Search URL Search Domain Scan URL

URL: https://forum.pressball.by/ucp.php?mode=register
Title: Перейти к регистрации

Search URL Search Domain Scan URL

URL: https://www.facebook.com/pressball

Search URL Search Domain Scan URL

URL: https://twitter.com/pressballby

Search URL Search Domain Scan URL

URL: https://vkontakte.ru/pressballnews

Search URL Search Domain Scan URL

URL: https://www.instagram.com/pressballnews

Search URL Search Domain Scan URL

URL: https://t.me/pressballby

Search URL Search Domain Scan URL

URL: https://forum.pressball.by/
Title: Форум

Search URL Search Domain Scan URL

URL: http://www.pbliga.com/
Title: ПБ-Лига

Search URL Search Domain Scan URL

URL: https://ads.adfox.ru/239538/goLink?ad-session-id=4397341602443896127&hash=cf06737802237f61&sj=jLDNubVGO6ILM7ukRi6Zuf09j7tQyPL0T4nJn4IyJaT_-p2veE61eiAYRDvQGjLnzVKsy3WAHLi0da1uFMpfdONmtO3SHMfVOLaL7EYahA%3D%3D&rand=ehaxbje&rqs=d84l7YBhymh4WoNfznexnosjJF9_Djbl&pr=kmmjdrl&p1=ciugg&ytt=474439294126101&p5=immif&ybv=0.1887&p2=fgou&ylv=0.1888
Title:

Search URL Search Domain Scan URL

URL: http://bff.by/
Title:

Search URL Search Domain Scan URL

URL: http://hockey.by/
Title:

Search URL Search Domain Scan URL

URL: http://www.livescore.in/ru/
Title:

Search URL Search Domain Scan URL

URL: https://maxline.by/go?home&utm_source=pressball.by&utm_medium=banner&utm_campaign=betpartner&utm_content=betpartner
Title:

Search URL Search Domain Scan URL

URL: http://www.bgk-meshkova.com/

Search URL Search Domain Scan URL

URL: https://forum.pressball.by/viewtopic.php?f=22&t=255861&p=7487048#p7487048
Title: Михаил Мархель: все ребята играют за страну и за народ

Search URL Search Domain Scan URL

URL: https://forum.pressball.by/viewtopic.php?f=4&t=3145&p=7487046#p7487046
Title: Calcio

Search URL Search Domain Scan URL

URL: https://forum.pressball.by/viewtopic.php?f=22&t=255860&p=7487045#p7487045
Title: Андреа Петкович: очень умные люди говорят, что Серена точно что-то принимает. Ребята, Серена — лучшая в истории, почему

Search URL Search Domain Scan URL

URL: https://forum.pressball.by/viewtopic.php?f=10&t=81084&p=7487044#p7487044
Title: Мотокроссс и суперкросс

Search URL Search Domain Scan URL

URL: https://forum.pressball.by/viewtopic.php?f=22&t=255841&p=7487043#p7487043
Title: Арина Соболенко в джерси и без маски присутствовала на матче минского Динамо

Search URL Search Domain Scan URL

URL: https://forum.pressball.by/viewtopic.php?f=22&t=255859&p=7487042#p7487042
Title: КХЛ. На матче минского и рижского "Динамо" присутствует 4421 зритель

Search URL Search Domain Scan URL

URL: https://forum.pressball.by/viewtopic.php?f=22&t=255855&p=7487039#p7487039
Title: Лига наций. Дивизион С. Сборная Беларуси в гостях сыграла вничью с командой Литвы

Search URL Search Domain Scan URL

URL: https://forum.pressball.by/viewtopic.php?f=22&t=255709&p=7487038#p7487038
Title: Надежда Скардино об уволивших Романовскую: мне их жаль. Им неведомо, что такое любовь, сострадание, уважение

Search URL Search Domain Scan URL

URL: https://forum.pressball.by/viewtopic.php?f=22&t=255853&p=7487035#p7487035
Title: КХЛ. Минское Динамо по буллитам обыграло рижских одноклубников

Search URL Search Domain Scan URL

URL: https://forum.pressball.by/viewtopic.php?f=4&t=73040&p=7487025#p7487025
Title: Бразильский футбол

Search URL Search Domain Scan URL

URL: https://www.bigmir.net/
Title: bigmir)net

Search URL Search Domain Scan URL

URL: https://top.mail.ru/jump?from=337418
Title:

Search URL Search Domain Scan URL

URL: https://top100.rambler.ru/home?id=337561

Search URL Search Domain Scan URL

URL: http://www.db.by/
Title: Студия Борового

Search URL Search Domain Scan URL

URL: https://rozumsoft.ru/
Title:

Search URL Search Domain Scan URL

URL: https://www.webpay.by/
Title: www.webpay.by

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://pressball.by/ HTTP 301
https://pressball.by/ HTTP 301
https://www.pressball.by/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://userapi.com/js/api/openapi.js?49 HTTP 301
https://vk.com/js/api/openapi.js?49

Request Chain 109

https://top-fwz1.mail.ru/counter?id=337418;t=479;l=1 HTTP 302
https://top-fwz1.mail.ru/counter2?id=337418;t=479;l=1

Request Chain 174

https://gaby.hit.gemius.pl/_1602443896226/rexdot.js?l=100&id=p3XrO3bVyIri76bMBIN8KbRH3y6KW7sJyvtgc37Vl9f.A7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=https%3A%2F%2Fwww.pressball.by%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=125&lsdata=..DKql47Mp0_.N6DtCHMSU3qTR5GKKlxKMTZp5ft.mb.j7w_Cv2Fxsbjlz0iN4K5shJBH82gSRyusn7I.Y6L5MdXALZ5/A2hmp2X4xx_JK/&fpdata=d8i7VUPI5xLEI1ddXyXA6XUQBs79Vgjjxkz18W1tlNf.37&vis=1 HTTP 301
https://gaby.hit.gemius.pl/__/_1602443896226/rexdot.js?l=100&id=p3XrO3bVyIri76bMBIN8KbRH3y6KW7sJyvtgc37Vl9f.A7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=https%3A%2F%2Fwww.pressball.by%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=125&lsdata=..DKql47Mp0_.N6DtCHMSU3qTR5GKKlxKMTZp5ft.mb.j7w_Cv2Fxsbjlz0iN4K5shJBH82gSRyusn7I.Y6L5MdXALZ5/A2hmp2X4xx_JK/&fpdata=d8i7VUPI5xLEI1ddXyXA6XUQBs79Vgjjxkz18W1tlNf.37&vis=1

Request Chain 184

https://mc.admetrica.ru/show?cmn_id=13579&plt_id=37246&crv_id=101542&evt_t=render&ad_type=banner&rnd=1150936239 HTTP 302
https://mc.admetrica.ru/show?cmn_id=13579&plt_id=37246&crv_id=101542&evt_t=render&ad_type=banner&rnd=1150936239&redir=1

Request Chain 186

https://mc.admetrica.ru/show?cmn_id=12430&plt_id=33568&crv_id=90304&evt_t=render&ad_type=banner&rnd=2022725842 HTTP 302
https://mc.admetrica.ru/show?cmn_id=12430&plt_id=33568&crv_id=90304&evt_t=render&ad_type=banner&rnd=2022725842&redir=1

Request Chain 188

https://lv.adocean.pl/_1602443896506/ad.js?id=vtM2wmYVgrQ8oHZ5vhn8q22L.sA2BjtGTiRIM3ngqiv.A7/x=1600/y=1200 HTTP 301
https://lv.adocean.pl/__/_1602443896506/ad.js?id=vtM2wmYVgrQ8oHZ5vhn8q22L.sA2BjtGTiRIM3ngqiv.A7/x=1600/y=1200 HTTP 301
https://adlv.hit.gemius.pl/redataredir?url=https%3A%2F%2Flv.adocean.pl%2F__%2F_1602443896%2Fad.js%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DvtM2wmYVgrQ8oHZ5vhn8q22L.sA2BjtGTiRIM3ngqiv.A7%2Fx%3D1600%2Fy%3D1200 HTTP 301
https://lv.adocean.pl/__/_1602443896/ad.js?hclsdata=d3i6FKSsJPakMsCZBc3TrPXe9KGqcb_fEGMhohQq7Jz.A7&hcudata=.d9lO4wgTyHlWfyy2EO.50e69Da1y799YPybhgGeUQ7.U7&id=vtM2wmYVgrQ8oHZ5vhn8q22L.sA2BjtGTiRIM3ngqiv.A7/x=1600/y=1200

Request Chain 190

https://mc.yandex.ru/watch/3791662?wmode=7&page-url=https%3A%2F%2Fwww.pressball.by%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1602443893895%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20201011211816%3Aet%3A1602443897%3Aen%3Awindows-1251%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A556725863792%3Arqn%3A1%3Arn%3A684838803%3Ahid%3A840907694%3Ads%3A0%2C0%2C819%2C92%2C276%2C0%2C0%2C1408%2C48%2C%2C%2C%2C2508%3Afp%3A1953%3Awn%3A55109%3Ahl%3A2%3Agdpr%3A14%3Av%3A1962%3Arqnl%3A1%3Ast%3A1602443897%3Au%3A1602443897581376875%3At%3A%D0%9F%D1%80%D0%B5%D1%81%D1%81%D0%B1%D0%BE%D0%BB%20-%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%B1%D0%B5%D0%BB%D0%BE%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%B3%D0%BE%20%D1%81%D0%BF%D0%BE%D1%80%D1%82%D0%B0 HTTP 302
https://mc.yandex.ru/watch/3791662/1?wmode=7&page-url=https%3A%2F%2Fwww.pressball.by%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1602443893895%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20201011211816%3Aet%3A1602443897%3Aen%3Awindows-1251%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A556725863792%3Arqn%3A1%3Arn%3A684838803%3Ahid%3A840907694%3Ads%3A0%2C0%2C819%2C92%2C276%2C0%2C0%2C1408%2C48%2C%2C%2C%2C2508%3Afp%3A1953%3Awn%3A55109%3Ahl%3A2%3Agdpr%3A14%3Av%3A1962%3Arqnl%3A1%3Ast%3A1602443897%3Au%3A1602443897581376875%3At%3A%D0%9F%D1%80%D0%B5%D1%81%D1%81%D0%B1%D0%BE%D0%BB%20-%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%B1%D0%B5%D0%BB%D0%BE%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%B3%D0%BE%20%D1%81%D0%BF%D0%BE%D1%80%D1%82%D0%B0

Request Chain 206

https://ads.betweendigital.com/adjson?jst=hb&ord=3161318093784102.5&tz=-120&fl=0&rr=direct&w=240&h=400&s=3201911&bidid=105893500f3f874&transactionid=7c41d1b2-7484-460a-b1b7-31f111da165b&auctionid=13d2666d-5f7b-4498-80ca-9256091c8664& HTTP 302
https://ads.betweendigital.com/adjson?jst=hb&ord=3161318093784102.5&tz=-120&fl=0&rr=direct&w=240&h=400&s=3201911&bidid=105893500f3f874&transactionid=7c41d1b2-7484-460a-b1b7-31f111da165b&auctionid=13d2666d-5f7b-4498-80ca-9256091c8664&crf=1

Request Chain 217

https://ads.adfox.ru/239538/prepareCode?p1=bvgrc&p2=fgou&pct=a&pfc=a&pfb=a&plp=a&pli=a&pop=a&pr=3237378649&&t=1602443897314 HTTP 302
https://ads.adfox.ru/239538/getCodeTest?p1=bvgrc&p2=fgou&pct=a&pfc=a&pfb=a&plp=a&pli=a&pop=a&pr=3237378649&&t=1602443897314 HTTP 302
https://matchid.adfox.yandex.ru/?url=a8075bf1c7376ab37971b6d80664e4d2ef00c49141bc042dfc0de4577ea701245d414e47844ad6813d6a71d773b21125409be45d7f572d43b671397f4fd06f7d697c584e93f6cec6971a782cf5b0ed8874c7639e44ab09a288e748afa25dab0d&sign=709a466bf20b180857363f078d18604a HTTP 302
https://ads.adfox.ru/239538/getCodeTest?yandexuid=17875796620141383583&sign=f379d0883842d8b42a39df97131c29bc&rqs=AAAAAAAAAAB5WoNfU4fNyE3XMyTiugQz&matchid-br=1

Request Chain 218

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=BO7IYi6O7IYi6AKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&dl=rbd_cnv HTTP 302
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=BO7IYi6O7IYi6AKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&dl=rbd_cnv&dcc=t

Request Chain 238

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 255

https://mc.yandex.ru/watch/3791662?page-url=https%3A%2F%2Fwww.pressball.by%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1602443893895%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20201011211831%3Aet%3A1602443912%3Aen%3Awindows-1251%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Anb%3A1%3Acl%3A113%3Als%3A556725863792%3Arqn%3A3%3Arn%3A909401355%3Ahid%3A840907694%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C7326%2C7326%2C8%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1962%3Arqnl%3A1%3Ast%3A1602443912%3Au%3A1602443897581376875 HTTP 302
https://mc.yandex.ru/watch/3791662/1?page-url=https%3A%2F%2Fwww.pressball.by%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1602443893895%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20201011211831%3Aet%3A1602443912%3Aen%3Awindows-1251%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Anb%3A1%3Acl%3A113%3Als%3A556725863792%3Arqn%3A3%3Arn%3A909401355%3Ahid%3A840907694%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C7326%2C7326%2C8%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1962%3Arqnl%3A1%3Ast%3A1602443912%3Au%3A1602443897581376875

256 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.pressball.by/
Redirect Chain

http://pressball.by/
https://pressball.by/
https://www.pressball.by/

154 KB
155 KB

821ms
818ms

Document
text/html

93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 / PHP/5.4.45
Resource Hash: 947cb317c108b9de68063d38aca78b009099fd45171025e7391c0d9184739afd

Request headers

:method: GET
:authority: www.pressball.by
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
server: nginx/1.16.1
date: Sun, 11 Oct 2020 19:18:14 GMT
content-type: text/html
x-powered-by: PHP/5.4.45
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: PHPSESSID=r7nqkvecnonr1a51m4otrdm517; path=/ pb_lenta_page=1

Redirect headers

status: 301
server: nginx/1.16.1
date: Sun, 11 Oct 2020 19:18:14 GMT
content-type: text/html; charset=iso-8859-1
location: https://www.pressball.by/

GET
H2 200 stl.css
www.pressball.by/style/ 119 KB
120 KB 115ms
110ms Stylesheet
text/css 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pressball.by/style/stl.css?v=6
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: acfc532ff1458e9a18b6d57d558efaf9bdcb6c925b2a20e9aae92ae3dafd7809

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:15 GMT
last-modified: Tue, 16 Jun 2020 15:31:17 GMT
server: nginx/1.16.1
etag: "5ee8e5c5-1dd34"
content-type: text/css
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 122164
expires: Sun, 11 Oct 2020 20:18:15 GMT

GET
H2 200 jquery-ui.css
www.pressball.by/js/jquery-ui-1.11.0/ 32 KB
32 KB 173ms
168ms Stylesheet
text/css 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pressball.by/js/jquery-ui-1.11.0/jquery-ui.css?v=2
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 9b594112a2035d81cdcca118980d9848e900b6eb87d6cac9c05a5a51ad9fadd6

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:15 GMT
last-modified: Fri, 06 Feb 2015 10:01:35 GMT
server: nginx/1.16.1
etag: "54d490ff-808d"
content-type: text/css
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 32909
expires: Sun, 11 Oct 2020 20:18:15 GMT

GET
H2 200 carousel_online.css
www.pressball.by/style/ 4 KB
4 KB 173ms
169ms Stylesheet
text/css 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pressball.by/style/carousel_online.css?v=2
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: ee9a3f83986e785303048517f3548aceb5ba9f8026435c6b063bc455d22a16cb

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:15 GMT
last-modified: Tue, 03 Mar 2015 13:05:21 GMT
server: nginx/1.16.1
etag: "54f5b191-eb5"
content-type: text/css
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 3765
expires: Sun, 11 Oct 2020 20:18:15 GMT

GET
H2 200 jquery-1.10.2.js Show response
www.pressball.by/js/ 267 KB
267 KB 173ms
169ms Script
application/javascript 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pressball.by/js/jquery-1.10.2.js
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 8ade6740a1d3cfedf81e28d9250929341207b23a55f1be90ccc26cf6d98e052a

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:15 GMT
last-modified: Fri, 06 Feb 2015 10:01:35 GMT
server: nginx/1.16.1
etag: "54d490ff-42b2f"
content-type: application/javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 273199
expires: Sun, 11 Oct 2020 20:18:15 GMT

GET
H2 200 jquery-ui.min.js Show response
www.pressball.by/js/jquery-ui-1.11.0/ 232 KB
232 KB 173ms
169ms Script
application/javascript 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pressball.by/js/jquery-ui-1.11.0/jquery-ui.min.js
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 94217ee7990c505fb77ceff70625ee8b87a250a7109adafb79c29278b543c484

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:15 GMT
last-modified: Fri, 06 Feb 2015 10:01:35 GMT
server: nginx/1.16.1
etag: "54d490ff-39fec"
content-type: application/javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 237548
expires: Sun, 11 Oct 2020 20:18:15 GMT

GET
H2 200 my-js.js Show response
www.pressball.by/js/ 1 KB
1 KB 173ms
169ms Script
application/javascript 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pressball.by/js/my-js.js
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: f20d21084cc0277e6ec1be9ac2e41b8dcf758bd5e7ffb4c899c34a50f382571d

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:15 GMT
last-modified: Fri, 06 Feb 2015 14:04:55 GMT
server: nginx/1.16.1
etag: "54d4ca07-4cf"
content-type: application/javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 1231
expires: Sun, 11 Oct 2020 20:18:15 GMT

GET
H2 200 main.js Show response
www.pressball.by/js/ 12 KB
12 KB 173ms
169ms Script
application/javascript 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pressball.by/js/main.js
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: e3abbf340f511ea0d8a61f4a303f0d3a772d8365a8ff770935859e3142cd84ea

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:15 GMT
last-modified: Fri, 06 Oct 2017 10:14:06 GMT
server: nginx/1.16.1
etag: "59d7576e-30bd"
content-type: application/javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 12477
expires: Sun, 11 Oct 2020 20:18:15 GMT

GET
H2 200 tables.js Show response
www.pressball.by/js/ 5 KB
5 KB 173ms
170ms Script
application/javascript 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pressball.by/js/tables.js
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: d9e96adaae693ef1bf5f438939164b81de1366b129e3aa472c8794dc600e4530

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:15 GMT
last-modified: Fri, 06 Oct 2017 10:11:22 GMT
server: nginx/1.16.1
etag: "59d756ca-1530"
content-type: application/javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 5424
expires: Sun, 11 Oct 2020 20:18:15 GMT

GET
H2 200 header-bidding.js Show response
yastatic.net/pcode/adfox/ 175 KB
41 KB 52ms
48ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/pcode/adfox/header-bidding.js

Requested by

Host: www.pressball.by
URL: https://www.pressball.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

cd42f9c2a8d433418688deac61ccef3d3c9fde39e34633fba07c3829d7900d43

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:15 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
status: 200
content-length: 41120
timing-allow-origin: *
last-modified: Fri, 09 Oct 2020 14:17:12 GMT
server: nginx/1.17.9
etag: "1852f92c47554df4118a5cf099e669ea"
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 11 Oct 2020 20:15:58 GMT

GET
H2 200 loader.js Show response
yastatic.net/pcode/adfox/ 193 KB
46 KB 60ms
57ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/pcode/adfox/loader.js

Requested by

Host: www.pressball.by
URL: https://www.pressball.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e1908e6bac19466a5fb379b8a849ccd812d71c97306d4c54648a9e74a4b1d7dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://www.pressball.by
Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:15 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
status: 200
content-length: 46256
timing-allow-origin: *
last-modified: Fri, 09 Oct 2020 14:17:12 GMT
server: nginx/1.17.9
etag: "f6c8db397c98a26e8e63f444df7487c4"
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 11 Oct 2020 20:16:28 GMT

GET
H2 200 openapi.js Show response
vk.com/js/api/ 100 KB
24 KB 92ms
89ms Script
application/x-javascript 87.240.190.72
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/js/api/openapi.js?117
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.240.190.72 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),
Reverse DNS: srv72-190-240-87.vk.com
Software: kittenx /
Resource Hash: 97a06cb0f953c60bdcb315f1eba2d02d9132e8837892ebdc4467fac05ef5b40f

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:15 GMT
content-encoding: gzip
x-frontend: front204305
last-modified: Tue, 22 Sep 2020 20:30:00 GMT
server: kittenx
etag: "5f6a5ec8-5e2e"
content-type: application/x-javascript
status: 200
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
content-length: 24110
expires: Thu, 15 Oct 2020 19:18:15 GMT

GET
H2

200

openapi.js Show response
vk.com/js/api/
Redirect Chain

https://userapi.com/js/api/openapi.js?49
https://vk.com/js/api/openapi.js?49

100 KB
24 KB

56ms
56ms

Script
application/x-javascript

87.240.190.72
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/js/api/openapi.js?49
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.240.190.72 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),
Reverse DNS: srv72-190-240-87.vk.com
Software: kittenx /
Resource Hash: 97a06cb0f953c60bdcb315f1eba2d02d9132e8837892ebdc4467fac05ef5b40f

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:15 GMT
content-encoding: gzip
x-frontend: front204305
last-modified: Tue, 22 Sep 2020 20:30:00 GMT
server: kittenx
etag: "5f6a5ec8-5e2e"
content-type: application/x-javascript
status: 200
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
content-length: 24110
expires: Thu, 15 Oct 2020 19:18:15 GMT

Redirect headers

date: Sun, 11 Oct 2020 19:18:15 GMT
x-frontend: front508125
server: kittenx
status: 301
content-type: text/html
location: https://vk.com/js/api/openapi.js?49
access-control-expose-headers: X-Frontend
strict-transport-security: max-age=15768000
content-length: 164

GET
H2 200 jquery.jcarousel.min.js Show response
www.pressball.by/js/ 15 KB
15 KB 173ms
170ms Script
application/javascript 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pressball.by/js/jquery.jcarousel.min.js
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 57188db6b78f3bc778063fdc1285fbca0a26e15f23db1e2e22dfa05cce03c06a

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:15 GMT
last-modified: Tue, 03 Mar 2015 13:03:52 GMT
server: nginx/1.16.1
etag: "54f5b138-3d22"
content-type: application/javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 15650
expires: Sun, 11 Oct 2020 20:18:15 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 92 KB
36 KB 26ms
14ms Script
application/javascript 2a00:1450:4001:819::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-907061-1

Requested by

Host: www.pressball.by
URL: https://www.pressball.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

046f827394d44ced9e184a404d7185f4ad47a3ac0ea3262ae4290e8e85f877a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:15 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37227
x-xss-protection: 0
last-modified: Sun, 11 Oct 2020 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 11 Oct 2020 19:18:15 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 131 KB
45 KB 32ms
21ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.pressball.by
URL: https://www.pressball.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1825b9553f829d9e056b9930feef63761b8d7de8458c84b9e020af2841ae1b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 45810
x-xss-protection: 0
server: cafe
etag: 4194128766866836437
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 11 Oct 2020 19:18:15 GMT

GET
H2 200 lenta.main.js Show response
www.pressball.by/js/ 5 KB
5 KB 173ms
170ms Script
application/javascript 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pressball.by/js/lenta.main.js?v=2
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 5d0ac39008fb0e15f5249ce3aedcb5a5f6a02ce4dbd1f060bbffd2ef33ef10c6

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:15 GMT
last-modified: Wed, 11 Mar 2015 06:44:52 GMT
server: nginx/1.16.1
etag: "54ffe464-12b2"
content-type: application/javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 4786
expires: Sun, 11 Oct 2020 20:18:15 GMT

GET
H2 200 fb.png
www.pressball.by/images/template/ 3 KB
3 KB 108ms
97ms Image
image/png 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/template/fb.png
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 4a29a59d0e34cc7385091029f9b0d2a58b61537cf1493974111368806ef7d0f5

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:15 GMT
last-modified: Tue, 03 Mar 2015 16:11:08 GMT
server: nginx/1.16.1
etag: "54f5dd1c-bb7"
content-type: image/png
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 2999
expires: Sun, 11 Oct 2020 20:18:15 GMT

GET
H2 200 twitter.png
www.pressball.by/images/template/ 3 KB
3 KB 108ms
97ms Image
image/png 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/template/twitter.png
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 687997d0801da8a7e3b773b9ee45213d19c2950ba013ced7536bbefa7cd24285

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:15 GMT
last-modified: Tue, 03 Mar 2015 16:11:16 GMT
server: nginx/1.16.1
etag: "54f5dd24-c03"
content-type: image/png
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 3075
expires: Sun, 11 Oct 2020 20:18:15 GMT

GET
H2 200 vk.png
www.pressball.by/images/template/ 3 KB
3 KB 109ms
98ms Image
image/png 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/template/vk.png
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 0d676146368d9077c8e078a6760042edbfe272923f4f51640b400ad7bb13a445

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:15 GMT
last-modified: Tue, 03 Mar 2015 16:11:06 GMT
server: nginx/1.16.1
etag: "54f5dd1a-c04"
content-type: image/png
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 3076
expires: Sun, 11 Oct 2020 20:18:15 GMT

GET
H2 200 ig.png
www.pressball.by/images/template/ 894 B
1 KB 109ms
98ms Image
image/png 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/template/ig.png
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 9fc532d7c2af23c8cbdedf77c86c2f57c0619269f5dfffec614029d0cd8f55af

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:15 GMT
last-modified: Fri, 19 Jun 2020 11:27:25 GMT
server: nginx/1.16.1
etag: "5eeca11d-37e"
content-type: image/png
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 894
expires: Sun, 11 Oct 2020 20:18:15 GMT

GET
H2 200 tg.png
www.pressball.by/images/template/ 778 B
954 B 52ms
52ms Image
image/png 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/template/tg.png
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: b469d1efc18c27ab1435bda107ca0e0616f8ec54fa1b6f679da0925ff02321d2

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:15 GMT
last-modified: Fri, 19 Jun 2020 11:37:09 GMT
server: nginx/1.16.1
etag: "5eeca365-30a"
content-type: image/png
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 778
expires: Sun, 11 Oct 2020 20:18:15 GMT

GET
H2 200 logo.png
www.pressball.by/images/template/ 13 KB
13 KB 55ms
53ms Image
image/png 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/template/logo.png
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 8b554718a15cdb7c04a53814dbd63a34828249fa85a582c01e14bd2ad22aa016

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:15 GMT
last-modified: Tue, 03 Mar 2015 16:01:17 GMT
server: nginx/1.16.1
etag: "54f5dacd-350b"
content-type: image/png
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 13579
expires: Sun, 11 Oct 2020 20:18:15 GMT

GET
H2 200 gazeta_sh.png
www.pressball.by/images/template/ 182 B
358 B 56ms
54ms Image
image/png 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/template/gazeta_sh.png
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: df840ee980141f9c25c8df18df44ba29617a83fd28d2adf69f414bf6633c77a3

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:15 GMT
last-modified: Tue, 03 Mar 2015 16:11:17 GMT
server: nginx/1.16.1
etag: "54f5dd25-b6"
content-type: image/png
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 182
expires: Sun, 11 Oct 2020 20:18:15 GMT

GET
H2 200 anons_gazeta.jpg
www.pressball.by/images/ 11 KB
11 KB 65ms
63ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/anons_gazeta.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 7ab425fba57326efdb31739a80cebf152392a64cf8c3ec4700380f86236e724f

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:15 GMT
last-modified: Thu, 08 Oct 2020 18:53:44 GMT
server: nginx/1.16.1
etag: "5f7f6038-2c6c"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 11372
expires: Sun, 11 Oct 2020 20:18:15 GMT

GET
H2 200 intro20201011215849.jpg
www.pressball.by/images/stories/2020/10/ 37 KB
37 KB 94ms
92ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/stories/2020/10/intro20201011215849.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: e02f8c8d7959fb33c45b5aa5eec25c20ca3bb596d4a8dfc58f3873b7ba935e18

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:15 GMT
last-modified: Sun, 11 Oct 2020 18:58:49 GMT
server: nginx/1.16.1
etag: "5f8355e9-9226"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 37414
expires: Sun, 11 Oct 2020 20:18:15 GMT

GET
H2 200 intro20201011135536.jpg
www.pressball.by/images/stories/2020/10/ 95 KB
96 KB 133ms
131ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/stories/2020/10/intro20201011135536.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 6fd4719620b6786e6f3043f486831b65938700191c1549cf682bee4e14dceb64

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:15 GMT
last-modified: Sun, 11 Oct 2020 10:55:36 GMT
server: nginx/1.16.1
etag: "5f82e4a8-17d6b"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 97643
expires: Sun, 11 Oct 2020 20:18:15 GMT

GET
H2 200 live_ico.gif
www.pressball.by/images/template/ 164 B
340 B 237ms
236ms Image
image/gif 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/template/live_ico.gif
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 13124019ccbc289f9c8f3da9b6de802fbb0e35ae64cebd50e0ba8672e0ad4467

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:16 GMT
last-modified: Tue, 03 Mar 2015 16:11:16 GMT
server: nginx/1.16.1
etag: "54f5dd24-a4"
content-type: image/gif
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 164
expires: Sun, 11 Oct 2020 20:18:16 GMT

GET
H2 200 intro20201011102426.jpg
www.pressball.by/images/stories/2020/10/ 32 KB
32 KB 273ms
272ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/stories/2020/10/intro20201011102426.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 035e1b51e82fb7a76fa7636ab0f527dbdc4f87988d2bc7ce51192e3acb8bb384

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:16 GMT
last-modified: Sun, 11 Oct 2020 07:24:26 GMT
server: nginx/1.16.1
etag: "5f82b32a-806d"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 32877
expires: Sun, 11 Oct 2020 20:18:16 GMT

GET
H2 200 intro20201011081631.jpg
www.pressball.by/images/stories/2020/10/ 20 KB
20 KB 271ms
269ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/stories/2020/10/intro20201011081631.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: dba77596ce779eae96646958c679b668e9cd2db394f14919de0b88b7dd8f1516

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:16 GMT
last-modified: Sun, 11 Oct 2020 05:16:31 GMT
server: nginx/1.16.1
etag: "5f82952f-4fab"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 20395
expires: Sun, 11 Oct 2020 20:18:16 GMT

GET
H2 200 intro20201011221413.jpg
www.pressball.by/images/stories/2020/10/ 59 KB
59 KB 718ms
715ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/stories/2020/10/intro20201011221413.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 07645c4fdabacc44a9681c55155845dc1a303fb4977f300170422011c7d9bed4

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:15 GMT
last-modified: Sun, 11 Oct 2020 19:14:13 GMT
server: nginx/1.16.1
etag: "5f835985-ead1"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 60113
expires: Sun, 11 Oct 2020 20:18:15 GMT

GET
H2 200 ico13.gif
www.pressball.by/images/template/ 317 B
494 B 719ms
715ms Image
image/gif 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/template/ico13.gif
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: cbcfa6eedd36e9b145ad69f824dd5eec2f39dc147db2562f39d433603a5ecaa7

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:15 GMT
last-modified: Tue, 03 Mar 2015 16:11:10 GMT
server: nginx/1.16.1
etag: "54f5dd1e-13d"
content-type: image/gif
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 317
expires: Sun, 11 Oct 2020 20:18:15 GMT

GET
H2 200 intro20201011205216.jpg
www.pressball.by/images/stories/2020/10/ 18 KB
18 KB 289ms
285ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/stories/2020/10/intro20201011205216.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: c9d33c599ec0c82d89aa84b2e57bf8f16e4cea96f8f59f8b5e7d0f461941c6d5

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:15 GMT
last-modified: Sun, 11 Oct 2020 17:52:16 GMT
server: nginx/1.16.1
etag: "5f834650-4736"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 18230
expires: Sun, 11 Oct 2020 20:18:15 GMT

GET
H2 200 intro20201011191743.jpg
www.pressball.by/images/stories/2020/10/ 24 KB
24 KB 719ms
716ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/stories/2020/10/intro20201011191743.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: fb0095b7a610d00b153051a168958f8b97ef264e17047a35105ea0f4db7a4ad8

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:15 GMT
last-modified: Sun, 11 Oct 2020 16:17:43 GMT
server: nginx/1.16.1
etag: "5f833027-5f9b"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 24475
expires: Sun, 11 Oct 2020 20:18:15 GMT

GET
H2 200 intro20201011185949.jpg
www.pressball.by/images/stories/2020/10/ 17 KB
17 KB 718ms
714ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/stories/2020/10/intro20201011185949.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 050a0b0c52010818354791d16eadbca1d40116b79fd44619f71a80a3e8be80aa

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:15 GMT
last-modified: Sun, 11 Oct 2020 15:59:49 GMT
server: nginx/1.16.1
etag: "5f832bf5-42da"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 17114
expires: Sun, 11 Oct 2020 20:18:15 GMT

GET
H2 200 intro20201011175942.jpg
www.pressball.by/images/stories/2020/10/ 70 KB
70 KB 718ms
715ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/stories/2020/10/intro20201011175942.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 1fb92d46c67342891a156b98ab5efbba851fa9ca08abc41a389fb911db8da42f

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:15 GMT
last-modified: Sun, 11 Oct 2020 14:59:42 GMT
server: nginx/1.16.1
etag: "5f831dde-1171d"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 71453
expires: Sun, 11 Oct 2020 20:18:15 GMT

GET
H2 200 intro20201011170535.jpg
www.pressball.by/images/stories/2020/10/ 74 KB
75 KB 526ms
522ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/stories/2020/10/intro20201011170535.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 22cddb8bc88e73b5d62815a4d32457e35b9593732dd63efe8ec88867883a0725

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:15 GMT
last-modified: Sun, 11 Oct 2020 14:05:35 GMT
server: nginx/1.16.1
etag: "5f83112f-129a3"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 76195
expires: Sun, 11 Oct 2020 20:18:15 GMT

GET
H2 200 intro20201011165118.jpg
www.pressball.by/images/stories/2020/10/ 33 KB
33 KB 719ms
715ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/stories/2020/10/intro20201011165118.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: ce7f28d2e2c8dafdd88dba5642e478b4ac2648103b6b98750c7aff6fa521c44c

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:15 GMT
last-modified: Sun, 11 Oct 2020 13:51:18 GMT
server: nginx/1.16.1
etag: "5f830dd6-8328"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 33576
expires: Sun, 11 Oct 2020 20:18:15 GMT

GET
H2 200 intro20201011164039.jpg
www.pressball.by/images/stories/2020/10/ 84 KB
85 KB 327ms
323ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/stories/2020/10/intro20201011164039.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: a3cc3b7923c89f824abbc3a567ab1b5b536f76ba1c15ea15b144f2559abd0c28

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:15 GMT
last-modified: Sun, 11 Oct 2020 13:40:39 GMT
server: nginx/1.16.1
etag: "5f830b57-151bc"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 86460
expires: Sun, 11 Oct 2020 20:18:15 GMT

GET
H2 200 lithuaniaflag.gif
www.pressball.by/images/online_games/teams/ 14 KB
14 KB 273ms
271ms Image
image/gif 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/online_games/teams/lithuaniaflag.gif
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 810be2a295d6e09f98c4f5e96b9a3892d0b3958de09439a36ddad3a7939cb08b

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:16 GMT
last-modified: Sun, 11 Oct 2020 09:46:38 GMT
server: nginx/1.16.1
etag: "5f82d47e-3657"
content-type: image/gif
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 13911
expires: Sun, 11 Oct 2020 20:18:16 GMT

GET
H2 200 belarusflag.gif
www.pressball.by/images/online_games/teams/ 19 KB
19 KB 292ms
290ms Image
image/gif 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/online_games/teams/belarusflag.gif
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 9c4ffdd35629c912ae94edc44d85180fb47b53bf58dd2d9d851acec6f97755e2

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:16 GMT
last-modified: Tue, 10 Oct 2017 11:09:47 GMT
server: nginx/1.16.1
etag: "59dcaa7b-4c5d"
content-type: image/gif
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 19549
expires: Sun, 11 Oct 2020 20:18:16 GMT

GET
H2 200 dynamomnhc.gif
www.pressball.by/images/online_games/teams/ 4 KB
4 KB 314ms
313ms Image
image/gif 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/online_games/teams/dynamomnhc.gif
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 0827bc9af85a299c12e306144c29e5f2add9f203e2ebd38e6c449696b5999334

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:16 GMT
last-modified: Mon, 09 Sep 2019 07:56:54 GMT
server: nginx/1.16.1
etag: "5d7605c6-e1d"
content-type: image/gif
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 3613
expires: Sun, 11 Oct 2020 20:18:16 GMT

GET
H2 200 dinamorihc.gif
www.pressball.by/images/online_games/teams/ 5 KB
6 KB 120ms
119ms Image
image/gif 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/online_games/teams/dinamorihc.gif
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 109af6b26763a3308f98b92ba29308f455390fc3aca075b77718c3ae45bdd364

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:17 GMT
last-modified: Sun, 11 Oct 2020 09:46:09 GMT
server: nginx/1.16.1
etag: "5f82d461-1588"
content-type: image/gif
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 5512
expires: Sun, 11 Oct 2020 20:18:17 GMT

GET
H2 200 djokotennis.jpg
www.pressball.by/images/online_games/teams/ 30 KB
30 KB 83ms
82ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/online_games/teams/djokotennis.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 9f67b02d28350cabdad0387267300f644b6517af1a69caf152d3eada3421fa8c

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:17 GMT
last-modified: Tue, 03 Mar 2015 13:15:07 GMT
server: nginx/1.16.1
etag: "54f5b3db-7866"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 30822
expires: Sun, 11 Oct 2020 20:18:17 GMT

GET
H2 200 nadaltennis.gif
www.pressball.by/images/online_games/teams/ 13 KB
13 KB 92ms
90ms Image
image/gif 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/online_games/teams/nadaltennis.gif
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: e256e350c11a6594159634bfdd55f8386cd53c6702fba271cb9d35019bc59726

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:17 GMT
last-modified: Mon, 28 Sep 2020 14:31:54 GMT
server: nginx/1.16.1
etag: "5f71f3da-32cf"
content-type: image/gif
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 13007
expires: Sun, 11 Oct 2020 20:18:17 GMT

GET
H2 200 intro20201010182430.jpg
www.pressball.by/images/stories/2020/10/ 43 KB
43 KB 93ms
92ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/stories/2020/10/intro20201010182430.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 9474cb31a62e3c11af952cb07b597fb988c49ba926f07b76c4f129bf0a56f3af

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:17 GMT
last-modified: Sat, 10 Oct 2020 15:24:30 GMT
server: nginx/1.16.1
etag: "5f81d22e-ab68"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43880
expires: Sun, 11 Oct 2020 20:18:17 GMT

GET
H2 200 intro20201010145108.jpg
www.pressball.by/images/stories/2020/10/ 28 KB
29 KB 121ms
118ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/stories/2020/10/intro20201010145108.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 5a26d0e5af049158ba27928e3a598431a882ebe28c96dad82f7b06d109cc67ff

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:17 GMT
last-modified: Sat, 10 Oct 2020 11:51:08 GMT
server: nginx/1.16.1
etag: "5f81a02c-71a7"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 29095
expires: Sun, 11 Oct 2020 20:18:17 GMT

GET
H2 200 intro20201010004823.jpg
www.pressball.by/images/stories/2020/10/ 39 KB
39 KB 148ms
145ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/stories/2020/10/intro20201010004823.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 1cc89eb1f9b2155eec160dfebf1475915e6389c4071a2e8b4b702e5d77827a35

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:17 GMT
last-modified: Fri, 09 Oct 2020 21:48:23 GMT
server: nginx/1.16.1
etag: "5f80daa7-9b74"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 39796
expires: Sun, 11 Oct 2020 20:18:17 GMT

GET
H2 200 intro20201009110222.jpg
www.pressball.by/images/stories/2020/10/ 125 KB
125 KB 238ms
236ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/stories/2020/10/intro20201009110222.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: fcf91961219fc00eb6c889923495444789be07f19c64d411dba4ec70fb095b59

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:17 GMT
last-modified: Fri, 09 Oct 2020 08:02:22 GMT
server: nginx/1.16.1
etag: "5f80190e-1f460"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 128096
expires: Sun, 11 Oct 2020 20:18:17 GMT

GET
H2 200 intro20201009085814.jpg
www.pressball.by/images/stories/2020/10/ 46 KB
46 KB 377ms
376ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/stories/2020/10/intro20201009085814.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 4d9aeb65bf635ce65fc79a7d4db008a74e97be4086da6f73fdcf1db029b312fc

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:17 GMT
last-modified: Fri, 09 Oct 2020 05:58:14 GMT
server: nginx/1.16.1
etag: "5f7ffbf6-b834"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 47156
expires: Sun, 11 Oct 2020 20:18:17 GMT

GET
H2 200 intro20201009075037.jpg
www.pressball.by/images/stories/2020/10/ 33 KB
33 KB 426ms
426ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/stories/2020/10/intro20201009075037.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: c16b2aa9a060ef8e4ff2063aee714f7185fb12c3b30efd98368dcb53f622d4ab

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:17 GMT
last-modified: Fri, 09 Oct 2020 04:50:37 GMT
server: nginx/1.16.1
etag: "5f7fec1d-824a"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 33354
expires: Sun, 11 Oct 2020 20:18:17 GMT

GET
H2 200 intro20201008213610.jpg
www.pressball.by/images/stories/2020/10/ 39 KB
39 KB 417ms
416ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/stories/2020/10/intro20201008213610.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 1d01297f85bbbf442d1c48ab231fed46be0680b122910dd634384d005c55772b

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:17 GMT
last-modified: Thu, 08 Oct 2020 18:36:10 GMT
server: nginx/1.16.1
etag: "5f7f5c1a-9b15"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 39701
expires: Sun, 11 Oct 2020 20:18:17 GMT

GET
H2 200 intro20201008132511.jpg
www.pressball.by/images/stories/2020/10/ 63 KB
63 KB 433ms
432ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/stories/2020/10/intro20201008132511.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: d0b040b4bb7be7ed043dac503e6f830d7a5f7b61b1f5ceb1546859eda4739394

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:17 GMT
last-modified: Thu, 08 Oct 2020 10:25:11 GMT
server: nginx/1.16.1
etag: "5f7ee907-fc97"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 64663
expires: Sun, 11 Oct 2020 20:18:17 GMT

GET
H2 200 intro20201008211645.jpg
www.pressball.by/images/stories/2020/10/ 47 KB
47 KB 431ms
430ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/stories/2020/10/intro20201008211645.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 28e68c5bfd7b1db83bcdad899fef6194afbcc93be80273fd541a25dc9dca93c4

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:17 GMT
last-modified: Thu, 08 Oct 2020 18:16:45 GMT
server: nginx/1.16.1
etag: "5f7f578d-bce9"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 48361
expires: Sun, 11 Oct 2020 20:18:17 GMT

GET
H2 200 intro20201008080146.jpg
www.pressball.by/images/stories/2020/10/ 26 KB
26 KB 325ms
324ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/stories/2020/10/intro20201008080146.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 2ef093718c72d0c418a16aec8dc20466ab93bd0aeba94d07a9250ae85bb9439f

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:17 GMT
last-modified: Thu, 08 Oct 2020 05:01:46 GMT
server: nginx/1.16.1
etag: "5f7e9d3a-674a"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 26442
expires: Sun, 11 Oct 2020 20:18:17 GMT

GET
H2 200 intro20201007114336.jpg
www.pressball.by/images/stories/2020/10/ 65 KB
65 KB 285ms
284ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/stories/2020/10/intro20201007114336.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 0e886ea82d6a0168e867097800c1a9804f9c6cbf6c7f15c4508f4c8f09c9a54b

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:17 GMT
last-modified: Wed, 07 Oct 2020 08:43:36 GMT
server: nginx/1.16.1
etag: "5f7d7fb8-104e1"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 66785
expires: Sun, 11 Oct 2020 20:18:17 GMT

GET
H2 200 intro20201007113007.jpg
www.pressball.by/images/stories/2020/10/ 24 KB
25 KB 313ms
312ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/stories/2020/10/intro20201007113007.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 59d406674388c9b2f6a46548b92e855b9305c02f4a084fea6fdab31eaeccdf91

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:17 GMT
last-modified: Wed, 07 Oct 2020 08:30:07 GMT
server: nginx/1.16.1
etag: "5f7d7c8f-617a"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 24954
expires: Sun, 11 Oct 2020 20:18:17 GMT

GET
H2 200 intro20201007011050.jpg
www.pressball.by/images/stories/2020/10/ 37 KB
38 KB 274ms
274ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/stories/2020/10/intro20201007011050.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 80616693b9f122775f8f423986414e4888e0c33d77471f80bd07775fa550ad7e

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:17 GMT
last-modified: Tue, 06 Oct 2020 22:10:50 GMT
server: nginx/1.16.1
etag: "5f7ceb6a-95f1"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 38385
expires: Sun, 11 Oct 2020 20:18:17 GMT

GET
H2 200 intro20201006144722.jpg
www.pressball.by/images/stories/2020/10/ 52 KB
52 KB 237ms
236ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/stories/2020/10/intro20201006144722.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: c8bb775ad824dd6455bb8ae77889bc3f71450478224e194df79c50e1d62def96

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:17 GMT
last-modified: Tue, 06 Oct 2020 11:47:22 GMT
server: nginx/1.16.1
etag: "5f7c594a-cf45"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 53061
expires: Sun, 11 Oct 2020 20:18:17 GMT

GET
H2 200 intro20201006090245.jpg
www.pressball.by/images/stories/2020/10/ 29 KB
30 KB 236ms
235ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/stories/2020/10/intro20201006090245.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: a52dc9312510f27346b60d4c707d93fd854df79003974065081d35865cca195f

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:17 GMT
last-modified: Tue, 06 Oct 2020 06:02:45 GMT
server: nginx/1.16.1
etag: "5f7c0885-7567"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 30055
expires: Sun, 11 Oct 2020 20:18:17 GMT

GET
H2 200 intro20201005191202.jpg
www.pressball.by/images/stories/2020/10/ 37 KB
38 KB 237ms
237ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/stories/2020/10/intro20201005191202.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 48f8b760cc0239caf0289aed4b30c90bd48ae9a70196ce07f63f3526a7c846a8

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:17 GMT
last-modified: Mon, 05 Oct 2020 16:12:02 GMT
server: nginx/1.16.1
etag: "5f7b45d2-955a"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 38234
expires: Sun, 11 Oct 2020 20:18:17 GMT

GET
H2 200 intro20201005141312.jpg
www.pressball.by/images/stories/2020/10/ 56 KB
56 KB 198ms
197ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/stories/2020/10/intro20201005141312.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: a7d63d1b7e876e64564994f11fd6f0957dfaff93acc4bbf63104b3b7453752eb

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:18 GMT
last-modified: Mon, 05 Oct 2020 11:13:12 GMT
server: nginx/1.16.1
etag: "5f7affc8-e053"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 57427
expires: Sun, 11 Oct 2020 20:18:18 GMT

GET
H2 200 intro20201004172632.jpg
www.pressball.by/images/stories/2020/10/ 63 KB
63 KB 232ms
232ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/stories/2020/10/intro20201004172632.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 4ac3dd5ac000853b62b97d54f472d469a84c433737453beefcab67b365823292

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:18 GMT
last-modified: Sun, 04 Oct 2020 14:26:32 GMT
server: nginx/1.16.1
etag: "5f79db98-fcf7"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 64759
expires: Sun, 11 Oct 2020 20:18:18 GMT

GET
H2 200 intro20201004133406.jpg
www.pressball.by/images/stories/2020/10/ 31 KB
31 KB 286ms
285ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/stories/2020/10/intro20201004133406.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 722c60d5b023f4b9c82e16dfe825900d2b84bc1cdd43b133a85d62182516bc3a

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:18 GMT
last-modified: Sun, 04 Oct 2020 10:34:06 GMT
server: nginx/1.16.1
etag: "5f79a51e-7a5a"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 31322
expires: Sun, 11 Oct 2020 20:18:18 GMT

GET
H2 200 intro20201003212318.jpg
www.pressball.by/images/stories/2020/10/ 84 KB
84 KB 287ms
286ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/stories/2020/10/intro20201003212318.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 3ae620bf3f599e0168ffa4fc4778d68693e6060bfa5d1a784e5eb57b17d0160c

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:18 GMT
last-modified: Sat, 03 Oct 2020 18:23:18 GMT
server: nginx/1.16.1
etag: "5f78c196-150c0"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 86208
expires: Sun, 11 Oct 2020 20:18:18 GMT

GET
H2 200 intro20201003174833.jpg
www.pressball.by/images/stories/2020/10/ 234 KB
234 KB 364ms
364ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/stories/2020/10/intro20201003174833.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 947ea00e9bc76cdacb7ab495c6d3160f9735364e039c5068491f8a96613eb332

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:18 GMT
last-modified: Sat, 03 Oct 2020 14:48:33 GMT
server: nginx/1.16.1
etag: "5f788f41-3a742"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 239426
expires: Sun, 11 Oct 2020 20:18:18 GMT

GET
H2 200 intro20201003135345.jpg
www.pressball.by/images/stories/2020/10/ 27 KB
27 KB 515ms
515ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/stories/2020/10/intro20201003135345.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: a78f24a9fc7a2539f65e5f0e4e6ad19214f9013907cec251bae8a4fce8135a0c

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:18 GMT
last-modified: Sat, 03 Oct 2020 10:53:45 GMT
server: nginx/1.16.1
etag: "5f785839-6aae"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 27310
expires: Sun, 11 Oct 2020 20:18:18 GMT

GET
H2 200 intro20201003092948.jpg
www.pressball.by/images/stories/2020/10/ 45 KB
45 KB 434ms
434ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/stories/2020/10/intro20201003092948.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 97878fe554e3152c210f83ac8a859b687da9c1689e23eaf22cd88ffd307a810d

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:18 GMT
last-modified: Sat, 03 Oct 2020 06:29:48 GMT
server: nginx/1.16.1
etag: "5f781a5c-b44e"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 46158
expires: Sun, 11 Oct 2020 20:18:18 GMT

GET
H2 200 intro20201002132441.jpg
www.pressball.by/images/stories/2020/10/ 42 KB
43 KB 374ms
373ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/stories/2020/10/intro20201002132441.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: c60e9724a2b9cc909a393e6e5e8be6e06fafdb21e631b4d54bb8be54ca0010f1

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:18 GMT
last-modified: Fri, 02 Oct 2020 10:24:41 GMT
server: nginx/1.16.1
etag: "5f76ffe9-a981"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43393
expires: Sun, 11 Oct 2020 20:18:18 GMT

GET
H2 200 intro20201011213135.jpg
www.pressball.by/images/stories/2020/10/ 85 KB
85 KB 558ms
558ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/stories/2020/10/intro20201011213135.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 3adf931d9fee0be8fde7b0d2fea592e2a8e6b25ed21eb9c6e384b443239b720f

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:18 GMT
last-modified: Sun, 11 Oct 2020 18:31:35 GMT
server: nginx/1.16.1
etag: "5f834f87-154cd"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 87245
expires: Sun, 11 Oct 2020 20:18:18 GMT

GET
H2 200 intro20201011212815.jpg
www.pressball.by/images/stories/2020/10/ 54 KB
55 KB 434ms
434ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/stories/2020/10/intro20201011212815.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: e083f82df7620601562fb047b689a6da8097bca2ae39be69925ea09ff65e0e31

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:18 GMT
last-modified: Sun, 11 Oct 2020 18:28:15 GMT
server: nginx/1.16.1
etag: "5f834ebf-d934"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 55604
expires: Sun, 11 Oct 2020 20:18:18 GMT

GET
H2 200 intro20201011175744.jpg
www.pressball.by/images/stories/2020/10/ 49 KB
49 KB 629ms
628ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/stories/2020/10/intro20201011175744.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 170a2eed52fcb80b806c61179828c10f4037e4fd124fa33e764d51dad96336a0

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:18 GMT
last-modified: Sun, 11 Oct 2020 14:57:44 GMT
server: nginx/1.16.1
etag: "5f831d68-c2ce"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 49870
expires: Sun, 11 Oct 2020 20:18:18 GMT

GET
H2 200 ico14.gif
www.pressball.by/images/template/ 309 B
486 B 578ms
577ms Image
image/gif 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/template/ico14.gif
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 3914e58caa66f5d3d78732cc1ca6e3a1c4c1028e4b341ce00e9e5f6595229d8b

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:18 GMT
last-modified: Tue, 03 Mar 2015 16:11:16 GMT
server: nginx/1.16.1
etag: "54f5dd24-135"
content-type: image/gif
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 309
expires: Sun, 11 Oct 2020 20:18:18 GMT

GET
H2 200 intro20201011172532.jpg
www.pressball.by/images/stories/2020/10/ 62 KB
62 KB 476ms
476ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/stories/2020/10/intro20201011172532.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: daf9a8b408c4671c6997b8ee49884afe106cf45307bc8a4b3cbdac4616a9840e

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:19 GMT
last-modified: Sun, 11 Oct 2020 14:25:32 GMT
server: nginx/1.16.1
etag: "5f8315dc-f70f"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 63247
expires: Sun, 11 Oct 2020 20:18:19 GMT

GET
H2 200 intro20201011143204.jpg
www.pressball.by/images/stories/2020/10/ 15 KB
15 KB 514ms
514ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/stories/2020/10/intro20201011143204.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: d8806a29d30f19a988702e593d2a62976114c7a58dd541c6c0c48fc0457af944

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:19 GMT
last-modified: Sun, 11 Oct 2020 11:32:04 GMT
server: nginx/1.16.1
etag: "5f82ed34-3a76"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 14966
expires: Sun, 11 Oct 2020 20:18:19 GMT

GET
H2 200 dan.jpg
www.pressball.by/images/blogs/ 6 KB
6 KB 352ms
351ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/blogs/dan.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 98eca7a11b3265e2520bc15f05a14ed7cc6d6d150f7ff6164992cac69b1bbb3a

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:19 GMT
last-modified: Sun, 15 Mar 2015 10:21:17 GMT
server: nginx/1.16.1
etag: "55055d1d-174a"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 5962
expires: Sun, 11 Oct 2020 20:18:19 GMT

GET
H2 200 sporim.jpg
www.pressball.by/images/blogs/ 6 KB
7 KB 287ms
287ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/blogs/sporim.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 7a597af6f9b2b8c56c73a1eda94b2fbb3db6d7e7d0579a85908852d840a21391

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:19 GMT
last-modified: Thu, 12 Sep 2019 13:04:14 GMT
server: nginx/1.16.1
etag: "5d7a424e-1997"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 6551
expires: Sun, 11 Oct 2020 20:18:19 GMT

GET
H2 200 volk.jpg
www.pressball.by/images/blogs/ 251 KB
251 KB 248ms
247ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/blogs/volk.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: fcd633f5e6b40a3143f905708496e332ceb8a9ce63631d16a5a7eab322c194e7

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:19 GMT
last-modified: Mon, 22 Apr 2019 12:25:35 GMT
server: nginx/1.16.1
etag: "5cbdb2bf-3ea9e"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 256670
expires: Sun, 11 Oct 2020 20:18:19 GMT

GET
H2 200 infographic.jpg
www.pressball.by/images/blogs/ 3 KB
3 KB 674ms
673ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/blogs/infographic.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 1cdf84e8093109196b005fd48107d4629780ba841b63eb3f5d9290a7216fabb1

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:19 GMT
last-modified: Sun, 15 Mar 2015 10:21:17 GMT
server: nginx/1.16.1
etag: "55055d1d-b9a"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 2970
expires: Sun, 11 Oct 2020 20:18:19 GMT

GET
H2 200 sarychev.jpg
www.pressball.by/images/blogs/ 47 KB
47 KB 552ms
552ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/blogs/sarychev.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: dd74421b37394d0f2f6877902cfba680b2a2ea10b62afa5abdbdc15f21bcefa1

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:19 GMT
last-modified: Wed, 07 Nov 2018 11:53:56 GMT
server: nginx/1.16.1
etag: "5be2d254-bab1"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 47793
expires: Sun, 11 Oct 2020 20:18:19 GMT

GET
H2 200 block1_t.jpg
www.pressball.by/images/template/ 749 B
927 B 592ms
591ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/template/block1_t.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: c00ad371639e3a5dae3520acb27a311573843137ee8fbb96a5fb1f57cb75f6d5

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:19 GMT
last-modified: Tue, 03 Mar 2015 16:11:07 GMT
server: nginx/1.16.1
etag: "54f5dd1b-2ed"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 749
expires: Sun, 11 Oct 2020 20:18:19 GMT

GET
H2 200 block1_b.jpg
www.pressball.by/images/template/ 798 B
975 B 561ms
560ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/template/block1_b.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: c3048ab359f9c88a2bfd3549fe53ec276b4239743b196da9f91b2fcd71190a46

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:19 GMT
last-modified: Tue, 03 Mar 2015 16:11:13 GMT
server: nginx/1.16.1
etag: "54f5dd21-31e"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 798
expires: Sun, 11 Oct 2020 20:18:19 GMT

GET
H2 200 intro20201011133718.jpg
www.pressball.by/images/digest/ 15 KB
16 KB 555ms
555ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/digest/intro20201011133718.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 4f9d10820838c5786accb71b5414cd055563eaec658fcc69c9ee9780a46dc8c0

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:19 GMT
last-modified: Sun, 11 Oct 2020 10:37:18 GMT
server: nginx/1.16.1
etag: "5f82e05e-3dfd"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 15869
expires: Sun, 11 Oct 2020 20:18:19 GMT

GET
H2 200 intro20201011132352.jpg
www.pressball.by/images/digest/ 12 KB
12 KB 126ms
125ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/digest/intro20201011132352.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 8e00a38bdd23ab071240b7363fc5b4e33dc1e9698c0b7ac03b0317a2092fc72b

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:20 GMT
last-modified: Sun, 11 Oct 2020 10:23:52 GMT
server: nginx/1.16.1
etag: "5f82dd38-3117"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 12567
expires: Sun, 11 Oct 2020 20:18:20 GMT

GET
H2 200 intro20201011121054.jpg
www.pressball.by/images/digest/ 35 KB
35 KB 158ms
157ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/digest/intro20201011121054.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 025ba6317c2fc1c494de0f4ed304716141cbed9d71cd5f0ffa248d32bc0d4845

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:20 GMT
last-modified: Sun, 11 Oct 2020 09:10:54 GMT
server: nginx/1.16.1
etag: "5f82cc1e-8be5"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 35813
expires: Sun, 11 Oct 2020 20:18:20 GMT

GET
H2 200 intro20201009204216.jpg
www.pressball.by/images/digest/ 11 KB
11 KB 147ms
145ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/digest/intro20201009204216.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 7a805f3bc585b7bf1ae6c3d63c2fee4250f6e28d8b2e6c4f9f881f316fec4dbf

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:20 GMT
last-modified: Fri, 09 Oct 2020 17:42:16 GMT
server: nginx/1.16.1
etag: "5f80a0f8-2bc3"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 11203
expires: Sun, 11 Oct 2020 20:18:20 GMT

GET
H2 200 intro20201009155040.jpg
www.pressball.by/images/digest/ 11 KB
11 KB 155ms
153ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/digest/intro20201009155040.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: f910077c6e9a0a6474024272cc298d511c399a3451d30e97bfbbecddf92ba95a

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:20 GMT
last-modified: Fri, 09 Oct 2020 12:50:40 GMT
server: nginx/1.16.1
etag: "5f805ca0-2c95"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 11413
expires: Sun, 11 Oct 2020 20:18:20 GMT

GET
H2 200 italy.gif
www.pressball.by/images/countries/ 189 B
365 B 155ms
154ms Image
image/gif 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/countries/italy.gif
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: eefe7d7cc8c34d83915e9170c23d3399e518f3c989e65d5a0fddadb7cc631c55

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:20 GMT
last-modified: Thu, 05 Mar 2015 05:57:27 GMT
server: nginx/1.16.1
etag: "54f7f047-bd"
content-type: image/gif
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 189
expires: Sun, 11 Oct 2020 20:18:20 GMT

GET
H2 200 spain.gif
www.pressball.by/images/countries/ 297 B
474 B 167ms
166ms Image
image/gif 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/countries/spain.gif
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 9642797aac41b5cf8b182999f727b92ed4e56d1842335523be1aece34ac41d7f

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:20 GMT
last-modified: Thu, 05 Mar 2015 06:12:22 GMT
server: nginx/1.16.1
etag: "54f7f3c6-129"
content-type: image/gif
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 297
expires: Sun, 11 Oct 2020 20:18:20 GMT

GET
H2 200 france.gif
www.pressball.by/images/countries/ 190 B
366 B 131ms
131ms Image
image/gif 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/countries/france.gif
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: ef89e61e86643477ffd58da53671fa70ac32f70fdf0ee95195730687a1864ac2

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:20 GMT
last-modified: Thu, 05 Mar 2015 06:12:37 GMT
server: nginx/1.16.1
etag: "54f7f3d5-be"
content-type: image/gif
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 190
expires: Sun, 11 Oct 2020 20:18:20 GMT

GET
H2 200 germany.gif
www.pressball.by/images/countries/ 116 B
292 B 54ms
54ms Image
image/gif 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/countries/germany.gif
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 37dd56e2f18648193347fda8e7e3692a267f685f4db4175502321a61a1c6d279

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:20 GMT
last-modified: Thu, 05 Mar 2015 06:12:53 GMT
server: nginx/1.16.1
etag: "54f7f3e5-74"
content-type: image/gif
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 116
expires: Sun, 11 Oct 2020 20:18:20 GMT

GET
H2 200 gb.gif
www.pressball.by/images/countries/ 294 B
470 B 54ms
53ms Image
image/gif 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/countries/gb.gif
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 49b86d1e6d85fce37a4e4ddc1c7488c77f79212808269e34c9d728a76ea1e5a0

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:20 GMT
last-modified: Thu, 30 Apr 2015 12:01:27 GMT
server: nginx/1.16.1
etag: "55421997-126"
content-type: image/gif
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 294
expires: Sun, 11 Oct 2020 20:18:20 GMT

GET
H2 200 russia.gif
www.pressball.by/images/countries/ 80 B
255 B 55ms
54ms Image
image/gif 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/countries/russia.gif
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 94a2787f8c811df5cac10e481e8e47a778b52d875cb78f353aed9d5f1c2561a6

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:20 GMT
last-modified: Thu, 05 Mar 2015 06:13:51 GMT
server: nginx/1.16.1
etag: "54f7f41f-50"
content-type: image/gif
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 80
expires: Sun, 11 Oct 2020 20:18:20 GMT

GET
H2 200 ukrain.png
www.pressball.by/images/countries/ 402 B
579 B 56ms
54ms Image
image/png 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/countries/ukrain.png
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 5f068d3ea2bd3af50f400f17f9914fced4fbacf9e2dd24b9ec863e7af44c39fb

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:20 GMT
last-modified: Thu, 05 Mar 2015 06:15:09 GMT
server: nginx/1.16.1
etag: "54f7f46d-192"
content-type: image/png
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 402
expires: Sun, 11 Oct 2020 20:18:20 GMT

GET
H2 200 belarus.png
www.pressball.by/images/countries/ 492 B
668 B 54ms
52ms Image
image/png 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/countries/belarus.png
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 3a7efa1caa90f0d9d3d9dfaaf093aeb6e55d33b17c306f96407f9072cba1e05a

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:20 GMT
last-modified: Thu, 05 Mar 2015 06:15:29 GMT
server: nginx/1.16.1
etag: "54f7f481-1ec"
content-type: image/png
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 492
expires: Sun, 11 Oct 2020 20:18:20 GMT

GET
H2 200 openapi.js Show response
vk.com/js/api/ 100 KB
24 KB 100ms
88ms Script
application/x-javascript 87.240.190.72
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/js/api/openapi.js?168
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.240.190.72 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),
Reverse DNS: srv72-190-240-87.vk.com
Software: kittenx /
Resource Hash: 97a06cb0f953c60bdcb315f1eba2d02d9132e8837892ebdc4467fac05ef5b40f

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:15 GMT
content-encoding: gzip
x-frontend: front204305
last-modified: Tue, 22 Sep 2020 20:30:00 GMT
server: kittenx
etag: "5f6a5ec8-5e2e"
content-type: application/x-javascript
status: 200
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
content-length: 24110
expires: Thu, 15 Oct 2020 19:18:15 GMT

GET
H2 200 abff_logo.jpg
www.pressball.by/images/ 13 KB
13 KB 55ms
53ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/abff_logo.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: e482d567fd381a7a61be8488cfd52b488738679acfad720240ff64d0c9bffe0e

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:20 GMT
last-modified: Fri, 24 Jul 2015 11:15:29 GMT
server: nginx/1.16.1
etag: "55b21e51-325b"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 12891
expires: Sun, 11 Oct 2020 20:18:20 GMT

GET
H2 200 hockey_logo.jpg
www.pressball.by/images/ 23 KB
23 KB 93ms
92ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/hockey_logo.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: bc7a43d8fe441e67d4d72f794e74a7678401e024335a98a73f62122752bffc24

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:20 GMT
last-modified: Fri, 24 Jul 2015 11:15:27 GMT
server: nginx/1.16.1
etag: "55b21e4f-5b11"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 23313
expires: Sun, 11 Oct 2020 20:18:20 GMT

GET
H2 200 livescorein_logo.jpg
www.pressball.by/images/ 9 KB
9 KB 104ms
103ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/livescorein_logo.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 72bd8b466238a0f2383d8377d61f68e74e18ab4cc87a0e16527a93b8964dc904

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:20 GMT
last-modified: Fri, 24 Jul 2015 11:05:48 GMT
server: nginx/1.16.1
etag: "55b21c0c-2340"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 9024
expires: Sun, 11 Oct 2020 20:18:20 GMT

GET
H2 200 maxline_2020.jpg
www.pressball.by/images/ 31 KB
31 KB 123ms
122ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/maxline_2020.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: f5fd4b1b9ef9867afbb779e7d7a43573d489b97ab36873519e37d66fdf961562

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:20 GMT
last-modified: Wed, 18 Mar 2020 18:08:53 GMT
server: nginx/1.16.1
etag: "5e7263b5-7cfe"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 31998
expires: Sun, 11 Oct 2020 20:18:20 GMT

GET
H2 200 hc_meshkov_brest.jpg
www.pressball.by/images/template/ 8 KB
8 KB 162ms
161ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/template/hc_meshkov_brest.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 18dd50f734f99a70439e6c37088c7325e58701664e34822ef2a26ba73142175d

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:20 GMT
last-modified: Sat, 11 Jul 2020 09:12:06 GMT
server: nginx/1.16.1
etag: "5f098266-1ee2"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 7906
expires: Sun, 11 Oct 2020 20:18:20 GMT

GET
H2 200 erip_logo.jpg
www.pressball.by/images/template/ 89 KB
89 KB 158ms
158ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/template/erip_logo.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 67a822804f2f3edeba16712ce319c0ae10f3665819dd3166cbdf4f47455f4f2b

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:20 GMT
last-modified: Wed, 24 May 2017 10:14:04 GMT
server: nginx/1.16.1
etag: "59255cec-162e7"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 90855
expires: Sun, 11 Oct 2020 20:18:20 GMT

GET
H2 200 jquery.mCustomScrollbar.css
www.pressball.by/js/malihu-custom-scrollbar-plugin-3.0.2/ 52 KB
53 KB 65ms
53ms Stylesheet
text/css 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pressball.by/js/malihu-custom-scrollbar-plugin-3.0.2/jquery.mCustomScrollbar.css
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 1a7057d2179154be0579e8da4224b87836dc37c41196ec12aa18fe85dc92e843

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:15 GMT
last-modified: Fri, 06 Feb 2015 10:01:35 GMT
server: nginx/1.16.1
etag: "54d490ff-d1a7"
content-type: text/css
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 53671
expires: Sun, 11 Oct 2020 20:18:15 GMT

GET
H2 200 jquery.mCustomScrollbar.concat.min.js Show response
www.pressball.by/js/malihu-custom-scrollbar-plugin-3.0.2/ 38 KB
38 KB 106ms
94ms Script
application/javascript 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pressball.by/js/malihu-custom-scrollbar-plugin-3.0.2/jquery.mCustomScrollbar.concat.min.js
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 44c0854cccb5792da45ea85aeabe3432660ae517f529b78dd4796d6706032c87

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:15 GMT
last-modified: Wed, 30 Mar 2016 20:55:28 GMT
server: nginx/1.16.1
etag: "56fc3d40-98cb"
content-type: application/javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 39115
expires: Sun, 11 Oct 2020 20:18:15 GMT

GET
H2 200 topics_anywhere.php Show response
forum.pressball.by/ 3 KB
3 KB 176ms
57ms Script
text/html 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL

https://forum.pressball.by/topics_anywhere.php?limit=10&type=latest

Requested by

Host: www.pressball.by
URL: https://www.pressball.by/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),

Reverse DNS

93-125-48-95.hoster.by

Software

nginx/1.16.1 / PHP/5.4.45

Resource Hash

331aaf1ed3ca730719fded85b091d21aaaac62687b9dcee5e94521bb16273951

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Sun, 11 Oct 2020 19:18:15 GMT
server: nginx/1.16.1
x-powered-by: PHP/5.4.45
strict-transport-security: max-age=31536000;
content-type: text/html

GET
H2 200 ico_football.png
www.pressball.by/images/template/ 1 KB
2 KB 277ms
276ms Image
image/png 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/template/ico_football.png
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: f49e14cfc13c4c8bc4eafabf6a1e7856b38e1223137bd868b9c7bf3d5f471021

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:20 GMT
last-modified: Tue, 03 Mar 2015 16:11:16 GMT
server: nginx/1.16.1
etag: "54f5dd24-5e8"
content-type: image/png
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 1512
expires: Sun, 11 Oct 2020 20:18:20 GMT

GET
H2 200 ico_hockey.png
www.pressball.by/images/template/ 1 KB
1 KB 212ms
212ms Image
image/png 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/template/ico_hockey.png
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 34b2f72350c7bec4a70ae51cac947dedeb1e67b31188b3b74603f1de9be3b58f

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:20 GMT
last-modified: Tue, 03 Mar 2015 16:11:16 GMT
server: nginx/1.16.1
etag: "54f5dd24-538"
content-type: image/png
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 1336
expires: Sun, 11 Oct 2020 20:18:20 GMT

GET
H2 200 ico_khl.png
www.pressball.by/images/template/ 2 KB
2 KB 222ms
222ms Image
image/png 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/template/ico_khl.png
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 4fe178ccbbe5005cdaa54d82d6e23ae29188ecdf6f593957d2007c567ab70e88

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:20 GMT
last-modified: Tue, 03 Mar 2015 16:11:16 GMT
server: nginx/1.16.1
etag: "54f5dd24-6e4"
content-type: image/png
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 1764
expires: Sun, 11 Oct 2020 20:18:20 GMT

GET
H2 200 ico_firts_liga.png
www.pressball.by/images/template/ 5 KB
5 KB 185ms
185ms Image
image/png 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/template/ico_firts_liga.png
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: d54fc9d17c661c74783edc712e7b29c19da3ab2d21eeebd4a84f56ba0cc515f1

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:20 GMT
last-modified: Tue, 03 Mar 2015 16:11:17 GMT
server: nginx/1.16.1
etag: "54f5dd25-131c"
content-type: image/png
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 4892
expires: Sun, 11 Oct 2020 20:18:20 GMT

GET
H2 200 block2_b.jpg
www.pressball.by/images/template/ 723 B
901 B 156ms
155ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/template/block2_b.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 290563dd8fe45c2bc034efaa00fe109a2c2fb1e7dba720c551730d29271253b7

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:20 GMT
last-modified: Tue, 03 Mar 2015 16:11:06 GMT
server: nginx/1.16.1
etag: "54f5dd1a-2d3"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 723
expires: Sun, 11 Oct 2020 20:18:20 GMT

GET
H/1.1

200
OK

counter2
top-fwz1.mail.ru/
Redirect Chain

https://top-fwz1.mail.ru/counter?id=337418;t=479;l=1
https://top-fwz1.mail.ru/counter2?id=337418;t=479;l=1

2 KB
4 KB

99ms
99ms

Image
image/gif

217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter2?id=337418;t=479;l=1

Requested by

Host: www.pressball.by
URL: https://www.pressball.by/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

30edf3ec7ac8d120ee429983c5cd9db47b6c5812c04ba08131194b743f0a649c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 11 Oct 2020 19:18:16 GMT
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection: keep-alive
Content-Length: 2509
Pragma: no-cache
Access-Control-Allow-Headers: *
AMP-Access-Control-Allow-Source-Origin: *
Server: nginx
Access-Control-Allow-Methods: GET, POST, HEAD, PUT, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Cache-Control: private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials: true
Accept-CH-Lifetime: 86400
Accept-CH: DPR, Width, Viewport-Width, Downlink, Device-Memory
Timing-Allow-Origin: *
Keep-Alive: timeout=60

Redirect headers

Date: Sun, 11 Oct 2020 19:18:15 GMT
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection: keep-alive
Content-Length: 0
Pragma: no-cache
Access-Control-Allow-Headers: *
AMP-Access-Control-Allow-Source-Origin: *
Server: nginx
Access-Control-Allow-Methods: GET, POST, HEAD, PUT, OPTIONS
Location: https://top-fwz1.mail.ru/counter2?id=337418;t=479;l=1
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Cache-Control: private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials: true
Accept-CH-Lifetime: 86400
Accept-CH: DPR, Width, Viewport-Width, Downlink, Device-Memory
Timing-Allow-Origin: *
Keep-Alive: timeout=60

GET
H/1.1 200
OK top100.jcn Show response
counter.rambler.ru/ 60 KB
61 KB 438ms
201ms Script
application/javascript 81.19.89.16
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.rambler.ru/top100.jcn?337561
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.16 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.17.9 /
Resource Hash: 92bbddbd4b6894006dcf9d758f2c36e6a321c35cdcee1e2edd053a515b673389

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 11 Oct 2020 19:18:15 GMT
Server: nginx/1.17.9
Connection: keep-alive
Content-Type: application/octet-stream, application/javascript
Transfer-Encoding: chunked
P3P: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"

GET
H2 200 db.png
www.pressball.by/images/template/ 4 KB
4 KB 54ms
53ms Image
image/png 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/template/db.png
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: b5499e7b50b8bd8bdb035b2dc2eb22a50999fe4db8cb0365fe18ab03fe3ab341

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:20 GMT
last-modified: Tue, 03 Mar 2015 16:11:15 GMT
server: nginx/1.16.1
etag: "54f5dd23-e49"
content-type: image/png
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 3657
expires: Sun, 11 Oct 2020 20:18:20 GMT

GET
H2 200 logorozum.png
www.pressball.by/images/template/ 4 KB
4 KB 54ms
53ms Image
image/png 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/template/logorozum.png
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 788ffd8d78b5cadf6040b64704a2057b3a150f52d9b2f54281089010b9427d0e

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:20 GMT
last-modified: Tue, 03 Mar 2015 16:11:17 GMT
server: nginx/1.16.1
etag: "54f5dd25-f25"
content-type: image/png
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 3877
expires: Sun, 11 Oct 2020 20:18:20 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
780 B 19ms
18ms Stylesheet
text/css 2a00:1450:4001:81b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Slab:400,300,100,700&subset=latin,cyrillic

Requested by

Host: www.pressball.by
URL: https://www.pressball.by/style/stl.css?v=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fe52fb641901765a556a6fabcd09562afc9ba99dc674582a9de3fff261c385cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.pressball.by/style/stl.css?v=6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 11 Oct 2020 19:18:15 GMT
server: ESF
date: Sun, 11 Oct 2020 19:18:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 11 Oct 2020 19:18:15 GMT

OPTIONS
H2 200 getcookie
matchid.adfox.yandex.ru/ Frame 0
0 129ms
42ms Other 2a02:6b8::16b
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://matchid.adfox.yandex.ru/getcookie

Protocol

Server

2a02:6b8::16b Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.pressball.by
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

status: 200
content-length: 0
access-control-allow-headers: accept, accept-encoding, accept-language, cache-control, content-type, dnt, origin, x-requested-with
access-control-allow-credentials: true
date: Sun, 11 Oct 2020 19:18:15 GMT
timing-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.pressball.by
x-content-type-options: nosniff

POST
H2 200 getcookie Show response
matchid.adfox.yandex.ru/ 112 B
283 B 63ms
62ms XHR
application/json 2a02:6b8::16b
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://matchid.adfox.yandex.ru/getcookie

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::16b Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

3c2052ea87b93d7d554f826f8c00507a7b6031cdac0d08bab959c5b20b6faf6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 11 Oct 2020 19:18:15 GMT
x-content-type-options: nosniff
status: 200
content-type: application/json
access-control-allow-origin: https://www.pressball.by
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 112

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 107 KB
35 KB 61ms
29ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 6f1d7d418d1f561064b1d14af8a2aac97ab2d43471b04a54aebecbd22774cdde

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:15 GMT
content-encoding: gzip
last-modified: Wed, 16 Sep 2020 23:57:40 GMT
server: nginx
etag: W/"5f62a674-1aac7"
status: 200
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Mon, 12 Oct 2020 19:18:15 GMT

GET
H2 200 banners.js Show response
yastatic.net/pcode-bundles/0.1887/ 133 KB
32 KB 47ms
46ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/pcode-bundles/0.1887/banners.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

150b52647617552fc95e1212e93a33732857002300f5b43dd31362854b66dfba

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://www.pressball.by
Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:15 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
status: 200
content-length: 32644
timing-allow-origin: *
last-modified: Fri, 09 Oct 2020 11:50:30 GMT
server: nginx/1.17.9
etag: "a2b3f7ffa8300537b4939806ea194cb6"
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 12 Oct 2050 01:49:42 GMT

GET
H2 200 context.js Show response
an.yandex.ru/system/ 129 KB
37 KB 104ms
103ms Script
text/javascript 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/system/context.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

ec1a0451aeb1449a70556af9e9d587f957677930b34fd7120928826c87a2e93e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 11 Oct 2020 19:18:15 GMT
content-encoding: br
server: nginx/1.12.2
status: 200
etag: 3541415125
x-yandex-req-id: 1602443895694745-1596708820838671043500191-production-app-host-vla-pcode-23
strict-transport-security: max-age=31536000
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 11 Oct 2020 20:18:15 GMT

GET
H2 204 rta.js Show response
rtax.criteo.com/delivery/rta/ 0
55 B 48ms
15ms Script
text/plain 178.250.0.166
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtax.criteo.com/delivery/rta/rta.js?netId=5048&cookieName=dgtlby_rta&rnd=5949097948&varName=dgtlby_content
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.166 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Sun, 11 Oct 2020 19:18:15 GMT
server: nginx/1.16.1

GET
H2 200 xgemius.js Show response
gaby.hit.gemius.pl/ 40 KB
11 KB 89ms
27ms Script
application/x-javascript 149.202.199.193
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaby.hit.gemius.pl/xgemius.js
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 149.202.199.193 , France, ASN16276 (OVH, FR),
Reverse DNS: ua1.host.hit.gemius.pl
Software: GHC /
Resource Hash: 2999e8c677a780af458253481decd504d1cf7caa22078f247809e812520bee1e

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:15 GMT
content-encoding: gzip
last-modified: Fri, 25 Sep 2020 10:24:08 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
status: 200
cache-control: max-age=43200
accept-ranges: none
content-type: application/x-javascript
content-length: 10783
expires: Mon, 12 Oct 2020 07:18:15 GMT

GET
H2 200 load.php Show response
www.pressball.by/includes/banners/ Frame 98FE 290 B
500 B 98ms
98ms Document
text/html 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pressball.by/includes/banners/load.php?id=1078
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 / PHP/5.4.45
Resource Hash: 3bcdc088b18181ef5bf018f691a0f72072118a945521e485d124a3e8861522d0

Request headers

:method: GET
:authority: www.pressball.by
:scheme: https
:path: /includes/banners/load.php?id=1078
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.pressball.by/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: PHPSESSID=r7nqkvecnonr1a51m4otrdm517; pb_lenta_page=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.pressball.by/

Response headers

status: 200
server: nginx/1.16.1
date: Sun, 11 Oct 2020 19:18:15 GMT
content-type: text/html
x-powered-by: PHP/5.4.45
set-cookie: bpressball[userid]=1011220070; expires=Sat, 31-Oct-2020 20:59:59 GMT; path=/ bpressball[1078]=0; expires=Sun, 11-Oct-2020 20:59:59 GMT; path=/

GET
H2 200 load.php Show response
www.pressball.by/includes/banners/ Frame 99EB 346 B
555 B 95ms
95ms Document
text/html 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pressball.by/includes/banners/load.php?id=718
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 / PHP/5.4.45
Resource Hash: 35810161883915b883374e38ab983ef00f4e61c7b82ac734e6320e3744532b24

Request headers

:method: GET
:authority: www.pressball.by
:scheme: https
:path: /includes/banners/load.php?id=718
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.pressball.by/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: PHPSESSID=r7nqkvecnonr1a51m4otrdm517; pb_lenta_page=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.pressball.by/

Response headers

status: 200
server: nginx/1.16.1
date: Sun, 11 Oct 2020 19:18:15 GMT
content-type: text/html
x-powered-by: PHP/5.4.45
set-cookie: bpressball[userid]=1011217527; expires=Sat, 31-Oct-2020 20:59:59 GMT; path=/ bpressball[718]=0; expires=Sun, 11-Oct-2020 20:59:59 GMT; path=/

GET
H2 200 load.php Show response
www.pressball.by/includes/banners/ Frame 9284 234 B
443 B 95ms
94ms Document
text/html 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pressball.by/includes/banners/load.php?id=741
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 / PHP/5.4.45
Resource Hash: 30b8e638895372576575fef15e9b5245178bb5dd39f1d255209b38d15d9d880d

Request headers

:method: GET
:authority: www.pressball.by
:scheme: https
:path: /includes/banners/load.php?id=741
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.pressball.by/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: PHPSESSID=r7nqkvecnonr1a51m4otrdm517; pb_lenta_page=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.pressball.by/

Response headers

status: 200
server: nginx/1.16.1
date: Sun, 11 Oct 2020 19:18:15 GMT
content-type: text/html
x-powered-by: PHP/5.4.45
set-cookie: bpressball[userid]=1011212405; expires=Sat, 31-Oct-2020 20:59:59 GMT; path=/ bpressball[741]=0; expires=Sun, 11-Oct-2020 20:59:59 GMT; path=/

GET
H2 200 new-search.png
www.pressball.by/images/template/ 3 KB
3 KB 291ms
288ms Image
image/png 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/template/new-search.png
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/style/stl.css?v=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 23dcb20fce86f3a482e272a63e8cb5390be6d4c45a9fa666adaa45f823a977c7

Request headers

Referer: https://www.pressball.by/style/stl.css?v=6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:15 GMT
last-modified: Tue, 03 Mar 2015 16:11:17 GMT
server: nginx/1.16.1
etag: "54f5dd25-d3e"
content-type: image/png
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 3390
expires: Sun, 11 Oct 2020 20:18:15 GMT

GET
H2 200 ui-icons_222222_256x240.png
www.pressball.by/js/jquery-ui-1.11.0/images/ 7 KB
7 KB 291ms
287ms Image
image/png 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/js/jquery-ui-1.11.0/images/ui-icons_222222_256x240.png
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/style/stl.css?v=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: febd8dc1cf86857fe92ee4b6b715ac5d5663b9b1e43978fb977b832bd97f00ec

Request headers

Referer: https://www.pressball.by/style/stl.css?v=6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:15 GMT
last-modified: Fri, 06 Feb 2015 10:01:35 GMT
server: nginx/1.16.1
etag: "54d490ff-1b06"
content-type: image/png
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 6918
expires: Sun, 11 Oct 2020 20:18:15 GMT

GET
H2 200 new-separator.png
www.pressball.by/images/template/ 3 KB
3 KB 288ms
284ms Image
image/png 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/template/new-separator.png
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/style/stl.css?v=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 140d5b9c52ab717a530a2bad61046495da53dd7646b288f3b0cedc1ddff633ba

Request headers

Referer: https://www.pressball.by/style/stl.css?v=6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:15 GMT
last-modified: Tue, 03 Mar 2015 16:11:18 GMT
server: nginx/1.16.1
etag: "54f5dd26-af9"
content-type: image/png
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 2809
expires: Sun, 11 Oct 2020 20:18:15 GMT

GET
H2 200 new-paper-new.png
www.pressball.by/images/template/ 12 KB
12 KB 290ms
286ms Image
image/png 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/template/new-paper-new.png
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/style/stl.css?v=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 5a8757fc1023cd20f4e8fb0827420eb54590aec05b30a85f44e2f7813e960259

Request headers

Referer: https://www.pressball.by/style/stl.css?v=6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:15 GMT
last-modified: Tue, 03 Mar 2015 16:11:13 GMT
server: nginx/1.16.1
etag: "54f5dd21-30f2"
content-type: image/png
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 12530
expires: Sun, 11 Oct 2020 20:18:15 GMT

GET
H2 200 new-label.png
www.pressball.by/images/template/ 6 KB
6 KB 291ms
287ms Image
image/png 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/template/new-label.png
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/style/stl.css?v=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: e746acff3518f3f03ab39b793c800d734fabc08b66fd7d6ad894ff757d03bc9e

Request headers

Referer: https://www.pressball.by/style/stl.css?v=6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:15 GMT
last-modified: Tue, 03 Mar 2015 16:11:15 GMT
server: nginx/1.16.1
etag: "54f5dd23-1720"
content-type: image/png
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 5920
expires: Sun, 11 Oct 2020 20:18:15 GMT

GET
H2 200 time-match.png
www.pressball.by/images/template/ 3 KB
3 KB 55ms
54ms Image
image/png 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/template/time-match.png
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/style/stl.css?v=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 54399702a086d322ca7249be63a92db4f1b9f84733c4418bb86e8f95aa02b7fb

Request headers

Referer: https://www.pressball.by/style/stl.css?v=6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:20 GMT
last-modified: Tue, 03 Mar 2015 16:11:07 GMT
server: nginx/1.16.1
etag: "54f5dd1b-bc3"
content-type: image/png
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 3011
expires: Sun, 11 Oct 2020 20:18:20 GMT

GET
H2 200 block1_bg.gif
www.pressball.by/images/template/ 112 B
288 B 53ms
52ms Image
image/gif 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/template/block1_bg.gif
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/style/stl.css?v=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: c8c62e326fe23902b804157530a585a1328cc76fb238d65760bdd378e7d888f5

Request headers

Referer: https://www.pressball.by/style/stl.css?v=6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:20 GMT
last-modified: Tue, 03 Mar 2015 16:11:17 GMT
server: nginx/1.16.1
etag: "54f5dd25-70"
content-type: image/gif
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 112
expires: Sun, 11 Oct 2020 20:18:20 GMT

GET
H2 200 block1_c.jpg
www.pressball.by/images/template/ 3 KB
3 KB 53ms
52ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/template/block1_c.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/style/stl.css?v=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: ec8e3028a580b73e31e5d09e67e1d9e82d0056cbf7a9fb0196ae5be9e5fd8d64

Request headers

Referer: https://www.pressball.by/style/stl.css?v=6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:20 GMT
last-modified: Tue, 03 Mar 2015 16:11:16 GMT
server: nginx/1.16.1
etag: "54f5dd24-add"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 2781
expires: Sun, 11 Oct 2020 20:18:20 GMT

GET
H2 200 filtr_otm.gif
www.pressball.by/images/template/ 114 B
290 B 53ms
53ms Image
image/gif 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/template/filtr_otm.gif
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/style/stl.css?v=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 68886d14c3b7fdd72413db0876cd6d81a34c301911a1fe971abddcc906e28eb7

Request headers

Referer: https://www.pressball.by/style/stl.css?v=6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:20 GMT
last-modified: Tue, 03 Mar 2015 16:11:07 GMT
server: nginx/1.16.1
etag: "54f5dd1b-72"
content-type: image/gif
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 114
expires: Sun, 11 Oct 2020 20:18:20 GMT

GET
H2 200 BngMUXZYTXPIvIBgJJSb6ufJ5qWr4xCCQ_k.woff2
fonts.gstatic.com/s/robotoslab/v12/ 20 KB
21 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v12/BngMUXZYTXPIvIBgJJSb6ufJ5qWr4xCCQ_k.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab:400,300,100,700&subset=latin,cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0c3b5c5a386f4a1b168734be9f5f2d3c73b90aae1f797d88e90f8209018c156

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.pressball.by
Referer: https://fonts.googleapis.com/css?family=Roboto+Slab:400,300,100,700&subset=latin,cyrillic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 18:01:50 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Jun 2020 02:31:44 GMT
server: sffe
age: 436585
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20876
x-xss-protection: 0
expires: Wed, 06 Oct 2021 18:01:50 GMT

GET
H2 200 BngMUXZYTXPIvIBgJJSb6ufN5qWr4xCC.woff2
fonts.gstatic.com/s/robotoslab/v12/ 30 KB
30 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v12/BngMUXZYTXPIvIBgJJSb6ufN5qWr4xCC.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab:400,300,100,700&subset=latin,cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0e89bf9070896e8016be5d04a290635ea0a95e9c8bc6dbfcd3ee45bc41fc5a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.pressball.by
Referer: https://fonts.googleapis.com/css?family=Roboto+Slab:400,300,100,700&subset=latin,cyrillic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 18:18:16 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Jun 2020 02:33:54 GMT
server: sffe
age: 435599
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30940
x-xss-protection: 0
expires: Wed, 06 Oct 2021 18:18:16 GMT

GET
H2 200 widget_community.php
vk.com/ Frame 5F71 0
0 87ms
87ms Document
text/html 87.240.190.72
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vk.com/widget_community.php?app=2869320&width=200px&_ver=1&gid=32932065&mode=3&color1=&color2=&color3=&class_name=&url=https%3A%2F%2Fwww.pressball.by%2F&referrer=&title=%D0%9F%D1%80%D0%B5%D1%81%D1%81%D0%B1%D0%BE%D0%BB%20-%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%B1%D0%B5%D0%BB%D0%BE%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%B3%D0%BE%20%D1%81%D0%BF%D0%BE%D1%80%D1%82%D0%B0&17519196411

Requested by

Host: vk.com
URL: https://vk.com/js/api/openapi.js?117

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.190.72 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),

Reverse DNS

srv72-190-240-87.vk.com

Software

kittenx / PHP/3.26643

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: about:;script-src 'self' https://.vk.com https://static.vk.me https://.mail.ru https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://.yandex.ru https://.google-analytics.com https://.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://.google.com https://google.com https://.vkpartner.ru https://.moatads.com https://.adlooxtracking.com https://.gstatic.com https://.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://.vk-cdn.net https://.hit.gemius.pl https://yastatic.net 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://.vk.com https://static.vk.me https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline';report-uri /csp
Strict-Transport-Security	max-age=15768000
X-Xss-Protection	1; report=/xss_reports

Request headers

:method: GET
:authority: vk.com
:scheme: https
:path: /widget_community.php?app=2869320&width=200px&_ver=1&gid=32932065&mode=3&color1=&color2=&color3=&class_name=&url=https%3A%2F%2Fwww.pressball.by%2F&referrer=&title=%D0%9F%D1%80%D0%B5%D1%81%D1%81%D0%B1%D0%BE%D0%BB%20-%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%B1%D0%B5%D0%BB%D0%BE%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%B3%D0%BE%20%D1%81%D0%BF%D0%BE%D1%80%D1%82%D0%B0&17519196411
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.pressball.by/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.pressball.by/

Response headers

status: 200
server: kittenx
date: Sun, 11 Oct 2020 19:18:15 GMT
content-type: text/html; charset=windows-1251
content-length: 6510
x-powered-by: PHP/3.26643
set-cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly; SameSite=None remixlang=3; expires=Sat, 16 Oct 2021 07:12:11 GMT; path=/; domain=.vk.com; secure; SameSite=None remixstid=816897981_pWtLxgJA17swVHUI7NYbsuKMtoqzxnEv3PZvX8FrkNc; expires=Thu, 14 Oct 2021 03:32:36 GMT; path=/; domain=.vk.com; secure; SameSite=None
cache-control: no-store
content-security-policy: default-src * data: blob: about:;script-src 'self' https://*.vk.com https://static.vk.me https://*.mail.ru https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.com https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://static.vk.me https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline';report-uri /csp
x-xss-protection: 1; report=/xss_reports
content-encoding: gzip
x-frontend: front204305
strict-transport-security: max-age=15768000
access-control-expose-headers: X-Frontend

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201007/r20190131/ 230 KB
87 KB 49ms
35ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201007/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f36a0659b60462ae7cd1f37cda1dd4d32a9cbe1a6817428fc9ae220f601bd01d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 88664
x-xss-protection: 0
server: cafe
etag: 2239360983930794775
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Oct 2020 19:18:15 GMT

GET
H2 200 upload.gif
vk.com/images/ 230 B
485 B 52ms
51ms Image
image/gif 87.240.190.72
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vk.com/images/upload.gif

Requested by

Host: www.pressball.by
URL: https://www.pressball.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.190.72 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),

Reverse DNS

srv72-190-240-87.vk.com

Software

kittenx /

Resource Hash

0d7e358637c1b1caa66949aefc529c1e4488923f99e499d6be09eb8cdd0b4202

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:15 GMT
x-frontend: front204305
last-modified: Tue, 22 Sep 2020 20:30:00 GMT
server: kittenx
etag: "5f6a5ec8-e6"
strict-transport-security: max-age=15768000
content-type: image/gif
status: 200
access-control-expose-headers: X-Frontend
cache-control: max-age=604800
accept-ranges: bytes
content-length: 230
expires: Sun, 18 Oct 2020 19:18:15 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201007/r20190131/ Frame CCB7 0
0 7ms
7ms Document
text/html 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201007/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201007/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.pressball.by/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.pressball.by/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Sun, 11 Oct 2020 17:56:38 GMT
expires: Sun, 25 Oct 2020 17:56:38 GMT
content-type: text/html; charset=UTF-8
etag: 7382719332125555894
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4731
x-xss-protection: 0
age: 4897
cache-control: public, max-age=1209600
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
146 B 83ms
28ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=98&profileId=184&cb=73400392624
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

status: 204
date: Sun, 11 Oct 2020 19:18:15 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://www.pressball.by
timing-allow-origin: *
vary: Origin

GET
H2 200 744e40f2e385d4a75ff9.js Show response
an.yandex.ru/partner-code-bundles/12705/ 314 KB
67 KB 97ms
96ms Script
text/javascript 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/partner-code-bundles/12705/744e40f2e385d4a75ff9.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

6f48b93fa3511914e8341e76f35ede92e230e163cee282409b8a59afbcf1060f

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;, max-age=31536000

Request headers

Origin: https://www.pressball.by
Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:15 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
status: 200
content-length: 68160
timing-allow-origin: *
last-modified: Thu, 08 Oct 2020 22:44:22 GMT
server: nginx/1.12.2
etag: "fc540baa5103737522b2f23216266d0f"
strict-transport-security: max-age=43200000; includeSubDomains;, max-age=31536000
report-to: { "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 09 Oct 2050 18:33:58 GMT

GET
H2 200 a041803e525f907022ae.js Show response
an.yandex.ru/partner-code-bundles/12705/ 582 KB
90 KB 192ms
192ms Script
text/javascript 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/partner-code-bundles/12705/a041803e525f907022ae.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

36f7816d217fb48f59a0583215eb40f29baf4e0171636d4cfdf1dbc7f4c89b0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;, max-age=31536000

Request headers

Origin: https://www.pressball.by
Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:15 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
status: 200
content-length: 91528
timing-allow-origin: *
last-modified: Thu, 08 Oct 2020 22:44:22 GMT
server: nginx/1.12.2
etag: "7d493a8abbaca4385c635f4232118705"
strict-transport-security: max-age=43200000; includeSubDomains;, max-age=31536000
report-to: { "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 09 Oct 2050 18:33:58 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-907061-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 2677
date: Sun, 11 Oct 2020 18:33:38 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Sun, 11 Oct 2020 20:33:38 GMT

GET 724_90_Liga_Na.png
pressball.by/files/banners/ Frame 98FE 0
0

GET nnnn.gif
pressball.by/files/banners/ Frame 99EB 0
0

GET cyber.jpg
pressball.by/files/banners/ Frame 9284 0
0

GET
H2 200 load.php Show response
www.pressball.by/includes/banners/ Frame 05E6 290 B
433 B 756ms
755ms Document
text/html 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pressball.by/includes/banners/load.php?id=1078
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 / PHP/5.4.45
Resource Hash: 3bcdc088b18181ef5bf018f691a0f72072118a945521e485d124a3e8861522d0

Request headers

:method: GET
:authority: www.pressball.by
:scheme: https
:path: /includes/banners/load.php?id=1078
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.pressball.by/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: PHPSESSID=r7nqkvecnonr1a51m4otrdm517; pb_lenta_page=1; bpressball[1078]=0; bpressball[718]=0; bpressball[userid]=1011212405; bpressball[741]=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.pressball.by/

Response headers

status: 200
server: nginx/1.16.1
date: Sun, 11 Oct 2020 19:18:16 GMT
content-type: text/html
x-powered-by: PHP/5.4.45
set-cookie: bpressball[1078]=1; expires=Sun, 11-Oct-2020 20:59:59 GMT; path=/

GET
H2 200 load.php Show response
www.pressball.by/includes/banners/ Frame F34D 346 B
488 B 744ms
743ms Document
text/html 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pressball.by/includes/banners/load.php?id=718
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 / PHP/5.4.45
Resource Hash: 35810161883915b883374e38ab983ef00f4e61c7b82ac734e6320e3744532b24

Request headers

:method: GET
:authority: www.pressball.by
:scheme: https
:path: /includes/banners/load.php?id=718
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.pressball.by/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: PHPSESSID=r7nqkvecnonr1a51m4otrdm517; pb_lenta_page=1; bpressball[1078]=0; bpressball[718]=0; bpressball[userid]=1011212405; bpressball[741]=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.pressball.by/

Response headers

status: 200
server: nginx/1.16.1
date: Sun, 11 Oct 2020 19:18:16 GMT
content-type: text/html
x-powered-by: PHP/5.4.45
set-cookie: bpressball[718]=1; expires=Sun, 11-Oct-2020 20:59:59 GMT; path=/

GET
H2 200 load.php Show response
www.pressball.by/includes/banners/ Frame FC0A 234 B
376 B 744ms
743ms Document
text/html 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pressball.by/includes/banners/load.php?id=741
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 / PHP/5.4.45
Resource Hash: 30b8e638895372576575fef15e9b5245178bb5dd39f1d255209b38d15d9d880d

Request headers

:method: GET
:authority: www.pressball.by
:scheme: https
:path: /includes/banners/load.php?id=741
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.pressball.by/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: PHPSESSID=r7nqkvecnonr1a51m4otrdm517; pb_lenta_page=1; bpressball[1078]=0; bpressball[718]=0; bpressball[userid]=1011212405; bpressball[741]=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.pressball.by/

Response headers

status: 200
server: nginx/1.16.1
date: Sun, 11 Oct 2020 19:18:16 GMT
content-type: text/html
x-powered-by: PHP/5.4.45
set-cookie: bpressball[741]=1; expires=Sun, 11-Oct-2020 20:59:59 GMT; path=/

GET
H2 200 widget_community.php
vk.com/ Frame D21E 0
0 128ms
128ms Document
text/html 87.240.190.72
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.pressball.by
URL: https://www.pressball.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.190.72 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),

Reverse DNS

srv72-190-240-87.vk.com

Software

kittenx / PHP/3.104308

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: about:;script-src 'self' https://.vk.com https://static.vk.me https://.mail.ru https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://.yandex.ru https://.google-analytics.com https://.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://.google.com https://google.com https://.vkpartner.ru https://.moatads.com https://.adlooxtracking.com https://.gstatic.com https://.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://.vk-cdn.net https://.hit.gemius.pl https://yastatic.net 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://.vk.com https://static.vk.me https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline';report-uri /csp
Strict-Transport-Security	max-age=15768000
X-Xss-Protection	1; report=/xss_reports

Request headers

:method: GET
:authority: vk.com
:scheme: https
:path: /widget_community.php?app=2869320&width=200px&_ver=1&gid=32932065&mode=3&color1=&color2=&color3=&class_name=&url=https%3A%2F%2Fwww.pressball.by%2F&referrer=&title=%D0%9F%D1%80%D0%B5%D1%81%D1%81%D0%B1%D0%BE%D0%BB%20-%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%B1%D0%B5%D0%BB%D0%BE%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%B3%D0%BE%20%D1%81%D0%BF%D0%BE%D1%80%D1%82%D0%B0&17519196411
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.pressball.by/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: remixlang=3; remixstid=816897981_pWtLxgJA17swVHUI7NYbsuKMtoqzxnEv3PZvX8FrkNc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.pressball.by/

Response headers

status: 200
server: kittenx
date: Sun, 11 Oct 2020 19:18:16 GMT
content-type: text/html; charset=windows-1251
content-length: 6510
x-powered-by: PHP/3.104308
set-cookie: remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly; SameSite=None
cache-control: no-store
content-security-policy: default-src * data: blob: about:;script-src 'self' https://*.vk.com https://static.vk.me https://*.mail.ru https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.com https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://static.vk.me https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline';report-uri /csp
x-xss-protection: 1; report=/xss_reports
content-encoding: gzip
x-frontend: front204305
strict-transport-security: max-age=15768000
access-control-expose-headers: X-Frontend

GET
H2 200 radio.png
www.pressball.by/images/template/ 3 KB
3 KB 669ms
667ms Image
image/png 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/template/radio.png
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/style/stl.css?v=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 8dae36c54788af5a216d846f850188cfa7eada21e62c53a5f49e6b94fac15d09

Request headers

Referer: https://www.pressball.by/style/stl.css?v=6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:16 GMT
last-modified: Tue, 03 Mar 2015 16:11:07 GMT
server: nginx/1.16.1
etag: "54f5dd1b-c29"
content-type: image/png
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 3113
expires: Sun, 11 Oct 2020 20:18:16 GMT

GET
H2 200 ico12.png
www.pressball.by/images/template/ 143 B
320 B 668ms
667ms Image
image/png 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/template/ico12.png
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/style/stl.css?v=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 88631669cdc4c296caa61b7a17c74cbe5f3d1482a127707a10250df99a75fa6a

Request headers

Referer: https://www.pressball.by/style/stl.css?v=6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:16 GMT
last-modified: Thu, 23 Jul 2015 09:32:35 GMT
server: nginx/1.16.1
etag: "55b0b4b3-8f"
content-type: image/png
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 143
expires: Sun, 11 Oct 2020 20:18:16 GMT

GET
H2 200 new-calendar.png
www.pressball.by/images/template/ 3 KB
3 KB 54ms
53ms Image
image/png 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/template/new-calendar.png
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/style/stl.css?v=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 7e5169cb3bd2c57c6068903625a0c60ea001a13c94b6bdde9ae23aa9271ea39e

Request headers

Referer: https://www.pressball.by/style/stl.css?v=6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:20 GMT
last-modified: Tue, 03 Mar 2015 16:11:09 GMT
server: nginx/1.16.1
etag: "54f5dd1d-b2d"
content-type: image/png
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 2861
expires: Sun, 11 Oct 2020 20:18:20 GMT

GET
H2 200 block2_t.jpg
www.pressball.by/images/template/ 777 B
955 B 54ms
53ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/template/block2_t.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/style/stl.css?v=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 978034dd9638a316e3c8681ab1bf4662d53f8b877c58ef6befd430ecc58dacb9

Request headers

Referer: https://www.pressball.by/style/stl.css?v=6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:20 GMT
last-modified: Tue, 03 Mar 2015 16:11:10 GMT
server: nginx/1.16.1
etag: "54f5dd1e-309"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 777
expires: Sun, 11 Oct 2020 20:18:20 GMT

GET
H2 200 tabs_a.png
www.pressball.by/images/template/ 914 B
1 KB 55ms
54ms Image
image/png 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/template/tabs_a.png
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/style/stl.css?v=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: bfac2a7bb59e3449e42f9a0311036be469ab0688f055a7c3a0fdea2853a66123

Request headers

Referer: https://www.pressball.by/style/stl.css?v=6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:20 GMT
last-modified: Tue, 03 Mar 2015 16:11:06 GMT
server: nginx/1.16.1
etag: "54f5dd1a-392"
content-type: image/png
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 914
expires: Sun, 11 Oct 2020 20:18:20 GMT

GET
H2 200 tabs_bg.png
www.pressball.by/images/template/ 1020 B
1 KB 54ms
53ms Image
image/png 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/template/tabs_bg.png
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/style/stl.css?v=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 3697b46ba29b283feb70ca4ee86f27b69dba78f926f77af4800b2604096874c7

Request headers

Referer: https://www.pressball.by/style/stl.css?v=6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:20 GMT
last-modified: Tue, 03 Mar 2015 16:11:07 GMT
server: nginx/1.16.1
etag: "54f5dd1b-3fc"
content-type: image/png
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 1020
expires: Sun, 11 Oct 2020 20:18:20 GMT

GET
H2 200 block2_bg.gif
www.pressball.by/images/template/ 112 B
288 B 54ms
53ms Image
image/gif 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/template/block2_bg.gif
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/style/stl.css?v=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: af0c32b2d6cdfda89dbba11cbe5e65c04bf18c947491c222a2c632bc474f2b5e

Request headers

Referer: https://www.pressball.by/style/stl.css?v=6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:20 GMT
last-modified: Tue, 03 Mar 2015 16:11:06 GMT
server: nginx/1.16.1
etag: "54f5dd1a-70"
content-type: image/gif
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 112
expires: Sun, 11 Oct 2020 20:18:20 GMT

GET
H2 200 new-paper-old.png
www.pressball.by/images/template/ 171 KB
172 KB 55ms
54ms Image
image/png 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/template/new-paper-old.png
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/style/stl.css?v=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 23c534ff5f0e96acba25728cfeec06d327ebeeacf8386b6825a3a772deb1a5ce

Request headers

Referer: https://www.pressball.by/style/stl.css?v=6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:20 GMT
last-modified: Tue, 03 Mar 2015 16:11:08 GMT
server: nginx/1.16.1
etag: "54f5dd1c-2adfe"
content-type: image/png
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 175614
expires: Sun, 11 Oct 2020 20:18:20 GMT

GET
H2 200 fpdata.js Show response
gaby.hit.gemius.pl/ 270 B
405 B 30ms
30ms Script
application/x-javascript 149.202.199.193
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaby.hit.gemius.pl/fpdata.js?href=www.pressball.by
Requested by: Host: gaby.hit.gemius.pl
URL: https://gaby.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 149.202.199.193 , France, ASN16276 (OVH, FR),
Reverse DNS: ua1.host.hit.gemius.pl
Software: GHC /
Resource Hash: f6f8c3ef7005285959b978ce559e1e74de0ac4888c2ba223053b10b641da6758

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:16 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
status: 200
cache-control: private, max-age=2592000
accept-ranges: none
content-type: application/x-javascript
content-length: 270
expires: Tue, 10 Nov 2020 19:18:16 GMT

GET
H2 200 lsget.html
ls.hit.gemius.pl/ Frame EF6C 0
0 101ms
34ms Document
text/html 149.202.222.105
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gaby.hit.gemius.pl
URL: https://gaby.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 149.202.222.105 , France, ASN16276 (OVH, FR),
Reverse DNS: ovhfr9.host.hit.gemius.pl
Software: GHC /
Resource Hash

Request headers

:method: GET
:authority: ls.hit.gemius.pl
:scheme: https
:path: /lsget.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.pressball.by/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.pressball.by/

Response headers

status: 200
date: Sun, 11 Oct 2020 19:18:16 GMT
expires: Tue, 10 Nov 2020 19:18:16 GMT
server: GHC
accept-ranges: none
cache-control: private, max-age=2592000
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
etag: PRIVATE7520710249
vary: Accept-Encoding,Origin,User-Agent
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: text/html;charset=utf-8
content-length: 2711
content-encoding: gzip

GET
H/1.1 200
OK / Show response
c.bigmir.net/ 135 B
426 B 252ms
56ms Script
application/x-javascript 193.239.68.97
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bigmir.net/?o1&v16799491&s16798018&t0&c1&n94115&w0&y0&d24&r1600
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.68.97 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: c.bigmir.net
Software: nginx /
Resource Hash: 56070fc894f364c731974f1d599caab332ad5cba79b5a83f8792b8ce2ca5e82e

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Sun, 11 Oct 2020 19:18:16 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=windows-1251
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=5
Expires: 0

GET
H2 200 v2 Show response
an.yandex.ru/adfox/239538/getBulk/ 171 B
696 B 325ms
324ms XHR
application/json 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/239538/getBulk/v2?dl=https%3A%2F%2Fwww.pressball.by%2F&date=2020-10-11T21%3A18%3A16.115%2B02%3A00&pd=11&pdh=1200&pdw=1600&pr1=2878070734&pr=3237378649&prr=&pv=21&pw=0&extid_loader=&extid_tag_loader=www.pressball.by&ylv=0.1888&ybv=0.1887&ytt=474439294126101&is-turbo=0&skip-token=&ad-session-id=4397341602443896127&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A1600%2C%22h%22%3A0%2C%22width%22%3A1600%2C%22height%22%3A0%2C%22left%22%3A0%2C%22top%22%3A0%2C%22visible%22%3A1%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=0&matchid-cookies=fEO4cFbeMKDR_uBgwO1_lMl3EwNEz6jKzrBKoD4kPmZQKeuTbq29xg%3D%3D&matchid-cookies-sign=4akOHbt9Rh-VOryTPjQVyw%3D%3D&p1=civac&p2=fixs&slotNumber=1&matchid-direct=1&bids=W10%3D&grab=dNCf0YDQtdGB0YHQsdC-0LsgLSDQvdC-0LLQvtGB0YLQuCDQsdC10LvQvtGA0YPRgdGB0LrQvtCz0L4g0YHQv9C-0YDRgtCwCjHQk9C70LDQstC90YvQtSDQvdC-0LLQvtGB0YLQuCAKMdCS0YHQtSDQvNCw0YLRh9C4INGB0LXQs9C-0LTQvdGPIAox0KLQvtC70YzQutC-INGH0YLQviAKMdCR0LvQvtCz0LggCjHQpNC40LvRjNGC0YAg0L3QvtCy0L7RgdGC0LXQuSAKMdCU0LDQudC00LbQtdGB0YIgCjHQldCy0YDQvtGE0YPRgtCx0L7QuyAKMdCd0LDRiNC4INC_0LDRgNGC0L3QtdGA0YsgCjHQmtCw0LvQtdC90LTQsNGA0Ywg0YHQvtCx0YvRgtC40LkgCjHQpNC-0YDRg9C80YsgCjHQp9C40YLQsNC50YLQtSDQsiDQvdC-0LLQvtC8INC90L7QvNC10YDQtSDQn9GA0LXRgdGB0LHQvtC70LAgCjLQm9C40LPQsCDQvdCw0YbQuNC5LiDQntCx0LfQvtGALiDQk9GA0YPQt9C40Y8g4oCUINCR0LXQu9Cw0YDRg9GB0YwuINCR0LXRgdGB0YDQvtGH0L3Ri9C1INC10LLRgNC-0YHQutC10L_RgtC40LrQuCAKMtCb0LjQs9CwINC90LDRhtC40LkuINCQ0L3QvtC90YEuINCb0LjRgtCy0LAg4oCUINCR0LXQu9Cw0YDRg9GB0YwuINCR0LvQuNC20L3QtdC1INC30LDRgNGD0LHQtdC20YzQtSAKMtCb0LjQs9CwINC90LDRhtC40LkuINCb0LjQs9CwIOKAnEPigJ0uINCT0YDRg9C_0L_QsCA0LiDQkNC70LHQsNC90YHQutC40LUg0L_QvtGC0LXRgNC4IAoy0JTQtdC70L4g0LzQvtC70L7QtNGL0YUuINCY0Lcg0YHQtdC80LjQtNC10YHRj9GC0Lgg4oCc0LvQuNC80LjRgtGH0LjQutC-0LLigJ0g0LTQu9GPINC90L7QstC-0LPQviDRgdC10LfQvtC90LAg0JQxINCyINGN0YLQvtC8INGH0LXQvNC_0LjQvtC90LDRgtC1INGA0LXQsNC70YzQvdC-INCz0L7RgtC-0LLRiyDRgtC-0LvRjNC60L4g0LTQtdCy0Y_RgtGMLi4uIAo%3D&utf8=%D0%B2%D1%9A%E2%80%9C

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

a3b0793388ca7df69b4ad8824bba1c4468cbc8ef37ff3190987565e4b7758256

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Oct 2020 19:18:16 GMT
content-encoding: gzip
last-modified: Sun, 11 Oct 2020 19:18:16 GMT
server: nginx/1.12.2
timing-allow-origin: *
status: 200
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://www.pressball.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-type: application/json
x-xss-protection: 1; mode=block
expires: Sun, 11 Oct 2020 19:18:16 GMT

GET
H2 200 v2 Show response
an.yandex.ru/adfox/239538/getBulk/ 3 KB
2 KB 282ms
281ms XHR
application/json 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/239538/getBulk/v2?dl=https%3A%2F%2Fwww.pressball.by%2F&date=2020-10-11T21%3A18%3A16.130%2B02%3A00&pd=11&pdh=1200&pdw=1600&pr1=838402518&pr=3237378649&prr=&pv=21&pw=0&extid_loader=&extid_tag_loader=www.pressball.by&ylv=0.1888&ybv=0.1887&ytt=474439294126101&is-turbo=0&skip-token=&ad-session-id=4397341602443896127&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A1024%2C%22h%22%3A0%2C%22width%22%3A1024%2C%22height%22%3A0%2C%22left%22%3A288%2C%22top%22%3A0%2C%22visible%22%3A1%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=0&matchid-cookies=fEO4cFbeMKDR_uBgwO1_lMl3EwNEz6jKzrBKoD4kPmZQKeuTbq29xg%3D%3D&matchid-cookies-sign=4akOHbt9Rh-VOryTPjQVyw%3D%3D&p1=ciugh&p2=y&slotNumber=2&matchid-direct=1&bids=W10%3D&grab=dNCf0YDQtdGB0YHQsdC-0LsgLSDQvdC-0LLQvtGB0YLQuCDQsdC10LvQvtGA0YPRgdGB0LrQvtCz0L4g0YHQv9C-0YDRgtCwCjHQk9C70LDQstC90YvQtSDQvdC-0LLQvtGB0YLQuCAKMdCS0YHQtSDQvNCw0YLRh9C4INGB0LXQs9C-0LTQvdGPIAox0KLQvtC70YzQutC-INGH0YLQviAKMdCR0LvQvtCz0LggCjHQpNC40LvRjNGC0YAg0L3QvtCy0L7RgdGC0LXQuSAKMdCU0LDQudC00LbQtdGB0YIgCjHQldCy0YDQvtGE0YPRgtCx0L7QuyAKMdCd0LDRiNC4INC_0LDRgNGC0L3QtdGA0YsgCjHQmtCw0LvQtdC90LTQsNGA0Ywg0YHQvtCx0YvRgtC40LkgCjHQpNC-0YDRg9C80YsgCjHQp9C40YLQsNC50YLQtSDQsiDQvdC-0LLQvtC8INC90L7QvNC10YDQtSDQn9GA0LXRgdGB0LHQvtC70LAgCjLQm9C40LPQsCDQvdCw0YbQuNC5LiDQntCx0LfQvtGALiDQk9GA0YPQt9C40Y8g4oCUINCR0LXQu9Cw0YDRg9GB0YwuINCR0LXRgdGB0YDQvtGH0L3Ri9C1INC10LLRgNC-0YHQutC10L_RgtC40LrQuCAKMtCb0LjQs9CwINC90LDRhtC40LkuINCQ0L3QvtC90YEuINCb0LjRgtCy0LAg4oCUINCR0LXQu9Cw0YDRg9GB0YwuINCR0LvQuNC20L3QtdC1INC30LDRgNGD0LHQtdC20YzQtSAKMtCb0LjQs9CwINC90LDRhtC40LkuINCb0LjQs9CwIOKAnEPigJ0uINCT0YDRg9C_0L_QsCA0LiDQkNC70LHQsNC90YHQutC40LUg0L_QvtGC0LXRgNC4IAoy0JTQtdC70L4g0LzQvtC70L7QtNGL0YUuINCY0Lcg0YHQtdC80LjQtNC10YHRj9GC0Lgg4oCc0LvQuNC80LjRgtGH0LjQutC-0LLigJ0g0LTQu9GPINC90L7QstC-0LPQviDRgdC10LfQvtC90LAg0JQxINCyINGN0YLQvtC8INGH0LXQvNC_0LjQvtC90LDRgtC1INGA0LXQsNC70YzQvdC-INCz0L7RgtC-0LLRiyDRgtC-0LvRjNC60L4g0LTQtdCy0Y_RgtGMLi4uIAo%3D&utf8=%D0%B2%D1%9A%E2%80%9C

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

d543ad03826abe9cd9ab8a009ac3aa5b0be7cb3b462a4b49bdf93656d14d9e31

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Oct 2020 19:18:16 GMT
content-encoding: gzip
last-modified: Sun, 11 Oct 2020 19:18:16 GMT
server: nginx/1.12.2
timing-allow-origin: *
status: 200
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://www.pressball.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-type: application/json
x-xss-protection: 1; mode=block
expires: Sun, 11 Oct 2020 19:18:16 GMT

GET
H2 200 v2 Show response
an.yandex.ru/adfox/239538/getBulk/ 3 KB
2 KB 324ms
323ms XHR
application/json 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/239538/getBulk/v2?dl=https%3A%2F%2Fwww.pressball.by%2F&date=2020-10-11T21%3A18%3A16.133%2B02%3A00&pd=11&pdh=1200&pdw=1600&pr1=2078445173&pr=3237378649&prr=&pv=21&pw=0&extid_loader=&extid_tag_loader=www.pressball.by&ylv=0.1888&ybv=0.1887&ytt=474439294126101&is-turbo=0&skip-token=&ad-session-id=4397341602443896127&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A240%2C%22h%22%3A0%2C%22width%22%3A240%2C%22height%22%3A0%2C%22left%22%3A1052%2C%22top%22%3A179%2C%22visible%22%3A1%2C%22req_no%22%3A2%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=0&matchid-cookies=fEO4cFbeMKDR_uBgwO1_lMl3EwNEz6jKzrBKoD4kPmZQKeuTbq29xg%3D%3D&matchid-cookies-sign=4akOHbt9Rh-VOryTPjQVyw%3D%3D&p1=ciugg&p2=fgou&slotNumber=3&matchid-direct=1&bids=W10%3D&grab=dNCf0YDQtdGB0YHQsdC-0LsgLSDQvdC-0LLQvtGB0YLQuCDQsdC10LvQvtGA0YPRgdGB0LrQvtCz0L4g0YHQv9C-0YDRgtCwCjHQk9C70LDQstC90YvQtSDQvdC-0LLQvtGB0YLQuCAKMdCS0YHQtSDQvNCw0YLRh9C4INGB0LXQs9C-0LTQvdGPIAox0KLQvtC70YzQutC-INGH0YLQviAKMdCR0LvQvtCz0LggCjHQpNC40LvRjNGC0YAg0L3QvtCy0L7RgdGC0LXQuSAKMdCU0LDQudC00LbQtdGB0YIgCjHQldCy0YDQvtGE0YPRgtCx0L7QuyAKMdCd0LDRiNC4INC_0LDRgNGC0L3QtdGA0YsgCjHQmtCw0LvQtdC90LTQsNGA0Ywg0YHQvtCx0YvRgtC40LkgCjHQpNC-0YDRg9C80YsgCjHQp9C40YLQsNC50YLQtSDQsiDQvdC-0LLQvtC8INC90L7QvNC10YDQtSDQn9GA0LXRgdGB0LHQvtC70LAgCjLQm9C40LPQsCDQvdCw0YbQuNC5LiDQntCx0LfQvtGALiDQk9GA0YPQt9C40Y8g4oCUINCR0LXQu9Cw0YDRg9GB0YwuINCR0LXRgdGB0YDQvtGH0L3Ri9C1INC10LLRgNC-0YHQutC10L_RgtC40LrQuCAKMtCb0LjQs9CwINC90LDRhtC40LkuINCQ0L3QvtC90YEuINCb0LjRgtCy0LAg4oCUINCR0LXQu9Cw0YDRg9GB0YwuINCR0LvQuNC20L3QtdC1INC30LDRgNGD0LHQtdC20YzQtSAKMtCb0LjQs9CwINC90LDRhtC40LkuINCb0LjQs9CwIOKAnEPigJ0uINCT0YDRg9C_0L_QsCA0LiDQkNC70LHQsNC90YHQutC40LUg0L_QvtGC0LXRgNC4IAoy0JTQtdC70L4g0LzQvtC70L7QtNGL0YUuINCY0Lcg0YHQtdC80LjQtNC10YHRj9GC0Lgg4oCc0LvQuNC80LjRgtGH0LjQutC-0LLigJ0g0LTQu9GPINC90L7QstC-0LPQviDRgdC10LfQvtC90LAg0JQxINCyINGN0YLQvtC8INGH0LXQvNC_0LjQvtC90LDRgtC1INGA0LXQsNC70YzQvdC-INCz0L7RgtC-0LLRiyDRgtC-0LvRjNC60L4g0LTQtdCy0Y_RgtGMLi4uIAo%3D&utf8=%D0%B2%D1%9A%E2%80%9C

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

c05bd3722391eecae423d3eaba6dace7623d8d7a5b9dfb6afa0ae849b7b9ee0a

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Oct 2020 19:18:16 GMT
content-encoding: gzip
last-modified: Sun, 11 Oct 2020 19:18:16 GMT
server: nginx/1.12.2
timing-allow-origin: *
status: 200
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://www.pressball.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-type: application/json
x-xss-protection: 1; mode=block
expires: Sun, 11 Oct 2020 19:18:16 GMT

GET
H2 200 v2 Show response
an.yandex.ru/adfox/239538/getBulk/ 2 KB
2 KB 101ms
100ms XHR
application/json 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/239538/getBulk/v2?dl=https%3A%2F%2Fwww.pressball.by%2F&date=2020-10-11T21%3A18%3A16.138%2B02%3A00&pd=11&pdh=1200&pdw=1600&pr1=3281455891&pr=3237378649&prr=&pv=21&pw=0&extid_loader=&extid_tag_loader=www.pressball.by&ylv=0.1888&ybv=0.1887&ytt=474439294126101&is-turbo=0&skip-token=&ad-session-id=4397341602443896127&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A240%2C%22h%22%3A0%2C%22width%22%3A240%2C%22height%22%3A0%2C%22left%22%3A1052%2C%22top%22%3A4562%2C%22visible%22%3A0%2C%22req_no%22%3A3%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=0&matchid-cookies=fEO4cFbeMKDR_uBgwO1_lMl3EwNEz6jKzrBKoD4kPmZQKeuTbq29xg%3D%3D&matchid-cookies-sign=4akOHbt9Rh-VOryTPjQVyw%3D%3D&p1=bzxza&p2=fgou&slotNumber=4&matchid-direct=1&bids=W3siY2FtcGFpZ25faWQiOjc3MDk4MCwicmVzcG9uc2VfdGltZSI6NDQ1LCJlcnJvciI6eyJjb2RlIjoxfX1d&grab=dNCf0YDQtdGB0YHQsdC-0LsgLSDQvdC-0LLQvtGB0YLQuCDQsdC10LvQvtGA0YPRgdGB0LrQvtCz0L4g0YHQv9C-0YDRgtCwCjHQk9C70LDQstC90YvQtSDQvdC-0LLQvtGB0YLQuCAKMdCS0YHQtSDQvNCw0YLRh9C4INGB0LXQs9C-0LTQvdGPIAox0KLQvtC70YzQutC-INGH0YLQviAKMdCR0LvQvtCz0LggCjHQpNC40LvRjNGC0YAg0L3QvtCy0L7RgdGC0LXQuSAKMdCU0LDQudC00LbQtdGB0YIgCjHQldCy0YDQvtGE0YPRgtCx0L7QuyAKMdCd0LDRiNC4INC_0LDRgNGC0L3QtdGA0YsgCjHQmtCw0LvQtdC90LTQsNGA0Ywg0YHQvtCx0YvRgtC40LkgCjHQpNC-0YDRg9C80YsgCjHQp9C40YLQsNC50YLQtSDQsiDQvdC-0LLQvtC8INC90L7QvNC10YDQtSDQn9GA0LXRgdGB0LHQvtC70LAgCjLQm9C40LPQsCDQvdCw0YbQuNC5LiDQntCx0LfQvtGALiDQk9GA0YPQt9C40Y8g4oCUINCR0LXQu9Cw0YDRg9GB0YwuINCR0LXRgdGB0YDQvtGH0L3Ri9C1INC10LLRgNC-0YHQutC10L_RgtC40LrQuCAKMtCb0LjQs9CwINC90LDRhtC40LkuINCQ0L3QvtC90YEuINCb0LjRgtCy0LAg4oCUINCR0LXQu9Cw0YDRg9GB0YwuINCR0LvQuNC20L3QtdC1INC30LDRgNGD0LHQtdC20YzQtSAKMtCb0LjQs9CwINC90LDRhtC40LkuINCb0LjQs9CwIOKAnEPigJ0uINCT0YDRg9C_0L_QsCA0LiDQkNC70LHQsNC90YHQutC40LUg0L_QvtGC0LXRgNC4IAoy0JTQtdC70L4g0LzQvtC70L7QtNGL0YUuINCY0Lcg0YHQtdC80LjQtNC10YHRj9GC0Lgg4oCc0LvQuNC80LjRgtGH0LjQutC-0LLigJ0g0LTQu9GPINC90L7QstC-0LPQviDRgdC10LfQvtC90LAg0JQxINCyINGN0YLQvtC8INGH0LXQvNC_0LjQvtC90LDRgtC1INGA0LXQsNC70YzQvdC-INCz0L7RgtC-0LLRiyDRgtC-0LvRjNC60L4g0LTQtdCy0Y_RgtGMLi4uIAo%3D&utf8=%D0%B2%D1%9A%E2%80%9C

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

bd9f3b1809b68374077d15f2b6822bcacc60b31f23ef70d2df47593612e0a739

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Oct 2020 19:18:16 GMT
content-encoding: gzip
last-modified: Sun, 11 Oct 2020 19:18:16 GMT
server: nginx/1.12.2
timing-allow-origin: *
status: 200
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://www.pressball.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-type: application/json
x-xss-protection: 1; mode=block
expires: Sun, 11 Oct 2020 19:18:16 GMT

POST
H2 204 csm
bidder.criteo.com/ 0
146 B 45ms
44ms Other
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm?ptv=98&profileId=184
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

status: 204
date: Sun, 11 Oct 2020 19:18:15 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://www.pressball.by
timing-allow-origin: *
vary: Origin

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
260 B 16ms
15ms Image
image/gif 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=1
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:16 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Wed, 06 Oct 2021 19:18:16 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
260 B 16ms
16ms Image
image/gif 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=2
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:16 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Wed, 06 Oct 2021 19:18:16 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
168 B 15ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.pressball.by

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201007/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 11 Oct 2020 19:18:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
168 B 15ms
14ms Script
application/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.pressball.by

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201007/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 11 Oct 2020 19:18:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame FABF 0
0 25ms
25ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1328253596984991&output=html&adk=1812271804&adf=3025194257&lmt=1602443896&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.pressball.by%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602443895880&bpp=20&bdt=884&idt=281&shv=r20201007&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6074519396904&frm=20&pv=2&ga_vid=1681610997.1602443896&ga_sid=1602443896&ga_hid=1929285742&ga_fc=0&iag=0&icsg=281200150907440&dssz=46&mdo=0&mso=512&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44729771%2C21067105%2C21066706&oid=3&pvsid=134891609860675&pem=240&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=301

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201007/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1328253596984991&output=html&adk=1812271804&adf=3025194257&lmt=1602443896&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.pressball.by%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602443895880&bpp=20&bdt=884&idt=281&shv=r20201007&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6074519396904&frm=20&pv=2&ga_vid=1681610997.1602443896&ga_sid=1602443896&ga_hid=1929285742&ga_fc=0&iag=0&icsg=281200150907440&dssz=46&mdo=0&mso=512&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44729771%2C21067105%2C21066706&oid=3&pvsid=134891609860675&pem=240&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=301
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.pressball.by/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.pressball.by/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 11 Oct 2020 19:18:16 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 11-Oct-2020 19:33:16 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Sun, 11 Oct 2020 19:18:16 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201007/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ccdeedcf8cca02b7e1b7f00ce971eec441bab4d56867e97a74ea8f1a09f9fb8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1602243746703548"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27594
x-xss-protection: 0
expires: Sun, 11 Oct 2020 19:18:16 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
67 B 13ms
13ms XHR
text/plain 2a00:1450:4001:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=1929285742&t=pageview&_s=1&dl=https%3A%2F%2Fwww.pressball.by%2F&ul=en-us&de=windows-1251&dt=%D0%9F%D1%80%D0%B5%D1%81%D1%81%D0%B1%D0%BE%D0%BB%20-%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%B1%D0%B5%D0%BB%D0%BE%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%B3%D0%BE%20%D1%81%D0%BF%D0%BE%D1%80%D1%82%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAUABAAAAAC~&jid=1960189047&gjid=854115241&cid=1681610997.1602443896&tid=UA-907061-1&_gid=304423187.1602443896&_r=1&gtm=2ou9u1&z=1767046994

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 11 Oct 2020 19:18:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://www.pressball.by
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
88 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-907061-1&cid=1681610997.1602443896&jid=1960189047&gjid=854115241&_gid=304423187.1602443896&_u=IAhAAUAAAAAAAC~&z=435241919

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 11 Oct 2020 19:18:16 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.pressball.by
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rexdot.js Show response
gaby.hit.gemius.pl/__/_1602443896226/
Redirect Chain

https://gaby.hit.gemius.pl/_1602443896226/rexdot.js?l=100&id=p3XrO3bVyIri76bMBIN8KbRH3y6KW7sJyvtgc37Vl9f.A7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=https%3A%2F%2Fwww.pres...
https://gaby.hit.gemius.pl/__/_1602443896226/rexdot.js?l=100&id=p3XrO3bVyIri76bMBIN8KbRH3y6KW7sJyvtgc37Vl9f.A7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=https%3A%2F%2Fwww.p...

169 B
435 B

26ms
26ms

Script
application/x-javascript

149.202.199.193
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaby.hit.gemius.pl/__/_1602443896226/rexdot.js?l=100&id=p3XrO3bVyIri76bMBIN8KbRH3y6KW7sJyvtgc37Vl9f.A7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=https%3A%2F%2Fwww.pressball.by%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=125&lsdata=..DKql47Mp0_.N6DtCHMSU3qTR5GKKlxKMTZp5ft.mb.j7w_Cv2Fxsbjlz0iN4K5shJBH82gSRyusn7I.Y6L5MdXALZ5/A2hmp2X4xx_JK/&fpdata=d8i7VUPI5xLEI1ddXyXA6XUQBs79Vgjjxkz18W1tlNf.37&vis=1
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 149.202.199.193 , France, ASN16276 (OVH, FR),
Reverse DNS: ua1.host.hit.gemius.pl
Software: GHC /
Resource Hash: 68178acb82b6789c5e6853d1c9c383e701ee7ef1c418f0f1459b71d20ef1214a

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Oct 2020 19:18:16 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
status: 200
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-type: application/x-javascript
content-length: 169
expires: Sat, 10 Oct 2020 19:18:16 GMT

Redirect headers

pragma: no-cache
date: Sun, 11 Oct 2020 19:18:16 GMT
server: GHC
status: 301
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1602443896226/rexdot.js?l=100&id=p3XrO3bVyIri76bMBIN8KbRH3y6KW7sJyvtgc37Vl9f.A7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=https%3A%2F%2Fwww.pressball.by%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=125&lsdata=..DKql47Mp0_.N6DtCHMSU3qTR5GKKlxKMTZp5ft.mb.j7w_Cv2Fxsbjlz0iN4K5shJBH82gSRyusn7I.Y6L5MdXALZ5/A2hmp2X4xx_JK/&fpdata=d8i7VUPI5xLEI1ddXyXA6XUQBs79Vgjjxkz18W1tlNf.37&vis=1
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-length: 0
expires: Sat, 10 Oct 2020 19:18:16 GMT

GET
H2 200 aomini.js Show response
lv.adocean.pl/files/js/ Frame 41EF 8 KB
3 KB 128ms
42ms Script
application/x-javascript 54.38.133.137
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lv.adocean.pl/files/js/aomini.js
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.38.133.137 , France, ASN16276 (OVH, FR),
Reverse DNS: ip137.ip-54-38-133.eu
Software: GAD /
Resource Hash: c9d355e1a65a6bb97cd4af5a0fe10a9e0169fd568cd00a0f35a2bd82e8c4bb80

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:16 GMT
content-encoding: gzip
last-modified: Mon, 13 Jul 2020 10:59:27 GMT
server: GAD
etag: "00001E15458726DB"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
status: 200
cache-control: public, must-revalidate, max-age=86400
accept-ranges: bytes
content-type: application/x-javascript
content-length: 2986
expires: Mon, 12 Oct 2020 19:18:16 GMT

GET
H/1.1 200
OK code.js Show response
top-fwz1.mail.ru/js/ 20 KB
9 KB 101ms
101ms Script
application/javascript 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/js/code.js

Requested by

Host: www.pressball.by
URL: https://www.pressball.by/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

061fa08931be3ff5d9584eac335756bba709a981d2eb121f737cef7ae681ab82

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 11 Oct 2020 19:18:16 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection: keep-alive
Access-Control-Allow-Headers: *
AMP-Access-Control-Allow-Source-Origin: *
Last-Modified: Wed, 22 Jul 2020 12:17:53 GMT
Server: nginx
ETag: W/"5f182e71-511a"
Access-Control-Allow-Methods: GET, POST, HEAD, PUT, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Cache-Control: max-age=3600, private
Access-Control-Allow-Credentials: true
Accept-CH-Lifetime: 86400
Accept-CH: DPR, Width, Viewport-Width, Downlink, Device-Memory
Timing-Allow-Origin: *
Keep-Alive: timeout=60
Expires: Sun, 11 Oct 2020 20:18:16 GMT

GET
H/1.1 200
OK /
kraken.rambler.ru/cnt/ 595 B
1 KB 195ms
64ms Image
image/gif 81.19.89.16
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kraken.rambler.ru/cnt/?et=pv&pid=337561&rid=1602443896.369-2012430825&tid=t1.-1.740018225.1602443896375&v=1.8.0i&rn=1519677222&bs=1600x1200&ce=1&rf&en=windows-1251&pt=%D0%9F%D1%80%D0%B5%D1%81%D1%81%D0%B1%D0%BE%D0%BB%20-%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%B1%D0%B5%D0%BB%D0%BE%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%B3%D0%BE%20%D1%81%D0%BF%D0%BE%D1%80%D1%82%D0%B0&sr=1600x1200&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Linux%20x86_64&tz=-120&fv&sv&lv&le=0&url=https%3A%2F%2Fwww.pressball.by%2F
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.16 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.17.9 /
Resource Hash: c471312e18a648891fd9e7ba758bf7a5d0f96eb6e3714e5e39d6b8ec080705cc

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 11 Oct 2020 19:18:16 GMT
Last-Modified: Thu, 16 Jan 2020 17:49:32 GMT
Server: nginx/1.17.9
ETag: "5e20a22c-253"
Access-Control-Allow-Methods: GET, POST, OPTIONS
P3P: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Access-Control-Allow-Headers: content-type
Content-Length: 595

GET
H/1.1 200
OK watch.js Show response
mc.yandex.ru/metrika/ 143 KB
43 KB 48ms
47ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: www.pressball.by
URL: https://www.pressball.by/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

58724cf9d89f1cadc735e143b46330c4b7fe0359cfccb2020431f63781d5bc20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 11 Oct 2020 19:18:16 GMT
Content-Encoding: br
Last-Modified: Wed, 07 Oct 2020 21:42:49 GMT
ETag: "5f7c74bb-a8a5"
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Content-Length: 43173
Expires: Sun, 11 Oct 2020 20:18:16 GMT

GET
H/1.1 200
OK a5.js Show response
serve.5visions.com/framework/ 207 B
716 B 222ms
66ms Script
application/javascript 88.212.242.60
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://serve.5visions.com/framework/a5.js?rnd=0.897325297921687
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.212.242.60 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.17.10 /
Resource Hash: 615e3c04341a27c6c15d9a1a7f9e55f600d2a78b89faa58ae32d7210726e777c

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 11 Oct 2020 19:18:16 GMT
Age: 0
Connection: keep-alive
X-Trans-Id: 159875cf2f592eef
Accept-Ranges: bytes
Last-Modified: Wed, 24 Apr 2019 16:26:45 GMT
Server: nginx/1.17.10
Etag: "4b8d85fb8107d7161afc7a9ea58e314e"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-Timestamp: 1556123204.00550
Cache-Control: max-age=10
Access-Control-Allow-Credentials: true
Content-Length: 207
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: 207

GET
H2 200 new_l-arrow.png
www.pressball.by/images/template/ 3 KB
3 KB 338ms
338ms Image
image/png 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/template/new_l-arrow.png
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/style/stl.css?v=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: bc1b577a8c2658099cc1dbf0cfa93fa014b705598e775d6d32381b3f00b6e2cb

Request headers

Referer: https://www.pressball.by/style/stl.css?v=6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:21 GMT
last-modified: Tue, 03 Mar 2015 16:11:17 GMT
server: nginx/1.16.1
etag: "54f5dd25-bcc"
content-type: image/png
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 3020
expires: Sun, 11 Oct 2020 20:18:21 GMT

GET
H2 200 new_r-arrow.png
www.pressball.by/images/template/ 3 KB
3 KB 339ms
338ms Image
image/png 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/template/new_r-arrow.png
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/style/stl.css?v=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 867306e5961c27739ebf16d220cac0fa3d74a497970dc558a9ff1f417c0af9df

Request headers

Referer: https://www.pressball.by/style/stl.css?v=6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:21 GMT
last-modified: Tue, 03 Mar 2015 16:11:10 GMT
server: nginx/1.16.1
etag: "54f5dd1e-bcd"
content-type: image/png
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 3021
expires: Sun, 11 Oct 2020 20:18:21 GMT

GET
H2 200 vk-widget.html Show response
www.pressball.by/ 305 B
368 B 425ms
424ms XHR
text/html 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pressball.by/vk-widget.html
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/js/jquery-1.10.2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 896d9a69a88aa5932649b05009b8472353e56fc727e0369121a2803deca11a64

Request headers

Accept: */*
Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Sun, 11 Oct 2020 19:18:16 GMT
server: nginx/1.16.1
content-type: text/html

GET
H2 200 syncframe
gum.criteo.com/ Frame FA0D 0
0 37ms
12ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.pressball.by

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=www.pressball.by
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.pressball.by/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.pressball.by/

Response headers

status: 200
cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
server-processing-duration-in-ticks: 557
date: Sun, 11 Oct 2020 19:18:16 GMT
content-length: 0

GET
H/1.1

200
OK

show
mc.admetrica.ru/ Frame 4368
Redirect Chain

https://mc.admetrica.ru/show?cmn_id=13579&plt_id=37246&crv_id=101542&evt_t=render&ad_type=banner&rnd=1150936239
https://mc.admetrica.ru/show?cmn_id=13579&plt_id=37246&crv_id=101542&evt_t=render&ad_type=banner&rnd=1150936239&redir=1

43 B
383 B

46ms
46ms

Image
image/gif

2a02:6b8::1:254
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.admetrica.ru/show?cmn_id=13579&plt_id=37246&crv_id=101542&evt_t=render&ad_type=banner&rnd=1150936239&redir=1
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::1:254 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 11 Oct 2020 19:18:16 GMT
Server: nginx
X-qloud-router: iva1-0ffbd44210c7.qloud-c.yandex.net
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=120
Content-Length: 43

Redirect headers

Pragma: no-cache
Date: Sun, 11 Oct 2020 19:18:16 GMT
Server: nginx
X-qloud-router: iva1-0ffbd44210c7.qloud-c.yandex.net
Location: /show?cmn_id=13579&plt_id=37246&crv_id=101542&evt_t=render&ad_type=banner&rnd=1150936239&redir=1
Cache-Control: no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=120
Content-Length: 0

GET
H2 200 3901860.a1acda7b946488808c8b251350373bda.jpg
banners.adfox.ru/200930/adfox/1317329/ 119 KB
120 KB 206ms
82ms Image
image/jpeg 2a02:6b8::2:158
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banners.adfox.ru/200930/adfox/1317329/3901860.a1acda7b946488808c8b251350373bda.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::2:158 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 628603a6f376431366eea134d23f55227f921c0b48d930c0058ee2ca58072de1

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:16 GMT
x-yc-s3-bucket-tags: {}
x-amz-request-id: df29cd5bea1ddb26
status: 200
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 122309
access-control-allow-origin: *
last-modified: Wed, 30 Sep 2020 16:34:27 GMT
server: nginx
etag: "a1acda7b946488808c8b251350373bda"
x-nginx-request-id: 52f7220417449353
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
x-amz-version-id: null
x-yc-s3-cloud-id
accept-ranges: bytes
content-type: image/jpeg

GET
H/1.1

200
OK

show
mc.admetrica.ru/ Frame B725
Redirect Chain

https://mc.admetrica.ru/show?cmn_id=12430&plt_id=33568&crv_id=90304&evt_t=render&ad_type=banner&rnd=2022725842
https://mc.admetrica.ru/show?cmn_id=12430&plt_id=33568&crv_id=90304&evt_t=render&ad_type=banner&rnd=2022725842&redir=1

43 B
383 B

47ms
46ms

Image
image/gif

2a02:6b8::1:254
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mc.admetrica.ru/show?cmn_id=12430&plt_id=33568&crv_id=90304&evt_t=render&ad_type=banner&rnd=2022725842&redir=1
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::1:254 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 11 Oct 2020 19:18:16 GMT
Server: nginx
X-qloud-router: myt4-8b069ff424db.qloud-c.yandex.net
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=120
Content-Length: 43

Redirect headers

Pragma: no-cache
Date: Sun, 11 Oct 2020 19:18:16 GMT
Server: nginx
X-qloud-router: myt4-8b069ff424db.qloud-c.yandex.net
Location: /show?cmn_id=12430&plt_id=33568&crv_id=90304&evt_t=render&ad_type=banner&rnd=2022725842&redir=1
Cache-Control: no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=120
Content-Length: 0

GET
H2 200 3875045.43dbb5da33366028ac242ab51d35d28b.gif
banners.adfox.ru/201006/adfox/1114733/ 67 KB
67 KB 231ms
125ms Image
image/gif 2a02:6b8::2:158
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banners.adfox.ru/201006/adfox/1114733/3875045.43dbb5da33366028ac242ab51d35d28b.gif
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::2:158 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: c2798bd01128145b130fa3a78fc67ead2a00efa2090bd8fda84e6f12d1675217

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:16 GMT
x-yc-s3-bucket-tags: {}
x-amz-request-id: 4faf888693cba4ee
status: 200
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 68448
access-control-allow-origin: *
last-modified: Tue, 06 Oct 2020 15:31:13 GMT
server: nginx
etag: "43dbb5da33366028ac242ab51d35d28b"
x-nginx-request-id: 38935fa4a73660e4
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
x-amz-version-id: null
x-yc-s3-cloud-id
accept-ranges: bytes
content-type: image/gif

GET
H2

200

ad.js Show response
lv.adocean.pl/__/_1602443896/ Frame 41EF
Redirect Chain

https://lv.adocean.pl/_1602443896506/ad.js?id=vtM2wmYVgrQ8oHZ5vhn8q22L.sA2BjtGTiRIM3ngqiv.A7/x=1600/y=1200
https://lv.adocean.pl/__/_1602443896506/ad.js?id=vtM2wmYVgrQ8oHZ5vhn8q22L.sA2BjtGTiRIM3ngqiv.A7/x=1600/y=1200
https://adlv.hit.gemius.pl/redataredir?url=https%3A%2F%2Flv.adocean.pl%2F__%2F_1602443896%2Fad.js%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DvtM2wmYVgrQ8oHZ5vhn8q22L.sA2BjtGTiRIM3ngqiv.A7%2Fx...
https://lv.adocean.pl/__/_1602443896/ad.js?hclsdata=d3i6FKSsJPakMsCZBc3TrPXe9KGqcb_fEGMhohQq7Jz.A7&hcudata=.d9lO4wgTyHlWfyy2EO.50e69Da1y799YPybhgGeUQ7.U7&id=vtM2wmYVgrQ8oHZ5vhn8q22L.sA2BjtGTiRIM3ng...

59 KB
59 KB

41ms
40ms

Script
application/x-javascript

54.38.133.137
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lv.adocean.pl/__/_1602443896/ad.js?hclsdata=d3i6FKSsJPakMsCZBc3TrPXe9KGqcb_fEGMhohQq7Jz.A7&hcudata=.d9lO4wgTyHlWfyy2EO.50e69Da1y799YPybhgGeUQ7.U7&id=vtM2wmYVgrQ8oHZ5vhn8q22L.sA2BjtGTiRIM3ngqiv.A7/x=1600/y=1200
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.38.133.137 , France, ASN16276 (OVH, FR),
Reverse DNS: ip137.ip-54-38-133.eu
Software: GAD /
Resource Hash: 78d229946f319af247edecabc6e676d2e7bb148ac637e8ec247dff55dd6506a0

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Oct 2020 19:18:16 GMT
server: GAD
vary: Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
status: 200
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-type: application/x-javascript
content-length: 60063
expires: Sat, 10 Oct 2020 19:18:16 GMT

Redirect headers

pragma: no-cache
date: Sun, 11 Oct 2020 19:18:16 GMT
server: GHC
status: 301
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://lv.adocean.pl/__/_1602443896/ad.js?hclsdata=d3i6FKSsJPakMsCZBc3TrPXe9KGqcb_fEGMhohQq7Jz.A7&hcudata=.d9lO4wgTyHlWfyy2EO.50e69Da1y799YPybhgGeUQ7.U7&id=vtM2wmYVgrQ8oHZ5vhn8q22L.sA2BjtGTiRIM3ngqiv.A7/x=1600/y=1200
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-length: 0
expires: Sat, 10 Oct 2020 19:18:16 GMT

POST
H/1.1 200
OK counter
top-fwz1.mail.ru/ 43 B
1 KB 102ms
102ms Other
image/gif 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/counter?js=13;id=337418;u=https%3A//www.pressball.by/;st=1602443896403;title=%D0%9F%D1%80%D0%B5%D1%81%D1%81%D0%B1%D0%BE%D0%BB%20-%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%B1%D0%B5%D0%BB%D0%BE%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%B3%D0%BE%20%D1%81%D0%BF%D0%BE%D1%80%D1%82%D0%B0;s=1600*1200;vp=1600*1200;touch=0;hds=1;flash=;sid=3ada3881f8761af3;ver=60.3.0;tz=-120%2FEurope%2FBerlin;ni=10//4g/0/0/;lvid=1602443896513%3A1602443896563%3A1%3Aadae53391836fcff0af23c1245be3b32;opts=dl;_=0.09729354880154406

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sun, 11 Oct 2020 19:18:16 GMT
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Access-Control-Allow-Headers: *
AMP-Access-Control-Allow-Source-Origin: https://www.pressball.by
Server: nginx
Access-Control-Allow-Methods: GET, POST, HEAD, PUT, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.pressball.by
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Cache-Control: private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials: true
Accept-CH-Lifetime: 86400
Accept-CH: DPR, Width, Viewport-Width, Downlink, Device-Memory
Timing-Allow-Origin: https://www.pressball.by
Keep-Alive: timeout=60

GET
H/1.1

200
OK

1 Show response
mc.yandex.ru/watch/3791662/
Redirect Chain

https://mc.yandex.ru/watch/3791662?wmode=7&page-url=https%3A%2F%2Fwww.pressball.by%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1602443893895%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626...
https://mc.yandex.ru/watch/3791662/1?wmode=7&page-url=https%3A%2F%2Fwww.pressball.by%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1602443893895%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A2166136...

218 B
1 KB

48ms
48ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/3791662/1?wmode=7&page-url=https%3A%2F%2Fwww.pressball.by%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1602443893895%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20201011211816%3Aet%3A1602443897%3Aen%3Awindows-1251%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A556725863792%3Arqn%3A1%3Arn%3A684838803%3Ahid%3A840907694%3Ads%3A0%2C0%2C819%2C92%2C276%2C0%2C0%2C1408%2C48%2C%2C%2C%2C2508%3Afp%3A1953%3Awn%3A55109%3Ahl%3A2%3Agdpr%3A14%3Av%3A1962%3Arqnl%3A1%3Ast%3A1602443897%3Au%3A1602443897581376875%3At%3A%D0%9F%D1%80%D0%B5%D1%81%D1%81%D0%B1%D0%BE%D0%BB%20-%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%B1%D0%B5%D0%BB%D0%BE%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%B3%D0%BE%20%D1%81%D0%BF%D0%BE%D1%80%D1%82%D0%B0

Requested by

Host: www.pressball.by
URL: https://www.pressball.by/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

cc8468a37e341ae5e77d73682915b9a4760186ccfdf88c048f5b09c8863e1344

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 11 Oct 2020 19:18:16 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 11-Oct-2020 19:18:16 GMT
Strict-Transport-Security: max-age=31536000
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.pressball.by
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 218
X-XSS-Protection: 1; mode=block
Expires: Sun, 11-Oct-2020 19:18:16 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 11 Oct 2020 19:18:16 GMT
Last-Modified: Sun, 11-Oct-2020 19:18:16 GMT
Access-Control-Allow-Origin: https://www.pressball.by
Strict-Transport-Security: max-age=31536000
Location: /watch/3791662/1?wmode=7&page-url=https%3A%2F%2Fwww.pressball.by%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1602443893895%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20201011211816%3Aet%3A1602443897%3Aen%3Awindows-1251%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A556725863792%3Arqn%3A1%3Arn%3A684838803%3Ahid%3A840907694%3Ads%3A0%2C0%2C819%2C92%2C276%2C0%2C0%2C1408%2C48%2C%2C%2C%2C2508%3Afp%3A1953%3Awn%3A55109%3Ahl%3A2%3Agdpr%3A14%3Av%3A1962%3Arqnl%3A1%3Ast%3A1602443897%3Au%3A1602443897581376875%3At%3A%D0%9F%D1%80%D0%B5%D1%81%D1%81%D0%B1%D0%BE%D0%BB%20-%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%B1%D0%B5%D0%BB%D0%BE%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%B3%D0%BE%20%D1%81%D0%BF%D0%BE%D1%80%D1%82%D0%B0
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Sun, 11-Oct-2020 19:18:16 GMT

GET
H/1.1 200
OK advert.gif
mc.yandex.ru/metrika/ 43 B
379 B 45ms
45ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: www.pressball.by
URL: https://www.pressball.by/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 11 Oct 2020 19:18:16 GMT
Last-Modified: Thu, 08 Oct 2020 19:08:52 GMT
ETag: "5f0343f5-2b"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Accept-Ranges: bytes
Content-Length: 43
Expires: Sun, 11 Oct 2020 20:18:16 GMT

GET
H/1.1 200
OK b7881372fc4.js Show response
get.5visions.com/framework/ 381 KB
381 KB 404ms
184ms Script
application/javascript 78.155.195.11
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://get.5visions.com/framework/b7881372fc4.js
Requested by: Host: serve.5visions.com
URL: https://serve.5visions.com/framework/a5.js?rnd=0.897325297921687
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 78.155.195.11 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: nginx/1.17.10 /
Resource Hash: 6e153d4878e8cb840bb1d0653d33dd612dfa58da82cb8892d401565543e7dbf1

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 11 Oct 2020 19:18:16 GMT
Age: 0
Connection: keep-alive
X-Trans-Id: 159875cf2eac6839
Accept-Ranges: bytes
Last-Modified: Wed, 24 Apr 2019 16:26:44 GMT
Server: nginx/1.17.10
Etag: "bd57a90f44c7033d2831fb53ef6e0215"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-Timestamp: 1556123203.98251
Cache-Control: max-age=10
Access-Control-Allow-Credentials: true
Content-Length: 389899
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: 389899

POST
H/1.1 200
OK 1
mc.yandex.ru/watch/3791662/ 43 B
493 B 48ms
48ms Other
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/3791662/1?page-url=https%3A%2F%2Fwww.pressball.by%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Ans%3A1602443893895%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Az%3A120%3Ai%3A20201011211816%3Aet%3A1602443897%3Aen%3Awindows-1251%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Apa%3A1%3Als%3A556725863792%3Arqn%3A2%3Arn%3A881612708%3Ahid%3A840907694%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%3Agdpr%3A14%3Av%3A1962%3Arqnl%3A1%3Ast%3A1602443897%3Au%3A1602443897581376875%3App%3A3629563401

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sun, 11 Oct 2020 19:18:16 GMT
Last-Modified: Sun, 11-Oct-2020 19:18:16 GMT
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.pressball.by
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: Sun, 11-Oct-2020 19:18:16 GMT

GET
H2 200 724_90_Liga_Na.png
pressball.by/files/banners/ Frame 05E6 17 KB
17 KB 106ms
106ms Image
image/png 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pressball.by/files/banners/724_90_Liga_Na.png
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/includes/banners/load.php?id=1078
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: d1d475161179deda9ae1fbe6055eb84239c5ab1be843a9e7a3d75c332f505775

Request headers

Referer: https://www.pressball.by/includes/banners/load.php?id=1078
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:16 GMT
last-modified: Fri, 09 Oct 2020 15:40:08 GMT
server: nginx/1.16.1
etag: "5f808458-4463"
content-type: image/png
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 17507
expires: Sun, 11 Oct 2020 20:18:16 GMT

GET
H2 200 nnnn.gif
pressball.by/files/banners/ Frame F34D 126 KB
127 KB 144ms
143ms Image
image/gif 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pressball.by/files/banners/nnnn.gif
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/includes/banners/load.php?id=718
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: f672ee06536a65917fd4c839b8f4a801c5ce0063625cc68f63090b0d5db710c5

Request headers

Referer: https://www.pressball.by/includes/banners/load.php?id=718
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:16 GMT
last-modified: Wed, 05 Aug 2020 09:56:17 GMT
server: nginx/1.16.1
etag: "5f2a8241-1f9e3"
content-type: image/gif
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 129507
expires: Sun, 11 Oct 2020 20:18:16 GMT

GET
H2 200 cyber.jpg
pressball.by/files/banners/ Frame FC0A 17 KB
18 KB 301ms
301ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pressball.by/files/banners/cyber.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/includes/banners/load.php?id=741
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 422cabaeaee05d04c96a5368687d608140a0996532bdc97608f731fe9682e483

Request headers

Referer: https://www.pressball.by/includes/banners/load.php?id=741
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:16 GMT
last-modified: Fri, 02 Oct 2020 11:48:06 GMT
server: nginx/1.16.1
etag: "5f771376-4586"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 17798
expires: Sun, 11 Oct 2020 20:18:16 GMT

POST
H2 200 extra=;
adlv.hit.gemius.pl/_1602443896945/redot.js/id=AfgwtKcpyxZ8pJKkdrdE8MVlP1K1OS9cBzun5z1CCyL.v7/stparam=ymqrqmgogo/fastid=bixtmzadcnbvimdpsjxqrjpqgtmc/sarg=5F835A78682076A5/ Frame 41EF 2 B
254 B 44ms
44ms Other
application/x-javascript 54.38.133.12
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://adlv.hit.gemius.pl/_1602443896945/redot.js/id=AfgwtKcpyxZ8pJKkdrdE8MVlP1K1OS9cBzun5z1CCyL.v7/stparam=ymqrqmgogo/fastid=bixtmzadcnbvimdpsjxqrjpqgtmc/sarg=5F835A78682076A5/extra=;
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.38.133.12 , France, ASN16276 (OVH, FR),
Reverse DNS: ip12.ip-54-38-133.eu
Software: GHC /
Resource Hash: 75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 11 Oct 2020 19:18:16 GMT
server: GHC
status: 200
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: https://www.pressball.by
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: none
content-type: application/x-javascript
content-length: 2
expires: Sat, 10 Oct 2020 19:18:16 GMT

GET
H2 200 ldt3Y37cfk_190527.js Show response
lv.adocean.pl/files/x/qbm/mjjghng/tknhntsqez/ Frame 263B 128 KB
31 KB 41ms
40ms Script
application/x-javascript 54.38.133.137
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lv.adocean.pl/files/x/qbm/mjjghng/tknhntsqez/ldt3Y37cfk_190527.js
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.38.133.137 , France, ASN16276 (OVH, FR),
Reverse DNS: ip137.ip-54-38-133.eu
Software: GAD /
Resource Hash: 4c19faac548c66e431ca0b853f5eaae2ce365c59ead1b9e009e1d60866ef4c48

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:16 GMT
content-encoding: gzip
last-modified: Mon, 27 May 2019 11:59:45 GMT
server: GAD
etag: "5CEBD1310001FF20E57E33AB"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
status: 200
cache-control: public, must-revalidate, max-age=4320000
accept-ranges: bytes
content-type: application/x-javascript
content-length: 31424
expires: Mon, 30 Nov 2020 19:18:16 GMT

GET
H2 200 stpd190807.js Show response
lv.adocean.pl/files/x/qbm/mjjghng/vceipxephn/ Frame 263B 309 KB
97 KB 46ms
46ms Script
application/x-javascript 54.38.133.137
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lv.adocean.pl/files/x/qbm/mjjghng/vceipxephn/stpd190807.js
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.38.133.137 , France, ASN16276 (OVH, FR),
Reverse DNS: ip137.ip-54-38-133.eu
Software: GAD /
Resource Hash: f123a667031e7c2efdf3dad85242db089cd8be453b08eadfa74b8f9c1316127d

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:16 GMT
content-encoding: gzip
last-modified: Wed, 07 Aug 2019 13:18:46 GMT
server: GAD
etag: "5D4ACFB60004D59FCCE94314"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
status: 200
cache-control: public, must-revalidate, max-age=4320000
accept-ranges: bytes
content-type: application/x-javascript
content-length: 99489
expires: Mon, 30 Nov 2020 19:18:16 GMT

OPTIONS
H2 200 v1
dmx.districtm.io/b/ Frame 0
0 72ms
29ms Other 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Protocol: H2
Server: 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.pressball.by
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

status: 200
date: Sun, 11 Oct 2020 19:18:17 GMT
content-length: 0
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Origin
access-control-allow-methods: GET, HEAD, POST, OPTIONS
cf-request-id: 05bab2812c0000087b9491f200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 5e0aed151b2c087b-CDG

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 263B 109 KB
28 KB 139ms
57ms Script
application/javascript 65.9.95.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.127 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 5876f68bf30a82eb99d9ec29e561f5c925ea347243c3e022021dd87823c65813

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 18:11:15 GMT
content-encoding: gzip
server: Server
age: 4022
etag: 0ef1f140246b7e0337b522d7332711d3
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=86400
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: VLhiNd9JhYXhXVoC5e9cYm1vCDhQDhqdK95Bk417Bsm5Dm2RWaujow==
via: 1.1 65dc50162b685d34f2ac712298bb090d.cloudfront.net (CloudFront)

GET
H2 200 / Show response
adx.adform.net/adx/ Frame 263B 5 B
450 B 199ms
104ms XHR
application/json 37.157.6.246
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTY4NzE0NSZ0cmFuc2FjdGlvbklkPTdjNDFkMWIyLTc0ODQtNDYwYS1iMWI3LTMxZjExMWRhMTY1Yg%3D%3D&pt=gross&stid=13d2666d-5f7b-4498-80ca-9256091c8664&gdpr=true&gdpr_consent=BO7IYi6O7IYi6AKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&fd=1

Requested by

Host: lv.adocean.pl
URL: https://lv.adocean.pl/files/x/qbm/mjjghng/vceipxephn/stpd190807.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 11 Oct 2020 19:18:17 GMT
server: nginx
status: 200
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.pressball.by
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ Frame 263B 24 B
1 KB 179ms
108ms XHR
application/json 23.210.249.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=343930&v=7.2&r=%7B%22id%22%3A%2235746366f949ff%22%2C%22imp%22%3A%5B%7B%22id%22%3A%224406d2bdc2c783%22%2C%22banner%22%3A%7B%22w%22%3A240%2C%22h%22%3A400%2C%22topframe%22%3A0%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22343930%22%2C%22sid%22%3A%22pressball.by_240x400_new_2%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.pressball.by%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22BO7IYi6O7IYi6AKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A%22%7D%7D%7D&ac=j&sd=1&
Requested by: Host: lv.adocean.pl
URL: https://lv.adocean.pl/files/x/qbm/mjjghng/vceipxephn/stpd190807.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e596ef1562133eb5a90807507ff3aa8b6dace142c14b594d0fab2fc8ef6867ff

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 11 Oct 2020 19:18:17 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://www.pressball.by
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 44
X-Akamai-Path-Stats: [3:952:68048]
Expires: Sun, 11 Oct 2020 19:18:17 GMT

POST v1
dmx.districtm.io/b/ Frame 263B 0
0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 263B 138 B
831 B 76ms
25ms XHR
application/json 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: lv.adocean.pl
URL: https://lv.adocean.pl/files/x/qbm/mjjghng/vceipxephn/stpd190807.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e98d7913f35c38d0ac99b1793ebad307ff950feea844b6938186d0ba7f376654

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 11 Oct 2020 19:18:17 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 717.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.46:80
AN-X-Request-Uuid: ec768805-a2b8-40c4-819e-71ba09c875e6
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.pressball.by
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

adjson Show response
ads.betweendigital.com/ Frame 263B
Redirect Chain

https://ads.betweendigital.com/adjson?jst=hb&ord=3161318093784102.5&tz=-120&fl=0&rr=direct&w=240&h=400&s=3201911&bidid=105893500f3f874&transactionid=7c41d1b2-7484-460a-b1b7-31f111da165b&auctionid=1...
https://ads.betweendigital.com/adjson?jst=hb&ord=3161318093784102.5&tz=-120&fl=0&rr=direct&w=240&h=400&s=3201911&bidid=105893500f3f874&transactionid=7c41d1b2-7484-460a-b1b7-31f111da165b&auctionid=1...

2 B
232 B

81ms
80ms

XHR
application/json

188.42.29.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?jst=hb&ord=3161318093784102.5&tz=-120&fl=0&rr=direct&w=240&h=400&s=3201911&bidid=105893500f3f874&transactionid=7c41d1b2-7484-460a-b1b7-31f111da165b&auctionid=13d2666d-5f7b-4498-80ca-9256091c8664&crf=1
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.29.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://www.pressball.by
content-encoding: gzip
content-type: application/json

Redirect headers

status: 302
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://www.pressball.by
content-length: 0
location: /adjson?jst=hb&ord=3161318093784102.5&tz=-120&fl=0&rr=direct&w=240&h=400&s=3201911&bidid=105893500f3f874&transactionid=7c41d1b2-7484-460a-b1b7-31f111da165b&auctionid=13d2666d-5f7b-4498-80ca-9256091c8664&crf=1

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 263B 241 B
2 KB 194ms
86ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13606&site_id=154966&zone_id=1342154&size_id=17&p_pos=unknown&gdpr=1&gdpr_consent=BO7IYi6O7IYi6AKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&rf=https%3A%2F%2Fwww.pressball.by%2F&tk_flint=pbjs_lite_v2.28.0-pre&x_source.tid=7c41d1b2-7484-460a-b1b7-31f111da165b&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.505134918690024
Requested by: Host: lv.adocean.pl
URL: https://lv.adocean.pl/files/x/qbm/mjjghng/vceipxephn/stpd190807.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: fb42b3cb4f8a71c2ba199f742898aa67c0449f0b9c2898b3fb82461510f6d463

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 11 Oct 2020 19:18:17 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.pressball.by
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 hb Show response
ice.360yield.com/ Frame 263B 95 B
512 B 119ms
31ms XHR
application/json 18.195.63.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22id%22%3A%2223b73c58cd056c6%22%2C%22version%22%3A%225.1.0-JS-6.0.0%22%2C%22gdpr%22%3A%22BO7IYi6O7IYi6AKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2214af5ffc9078b48%22%2C%22pid%22%3A%2222049678%22%2C%22tid%22%3A%227c41d1b2-7484-460a-b1b7-31f111da165b%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A240%2C%22h%22%3A400%7D%5D%7D%7D%5D%7D%7D
Requested by: Host: lv.adocean.pl
URL: https://lv.adocean.pl/files/x/qbm/mjjghng/vceipxephn/stpd190807.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.63.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-63-250.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 154d079619fcc85d15988204b0f204655ed5c4fd052e8918ab04084b7fabf865

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 200
date: Sun, 11 Oct 2020 19:18:17 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.pressball.by
content-type: application/json; charset=UTF-8
content-length: 95
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 263B 0
170 B 84ms
26ms XHR
text/plain 185.184.8.30
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: lv.adocean.pl
URL: https://lv.adocean.pl/files/x/qbm/mjjghng/vceipxephn/stpd190807.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.30 , Poland, ASN204995 (RTB-HOUSE-AMS, NL),
Reverse DNS: ip-185-184-8-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Sun, 11 Oct 2020 19:18:17 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.pressball.by
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 263B 0
146 B 29ms
29ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=19&wv=2.28.0-pre&cb=77947177645
Requested by: Host: lv.adocean.pl
URL: https://lv.adocean.pl/files/x/qbm/mjjghng/vceipxephn/stpd190807.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Sun, 11 Oct 2020 19:18:16 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://www.pressball.by
timing-allow-origin: *
vary: Origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 263B 139 B
832 B 76ms
26ms XHR
application/json 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: lv.adocean.pl
URL: https://lv.adocean.pl/files/x/qbm/mjjghng/vceipxephn/stpd190807.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

21f9630842387159da1c06f2ec116d0e57d7d6f6ea6b0418396ec8fa27eccc40

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 11 Oct 2020 19:18:17 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 717.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.44:80
AN-X-Request-Uuid: c9e2182c-d53e-4e59-aaf4-fd433c7cc8db
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.pressball.by
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 263B 0
117 B 243ms
159ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: lv.adocean.pl
URL: https://lv.adocean.pl/files/x/qbm/mjjghng/vceipxephn/stpd190807.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Sun, 11 Oct 2020 19:18:17 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://www.pressball.by

GET
H3-Q050 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 263B 52 KB
17 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.pressball.by
URL: https://www.pressball.by/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec8eda2adef141977483bfba00111c37d5b22c57573b293d9f84f3276824940e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "660 / 853 of 1000 / last-modified: 1602281523"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 17644
x-xss-protection: 0
expires: Sun, 11 Oct 2020 19:18:17 GMT

GET
H2 200 pubads_impl_2020100701.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 263B 272 KB
96 KB 58ms
58ms Script
text/javascript 172.217.22.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js?21067686

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

sffe /

Resource Hash

4d89fe878915363fb946ed51bc60593e90df39059bc1a05c717a0cd9ba5bf58d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 07 Oct 2020 08:44:07 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97676
x-xss-protection: 0
expires: Sun, 11 Oct 2020 19:18:17 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ Frame 263B 265 B
613 B 99ms
98ms XHR
text/javascript 65.9.95.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.pressball.by%2F&pid=yMm4JUYTnjeDi&cb=0&ws=240x400&v=7.55.00&t=1000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22240x400%22%5D%2C%22sn%22%3A%22%2F147246189%2Fpressball.by_240x400_new_2%22%7D%5D&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac&gdpre=1&gdprc=BO7IYi6O7IYi6AKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&gdprl=%7B%22status%22%3A%22cmp-success%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.127 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 34d910f7de0aac8c88129883dc57570c6c667f0dabff63ff88b0463ead2d9aa2

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:17 GMT
content-encoding: gzip
server: Server
x-amz-cf-pop: PRG50-C1
status: 200
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.pressball.by
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 236
via: 1.1 65dc50162b685d34f2ac712298bb090d.cloudfront.net (CloudFront)
x-amz-cf-id: r4AcH1VNtKvSAR4YjD7i-eeVoe186tJYp4_uftDmv7b-jf9KJtqDmw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 263B 6 KB
3 KB 117ms
38ms XHR
application/javascript 65.9.95.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.127 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 18:23:15 GMT
content-encoding: gzip
vary: Origin
age: 3303
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Wed, 30 Sep 2020 05:43:29 GMT
server: AmazonS3
etag: "a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 6fc3cae9692b6db972e4990be9921fae.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: MCqtZZzvvvqhcPC6JFIcPxiuusq8VoFXbAM8caIpXCxupgNNqh2QRg==

GET
H2

200

getCodeTest Show response
ads.adfox.ru/239538/
Redirect Chain

https://ads.adfox.ru/239538/prepareCode?p1=bvgrc&p2=fgou&pct=a&pfc=a&pfb=a&plp=a&pli=a&pop=a&pr=3237378649&&t=1602443897314
https://ads.adfox.ru/239538/getCodeTest?p1=bvgrc&p2=fgou&pct=a&pfc=a&pfb=a&plp=a&pli=a&pop=a&pr=3237378649&&t=1602443897314
https://matchid.adfox.yandex.ru/?url=a8075bf1c7376ab37971b6d80664e4d2ef00c49141bc042dfc0de4577ea701245d414e47844ad6813d6a71d773b21125409be45d7f572d43b671397f4fd06f7d697c584e93f6cec6971a782cf5b0ed88...
https://ads.adfox.ru/239538/getCodeTest?yandexuid=17875796620141383583&sign=f379d0883842d8b42a39df97131c29bc&rqs=AAAAAAAAAAB5WoNfU4fNyE3XMyTiugQz&matchid-br=1

123 B
486 B

83ms
83ms

Script
application/x-javascript

77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adfox.ru/239538/getCodeTest?yandexuid=17875796620141383583&sign=f379d0883842d8b42a39df97131c29bc&rqs=AAAAAAAAAAB5WoNfU4fNyE3XMyTiugQz&matchid-br=1

Requested by

Host: www.pressball.by
URL: https://www.pressball.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

a5d92025d3f548aade6b6431d5e90a27371c6310369775f9da583fea516e55f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Oct 2020 19:18:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
status: 200
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

Redirect headers

date: Sun, 11 Oct 2020 19:18:17 GMT
x-content-type-options: nosniff
status: 302
location: https://ads.adfox.ru/239538/getCodeTest?yandexuid=17875796620141383583&sign=f379d0883842d8b42a39df97131c29bc&rqs=AAAAAAAAAAB5WoNfU4fNyE3XMyTiugQz&matchid-br=1
access-control-allow-origin: *
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 0

GET
H/1.1

200
OK

Cookie set iu3
aax-eu.amazon-adsystem.com/s/ Frame EFA9
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=BO7IYi6O7IYi6AKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur...
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=BO7IYi6O7IYi6AKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur...

0
0

201ms
200ms

Document
text/html

52.95.123.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=BO7IYi6O7IYi6AKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&dl=rbd_cnv&dcc=t
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.123.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash

Request headers

Host: aax-eu.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.pressball.by/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=Aw9-twsRuE0Tu1oCrmLSTFA|t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.pressball.by/

Response headers

Server: Server
Date: Sun, 11 Oct 2020 19:18:17 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 306
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie: ad-id=Aw9-twsRuE0Tu1oCrmLSTFA; Domain=.amazon-adsystem.com; Expires=Thu, 01-Jul-2021 19:18:17 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Thu, 01-Jan-2026 19:18:17 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip

Redirect headers

Server: Server
Date: Sun, 11 Oct 2020 19:18:17 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=1&gdpr_consent=BO7IYi6O7IYi6AKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&dl=rbd_cnv&dcc=t
Set-Cookie: ad-id=Aw9-twsRuE0Tu1oCrmLSTFA|t; Domain=.amazon-adsystem.com; Expires=Thu, 01-Jul-2021 19:18:17 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary: User-Agent

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame 263B 109 B
868 B 37ms
22ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.pressball.by

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js?21067686

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 11 Oct 2020 19:18:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 263B 109 B
868 B 38ms
23ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.pressball.by

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js?21067686

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 11 Oct 2020 19:18:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 263B 41 KB
11 KB 426ms
392ms XHR
text/plain 172.217.22.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1405836046840919&correlator=3897672768023689&output=ldjh&impl=fifs&eid=21067686%2C21067702%2C21067704%2C21067445&vrg=2020100701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201011&iu_parts=147246189%2Cpressball.by_240x400_new_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=240x400&prev_scp=amznbid%3D2%26amznp%3D2&eri=5&cookie_enabled=1&bc=31&abxe=1&dt=1602443897350&dlt=1602443896943&idt=317&ea=0&frm=23&biw=1600&bih=1200&isw=240&ish=400&oid=3&adxs=1052&adys=4791&adks=4235799350&ucis=uwpqtzkga3jg&ifi=1&ifk=1263545003&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=15&url=https%3A%2F%2Fwww.pressball.by%2F&top=www.pressball.by&dssz=10&icsg=8234&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=240x400&msz=240x400&ga_vid=1681610997.1602443896&ga_sid=1602443897&ga_hid=2016786126&ga_fc=true&fws=256&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js?21067686

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

cafe /

Resource Hash

e7a10250d4e9608e6e353323f0ad1006d9c05ce3f0b4bedc5878dfe0fd668485

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10426
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.pressball.by
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
a3b99ed8deebfb4f0aa7ec97384a7229.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 263B 0
0 58ms
13ms Other
text/html 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a3b99ed8deebfb4f0aa7ec97384a7229.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js?21067686
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 263B 0
0 7ms
6ms Other
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js?21067686
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012009282107000/ Frame 2247 206 KB
56 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009282107000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js?21067686

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33901d23b88c104fc2e9d2d029542d2c89eb30dff24f698f339a175d3a4267fa

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 37914
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57253
x-xss-protection: 0
server: sffe
date: Sun, 11 Oct 2020 08:46:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0138da5df6f877a3"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Oct 2021 08:46:23 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012009282107000/v0/ Frame 2247 16 KB
7 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009282107000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js?21067686

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00e1ffbde89afc301abf43ed68bc52d7d7bae9f81d0bd93638394f4e287b12f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 37916
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5763
x-xss-protection: 0
server: sffe
date: Sun, 11 Oct 2020 08:46:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0dd94cdacc228659"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Oct 2021 08:46:21 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012009282107000/v0/ Frame 2247 96 KB
29 KB 36ms
14ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009282107000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js?21067686

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

239733db63c823ff0f27720321732ff16ae6591fd0a41b6793ee665e9226b42f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 37916
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29503
x-xss-protection: 0
server: sffe
date: Sun, 11 Oct 2020 08:46:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "59cc65a87e598f8b"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Oct 2021 08:46:21 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012009282107000/v0/ Frame 2247 4 KB
2 KB 41ms
19ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009282107000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js?21067686

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82f60467c442f1292050ac1673c3074047283bfd9ff9be7480a65fddf6a24969

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 37916
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1805
x-xss-protection: 0
server: sffe
date: Sun, 11 Oct 2020 08:46:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d5686bc7b82e539c"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Oct 2021 08:46:21 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012009282107000/v0/ Frame 2247 47 KB
14 KB 39ms
18ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009282107000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js?21067686

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f34e56bbdec33105361cc35f3805704b6d3df415b0bf044ef2a6f11764bd8a20

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 37884
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14600
x-xss-protection: 0
server: sffe
date: Sun, 11 Oct 2020 08:46:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9a6f012caf7a1c6f"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Oct 2021 08:46:53 GMT

GET
DATA 200
OK truncated
/ Frame 2247 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1558e2a3c5186f16c3e829ca8435ba20c552acf987d6a239d78d14550b5ccdff

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 12047406494566193795
tpc.googlesyndication.com/simgad/ Frame 2247 143 KB
143 KB 30ms
15ms Image
image/gif 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12047406494566193795

Requested by

Host: www.pressball.by
URL: https://www.pressball.by/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68b2afc7732127518ce1d29bac239a89f369bad8a309095f3c4caa471deb93c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 10 Oct 2020 16:05:32 GMT
x-content-type-options: nosniff
age: 97965
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 146487
x-xss-protection: 0
last-modified: Thu, 17 Sep 2020 03:31:29 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Oct 2021 16:05:32 GMT

GET
H3-Q050 200 ru.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2247 3 KB
3 KB 28ms
13ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/ru.png

Requested by

Host: www.pressball.by
URL: https://www.pressball.by/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 11 Oct 2020 12:59:55 GMT
x-content-type-options: nosniff
server: cafe
age: 22702
etag: 6726277462267614359
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3041
x-xss-protection: 0
expires: Mon, 12 Oct 2020 12:59:55 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2247 344 B
438 B 28ms
14ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.pressball.by
URL: https://www.pressball.by/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 11 Oct 2020 11:09:07 GMT
x-content-type-options: nosniff
server: cafe
age: 29350
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Mon, 12 Oct 2020 11:09:07 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 2247 0
0 14ms
13ms Image
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSI1BzHjC2il3wxYFDHyppCtYRGn6i1gKNXounKukEuonBhtWNCP1v_bgQRBudYFNepIocULlT0rmfPC01kif-VIIVgLA
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 2247 0
0 38ms
37ms Image
text/html 172.217.22.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cm7AUeVqDX9WZHNns3wPVt5ywDKqagM5flcKNrZkMv-EeEAEgjeS9KWD7gYCAiAqgAa3ciogDyAED4AIAqAMByAMIqgTNAU_QmuncLfJQTQjxNlviUDMTspVRdgzf0MuzLV0vVbosCwQ0OCP4m_HoPkOfII0dpKti9XHpWZjQHn8c9phNGq2ZKvn26X00UKVzeeko12Apxo3epSHRCAAu90KcaIDAutFONnggLAxeak04FZ3VdEQL4pHylyhkbnz0Kn9hT3MR_UkILiU6QFQ6-3xe5xeommu3Q5ZaBZy8j-N0Updx5IaCZRMWmPHEt1Vw9MIMpkpKCmufPLBWbcAIo_pnb2H9czLzRSIxsbxgzEzY4qrABP-b8suBA-AEAZIFBAgEGAGSBQQIBRgEoAYDgAeswtF4qAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcB8gcEELfZFdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tODU5NjI2NjI2NjQ0NTI5NYAKA8gLAbIMFHB1Yi03MzgzMTcxODMwNjE0MjE22BMM&sigh=-mlwNd5lST0&tpd=AGWhJmtxD3W1ywG0DirMIqVrjDPPrXlBrvWQphvsKonUcOUONw
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 172.217.22.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s18-in-f98.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

POST
H2 200 node.php Show response
node.setupad.com/node/ Frame 263B 0
208 B 169ms
55ms XHR
text/html 85.206.143.247
TELIA-LIETUVA

General

Check archive.org

Show headers Download Go to

Full URL: https://node.setupad.com/node/node.php
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.206.143.247 Kaunas, Lithuania, ASN43811 (TELIA-LIETUVA, LT),
Reverse DNS: 85-206-143-247.static.zebra.lt
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 11 Oct 2020 19:18:17 GMT
content-encoding: gzip
server: nginx/1.10.3 (Ubuntu)
status: 200
access-control-allow-methods: GET, POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 263B 8 KB
7 KB 40ms
25ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020100701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js?21067686

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d186ff38e95ed05b5d20953db617461b2a4581afe947cb29a04ac4e7445cd86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 11 Oct 2020 19:18:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6311
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 263B 17 KB
6 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js?21067686

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601061966610483"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6293
x-xss-protection: 0
expires: Sun, 11 Oct 2020 19:18:17 GMT

GET
H3-Q050

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 2247
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

39ms
39ms

Image
text/html

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Sun, 11 Oct 2020 19:18:17 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/217/ Frame 6192 0
0 6ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/217/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.pressball.by/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.pressball.by/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4867
date: Sun, 11 Oct 2020 18:44:31 GMT
expires: Mon, 11 Oct 2021 18:44:31 GMT
last-modified: Mon, 21 Sep 2020 23:28:38 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2026
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 263B 0
108 B 15ms
14ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=217&t=2&li=gpt_2020100701&jk=1405836046840919&bg=!CQqlCirNAAWqWepuqljkF4Sp0aUWQgIAAABiUgAAABQKALdNsy0BSEnKHV2mjDV8ec9Rfk1NVfCI4zvbUPNeJ9ltzrpnmf25nXGDvdVnNnXoBCdU7Aelfd0Zaw7exd6iL9Ew6CACO6GwcABV6L-BsGF5dvcEhEeXSRHFZTgvsrzDHe8nEYX1RtZ32rXvTf7yIxtolJJpVy-TfK4PKhMz5jclZOYd4JS6-krB2Fi9sFINrNFGk8m-8FYtYIYEq76Da64wxFCMzgs6QNwPK0nRrWhBEdBjx78J1qaZAd0aINGgI6Wl596wSB7kZvaPU_alKo_uF9DPMd4avgGA0Lp7Ef_WzZzoJlJfPFdEw1Lppe0YCe2gq9IWGLxY5pK0nginduM8cMyvW1lR1Z54F_bSvwXxXqSkHhO2ALAlhPOwJUy0hKuacuc6woJzVF02y0iOZBy9q6oznosAMxtoEQMIcPkfZbt0cajExDy7o66KQZnW3X_jajY0vkzGZZE7d5zfXiAcW30R8520gTevitr5pzRhs7e6TVQB2B2lRPBWAfmgnfsAsP1E7vz7jrZPvqvNUO6fYBHlEoLRUjaB4ePDFLmT9SwQzG1zW-hLUzLQjWYPUbD5gobZAuBOhKO2qF95K0OSDtSjGZYmGfTo1XSjGy2mCIdfoxG6rO97g5y2k7QeJqkBB0fBH3bj8VrwbXT01Ov-6mohat9xOzMeIEnO9vAAi08SMwx0TCaRpzK21aUC3l_Uq6Q1TryjRUf4J-TZvV8YX12VZ9b-5r1q5ss9wMBjD8gf49jm0gFVeRLKLmdce132a5fgeg4f7BxvlDZwe2KJhVzbfyTrGXm3fO5Xss2NvEcX9GNqaNr2l5HA-yE4Z4_V4UusmRw2bu8OtlTSayrSgpr9Q-BxX4VMqN8Sma3-k3EkzmimjwM

Requested by

Host: www.pressball.by
URL: https://www.pressball.by/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Oct 2020 19:18:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 263B 74 KB
24 KB 18ms
18ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: lv.adocean.pl
URL: https://lv.adocean.pl/files/x/qbm/mjjghng/vceipxephn/stpd190807.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: f72423823b8aca3ed7719ec83f569fa6936c398c486a48206226f817f60f0542

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:20 GMT
content-encoding: gzip
last-modified: Wed, 16 Sep 2020 23:57:37 GMT
server: nginx
etag: W/"5f62a671-1265e"
status: 200
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Mon, 12 Oct 2020 19:18:20 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 263B 74 KB
24 KB 48ms
17ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: f72423823b8aca3ed7719ec83f569fa6936c398c486a48206226f817f60f0542

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:20 GMT
content-encoding: gzip
last-modified: Wed, 16 Sep 2020 23:57:37 GMT
server: nginx
etag: W/"5f62a671-1265e"
status: 200
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Mon, 12 Oct 2020 19:18:20 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 18ms
17ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201007&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201007/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb4fdaf154e9117accccf67f0be60b667fedacf4311e9ce1b9da2ce24666cf59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 11 Oct 2020 19:18:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6439
x-xss-protection: 0

POST
H/1.1 200
OK tracker
top-fwz1.mail.ru/ 43 B
1 KB 102ms
102ms Other
image/gif 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=337418;u=https%3A//www.pressball.by/;st=1602443896403;s=1600*1200;vp=1600*1200;touch=0;hds=1;flash=;sid=3ada3881f8761af3;ver=60.3.0;tz=-120%2FEurope%2FBerlin;nt=0/0/1602443893895/////276/276/276/276/276//279/1098/1190/1100/2508/2508/2556/7326/7326/;ni=10//4g/0/0/;detect=0;lvid=1602443896513%3A1602443901226%3A2%3Aadae53391836fcff0af23c1245be3b32;opts=dl;_=0.31677106928303944;e=RT/load;et=1602443901225

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sun, 11 Oct 2020 19:18:21 GMT
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Access-Control-Allow-Headers: *
AMP-Access-Control-Allow-Source-Origin: https://www.pressball.by
Server: nginx
Access-Control-Allow-Methods: GET, POST, HEAD, PUT, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.pressball.by
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Cache-Control: private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials: true
Accept-CH-Lifetime: 86400
Accept-CH: DPR, Width, Viewport-Width, Downlink, Device-Memory
Timing-Allow-Origin: https://www.pressball.by
Keep-Alive: timeout=60

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201007/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601061966610483"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6293
x-xss-protection: 0
expires: Sun, 11 Oct 2020 19:18:21 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/217/ Frame 0A5F 0
0 6ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/217/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.pressball.by/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.pressball.by/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4867
date: Sun, 11 Oct 2020 18:44:31 GMT
expires: Mon, 11 Oct 2021 18:44:31 GMT
last-modified: Mon, 21 Sep 2020 23:28:38 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2030
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
45 B 14ms
14ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=217&t=2&li=gda_r20201007&jk=134891609860675&bg=!ysmlyenNAAWqWepuqljntkw9vy9soAIAAABcUgAAAA0KAa1KRRUSCEloRAseSV5Nn4bZGBgLVWKvfCp5fTn3LPx_B8qz_gkuB1-ZtU6t891fj3PLypjmSHpGlYeQtE1vQc8XMjhZRMxPhtDuDnjDTB2Y0HyF8mQ1M9N_Z-duz0zsw6eKpLnhXQuNNcw8HUZVl7KYD_Ym3fCLAmJuMaJ3hk0u7WorIEAFhr4chIffLjZNVlm373lN4azMyuj251HHlHS_5sMZ0YREYNZB-VgsUovO4rbrt2CujzByVGrx-aJ4Z279gRH8_r42QgirW7bNHgiqogHIPh6xASwVPcVlFYP-5whXhaXM5mRNeME4AzSquXQTG6fT9XgGfgidDIBdJatcEgg-ODEqgV3lddI1LeVLrPDRBWmQoMqorW6sVXMY1eodWGhAmNYe5rrDGCW32CRGNu4-UF1YCVjn8KSDAK7z4cooz1FkzSMdiZVjnEj7Q1DIptOc7zGkWgLW2VSlzgzkoefcJNsnGRaidjZER9lrXfL0q4XuerhqGan8m1iW7ot00Fzky4lMWcWAGKNvpxMNEA3lvkOSQ7QC_sibIIweuQVeI9MUc0xPzL4ou4yZAalHZvSbraV8-nH5LAmAQ9Ond5Ch5IzxczxTboUIiOqZUrMsgRyi1WBQFXcx8oplDEz5rD3Rj5U7IWI1ksykGnm2tXMA_9DOsBugWquhEAI8TagHEGS6G1ZCCWmiE2CtKSfS5w73tNgyqnGm3ufOADmk_6ZmM0J5oE1WFGWvMVDNbMGpT4odXiglvju_5BDGha8RYZehot2pztSaP89IsheA5IUrg5H2SdERMXWMk3_TbF_NcTGatQPw71jzFoKIjancwSDsmgNDYU1NQG8x7IAGP1mWJZ1FpbUPVeWnI7CHsNLtnqGWTX5mgxW638S40CkPiYXcxc5x2FovBi6pPR9dX-pFyiiZIcEEqVa_8UI36xOWHMWEdG5YMDz0eTyjix9nGn19-Hm4glvoZi5hUv--W-kI9ui-ajX77AdTzbrJzgCJlPl0a85hXGlFpi319xQMVLtQkvEJCwRPZceeEezezcOBsvlEgOYKj1wPH5E1NSMb_0ZXRwc7L6mrxurYOHBYPurwlfcaHnLuJo90IsZHVN754A8kJaqZQR4T1JTDFCtecoIluBW59Q

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Oct 2020 19:18:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 onlines_top_panel_update.php Show response
www.pressball.by/includes/online_games/ 5 KB
5 KB 77ms
77ms XHR
text/html 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pressball.by/includes/online_games/onlines_top_panel_update.php
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/js/jquery-1.10.2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 / PHP/5.4.45
Resource Hash: 308d782cb1248e3fa85b154b28a938efce2856cff6eec3b09839a3d418882294

Request headers

Accept: */*
Referer: https://www.pressball.by/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Oct 2020 19:18:31 GMT
server: nginx/1.16.1
x-powered-by: PHP/5.4.45
content-type: text/html; charset=windows-1251
status: 200
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 lithuaniaflag.gif
www.pressball.by/images/online_games/teams/ 14 KB
14 KB 67ms
66ms Image
image/gif 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/online_games/teams/lithuaniaflag.gif
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/js/jquery-1.10.2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 810be2a295d6e09f98c4f5e96b9a3892d0b3958de09439a36ddad3a7939cb08b

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:31 GMT
last-modified: Sun, 11 Oct 2020 09:46:38 GMT
server: nginx/1.16.1
etag: "5f82d47e-3657"
content-type: image/gif
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 13911
expires: Sun, 11 Oct 2020 20:18:31 GMT

GET
H2 200 belarusflag.gif
www.pressball.by/images/online_games/teams/ 19 KB
19 KB 92ms
91ms Image
image/gif 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/online_games/teams/belarusflag.gif
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/js/jquery-1.10.2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 9c4ffdd35629c912ae94edc44d85180fb47b53bf58dd2d9d851acec6f97755e2

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:31 GMT
last-modified: Tue, 10 Oct 2017 11:09:47 GMT
server: nginx/1.16.1
etag: "59dcaa7b-4c5d"
content-type: image/gif
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 19549
expires: Sun, 11 Oct 2020 20:18:31 GMT

GET
H2 200 dynamomnhc.gif
www.pressball.by/images/online_games/teams/ 4 KB
4 KB 93ms
92ms Image
image/gif 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/online_games/teams/dynamomnhc.gif
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/js/jquery-1.10.2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 0827bc9af85a299c12e306144c29e5f2add9f203e2ebd38e6c449696b5999334

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:31 GMT
last-modified: Mon, 09 Sep 2019 07:56:54 GMT
server: nginx/1.16.1
etag: "5d7605c6-e1d"
content-type: image/gif
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 3613
expires: Sun, 11 Oct 2020 20:18:31 GMT

GET
H2 200 dinamorihc.gif
www.pressball.by/images/online_games/teams/ 5 KB
6 KB 94ms
93ms Image
image/gif 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/online_games/teams/dinamorihc.gif
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/js/jquery-1.10.2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 109af6b26763a3308f98b92ba29308f455390fc3aca075b77718c3ae45bdd364

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:31 GMT
last-modified: Sun, 11 Oct 2020 09:46:09 GMT
server: nginx/1.16.1
etag: "5f82d461-1588"
content-type: image/gif
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 5512
expires: Sun, 11 Oct 2020 20:18:31 GMT

GET
H2 200 djokotennis.jpg
www.pressball.by/images/online_games/teams/ 30 KB
30 KB 131ms
130ms Image
image/jpeg 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/online_games/teams/djokotennis.jpg
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/js/jquery-1.10.2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: 9f67b02d28350cabdad0387267300f644b6517af1a69caf152d3eada3421fa8c

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:31 GMT
last-modified: Tue, 03 Mar 2015 13:15:07 GMT
server: nginx/1.16.1
etag: "54f5b3db-7866"
content-type: image/jpeg
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 30822
expires: Sun, 11 Oct 2020 20:18:31 GMT

GET
H2 200 nadaltennis.gif
www.pressball.by/images/online_games/teams/ 13 KB
13 KB 170ms
169ms Image
image/gif 93.125.48.95
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressball.by/images/online_games/teams/nadaltennis.gif
Requested by: Host: www.pressball.by
URL: https://www.pressball.by/js/jquery-1.10.2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.48.95 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-95.hoster.by
Software: nginx/1.16.1 /
Resource Hash: e256e350c11a6594159634bfdd55f8386cd53c6702fba271cb9d35019bc59726

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 11 Oct 2020 19:18:31 GMT
last-modified: Mon, 28 Sep 2020 14:31:54 GMT
server: nginx/1.16.1
etag: "5f71f3da-32cf"
content-type: image/gif
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 13007
expires: Sun, 11 Oct 2020 20:18:31 GMT

GET
H/1.1

200
OK

1
mc.yandex.ru/watch/3791662/
Redirect Chain

https://mc.yandex.ru/watch/3791662?page-url=https%3A%2F%2Fwww.pressball.by%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1602443893895%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A...
https://mc.yandex.ru/watch/3791662/1?page-url=https%3A%2F%2Fwww.pressball.by%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1602443893895%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%...

43 B
398 B

48ms
47ms

Other
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/3791662/1?page-url=https%3A%2F%2Fwww.pressball.by%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1602443893895%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20201011211831%3Aet%3A1602443912%3Aen%3Awindows-1251%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Anb%3A1%3Acl%3A113%3Als%3A556725863792%3Arqn%3A3%3Arn%3A909401355%3Ahid%3A840907694%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C7326%2C7326%2C8%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1962%3Arqnl%3A1%3Ast%3A1602443912%3Au%3A1602443897581376875

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pressball.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 11 Oct 2020 19:18:31 GMT
Last-Modified: Sun, 11-Oct-2020 19:18:31 GMT
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: Sun, 11-Oct-2020 19:18:31 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 11 Oct 2020 19:18:31 GMT
Last-Modified: Sun, 11-Oct-2020 19:18:31 GMT
Access-Control-Allow-Origin: https://www.pressball.by
Strict-Transport-Security: max-age=31536000
Location: /watch/3791662/1?page-url=https%3A%2F%2Fwww.pressball.by%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1602443893895%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20201011211831%3Aet%3A1602443912%3Aen%3Awindows-1251%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Anb%3A1%3Acl%3A113%3Als%3A556725863792%3Arqn%3A3%3Arn%3A909401355%3Ahid%3A840907694%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C7326%2C7326%2C8%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1962%3Arqnl%3A1%3Ast%3A1602443912%3Au%3A1602443897581376875
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Sun, 11-Oct-2020 19:18:31 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pressball.by
URL: https://pressball.by/files/banners/724_90_Liga_Na.png

Domain: pressball.by
URL: https://pressball.by/files/banners/nnnn.gif

Domain: pressball.by
URL: https://pressball.by/files/banners/cyber.jpg

Domain: dmx.districtm.io
URL: https://dmx.districtm.io/b/v1

Verdicts & Comments Add Verdict or Comment

311 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rubiconproject.com/	1970-01-19 13:08:02	Name: ses17 Value:
.amazon-adsystem.com/	1970-01-21 10:54:55	Name: ad-privacy Value: 0
.amazon-adsystem.com/	1970-01-19 19:26:07	Name: ad-id Value: Aw9-twsRuE0Tu1oCrmLSTFA
.hit.gemius.pl/	1970-01-21 11:31:12	Name: Gdyn Value: KlGIqMaGQMGGC8jsEXQYUqGWssGMXP8c25nSGmEo6n48M5eSRy2vlvLaojQGmsRGxRGhSfhrGGURysKGFZvGDGCBI788MG..
.vk.com/	1970-01-19 21:56:22	Name: remixstid Value: 816897981_pWtLxgJA17swVHUI7NYbsuKMtoqzxnEv3PZvX8FrkNc
.vk.com/	1970-01-19 21:59:28	Name: remixlang Value: 3
.rubiconproject.com/	1970-01-19 13:08:02	Name: vis17 Value: 154966^1
.doubleclick.net/	1970-01-19 13:07:27	Name: DSID Value: NO_DATA
.pressball.by/	1970-01-19 21:06:55	Name: tmr_reqNum Value: 2
.pressball.by/	1970-01-19 21:52:59	Name: _ym_uid Value: 1602443897581376875
.doubleclick.net/	1970-01-19 22:28:59	Name: IDE Value: AHWqTUmjuG5Y1xc_lbTWQQfpwttuw5Nvro_4exzH6dRUirgl7RYR0J-Ov-y03LnT
www.pressball.by/	1970-01-19 13:07:29	Name: bpressball[718] Value: 1
.pressball.by/	1970-01-19 22:28:59	Name: __gads Value: ID=812dde6b1fdd6059:T=1602443897:S=ALNI_MZyQh446zs4hQ3MQtXcpYwkLYybeg
.pressball.by/	1970-01-19 13:08:35	Name: _ym_isad Value: 2
.rubiconproject.com/	1970-01-19 21:52:59	Name: khaos Value: KG5HQ0E7-O-C4VY
.pressball.by/	1970-01-20 06:38:35	Name: _ga Value: GA1.2.1681610997.1602443896
.pressball.by/	1970-01-19 21:06:55	Name: tmr_lvid Value: adae53391836fcff0af23c1245be3b32
.pressball.by/	1970-01-19 21:52:59	Name: _ym_d Value: 1602443897
.pressball.by/	1970-01-20 13:07:23	Name: last_visit Value: 1602436696384::1602443896384
eus.rubiconproject.com/	1970-01-19 15:16:59	Name: pux Value: 1512%3D94484%262231%3D94484%262974%3D94484%263778%3D94484%26brx%3D94484%262249-DV360-Hosted%3D94484%26goog%3D94484%26idl%3D94484%26
.pressball.by/	1970-01-19 13:07:25	Name: _ym_visorc_3791662 Value: w
.rubiconproject.com/	1970-01-19 21:52:59	Name: audit Value: 1\|hLZGFuTafB0oiNpWXXtyd3QnVL2heOLCULf2C+hGugyD6SB0xXmhRBQd/Yt5VikMR0T/IvviFEl2+2VqRunp1VH/KItGfOsmoAnbKXJnNIZL9IecbUK2Ls5CNc8jEt1U9HV7Xv/Tlzao3sCgVMC1PidLyMRN9HSxLMuTXm+d9TBJyZ9GMPQW2mKoMJ+CxyRxKrglNFRnbLDPBTcHW5/GVuvU6BZFA4m9k2AMo9dPk47UDYp+KWJsyvf84IgRUUZ4hfRRNDZTArsdbseoANGvXNX1V80FeCMY
.rubiconproject.com/	1969-12-31 23:59:59	Name: rsid Value: 1\|G9C2NkZC7frDQSirzNt8MRPvuJlRI6aSli1gEtfhZ1co9sDCaATiL5HZCu3J57KMG3OusT2oC2DGEEDAVUn7QFqq8GxbuRhZpEEVM57hFh5K9zXGU6NbOrWuFfy3ODDDQuXOwEMwY3qfyPkubqhWx4UlaeyeKRPBSOkKrQ==
www.pressball.by/	1970-01-19 13:07:29	Name: bpressball[741] Value: 1
www.pressball.by/	1969-12-31 23:59:59	Name: b Value: b
.pressball.by/	1970-01-19 21:06:55	Name: tmr_lvidTS Value: 1602443896513
.pressball.by/	1970-01-20 13:07:23	Name: __gfp_64b Value: d8i7VUPI5xLEI1ddXyXA6XUQBs79Vgjjxkz18W1tlNf.37
www.pressball.by/	1970-01-19 13:08:50	Name: tmr_detect Value: 0%7C1602443898875
.pressball.by/	1970-01-19 13:07:23	Name: _gat_gtag_UA_907061_1 Value: 1
.pressball.by/	1970-01-20 13:07:23	Name: top100_id Value: t1.-1.740018225.1602443896375
www.pressball.by/	1970-01-19 13:07:29	Name: bpressball[1078] Value: 1
www.pressball.by/	1969-12-31 23:59:59	Name: pb_lenta_page Value: 1
www.pressball.by/	1970-01-19 13:36:17	Name: bpressball[userid] Value: 1011212405
.pressball.by/	1970-01-19 13:08:50	Name: _gid Value: GA1.2.304423187.1602443896
www.pressball.by/	1969-12-31 23:59:59	Name: PHPSESSID Value: r7nqkvecnonr1a51m4otrdm517

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.pressball.by/(Line 1) Message: stpd: cookie lib's missing
console-api	info	URL: https://cdn.ampproject.org/rtv/012009282107000/amp4ads-v0.js(Line 420) Message: Powered by AMP ⚡ HTML – Version 2009282107000 https://www.pressball.by/

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a3b99ed8deebfb4f0aa7ec97384a7229.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
adlv.hit.gemius.pl
ads.adfox.ru
ads.betweendigital.com
adservice.google.com
adservice.google.de
adx.adform.net
an.yandex.ru
as-sec.casalemedia.com
banners.adfox.ru
bidder.criteo.com
c.amazon-adsystem.com
c.bigmir.net
cdn.ampproject.org
counter.rambler.ru
dmx.districtm.io
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
forum.pressball.by
gaby.hit.gemius.pl
get.5visions.com
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
ib.adnxs.com
ice.360yield.com
kraken.rambler.ru
ls.hit.gemius.pl
lv.adocean.pl
matchid.adfox.yandex.ru
mc.admetrica.ru
mc.yandex.ru
node.setupad.com
pagead2.googlesyndication.com
prebid-eu.creativecdn.com
pressball.by
rtax.criteo.com
securepubads.g.doubleclick.net
serve.5visions.com
static.criteo.net
stats.g.doubleclick.net
top-fwz1.mail.ru
tpc.googlesyndication.com
userapi.com
vk.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.pressball.by
yastatic.net
dmx.districtm.io
pressball.by
104.16.68.69
149.202.199.193
149.202.222.105
172.217.22.98
178.250.0.166
178.250.2.131
18.195.63.250
185.184.8.30
185.33.220.240
185.64.189.112
188.42.29.196
193.239.68.97
217.69.133.145
23.210.249.164
2a00:1450:4001:800::2002
2a00:1450:4001:806::2001
2a00:1450:4001:809::2001
2a00:1450:4001:80b::2003
2a00:1450:4001:819::2001
2a00:1450:4001:819::2008
2a00:1450:4001:81b::200a
2a00:1450:4001:81c::2004
2a00:1450:4001:81f::200e
2a00:1450:4001:820::2002
2a00:1450:400c:c00::9c
2a02:2638:1::13
2a02:2638::3
2a02:6b8:20::215
2a02:6b8::16b
2a02:6b8::1:119
2a02:6b8::1:254
2a02:6b8::2:158
2a02:6b8::90
37.157.6.246
52.95.123.167
54.38.133.12
54.38.133.137
65.9.95.127
69.173.144.140
77.88.21.179
78.155.195.11
81.19.89.16
85.206.143.247
87.240.129.187
87.240.190.72
88.212.242.60
93.125.48.95
025ba6317c2fc1c494de0f4ed304716141cbed9d71cd5f0ffa248d32bc0d4845
035e1b51e82fb7a76fa7636ab0f527dbdc4f87988d2bc7ce51192e3acb8bb384
046f827394d44ced9e184a404d7185f4ad47a3ac0ea3262ae4290e8e85f877a3
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
050a0b0c52010818354791d16eadbca1d40116b79fd44619f71a80a3e8be80aa
061fa08931be3ff5d9584eac335756bba709a981d2eb121f737cef7ae681ab82
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07645c4fdabacc44a9681c55155845dc1a303fb4977f300170422011c7d9bed4
0827bc9af85a299c12e306144c29e5f2add9f203e2ebd38e6c449696b5999334
0d676146368d9077c8e078a6760042edbfe272923f4f51640b400ad7bb13a445
0d7e358637c1b1caa66949aefc529c1e4488923f99e499d6be09eb8cdd0b4202
0e886ea82d6a0168e867097800c1a9804f9c6cbf6c7f15c4508f4c8f09c9a54b
109af6b26763a3308f98b92ba29308f455390fc3aca075b77718c3ae45bdd364
13124019ccbc289f9c8f3da9b6de802fbb0e35ae64cebd50e0ba8672e0ad4467
140d5b9c52ab717a530a2bad61046495da53dd7646b288f3b0cedc1ddff633ba
150b52647617552fc95e1212e93a33732857002300f5b43dd31362854b66dfba
154d079619fcc85d15988204b0f204655ed5c4fd052e8918ab04084b7fabf865
1558e2a3c5186f16c3e829ca8435ba20c552acf987d6a239d78d14550b5ccdff
170a2eed52fcb80b806c61179828c10f4037e4fd124fa33e764d51dad96336a0
18dd50f734f99a70439e6c37088c7325e58701664e34822ef2a26ba73142175d
1a7057d2179154be0579e8da4224b87836dc37c41196ec12aa18fe85dc92e843
1cc89eb1f9b2155eec160dfebf1475915e6389c4071a2e8b4b702e5d77827a35
1cdf84e8093109196b005fd48107d4629780ba841b63eb3f5d9290a7216fabb1
1d01297f85bbbf442d1c48ab231fed46be0680b122910dd634384d005c55772b
1fb92d46c67342891a156b98ab5efbba851fa9ca08abc41a389fb911db8da42f
21f9630842387159da1c06f2ec116d0e57d7d6f6ea6b0418396ec8fa27eccc40
22cddb8bc88e73b5d62815a4d32457e35b9593732dd63efe8ec88867883a0725
239733db63c823ff0f27720321732ff16ae6591fd0a41b6793ee665e9226b42f
23c534ff5f0e96acba25728cfeec06d327ebeeacf8386b6825a3a772deb1a5ce
23dcb20fce86f3a482e272a63e8cb5390be6d4c45a9fa666adaa45f823a977c7
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
28e68c5bfd7b1db83bcdad899fef6194afbcc93be80273fd541a25dc9dca93c4
290563dd8fe45c2bc034efaa00fe109a2c2fb1e7dba720c551730d29271253b7
2999e8c677a780af458253481decd504d1cf7caa22078f247809e812520bee1e
2ef093718c72d0c418a16aec8dc20466ab93bd0aeba94d07a9250ae85bb9439f
308d782cb1248e3fa85b154b28a938efce2856cff6eec3b09839a3d418882294
30b8e638895372576575fef15e9b5245178bb5dd39f1d255209b38d15d9d880d
30edf3ec7ac8d120ee429983c5cd9db47b6c5812c04ba08131194b743f0a649c
331aaf1ed3ca730719fded85b091d21aaaac62687b9dcee5e94521bb16273951
33901d23b88c104fc2e9d2d029542d2c89eb30dff24f698f339a175d3a4267fa
34b2f72350c7bec4a70ae51cac947dedeb1e67b31188b3b74603f1de9be3b58f
34d910f7de0aac8c88129883dc57570c6c667f0dabff63ff88b0463ead2d9aa2
35810161883915b883374e38ab983ef00f4e61c7b82ac734e6320e3744532b24
3697b46ba29b283feb70ca4ee86f27b69dba78f926f77af4800b2604096874c7
36f7816d217fb48f59a0583215eb40f29baf4e0171636d4cfdf1dbc7f4c89b0f
37dd56e2f18648193347fda8e7e3692a267f685f4db4175502321a61a1c6d279
3914e58caa66f5d3d78732cc1ca6e3a1c4c1028e4b341ce00e9e5f6595229d8b
3a7efa1caa90f0d9d3d9dfaaf093aeb6e55d33b17c306f96407f9072cba1e05a
3adf931d9fee0be8fde7b0d2fea592e2a8e6b25ed21eb9c6e384b443239b720f
3ae620bf3f599e0168ffa4fc4778d68693e6060bfa5d1a784e5eb57b17d0160c
3bcdc088b18181ef5bf018f691a0f72072118a945521e485d124a3e8861522d0
3c2052ea87b93d7d554f826f8c00507a7b6031cdac0d08bab959c5b20b6faf6a
422cabaeaee05d04c96a5368687d608140a0996532bdc97608f731fe9682e483
44c0854cccb5792da45ea85aeabe3432660ae517f529b78dd4796d6706032c87
48f8b760cc0239caf0289aed4b30c90bd48ae9a70196ce07f63f3526a7c846a8
49b86d1e6d85fce37a4e4ddc1c7488c77f79212808269e34c9d728a76ea1e5a0
4a29a59d0e34cc7385091029f9b0d2a58b61537cf1493974111368806ef7d0f5
4ac3dd5ac000853b62b97d54f472d469a84c433737453beefcab67b365823292
4c19faac548c66e431ca0b853f5eaae2ce365c59ead1b9e009e1d60866ef4c48
4d89fe878915363fb946ed51bc60593e90df39059bc1a05c717a0cd9ba5bf58d
4d9aeb65bf635ce65fc79a7d4db008a74e97be4086da6f73fdcf1db029b312fc
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f9d10820838c5786accb71b5414cd055563eaec658fcc69c9ee9780a46dc8c0
4fe178ccbbe5005cdaa54d82d6e23ae29188ecdf6f593957d2007c567ab70e88
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
54399702a086d322ca7249be63a92db4f1b9f84733c4418bb86e8f95aa02b7fb
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56070fc894f364c731974f1d599caab332ad5cba79b5a83f8792b8ce2ca5e82e
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
57188db6b78f3bc778063fdc1285fbca0a26e15f23db1e2e22dfa05cce03c06a
58724cf9d89f1cadc735e143b46330c4b7fe0359cfccb2020431f63781d5bc20
5876f68bf30a82eb99d9ec29e561f5c925ea347243c3e022021dd87823c65813
59d406674388c9b2f6a46548b92e855b9305c02f4a084fea6fdab31eaeccdf91
5a26d0e5af049158ba27928e3a598431a882ebe28c96dad82f7b06d109cc67ff
5a8757fc1023cd20f4e8fb0827420eb54590aec05b30a85f44e2f7813e960259
5d0ac39008fb0e15f5249ce3aedcb5a5f6a02ce4dbd1f060bbffd2ef33ef10c6
5f068d3ea2bd3af50f400f17f9914fced4fbacf9e2dd24b9ec863e7af44c39fb
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
615e3c04341a27c6c15d9a1a7f9e55f600d2a78b89faa58ae32d7210726e777c
628603a6f376431366eea134d23f55227f921c0b48d930c0058ee2ca58072de1
67a822804f2f3edeba16712ce319c0ae10f3665819dd3166cbdf4f47455f4f2b
68178acb82b6789c5e6853d1c9c383e701ee7ef1c418f0f1459b71d20ef1214a
687997d0801da8a7e3b773b9ee45213d19c2950ba013ced7536bbefa7cd24285
68886d14c3b7fdd72413db0876cd6d81a34c301911a1fe971abddcc906e28eb7
68b2afc7732127518ce1d29bac239a89f369bad8a309095f3c4caa471deb93c9
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d186ff38e95ed05b5d20953db617461b2a4581afe947cb29a04ac4e7445cd86
6e153d4878e8cb840bb1d0653d33dd612dfa58da82cb8892d401565543e7dbf1
6f1d7d418d1f561064b1d14af8a2aac97ab2d43471b04a54aebecbd22774cdde
6f48b93fa3511914e8341e76f35ede92e230e163cee282409b8a59afbcf1060f
6fd4719620b6786e6f3043f486831b65938700191c1549cf682bee4e14dceb64
722c60d5b023f4b9c82e16dfe825900d2b84bc1cdd43b133a85d62182516bc3a
72bd8b466238a0f2383d8377d61f68e74e18ab4cc87a0e16527a93b8964dc904
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070
788ffd8d78b5cadf6040b64704a2057b3a150f52d9b2f54281089010b9427d0e
78d229946f319af247edecabc6e676d2e7bb148ac637e8ec247dff55dd6506a0
7a597af6f9b2b8c56c73a1eda94b2fbb3db6d7e7d0579a85908852d840a21391
7a805f3bc585b7bf1ae6c3d63c2fee4250f6e28d8b2e6c4f9f881f316fec4dbf
7ab425fba57326efdb31739a80cebf152392a64cf8c3ec4700380f86236e724f
7e5169cb3bd2c57c6068903625a0c60ea001a13c94b6bdde9ae23aa9271ea39e
80616693b9f122775f8f423986414e4888e0c33d77471f80bd07775fa550ad7e
810be2a295d6e09f98c4f5e96b9a3892d0b3958de09439a36ddad3a7939cb08b
82f60467c442f1292050ac1673c3074047283bfd9ff9be7480a65fddf6a24969
867306e5961c27739ebf16d220cac0fa3d74a497970dc558a9ff1f417c0af9df
88631669cdc4c296caa61b7a17c74cbe5f3d1482a127707a10250df99a75fa6a
896d9a69a88aa5932649b05009b8472353e56fc727e0369121a2803deca11a64
8ade6740a1d3cfedf81e28d9250929341207b23a55f1be90ccc26cf6d98e052a
8b554718a15cdb7c04a53814dbd63a34828249fa85a582c01e14bd2ad22aa016
8dae36c54788af5a216d846f850188cfa7eada21e62c53a5f49e6b94fac15d09
8e00a38bdd23ab071240b7363fc5b4e33dc1e9698c0b7ac03b0317a2092fc72b
92bbddbd4b6894006dcf9d758f2c36e6a321c35cdcee1e2edd053a515b673389
94217ee7990c505fb77ceff70625ee8b87a250a7109adafb79c29278b543c484
9474cb31a62e3c11af952cb07b597fb988c49ba926f07b76c4f129bf0a56f3af
947cb317c108b9de68063d38aca78b009099fd45171025e7391c0d9184739afd
947ea00e9bc76cdacb7ab495c6d3160f9735364e039c5068491f8a96613eb332
94a2787f8c811df5cac10e481e8e47a778b52d875cb78f353aed9d5f1c2561a6
9642797aac41b5cf8b182999f727b92ed4e56d1842335523be1aece34ac41d7f
978034dd9638a316e3c8681ab1bf4662d53f8b877c58ef6befd430ecc58dacb9
97878fe554e3152c210f83ac8a859b687da9c1689e23eaf22cd88ffd307a810d
97a06cb0f953c60bdcb315f1eba2d02d9132e8837892ebdc4467fac05ef5b40f
98eca7a11b3265e2520bc15f05a14ed7cc6d6d150f7ff6164992cac69b1bbb3a
9b594112a2035d81cdcca118980d9848e900b6eb87d6cac9c05a5a51ad9fadd6
9c4ffdd35629c912ae94edc44d85180fb47b53bf58dd2d9d851acec6f97755e2
9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085
9f67b02d28350cabdad0387267300f644b6517af1a69caf152d3eada3421fa8c
9fc532d7c2af23c8cbdedf77c86c2f57c0619269f5dfffec614029d0cd8f55af
a0e89bf9070896e8016be5d04a290635ea0a95e9c8bc6dbfcd3ee45bc41fc5a0
a3b0793388ca7df69b4ad8824bba1c4468cbc8ef37ff3190987565e4b7758256
a3cc3b7923c89f824abbc3a567ab1b5b536f76ba1c15ea15b144f2559abd0c28
a52dc9312510f27346b60d4c707d93fd854df79003974065081d35865cca195f
a5d92025d3f548aade6b6431d5e90a27371c6310369775f9da583fea516e55f7
a78f24a9fc7a2539f65e5f0e4e6ad19214f9013907cec251bae8a4fce8135a0c
a7d63d1b7e876e64564994f11fd6f0957dfaff93acc4bbf63104b3b7453752eb
acfc532ff1458e9a18b6d57d558efaf9bdcb6c925b2a20e9aae92ae3dafd7809
af0c32b2d6cdfda89dbba11cbe5e65c04bf18c947491c222a2c632bc474f2b5e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b469d1efc18c27ab1435bda107ca0e0616f8ec54fa1b6f679da0925ff02321d2
b5499e7b50b8bd8bdb035b2dc2eb22a50999fe4db8cb0365fe18ab03fe3ab341
bc1b577a8c2658099cc1dbf0cfa93fa014b705598e775d6d32381b3f00b6e2cb
bc7a43d8fe441e67d4d72f794e74a7678401e024335a98a73f62122752bffc24
bd9f3b1809b68374077d15f2b6822bcacc60b31f23ef70d2df47593612e0a739
bfac2a7bb59e3449e42f9a0311036be469ab0688f055a7c3a0fdea2853a66123
c00ad371639e3a5dae3520acb27a311573843137ee8fbb96a5fb1f57cb75f6d5
c05bd3722391eecae423d3eaba6dace7623d8d7a5b9dfb6afa0ae849b7b9ee0a
c16b2aa9a060ef8e4ff2063aee714f7185fb12c3b30efd98368dcb53f622d4ab
c2798bd01128145b130fa3a78fc67ead2a00efa2090bd8fda84e6f12d1675217
c3048ab359f9c88a2bfd3549fe53ec276b4239743b196da9f91b2fcd71190a46
c471312e18a648891fd9e7ba758bf7a5d0f96eb6e3714e5e39d6b8ec080705cc
c60e9724a2b9cc909a393e6e5e8be6e06fafdb21e631b4d54bb8be54ca0010f1
c8bb775ad824dd6455bb8ae77889bc3f71450478224e194df79c50e1d62def96
c8c62e326fe23902b804157530a585a1328cc76fb238d65760bdd378e7d888f5
c9d33c599ec0c82d89aa84b2e57bf8f16e4cea96f8f59f8b5e7d0f461941c6d5
c9d355e1a65a6bb97cd4af5a0fe10a9e0169fd568cd00a0f35a2bd82e8c4bb80
cbcfa6eedd36e9b145ad69f824dd5eec2f39dc147db2562f39d433603a5ecaa7
cc8468a37e341ae5e77d73682915b9a4760186ccfdf88c048f5b09c8863e1344
ccdeedcf8cca02b7e1b7f00ce971eec441bab4d56867e97a74ea8f1a09f9fb8d
cd42f9c2a8d433418688deac61ccef3d3c9fde39e34633fba07c3829d7900d43
ce7f28d2e2c8dafdd88dba5642e478b4ac2648103b6b98750c7aff6fa521c44c
d00e1ffbde89afc301abf43ed68bc52d7d7bae9f81d0bd93638394f4e287b12f
d0b040b4bb7be7ed043dac503e6f830d7a5f7b61b1f5ceb1546859eda4739394
d1d475161179deda9ae1fbe6055eb84239c5ab1be843a9e7a3d75c332f505775
d543ad03826abe9cd9ab8a009ac3aa5b0be7cb3b462a4b49bdf93656d14d9e31
d54fc9d17c661c74783edc712e7b29c19da3ab2d21eeebd4a84f56ba0cc515f1
d8806a29d30f19a988702e593d2a62976114c7a58dd541c6c0c48fc0457af944
d9e96adaae693ef1bf5f438939164b81de1366b129e3aa472c8794dc600e4530
daf9a8b408c4671c6997b8ee49884afe106cf45307bc8a4b3cbdac4616a9840e
dba77596ce779eae96646958c679b668e9cd2db394f14919de0b88b7dd8f1516
dd74421b37394d0f2f6877902cfba680b2a2ea10b62afa5abdbdc15f21bcefa1
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df840ee980141f9c25c8df18df44ba29617a83fd28d2adf69f414bf6633c77a3
e02f8c8d7959fb33c45b5aa5eec25c20ca3bb596d4a8dfc58f3873b7ba935e18
e083f82df7620601562fb047b689a6da8097bca2ae39be69925ea09ff65e0e31
e1825b9553f829d9e056b9930feef63761b8d7de8458c84b9e020af2841ae1b1
e1908e6bac19466a5fb379b8a849ccd812d71c97306d4c54648a9e74a4b1d7dc
e256e350c11a6594159634bfdd55f8386cd53c6702fba271cb9d35019bc59726
e3abbf340f511ea0d8a61f4a303f0d3a772d8365a8ff770935859e3142cd84ea
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e482d567fd381a7a61be8488cfd52b488738679acfad720240ff64d0c9bffe0e
e596ef1562133eb5a90807507ff3aa8b6dace142c14b594d0fab2fc8ef6867ff
e746acff3518f3f03ab39b793c800d734fabc08b66fd7d6ad894ff757d03bc9e
e7a10250d4e9608e6e353323f0ad1006d9c05ce3f0b4bedc5878dfe0fd668485
e98d7913f35c38d0ac99b1793ebad307ff950feea844b6938186d0ba7f376654
ec1a0451aeb1449a70556af9e9d587f957677930b34fd7120928826c87a2e93e
ec8e3028a580b73e31e5d09e67e1d9e82d0056cbf7a9fb0196ae5be9e5fd8d64
ec8eda2adef141977483bfba00111c37d5b22c57573b293d9f84f3276824940e
ee9a3f83986e785303048517f3548aceb5ba9f8026435c6b063bc455d22a16cb
eefe7d7cc8c34d83915e9170c23d3399e518f3c989e65d5a0fddadb7cc631c55
ef89e61e86643477ffd58da53671fa70ac32f70fdf0ee95195730687a1864ac2
f0c3b5c5a386f4a1b168734be9f5f2d3c73b90aae1f797d88e90f8209018c156
f123a667031e7c2efdf3dad85242db089cd8be453b08eadfa74b8f9c1316127d
f20d21084cc0277e6ec1be9ac2e41b8dcf758bd5e7ffb4c899c34a50f382571d
f34e56bbdec33105361cc35f3805704b6d3df415b0bf044ef2a6f11764bd8a20
f36a0659b60462ae7cd1f37cda1dd4d32a9cbe1a6817428fc9ae220f601bd01d
f49e14cfc13c4c8bc4eafabf6a1e7856b38e1223137bd868b9c7bf3d5f471021
f5fd4b1b9ef9867afbb779e7d7a43573d489b97ab36873519e37d66fdf961562
f672ee06536a65917fd4c839b8f4a801c5ce0063625cc68f63090b0d5db710c5
f6f8c3ef7005285959b978ce559e1e74de0ac4888c2ba223053b10b641da6758
f72423823b8aca3ed7719ec83f569fa6936c398c486a48206226f817f60f0542
f910077c6e9a0a6474024272cc298d511c399a3451d30e97bfbbecddf92ba95a
fb0095b7a610d00b153051a168958f8b97ef264e17047a35105ea0f4db7a4ad8
fb42b3cb4f8a71c2ba199f742898aa67c0449f0b9c2898b3fb82461510f6d463
fb4fdaf154e9117accccf67f0be60b667fedacf4311e9ce1b9da2ce24666cf59
fcd633f5e6b40a3143f905708496e332ceb8a9ce63631d16a5a7eab322c194e7
fcf91961219fc00eb6c889923495444789be07f19c64d411dba4ec70fb095b59
fe52fb641901765a556a6fabcd09562afc9ba99dc674582a9de3fff261c385cc
febd8dc1cf86857fe92ee4b6b715ac5d5663b9b1e43978fb977b832bd97f00ec
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6

www.pressball.by Open in urlscan Pro 93.125.48.95 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

256 Requests

98 %HTTPS

40 %IPv6

36 Domains

53 Subdomains

47 IPs

14 Countries

6378 kBTransfer

9368 kBSize

35 Cookies

31 Outgoing links

Page URL History

Redirected requests

256 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.pressball.by Open in urlscan Pro
93.125.48.95 Public Scan

Screenshot
Live screenshot

Full Image

256
Requests

98 %
HTTPS

40 %
IPv6

36
Domains

53
Subdomains

47
IPs

14
Countries

6378 kB
Transfer

9368 kB
Size

35
Cookies

256 HTTP transactions
1 data transactions