afn.by Open in urlscan Pro
62.173.140.157 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://afn.by/
Submission Tags: analytics-framework
Submission: On April 20 via api (April 20th 2023, 4:27:00 pm UTC) from US — Scanned from DE

Summary HTTP 213 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 53 IPs in 13 countries across 62 domains to perform 213 HTTP transactions. The main IP is 62.173.140.157, located in Moscow, Russian Federation and belongs to SPACENET-AS Internet Service Provider, RU. The main domain is afn.by.
TLS certificate: Issued by R3 on April 17th 2023. Valid for: 3 months.

This is the only time afn.by was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	62.173.140.157 62.173.140.157	34300 (SPACENET-...) (SPACENET-AS Internet Service Provider)
9 17	2a02:6b8:a::a 2a02:6b8:a::a	208722 (GLOBAL_DC) (GLOBAL_DC)
20	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
5 18	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
5 25	167.235.177.246 167.235.177.246	24940 (HETZNER-AS) (HETZNER-AS)
2 2	193.3.184.200 193.3.184.200	50214 (QWARTA) (QWARTA)
3 3	193.232.148.141 193.232.148.141	48061 (UMA-TECH-AS) (UMA-TECH-AS)
2 2	195.209.108.56 195.209.108.56	52007 (ADRIVER-AS) (ADRIVER-AS)
2 4	81.222.128.215 81.222.128.215	20597 (ELTEL-AS) (ELTEL-AS)
1	2606:4700:303... 2606:4700:3032::6815:3b42	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	37.230.131.16 37.230.131.16	200197 (HYBRID-PO...) (HYBRID-POLAND)
7 10	185.15.175.145 185.15.175.145	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
2	116.202.85.93 116.202.85.93	24940 (HETZNER-AS) (HETZNER-AS)
3 3	148.251.236.118 148.251.236.118	24940 (HETZNER-AS) (HETZNER-AS)
1 1	185.147.80.35 185.147.80.35	41722 (MIRAN-AS ...) (MIRAN-AS Miran DC)
2 2	212.76.129.181 212.76.129.181	42632 (MNOGOBYTE...) (MNOGOBYTE-AS Moscow)
2	87.242.89.90 87.242.89.90	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
1 1	87.242.93.185 87.242.93.185	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
4 5	188.42.196.115 188.42.196.115	7979 (SERVERS-COM) (SERVERS-COM)
1 1	176.122.21.139 176.122.21.139	48096 (ITGRAD) (ITGRAD)
9 9	217.66.147.39 217.66.147.39	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
4 4	213.87.44.187 213.87.44.187	13174 (MTSNET Mo...) (MTSNET Moscow)
1 28	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
2 2	49.12.83.94 49.12.83.94	24940 (HETZNER-AS) (HETZNER-AS)
2 2	185.196.197.130 185.196.197.130	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 1	65.109.65.187 65.109.65.187	24940 (HETZNER-AS) (HETZNER-AS)
1 2	217.65.2.150 217.65.2.150	3175 (CITYTELEC...) (CITYTELECOM-MSK)
3 4	89.108.119.28 89.108.119.28	197695 (AS-REG) (AS-REG)
2 2	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
2 3	188.42.105.220 188.42.105.220	7979 (SERVERS-COM) (SERVERS-COM)
2 4	31.172.81.158 31.172.81.158	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
3 5	31.172.81.160 31.172.81.160	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1 1	188.120.241.50 188.120.241.50	29182 (RU-JSCIOT) (RU-JSCIOT)
1 2	23.88.12.14 23.88.12.14	24940 (HETZNER-AS) (HETZNER-AS)
1 1	23.111.107.44 23.111.107.44	39134 (UNITEDNET) (UNITEDNET)
1 1	167.235.14.51 167.235.14.51	24940 (HETZNER-AS) (HETZNER-AS)
1	77.245.57.72 77.245.57.72	36057 (WEBAIR-IN...) (WEBAIR-INTERNET-MTL)
3 3	167.235.117.42 167.235.117.42	24940 (HETZNER-AS) (HETZNER-AS)
2 3	83.222.105.70 83.222.105.70	42632 (MNOGOBYTE...) (MNOGOBYTE-AS Moscow)
3 3	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
5 5	89.108.127.68 89.108.127.68	197695 (AS-REG) (AS-REG)
1	2a00:1148:db0... 2a00:1148:db00::17	47764 (VK-AS) (VK-AS)
9	2a02:6b8:20::215 2a02:6b8:20::215	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2a00:1450:400... 2a00:1450:400c:c0a::9a	15169 (GOOGLE) (GOOGLE)
2 13	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2 8	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:6b8::184 2a02:6b8::184	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2a02:6b8::36 2a02:6b8::36	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:6b8::5:114 2a02:6b8::5:114	208722 (GLOBAL_DC) (GLOBAL_DC)
1 1	35.177.4.157 35.177.4.157	16509 (AMAZON-02) (AMAZON-02)
1 2	54.154.173.64 54.154.173.64	16509 (AMAZON-02) (AMAZON-02)
3 5	18.200.127.67 18.200.127.67	16509 (AMAZON-02) (AMAZON-02)
1	52.45.175.185 52.45.175.185	14618 (AMAZON-AES) (AMAZON-AES)
3 7	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
1	85.111.6.50 85.111.6.50	9121 (TTNET) (TTNET)
1 1	2001:6d0:4001... 2001:6d0:4001::226	52016 (TNSMSK-) (TNSMSK-)
2	37.18.16.21 37.18.16.21	205675 (HYBRID-AS) (HYBRID-AS)
2 2	188.72.109.103 188.72.109.103	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
1 1	130.193.58.13 130.193.58.13	200350 (YANDEXCLOUD) (YANDEXCLOUD)
1 1	91.192.150.14 91.192.150.14	42481 (BEGUN-AS) (BEGUN-AS)
1	2606:4700:20:... 2606:4700:20::681a:f45	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	95.217.109.66 95.217.109.66	24940 (HETZNER-AS) (HETZNER-AS)
1 1	188.72.107.194 188.72.107.194	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
1	95.163.52.67 95.163.52.67	47764 (VK-AS) (VK-AS)
1 1	188.120.241.47 188.120.241.47	29182 (RU-JSCIOT) (RU-JSCIOT)
12	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
3 5	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3 4	185.89.210.122 185.89.210.122	29990 (ASN-APPNEX) (ASN-APPNEX)
5	2a00:1450:400... 2a00:1450:4001:82f::2006	15169 (GOOGLE) (GOOGLE)
2	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2 3	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
213	53

11 62.173.140.157 (Moscow, Russian Federation)

ASN34300 (SPACENET-AS Internet Service Provider, RU)
PTR: afn.today

afn.by	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a02:6b8:a::a (Moscow, Russian Federation) 9 redirects

ASN208722 (GLOBAL_DC, FI)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a02:6b8::1:119 (Moscow, Russian Federation) 5 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.by	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 167.235.177.246 (Germany) 5 redirects

ASN24940 (HETZNER-AS, DE)
PTR: hz2024477.sapientru.net

www.acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.3.184.200 (Russian Federation) 2 redirects

ASN50214 (QWARTA, RU)

ssp-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.232.148.141 (Russian Federation) 3 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp2.sender.ltmse.com

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.209.108.56 (Russian Federation) 2 redirects

ASN52007 (ADRIVER-AS, RU)

ev.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 81.222.128.215 (Russian Federation) 2 redirects

ASN20597 (ELTEL-AS, RU)
PTR: ad15.adriver.ru

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:3b42 (United States)

ASN13335 (CLOUDFLARENET, US)

a.utraff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.230.131.16 (Amsterdam, Netherlands)

ASN200197 (HYBRID-POLAND, PL)

dm-eu.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.15.175.145 (Russian Federation) 7 redirects

ASN43226 (SAFEDATA Uplinks, RU)

tag.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 116.202.85.93 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.93.85.202.116.clients.your-server.de

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 148.251.236.118 (Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-4.community.moscow

sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.147.80.35 (Russian Federation) 1 redirects

ASN41722 (MIRAN-AS Miran DC, RU)
PTR: ssp2.bestssp.com

ssp.bestssp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.76.129.181 (Russian Federation) 2 redirects

ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU)

sync.adspend.space	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 87.242.89.90 (Russian Federation)

ASN208677 (SBERCLOUD-AS, RU)

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.242.93.185 (Russian Federation) 1 redirects

ASN208677 (SBERCLOUD-AS, RU)
PTR: fr20.segmento.ru

sape-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 188.42.196.115 (Luxembourg) 4 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.122.21.139 (Russian Federation) 1 redirects

ASN48096 (ITGRAD, RU)

ads.adlook.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 217.66.147.39 (St Petersburg, Russian Federation) 9 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-39-147-66-217.spbmts.ru

sm.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.87.44.187 (Russian Federation) 4 redirects

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a02:6b8::90 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 49.12.83.94 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.94.83.12.49.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.196.197.130 (Amsterdam, Netherlands) 2 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.109.65.187 (Helsinki, Finland) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.187.65.109.65.clients.your-server.de

ssp.bidvol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.65.2.150 (Moscow, Russian Federation) 1 redirects

ASN3175 (CITYTELECOM-MSK, RU)

match.new-programmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 89.108.119.28 (Russian Federation) 3 redirects

ASN197695 (AS-REG, RU)
PTR: d51802.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.204 (Russian Federation) 2 redirects

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.42.105.220 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

sync.gonet-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 31.172.81.158 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 31.172.81.160 (Germany) 3 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

pix.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.120.241.50 (Russian Federation) 1 redirects

ASN29182 (RU-JSCIOT, RU)
PTR: sync00.platforma.id

2935dd48-df98-11ed-86e0-002590c0647c.n1.sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.88.12.14 (Gunzenhausen, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.14.12.88.23.clients.your-server.de

nr.bidderstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.107.44 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)

cs.agency2.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.235.14.51 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.51.14.235.167.clients.your-server.de

sp.ohmy.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)

sync.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 167.235.117.42 (Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.42.117.235.167.clients.your-server.de

sync.programmatica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 83.222.105.70 (Russian Federation) 2 redirects

ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU)

adx.com.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.24.218 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 89.108.127.68 (Russian Federation) 5 redirects

ASN197695 (AS-REG, RU)
PTR: srv4.kimberlite.io

kimberlite.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1148:db00::17 (Russian Federation)

ASN47764 (VK-AS, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::184 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

avatars.mds.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::36 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

favicon.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::5:114 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

ysa-static.passport.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.177.4.157 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-177-4-157.eu-west-2.compute.amazonaws.com

px.arcspire.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.154.173.64 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-173-64.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.200.127.67 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-127-67.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
euw-ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.175.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-175-185.compute-1.amazonaws.com

im.bluevoox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.181.226 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.111.6.50 (Turkey)

ASN9121 (TTNET, TR)
PTR: ns1.ttidc.com.tr

rtb.programattik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:6d0:4001::226 (Russian Federation) 1 redirects

ASN52016 (TNSMSK-, RU)

cm.tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.18.16.21 (Russian Federation)

ASN205675 (HYBRID-AS, DE)

dm.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.72.109.103 (Sucre, Bolivia, Plurinational State Of) 2 redirects

ASN208677 (SBERCLOUD-AS, RU)

solta-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
yandex-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.193.58.13 (Russian Federation) 1 redirects

ASN200350 (YANDEXCLOUD, RU)

pixel.konnektu.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.192.150.14 (Russian Federation) 1 redirects

ASN42481 (BEGUN-AS, RU)
PTR: zvezda.ssp.rambler.ru

profile.ssp.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:f45 (United States)

ASN13335 (CLOUDFLARENET, US)

rtb-eu-warsaw.intent.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.217.109.66 (Helsinki, Finland) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.66.109.217.95.clients.your-server.de

sonar.semantiqo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.72.107.194 (Russian Federation) 1 redirects

ASN208677 (SBERCLOUD-AS, RU)
PTR: fr08.segmento.ru

yandex-dmp-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.163.52.67 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.120.241.47 (Russian Federation) 1 redirects

ASN29182 (RU-JSCIOT, RU)
PTR: sync01.platforma.id

2935dd48-df98-11ed-86e0-002590c0647c.n4.sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.122 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	yandex.ru 12 redirects yandex.ru — Cisco Umbrella Rank: 1306 mc.yandex.ru — Cisco Umbrella Rank: 2437 an.yandex.ru — Cisco Umbrella Rank: 4140 ysa-static.passport.yandex.ru — Cisco Umbrella Rank: 19834	261 KB
32	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 tpc.googlesyndication.com — Cisco Umbrella Rank: 177	405 KB
25	doubleclick.net 5 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 166 googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 cm.g.doubleclick.net — Cisco Umbrella Rank: 313 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 394 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269	144 KB
25	acint.net 5 redirects www.acint.net — Cisco Umbrella Rank: 23281 acint.net — Cisco Umbrella Rank: 18425	32 KB
13	mts.ru 13 redirects sm.rtb.mts.ru — Cisco Umbrella Rank: 28352 tech.rtb.mts.ru — Cisco Umbrella Rank: 34642	7 KB
12	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 7652	5 KB
11	bumlam.com 7 redirects sync.bumlam.com — Cisco Umbrella Rank: 5978 pix.bumlam.com — Cisco Umbrella Rank: 59772 2935dd48-df98-11ed-86e0-002590c0647c.n1.sync.bumlam.com 2935dd48-df98-11ed-86e0-002590c0647c.n4.sync.bumlam.com	6 KB
11	afn.by afn.by	123 KB
10	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 16 adservice.google.com — Cisco Umbrella Rank: 130	2 KB
10	digitaltarget.ru 7 redirects tag.digitaltarget.ru — Cisco Umbrella Rank: 91927 dmg.digitaltarget.ru — Cisco Umbrella Rank: 18301	25 KB
9	google.de www.google.de — Cisco Umbrella Rank: 3425 adservice.google.de — Cisco Umbrella Rank: 5261	2 KB
9	yastatic.net yastatic.net — Cisco Umbrella Rank: 4502	236 KB
6	adriver.ru 4 redirects ev.adriver.ru — Cisco Umbrella Rank: 24975 ssp.adriver.ru — Cisco Umbrella Rank: 22271	2 KB
5	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 373	2 MB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 876	4 KB
5	360yield.com 3 redirects match.360yield.com — Cisco Umbrella Rank: 3225 euw-ice.360yield.com — Cisco Umbrella Rank: 11868	1 KB
5	kimberlite.io 5 redirects kimberlite.io — Cisco Umbrella Rank: 26430	3 KB
5	betweendigital.com 4 redirects ads.betweendigital.com — Cisco Umbrella Rank: 2547	3 KB
4	gstatic.com www.gstatic.com csi.gstatic.com	15 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 319	4 KB
4	googleadservices.com 2 redirects partner.googleadservices.com — Cisco Umbrella Rank: 1132 www.googleadservices.com — Cisco Umbrella Rank: 187	17 KB
4	aidata.io 3 redirects x01.aidata.io — Cisco Umbrella Rank: 13273	2 KB
4	rutarget.ru 4 redirects sape-sync.rutarget.ru — Cisco Umbrella Rank: 139507 solta-sync.rutarget.ru — Cisco Umbrella Rank: 50582 yandex-dmp-sync.rutarget.ru — Cisco Umbrella Rank: 55987 yandex-sync.rutarget.ru — Cisco Umbrella Rank: 56009	2 KB
3	weborama.fr 3 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 12112	735 B
3	com.ru 2 redirects adx.com.ru — Cisco Umbrella Rank: 31715	645 B
3	programmatica.com 3 redirects sync.programmatica.com — Cisco Umbrella Rank: 79003	759 B
3	gonet-ads.com 2 redirects sync.gonet-ads.com — Cisco Umbrella Rank: 19737	877 B
3	upravel.com 3 redirects sync.upravel.com — Cisco Umbrella Rank: 29910	2 KB
3	hybrid.ai dm-eu.hybrid.ai — Cisco Umbrella Rank: 12469 dm.hybrid.ai — Cisco Umbrella Rank: 26971	798 B
3	adhigh.net 3 redirects px.adhigh.net — Cisco Umbrella Rank: 13391	1 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 238	98 KB
2	semantiqo.com 1 redirects sonar.semantiqo.com — Cisco Umbrella Rank: 54784	978 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 277	2 KB
2	yandex.net avatars.mds.yandex.net — Cisco Umbrella Rank: 5547 favicon.yandex.net — Cisco Umbrella Rank: 7045	33 KB
2	yandex.by 1 redirects mc.yandex.by — Cisco Umbrella Rank: 147153	730 B
2	mail.ru ad.mail.ru — Cisco Umbrella Rank: 6673 top-fwz1.mail.ru — Cisco Umbrella Rank: 6293	2 KB
2	bidderstack.com 1 redirects nr.bidderstack.com — Cisco Umbrella Rank: 29079	788 B
2	yadro.ru 2 redirects counter.yadro.ru — Cisco Umbrella Rank: 7108	619 B
2	new-programmatic.com 1 redirects match.new-programmatic.com — Cisco Umbrella Rank: 29877	477 B
2	uuidksinc.net 2 redirects s.uuidksinc.net — Cisco Umbrella Rank: 11316	412 B
2	buzzoola.com 2 redirects exchange.buzzoola.com — Cisco Umbrella Rank: 15169	354 B
2	1dmp.io sync.1dmp.io — Cisco Umbrella Rank: 16477	309 B
2	adspend.space 2 redirects sync.adspend.space — Cisco Umbrella Rank: 74761	456 B
2	otm-r.com sync.dmp.otm-r.com — Cisco Umbrella Rank: 16445	139 B
2	sape.ru 2 redirects ssp-rtb.sape.ru — Cisco Umbrella Rank: 21407	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 91	20 KB
1	intent.ai rtb-eu-warsaw.intent.ai — Cisco Umbrella Rank: 54073	840 B
1	rambler.ru 1 redirects profile.ssp.rambler.ru — Cisco Umbrella Rank: 35617	244 B
1	konnektu.ru 1 redirects pixel.konnektu.ru — Cisco Umbrella Rank: 58324	214 B
1	tns-counter.ru 1 redirects cm.tns-counter.ru — Cisco Umbrella Rank: 54922	385 B
1	programattik.com rtb.programattik.com — Cisco Umbrella Rank: 33877	152 B
1	opera.com t.adx.opera.com — Cisco Umbrella Rank: 3365	466 B
1	bluevoox.com im.bluevoox.com — Cisco Umbrella Rank: 16963	241 B
1	arcspire.io 1 redirects px.arcspire.io — Cisco Umbrella Rank: 52474	317 B
1	adkernel.com sync.adkernel.com — Cisco Umbrella Rank: 1939	160 B
1	ohmy.bid 1 redirects sp.ohmy.bid — Cisco Umbrella Rank: 47226	414 B
1	agency2.ru 1 redirects cs.agency2.ru — Cisco Umbrella Rank: 78827	753 B
1	bidvol.com 1 redirects ssp.bidvol.com — Cisco Umbrella Rank: 21864	454 B
1	adlook.me 1 redirects ads.adlook.me — Cisco Umbrella Rank: 44016	302 B
1	bestssp.com 1 redirects ssp.bestssp.com — Cisco Umbrella Rank: 58908	289 B
1	utraff.com a.utraff.com — Cisco Umbrella Rank: 37706	792 B
0	whiteboxdigital.ru Failed mitdmp.whiteboxdigital.ru Failed
213	62

	Domain	Requested by
28	an.yandex.ru	1 redirects www.acint.net yandex.ru afn.by
20	pagead2.googlesyndication.com	afn.by pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
19	www.acint.net	4 redirects afn.by www.acint.net
17	yandex.ru	9 redirects afn.by yandex.ru yastatic.net
13	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com afn.by googleads.g.doubleclick.net www.googleadservices.com
12	tpc.googlesyndication.com	afn.by googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
12	mc.yandex.com	2 redirects afn.by mc.yandex.ru
11	afn.by	afn.by
9	yastatic.net	yandex.ru yastatic.net afn.by
9	sm.rtb.mts.ru	9 redirects
8	www.google.com	2 redirects afn.by tpc.googlesyndication.com
8	dmg.digitaltarget.ru	7 redirects www.acint.net
7	cm.g.doubleclick.net	3 redirects afn.by googleads.g.doubleclick.net
7	www.google.de	afn.by
6	acint.net	1 redirects www.acint.net
5	s0.2mdn.net	afn.by s0.2mdn.net googleads.g.doubleclick.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	kimberlite.io	5 redirects
5	pix.bumlam.com	3 redirects www.acint.net
5	ads.betweendigital.com	4 redirects afn.by
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	sync.bumlam.com	2 redirects www.acint.net afn.by
4	x01.aidata.io	3 redirects www.acint.net
4	tech.rtb.mts.ru	4 redirects
4	ssp.adriver.ru	2 redirects www.acint.net
4	mc.yandex.ru	2 redirects afn.by yastatic.net
3	www.googleadservices.com	2 redirects yastatic.net
3	csi.gstatic.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
3	match.360yield.com	1 redirects afn.by
3	redirect.frontend.weborama.fr	3 redirects
3	adx.com.ru	2 redirects www.acint.net
3	sync.programmatica.com	3 redirects
3	sync.gonet-ads.com	2 redirects www.acint.net
3	sync.upravel.com	3 redirects
3	px.adhigh.net	3 redirects
2	securepubads.g.doubleclick.net	googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	afn.by
2	www.googletagservices.com	afn.by googleads.g.doubleclick.net
2	sonar.semantiqo.com	1 redirects afn.by
2	euw-ice.360yield.com	2 redirects
2	dm.hybrid.ai	afn.by
2	dpm.demdex.net	1 redirects afn.by
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	mc.yandex.by	1 redirects afn.by
2	nr.bidderstack.com	1 redirects www.acint.net
2	counter.yadro.ru	2 redirects
2	match.new-programmatic.com	1 redirects www.acint.net
2	s.uuidksinc.net	2 redirects
2	exchange.buzzoola.com	2 redirects
2	sync.1dmp.io	www.acint.net afn.by
2	sync.adspend.space	2 redirects
2	sync.dmp.otm-r.com	www.acint.net afn.by
2	tag.digitaltarget.ru	www.acint.net tag.digitaltarget.ru
2	ev.adriver.ru	2 redirects
2	ssp-rtb.sape.ru	2 redirects
2	www.google-analytics.com	afn.by www.google-analytics.com
1	www.gstatic.com	googleads.g.doubleclick.net
1	2935dd48-df98-11ed-86e0-002590c0647c.n4.sync.bumlam.com	1 redirects
1	top-fwz1.mail.ru	www.acint.net
1	yandex-sync.rutarget.ru	1 redirects
1	yandex-dmp-sync.rutarget.ru	1 redirects
1	rtb-eu-warsaw.intent.ai	afn.by
1	profile.ssp.rambler.ru	1 redirects
1	pixel.konnektu.ru	1 redirects
1	solta-sync.rutarget.ru	1 redirects
1	cm.tns-counter.ru	1 redirects
1	rtb.programattik.com	afn.by
1	t.adx.opera.com	afn.by
1	im.bluevoox.com	afn.by
1	px.arcspire.io	1 redirects
1	ysa-static.passport.yandex.ru	afn.by
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	favicon.yandex.net	afn.by
1	avatars.mds.yandex.net	afn.by
1	stats.g.doubleclick.net	www.google-analytics.com
1	ad.mail.ru	www.acint.net
1	sync.adkernel.com	www.acint.net
1	sp.ohmy.bid	1 redirects
1	cs.agency2.ru	1 redirects
1	2935dd48-df98-11ed-86e0-002590c0647c.n1.sync.bumlam.com	1 redirects
1	ssp.bidvol.com	1 redirects
1	ads.adlook.me	1 redirects
1	sape-sync.rutarget.ru	1 redirects
1	ssp.bestssp.com	1 redirects
1	dm-eu.hybrid.ai	www.acint.net
1	a.utraff.com	www.acint.net
0	mitdmp.whiteboxdigital.ru Failed	afn.by
213	88

This site contains links to these domains. Also see Links.

Domain
t.me
www.facebook.com
twitter.com
empresasweb.net

Subject Issuer	Validity	Valid
afn.by R3	`2023-04-17` - `2023-07-16`	3 months	crt.sh
*.xn--d1acpjx3f.xn--p1ai GlobalSign ECC OV SSL CA 2018	`2023-02-01` - `2023-08-01`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-03-17` - `2023-08-27`	5 months	crt.sh
*.acint.net R3	`2023-04-14` - `2023-07-13`	3 months	crt.sh
utraff.com GTS CA 1P5	`2023-04-18` - `2023-07-17`	3 months	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2022-09-26` - `2023-09-26`	a year	crt.sh
*.digitaltarget.ru R3	`2023-03-30` - `2023-06-28`	3 months	crt.sh
*.dmp.otm-r.com AlphaSSL CA - SHA256 - G2	`2022-05-27` - `2023-06-28`	a year	crt.sh
*.adriver.ru GlobalSign GCC R3 DV TLS CA 2020	`2023-03-07` - `2024-04-07`	a year	crt.sh
sync.1dmp.io R3	`2023-01-31` - `2023-05-01`	3 months	crt.sh
ad-blast.ru R3	`2023-04-12` - `2023-07-11`	3 months	crt.sh
bs.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-04-08` - `2023-10-07`	6 months	crt.sh
*.bidderstack.com Go Daddy Secure Certificate Authority - G2	`2022-11-20` - `2023-11-18`	a year	crt.sh
*.adkernel.com AlphaSSL CA - SHA256 - G4	`2023-01-03` - `2024-02-04`	a year	crt.sh
*.mail.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-11-19`	a year	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2023-02-01` - `2023-08-01`	6 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.avatars.mds.yandex.net GlobalSign RSA OV SSL CA 2018	`2023-03-06` - `2023-10-06`	7 months	crt.sh
favicon.yandex.net GlobalSign ECC OV SSL CA 2018	`2023-01-14` - `2023-06-15`	5 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
ysa-static.passport.yandex.net GlobalSign ECC OV SSL CA 2018	`2023-03-06` - `2023-10-06`	7 months	crt.sh
*.intent.ai GTS CA 1P5	`2023-04-10` - `2023-07-09`	3 months	crt.sh
*.bumlam.com R3	`2023-02-09` - `2023-05-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://afn.by/
Frame ID: 9D452364DAF5C021880E26671ADC027E
Requests: 58 HTTP requests in this frame

Frame: https://www.acint.net/mc/?dp=10&tc=1
Frame ID: 1D814F9B80F0C7F2077C41B4CF799862
Requests: 37 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20190131/zrt_lookup.html
Frame ID: 99470737E9791C39738DAFAFF79A1466
Requests: 1 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Frame ID: BAF06B2589302F51B2CEC8038EAAAA96
Requests: 65 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271363197717881&output=html&adk=1812271804&adf=3025194257&lmt=1682008014&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fafn.by%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682008013614&bpp=4&bdt=387&idt=429&shv=r20230417&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5339548214821&rume=1&frm=20&pv=2&ga_vid=449161101.1682008013&ga_sid=1682008014&ga_hid=2063691867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C42531705%2C44788442%2C44789819%2C31061691%2C31061692&oid=2&pvsid=2084868377474032&tmod=1936465578&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&ifi=1&uci=a!1&fsb=1&dtd=485
Frame ID: 5B5C52B37BE2D98ABBB0366266E2B198
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271363197717881&output=html&h=600&slotname=5761908397&adk=3519307484&adf=1131236467&pi=t.ma~as.5761908397&w=160&lmt=1682008014&format=160x600&url=https%3A%2F%2Fafn.by%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682008013618&bpp=1&bdt=390&idt=497&shv=r20230417&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5339548214821&rume=1&frm=20&pv=1&ga_vid=449161101.1682008013&ga_sid=1682008014&ga_hid=2063691867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=3855&ady=793&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C42531705%2C44788442%2C44789819%2C31061691%2C31061692&oid=2&pvsid=2084868377474032&tmod=1936465578&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=2&uci=a!2&fsb=1&xpc=UMIZUdID3b&p=https%3A//afn.by&dtd=509
Frame ID: 586D3CDCDBF3B12137C65568B390FC4B
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Frame ID: 6F6014BD644B1C761179C2A194642B8F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMvN-gEQ3_CHsQMYnIes5gEwAQ&v=APEucNUFzRC8k55WT4s8_cYkjlu0S6Crx3emLtvNioM8nwnfFRsK79y0K3S5q8rGfZdU2hJffusIMMtvQh5ORXE5baM0fx05QPS_B0waKqttLvLn-Ai7ST3I7Toc8JxdS1wWAvH4NeGm5PPjzMZHCCGyhlBLP4sMVHG2jukR6RNbYwR8kbFrbHU
Frame ID: B0F6565B5050B91AA32EDC2F0AC1D75F
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 4408C875E0F11CF82B60CC55F7EE7766
Requests: 20 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 51085FA7A90E5BD1811700DAFB6C8DB5
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11207411921136063200/aulus-728x90-DE.html
Frame ID: C89A6DF91448551B69874719804E0A3F
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/MezC-G1ZF-1GZ9yqq0o7IScgI3uEZvBcP5CgXoWKMDE.js
Frame ID: A68086352E94A03F8065F9410AC19618
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F96E3D61F60258D2E73929E98BE4CC67
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CEE2E1424CDAA7082811167F738C9279
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

AFN.BY - Новости Беларуси Политика экономика финансы энергетика общество

Detected technologies

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<input[^>]+name="__VIEWSTATE

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

213
Requests

69 %
HTTPS

30 %
IPv6

62
Domains

88
Subdomains

53
IPs

13
Countries

3659 kB
Transfer

6506 kB
Size

119
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://t.me/afn_by

Search URL Search Domain Scan URL

URL: https://www.facebook.com/afn.by

Search URL Search Domain Scan URL

URL: https://twitter.com/_afnby

Search URL Search Domain Scan URL

URL: https://empresasweb.net/
Title: empresas

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

https://www.acint.net/mc/?dp=10 HTTP 302
https://www.acint.net/mc/?dp=10&tc=1

Request Chain 18

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP 302
https://acint.net/match?dp=14&euid=2B03420ACD674164C4003C3502724503

Request Chain 19

https://px.adhigh.net/p/cm/sape?u=0100007FCD674164BB037866027A7299 HTTP 302
https://px.adhigh.net/p/cm/sape?u=0100007FCD674164BB037866027A7299&bounced=1 HTTP 302
https://acint.net/match?dp=17&euid=Fv0kTO1bJS.AikABlGHn317DQ

Request Chain 20

https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP 302
https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-6386191052 HTTP 302
https://www.acint.net/rmatch?dp=45&euid=Awrd0rlr_IkW5nTDB2hv3YA&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP 302
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FCD674164BB037866027A7299

Request Chain 25

https://sync.upravel.com/sape/sync HTTP 302
https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0 HTTP 302
https://www.acint.net/match?dp=71&euid=c5d2ac60-16bd-421d-a69f-130ec8bd759a HTTP 302
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D&dp=14 HTTP 302
https://acint.net/match?dp=14&euid=2B03420ACD674164C4003C3502724503

Request Chain 27

https://ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D HTTP 302
https://www.acint.net/match?dp=95&euid=YJPSYPZD

Request Chain 28

https://sync.adspend.space/sape?uid=0100007FCD674164BB037866027A7299 HTTP 302
https://sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3D3a1f0fbb-d3c8-44cc-b824-3702959657e8 HTTP 302
https://www.acint.net/match?dp=98&euid=3a1f0fbb-d3c8-44cc-b824-3702959657e8

Request Chain 30

https://sape-sync.rutarget.ru/sync HTTP 302
https://www.acint.net/match?dp=104&euid=5FLG06xeIlKU

Request Chain 31

https://ads.betweendigital.com/match?bidder_id=35313&external_user_id=0100007FCD674164BB037866027A7299&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=35313&external_user_id=0100007FCD674164BB037866027A7299&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
https://acint.net/match?dp=107&euid=95198a82-dfaf-526e-a81c-44facc5d2337

Request Chain 32

https://ads.adlook.me/csync?pid=sape&uid=0100007FCD674164BB037866027A7299&url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D HTTP 302
https://acint.net/match?dp=110&euid=1672935d1adc4aaebb634ed6aef3a39a

Request Chain 33

https://sm.rtb.mts.ru/p?ssp=sape&id=0100007FCD674164BB037866027A7299 HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=30&exu=0100007FCD674164BB037866027A7299 HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=0fddca32-2607-4902-b35a-50a4970b7f3c&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FD93KMiYHSQKzWlCklwt_PA%3Flocation%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D30%2526em%253D0%26sign%3D769295378 HTTP 302
https://an.yandex.ru/setud/mts_banner/D93KMiYHSQKzWlCklwt_PA?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D0&sign=769295378

Request Chain 34

https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP 301
https://www.acint.net/match?dp=126&euid=fa6706da-280e-4cd9-6147-021d500f8cad

Request Chain 35

https://s.uuidksinc.net/match/396/?remote_uid=0100007FCD674164BB037866027A7299 HTTP 302
https://www.acint.net/match?dp=127&euid=gQzVdeKe8Sj7PgITOXQm

Request Chain 36

https://ssp.bidvol.com/usersync?dspcsid=8&redirect=1 HTTP 302
https://www.acint.net/match?dp=129&euid=baveqe52rl

Request Chain 38

https://x01.aidata.io/0.gif?pid=9401454&id=0100007FCD674164BB037866027A7299 HTTP 302
https://x01.aidata.io/0.gif?pid=9401454&id=0100007FCD674164BB037866027A7299&bounce=1 HTTP 302
https://counter.yadro.ru/id-redir/aidata.gif?back=STOP HTTP 302
https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP

Request Chain 39

https://sync.gonet-ads.com/match/sape.js?id=0100007FCD674164BB037866027A7299 HTTP 302
https://sync.gonet-ads.com/match/sape.js?id=0100007FCD674164BB037866027A7299&chk=1

Request Chain 40

https://sync.bumlam.com/?src=sap1&uid=0100007FCD674164BB037866027A7299 HTTP 302
https://sync.bumlam.com/?src=sap1&s_data=CAIQARjNz4WiBmIgMDEwMDAwN0ZDRDY3NDE2NEJCMDM3ODY2MDI3QTcyOTmiARApNd1I35gR7YbgACWQwGR8

Request Chain 41

https://pix.bumlam.com/sync/sape/check?sspuid=0100007FCD674164BB037866027A7299 HTTP 302
https://sync.bumlam.com/?src=sape HTTP 302
https://pix.bumlam.com/sync/sape/sync_ok?guid=2935dd48-df98-11ed-86e0-002590c0647c HTTP 302
https://2935dd48-df98-11ed-86e0-002590c0647c.n1.sync.bumlam.com/?src=sape HTTP 302
https://pix.bumlam.com/sync/sape/done

Request Chain 44

https://cs.agency2.ru/p?ssp=sp&uid=0100007FCD674164BB037866027A7299 HTTP 301
https://www.acint.net/match?dp=186&euid=290d6a68-e95c-429a-bd3f-8c94996e5de5

Request Chain 45

https://sp.ohmy.bid/cm?ssp=sape&redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D217%26euid%3D%7Buid%7D HTTP 302
https://www.acint.net/match?dp=217&euid=50c364de-7e6e-4fde-8607-6472d8f9f069

Request Chain 47

https://sync.programmatica.com/match/01 HTTP 302
https://sync.programmatica.com/match/01?chk=1 HTTP 302
https://www.acint.net/rmatch?dp=235&euid=NWY5NGViNDU4MDc1NThhYg&r=https%3A%2F%2Fsync.programmatica.com%2Fmatch%2F01%3Fid%3D%24%7BUSER_ID%7D%26fp%3D1642882560 HTTP 302
https://sync.programmatica.com/match/01?id=0100007FCD674164BB037866027A7299&fp=1642882560 HTTP 302
https://dmg.digitaltarget.ru/1/7536/i/i?a=1051&e=NWY5NGViNDU4MDc1NThhYg&i=lcya70qdknfo HTTP 307
https://dmg.digitaltarget.ru/awg/custom/7536/i/i?call_source=awg&ts=1682008014315&a=1051&e=NWY5NGViNDU4MDc1NThhYg&i=lcya70qdknfo

Request Chain 48

https://adx.com.ru/sape-sync?uid=0100007FCD674164BB037866027A7299 HTTP 302
https://adx.com.ru/sync?sspKey=25&sspUserID=0100007FCD674164BB037866027A7299 HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D644167ced41e060001aeeb73%2526r%253D%26webouid%3D{WEBO_CID} HTTP 307
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D644167ced41e060001aeeb73%2526r%253D%26webouid%3D%7BWEBO_CID%7D&bounce=1&random=1723167479 HTTP 302
https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fprodmp.ru%2Fyabbi.gif%3Fuid%3D644167ced41e060001aeeb73%26r%3D&webouid=p06OiAVrcZXZhHCxlY9UEu

Request Chain 49

https://kimberlite.io/rtb/sync/sape2?u=0100007FCD674164BB037866027A7299 HTTP 307
https://sm.rtb.mts.ru/p?ssp=toptraffic&id=ZEFnzhG9SSk HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=59&exu=ZEFnzhG9SSk HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=0fddca32-2607-4902-b35a-50a4970b7f3c&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FD93KMiYHSQKzWlCklwt_PA%3Flocation%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D59%2526em%253D0%26sign%3D1904105073 HTTP 302
https://an.yandex.ru/setud/mts_banner/D93KMiYHSQKzWlCklwt_PA?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D59%26em%3D0&sign=1904105073

Request Chain 64

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9979.PRoRhgwQ8DOIUjLh1_UUHfymZju5aSElwAk1wqWKvTOKZq44AHd1YyE8fwD4k3LB.aw08HRzr8SPPCSgA1U1ay8zq-4A%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9979.3DARVzSwERzuLLCc4DC5-Mvcq4iBgp-RrQlKdv2RvCTJZC4ZpaPB0FfLWvD3HoEhT_s_V68jjG-OIExP4R77XFyGlxWzD6DqVkcSITfQWsqnklG5r1R4ItKMT818LHhVondo9Yx06EWrpd7usWNM3LBzh4MuEYSxK5WHs3F-IuZOlwNsaygz85dixpOqRcAgiid7P4BMl0-YYmFk56PiqSNiZlaoM_cEAxAfv8cmX6g%2C.xuN174__EkepMTkzARuPDNSbvKY%2C

Request Chain 65

https://mc.yandex.by/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.by&token=9979.qJSPQh9mSYg2bPuYuq53cOBsenVnv-Xaa8zyLyweoy0SUoULYzKstebPZAbJAtny.TAMHdnuB6gzNuLgmU-z5MMjCLGU%2C HTTP 302
https://mc.yandex.by/sync_cookie_image_decide?token=9979.iWt3k0GdNVUQ-aZNhWdlAKgBnnRwtdYQadl2tHMT-x330dbtiqRJ2NL2sZhze2e7iFtrd0NjOtJdcCNKqyytDkyr2PoPLFXPbeqF9rkq79-3O3QyceffHxirmnxHMkM8xXRyU0GhE0iwtMquF9zHnKmGYGNduI7iLbarsijxXubLr1aD72XZbGHFr0AfHAFIoZ1hgT-KbPTxZWvX_gro_wRpqabWGDdX3WYWPdRBBTQ%2C.3O5EZlfSdOESIz1BVhxUJm3xsL0%2C

Request Chain 70

https://mc.yandex.com/watch/421539?wmode=7&page-url=https%3A%2F%2Fafn.by%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aihb4q796484i93c2xtzqhr%3Afp%3A1595%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1025%3Acn%3A1%3Adp%3A0%3Als%3A70872403400%3Ahid%3A1055585198%3Az%3A0%3Ai%3A20230420162653%3Aet%3A1682008014%3Ac%3A1%3Arn%3A446260790%3Arqn%3A1%3Au%3A1682008014157799749%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A1291%2C101%2C58%2C47%2C%2C0%2C%2C56%2C0%2C%2C%2C%2C1554%3Aco%3A0%3Acpf%3A1%3Ans%3A1682008011774%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1682008014%3At%3AAFN.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%D0%9F%D0%BE%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D1%8D%D0%BA%D0%BE%D0%BD%D0%BE%D0%BC%D0%B8%D0%BA%D0%B0%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D1%8B%20%D1%8D%D0%BD%D0%B5%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BE%D0%B1%D1%89%D0%B5%D1%81%D1%82%D0%B2%D0%BE&t=gdpr(14)mc(p-1)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/421539/1?wmode=7&page-url=https%3A%2F%2Fafn.by%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aihb4q796484i93c2xtzqhr%3Afp%3A1595%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1025%3Acn%3A1%3Adp%3A0%3Als%3A70872403400%3Ahid%3A1055585198%3Az%3A0%3Ai%3A20230420162653%3Aet%3A1682008014%3Ac%3A1%3Arn%3A446260790%3Arqn%3A1%3Au%3A1682008014157799749%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A1291%2C101%2C58%2C47%2C%2C0%2C%2C56%2C0%2C%2C%2C%2C1554%3Aco%3A0%3Acpf%3A1%3Ans%3A1682008011774%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1682008014%3At%3AAFN.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%D0%9F%D0%BE%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D1%8D%D0%BA%D0%BE%D0%BD%D0%BE%D0%BC%D0%B8%D0%BA%D0%B0%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D1%8B%20%D1%8D%D0%BD%D0%B5%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BE%D0%B1%D1%89%D0%B5%D1%81%D1%82%D0%B2%D0%BE&t=gdpr%2814%29mc%28p-1%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 90

https://px.arcspire.io/yndx?id=9d4cd41a-f59d-4815-8a89-9d30806f5389 HTTP 307
https://an.yandex.ru/mapuid/arcspireis/9f3964b6e4c28e92279059

Request Chain 91

https://acint.net/rmatch/?dp=151&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F%24%7BUSER_ID%7D HTTP 302
https://an.yandex.ru/mapuid/sapeis/0100007FCD674164BB037866027A7299

Request Chain 92

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D HTTP 302
https://an.yandex.ru/mapuid/betweendigitalis/95198a82-dfaf-526e-a81c-44facc5d2337

Request Chain 93

https://yandex.ru/an/mapuid/adobedmp/ HTTP 302
https://dpm.demdex.net/ibs:dpid=423652&dpuuid=2012DD4D3043E270 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=2012DD4D3043E270

Request Chain 94

https://yandex.ru/an/mapuid/azerionis/ HTTP 302
https://match.360yield.com/match?external_user_id=C8EB2F8A6A03FE8A&publisher_dsp_id=429&publisher_call_type=redirect HTTP 302
https://match.360yield.com/ul_cb/match?external_user_id=C8EB2F8A6A03FE8A&publisher_dsp_id=429&publisher_call_type=redirect

Request Chain 96

https://yandex.ru/an/mapuid/betweenx/ HTTP 302
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=BC5C0A5FBE25928C

Request Chain 97

https://yandex.ru/an/mapuid/blueseaxcom/ HTTP 302
https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=8638100EF8D1056A

Request Chain 99

https://yandex.ru/an/mapuid/google/?partner-tag=yandex_llc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=C81C0073CCEF850E&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Request Chain 100

https://yandex.ru/an/mapuid/google/?partner-tag=yandexcom HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=C81C0073CCEF850E&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Request Chain 101

https://yandex.ru/an/mapuid/google/?partner-tag=yandexru HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=C81C0073CCEF850E&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Request Chain 102

https://yandex.ru/an/mapuid/operacom/ HTTP 302
https://t.adx.opera.com/sync?vendor=60143&uid=A35D6690B26A3515

Request Chain 103

https://yandex.ru/an/mapuid/turktelekomrtb/ HTTP 302
https://rtb.programattik.com/user-sync?dsp=5&t=image&uid=D708477C4F987C2B

Request Chain 105

https://cm.tns-counter.ru/yacm HTTP 302
https://an.yandex.ru/mapuid/mediascope/035a390d5f89fb608ff5c4e86cc1f067cc407de52dd129d75eecd3c98553fbf0

Request Chain 108

https://dmg.digitaltarget.ru/1/119/i/i?i=1682008013 HTTP 307
https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&ts=1682008014353&i=1682008013 HTTP 307
https://an.yandex.ru/mapuid/dmpamberdata/LZL1NAnhMoF3FJi7SOlC

Request Chain 109

https://euw-ice.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F{PUB_USER_ID} HTTP 302
https://euw-ice.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F%7BPUB_USER_ID%7D HTTP 302
https://an.yandex.ru/mapuid/azerionis/0fac157a-389e-437a-899e-7a1a994a2371 HTTP 302
https://match.360yield.com/match?external_user_id=0fac157a-389e-437a-899e-7a1a994a2371&publisher_dsp_id=429&publisher_call_type=redirect

Request Chain 110

https://exchange.buzzoola.com/cookiesync/redirect/yandex?redirect_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbuzzooladspis%2F%24%7BUUID%7D HTTP 301
https://an.yandex.ru/mapuid/buzzooladspis/ba7f49ca-b920-4a8f-70ff-1a15625ad147

Request Chain 111

https://kimberlite.io/rtb/sync/yandex HTTP 307
https://ads.betweendigital.com/match?bidder_id=45004&callback_url=https%3A%2F%2Fkimberlite.io%2Frtb%2Fsync%2Fbetween2%3Fu%3D%24%7BUSER_ID%7D%26f%3Dhttps%253A%252F%252Fwww.acint.net%252Fmatch%253Fdp%253D243%2526euid%253DZEFnzhG9SSk%26n%3D2 HTTP 302
https://kimberlite.io/rtb/sync/between2?u=95198a82-dfaf-526e-a81c-44facc5d2337&f=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D243%26euid%3DZEFnzhG9SSk&n=2 HTTP 307
https://solta-sync.rutarget.ru/sync HTTP 302
https://kimberlite.io/rtb/sync/segmento?u=5FLG06xeIlKU HTTP 307
https://sm.rtb.mts.ru/p?ssp=toptraffic&id=ZEFnzhG9SSk HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=59&exu=ZEFnzhG9SSk HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=0fddca32-2607-4902-b35a-50a4970b7f3c&return_url=https%3A%2F%2Fpixel.konnektu.ru%2Fredirect%2Fmts%3Fcallback_url%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D59%2526em%253D1%2526ssp%253Dkonnektu%2526id%253D%257BUSER_ID%257D HTTP 302
https://pixel.konnektu.ru/redirect/mts?callback_url=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D59%26em%3D1%26ssp%3Dkonnektu%26id%3D%7BUSER_ID%7D HTTP 302
https://sm.rtb.mts.ru/em?next=59&em=1&ssp=konnektu&id= HTTP 301
https://kimberlite.io/rtb/sync/mts?u=0fddca32-2607-4902-b35a-50a4970b7f3c HTTP 307
https://www.acint.net/match?dp=243&euid=ZEFnzhG9SSk

Request Chain 112

https://match.new-programmatic.com/userbind?src=yandex&pbf=1&gi=1 HTTP 302
https://an.yandex.ru/mapuid/targetrtbis/

Request Chain 114

https://nr.bidderstack.com/yandex/cm?r=https://an.yandex.ru/mapuid/hyperdspis/ HTTP 302
https://an.yandex.ru/mapuid/hyperdspis/c0c34729-0391-4b7c-3aaa-349f574d2bc1

Request Chain 115

https://profile.ssp.rambler.ru/sync3.302?pid=188 HTTP 302
https://an.yandex.ru/mapuid/ramblerssp/

Request Chain 116

https://px.adhigh.net/p/cm/yandexssp HTTP 302
https://an.yandex.ru/mapuid/getintentis/Fv0kTO1bJS.AikABlGHn317DQ

Request Chain 117

https://redirect.frontend.weborama.fr/redirect/standard?url=https://an.yandex.ru/mapuid/dmpweborama/{WEBO_CID} HTTP 302
https://an.yandex.ru/mapuid/dmpweborama/p06OiAVrcZXZhHCxlY9UEu

Request Chain 119

https://s.uuidksinc.net/match/501 HTTP 302
https://an.yandex.ru/mapuid/kadamis/gQzVdeKe8Sj7PgITOXQm

Request Chain 120

https://sm.rtb.mts.ru/p?ssp=yandex&id=map HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=55&exu=map HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=0fddca32-2607-4902-b35a-50a4970b7f3c&return_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fmtsdspis%2F0fddca32-2607-4902-b35a-50a4970b7f3c HTTP 302
https://an.yandex.ru/mapuid/mtsdspis/0fddca32-2607-4902-b35a-50a4970b7f3c

Request Chain 121

https://sonar.semantiqo.com/dmp/scr.php HTTP 302
https://counter.yadro.ru/id127/reff-id.gif?sid=94c6ffdbb873467196b9466893016b4e HTTP 302
https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=94c6ffdbb873467196b9466893016b4e

Request Chain 122

https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=109 HTTP 302
https://an.yandex.ru/mapuid/dmpadriver/wrd0rlr_IkW5nTDB2hv3YA?sign=2132252727

Request Chain 123

https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=19 HTTP 302
https://an.yandex.ru/mapuid/adriveris/Awrd0rlr_IkW5nTDB2hv3YA

Request Chain 127

https://sync.gonet-ads.com/match/yandex?id=[buyerUid] HTTP 302
https://an.yandex.ru/mapuid/gonetisnew/NjcyMmEwMWYyN2UyNDU2ZQ

Request Chain 128

https://sync.upravel.com/yandex/sync HTTP 302
https://an.yandex.ru/mapuid/upravelis/c5d2ac60-16bd-421d-a69f-130ec8bd759a

Request Chain 129

https://x01.aidata.io/0.gif?pid=YANDEX HTTP 302
https://an.yandex.ru/mapuid/dmpaidatame/WaMMihBMeiQTJbe6RVOB%2Bw?sign=2823620263

Request Chain 130

https://yandex-dmp-sync.rutarget.ru/sync HTTP 302
https://an.yandex.ru/mapuid/dmpsegmento/5FLG06xeIlKU?sign=2939993143

Request Chain 131

https://yandex-sync.rutarget.ru/sync HTTP 302
https://an.yandex.ru/mapuid/rutargetis/5FLG06xeIlKU

Request Chain 132

https://dmg.digitaltarget.ru/1/1093/i/i?i=386895588667711.754942521283220&a=77&e=0100007FCD674164BB037866027A7299&pref=https%3A%2F%2Fafn.by%2F&c=ss:77.up:0100007FCD674164BB037866027A7299.sync:up.xdua:duZKAtEGYeNry9T0ufuM9UM3.xps:xpsWcrmKpEFnkW3ZCUFVlLHNc.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP 307
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1682008014349&i=386895588667711.754942521283220&a=77&e=0100007FCD674164BB037866027A7299&pref=https%3A%2F%2Fafn.by%2F&c=ss:77.up:0100007FCD674164BB037866027A7299.sync:up.xdua:duZKAtEGYeNry9T0ufuM9UM3.xps:xpsWcrmKpEFnkW3ZCUFVlLHNc.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP 307
https://top-fwz1.mail.ru/counter?id=3210372;pid=RdKST16l5a7fRI.75cob

Request Chain 133

https://dmg.digitaltarget.ru/1/1093/i/i?i=386895588667711.780223436045769&a=77&e=0100007FCD674164BB037866027A7299&pref=https%3A%2F%2Fafn.by%2F&c=ss:77.up:0100007FCD674164BB037866027A7299.sync:up.xdua:duZKAtEGYeNry9T0ufuM9UM3.xps:xpsWcrmKpEFnkW3ZCUFVlLHNc.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP 307
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1682008014348&i=386895588667711.780223436045769&a=77&e=0100007FCD674164BB037866027A7299&pref=https%3A%2F%2Fafn.by%2F&c=ss:77.up:0100007FCD674164BB037866027A7299.sync:up.xdua:duZKAtEGYeNry9T0ufuM9UM3.xps:xpsWcrmKpEFnkW3ZCUFVlLHNc.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP 307
https://pix.bumlam.com/sync/amb4/check?uid=RdKST16l5a7fRI.75cob HTTP 302
https://2935dd48-df98-11ed-86e0-002590c0647c.n4.sync.bumlam.com/?src=amb4 HTTP 302
https://pix.bumlam.com/sync/amb4/done

Request Chain 145

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJy0qlRoRgp1L6SkJRWiL-A&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJy0qlRoRgp1L6SkJRWiL-A&google_cver=1&C=1

Request Chain 146

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZEFnzs9qjffiwi6dApG9vgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJy0qlRoRgp1L6SkJRWiL-A&google_cver=1

Request Chain 147

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEJUywz5XHpwuA79P1e6NKcQ&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJUywz5XHpwuA79P1e6NKcQ%26google_cver%3D1

Request Chain 148

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODEyMzM2MTE4NzQ2ODA3MjE2Nw%3D%3D

Request Chain 190

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=0GdBZMDaG4Oh6gTa-Kv4Aw&random=68648844&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=68648844&crd=&is_vtc=1&random=3882443270 HTTP 302
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=68648844&crd=&is_vtc=1&random=3882443270&ipr=y

Request Chain 191

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=0GdBZODgG5Gg6wST_J-QBA&random=17077754&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=17077754&crd=&is_vtc=1&random=3212398753 HTTP 302
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=17077754&crd=&is_vtc=1&random=3212398753&ipr=y

213 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
afn.by/ 42 KB
42 KB 1451ms
58ms Document
text/html 62.173.140.157
SPACENET-AS Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://afn.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.173.140.157 Moscow, Russian Federation, ASN34300 (SPACENET-AS Internet Service Provider, RU),
Reverse DNS: afn.today
Software: Microsoft-IIS/10.0 /
Resource Hash: b5d520cab597e7a79eb25c34d6ad5e9324b9beb35752acab41abe88ef3b3152d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
content-length: 43305
content-type: text/html; charset=utf-8
date: Thu, 20 Apr 2023 16:26:53 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319

GET
H2 200 cocss.css
afn.by/styles/ 12 KB
12 KB 91ms
91ms Stylesheet
text/css 62.173.140.157
SPACENET-AS Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://afn.by/styles/cocss.css?v=2020-09-16T2305
Requested by: Host: afn.by
URL: https://afn.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.173.140.157 Moscow, Russian Federation, ASN34300 (SPACENET-AS Internet Service Provider, RU),
Reverse DNS: afn.today
Software: Microsoft-IIS/10.0 /
Resource Hash: 21805f6753661b417e371bc6d07627765a0bdb09ff769049bd4fa36a22cac022

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:53 GMT
last-modified: Tue, 29 Sep 2020 16:21:39 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "7792f69b7c96d61:0"
content-length: 12192
content-type: text/css

GET
H2 200 context.js Show response
yandex.ru/ads/system/ 291 KB
86 KB 173ms
62ms Script
text/javascript 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: afn.by
URL: https://afn.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

59943b80e0488ef668f629dbe33c5af3a0602aefa260f3600553f62e2d77f9f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1682008013361691-6929603865003252817-balancer-l7leveler-kubr-yp-vla-66-BAL-996
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 20 Apr 2023 17:26:53 GMT

GET
H2 200 WebResource.axd Show response
afn.by/ 23 KB
23 KB 90ms
90ms Script
application/x-javascript 62.173.140.157
SPACENET-AS Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://afn.by/WebResource.axd?d=x6kZHarUxIlCmdP8tralfm9j9vlV5v7RssAAB3w2g1T9BlvwLfiegLOUvTlfrsYWRDzRJEVHlbcw8maAjeTX3DGnW1Pk_CIDzs0KtPkZUFU1&t=637814761746327080
Requested by: Host: afn.by
URL: https://afn.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.173.140.157 Moscow, Russian Federation, ASN34300 (SPACENET-AS Internet Service Provider, RU),
Reverse DNS: afn.today
Software: Microsoft-IIS/10.0 /
Resource Hash: 40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:53 GMT
last-modified: Sat, 26 Feb 2022 09:42:54 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
content-type: application/x-javascript
cache-control: public
content-length: 23063
expires: Fri, 19 Apr 2024 16:18:04 GMT

GET
H2 200 WebResource.axd Show response
afn.by/ 26 KB
26 KB 91ms
91ms Script
application/x-javascript 62.173.140.157
SPACENET-AS Inter...

General

Check archive.org

Show headers Download Go to

Full URL: https://afn.by/WebResource.axd?d=j8vvoyaifjvlN4hVlEnJWHWSDZdBC8U54gvtudvF_ovCrNW5jwpwiBjilFnX2S6vEwCPO1trGoJrcB5e-KZDOBr9RWBMrO0aFyWu_oksMzM1&t=637814761746327080
Requested by: Host: afn.by
URL: https://afn.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.173.140.157 Moscow, Russian Federation, ASN34300 (SPACENET-AS Internet Service Provider, RU),
Reverse DNS: afn.today
Software: Microsoft-IIS/10.0 /
Resource Hash: ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:53 GMT
last-modified: Sat, 26 Feb 2022 09:42:54 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
content-type: application/x-javascript
cache-control: public
content-length: 26951
expires: Fri, 19 Apr 2024 16:26:53 GMT

GET
H2 200 logo.gif
afn.by/images/ 2 KB
2 KB 50ms
48ms Image
image/gif 62.173.140.157
SPACENET-AS Inter...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://afn.by/images/logo.gif
Requested by: Host: afn.by
URL: https://afn.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.173.140.157 Moscow, Russian Federation, ASN34300 (SPACENET-AS Internet Service Provider, RU),
Reverse DNS: afn.today
Software: Microsoft-IIS/10.0 /
Resource Hash: 3d8799c171813adffb4105be1ee07dfd2e7716ba4a5fdd8b785736285a3bf677

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:53 GMT
last-modified: Sat, 22 Apr 2006 08:31:52 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "0cc8a34e765c61:0"
content-length: 2072
content-type: image/gif

GET
H2 200 telegram-icon.png
afn.by/images/ 9 KB
9 KB 50ms
48ms Image
image/png 62.173.140.157
SPACENET-AS Inter...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://afn.by/images/telegram-icon.png
Requested by: Host: afn.by
URL: https://afn.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.173.140.157 Moscow, Russian Federation, ASN34300 (SPACENET-AS Internet Service Provider, RU),
Reverse DNS: afn.today
Software: Microsoft-IIS/10.0 /
Resource Hash: 3b9bfffdd25b235582aed4cf08b709719aa5af611d5ca3f3f4a5cb5a17d9b6ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:53 GMT
last-modified: Mon, 31 Aug 2020 16:19:55 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "ea511590b27fd61:0"
content-length: 8970
content-type: image/png

GET
H2 200 facebook-icon-28x28.png
afn.by/images/ 1 KB
2 KB 50ms
48ms Image
image/png 62.173.140.157
SPACENET-AS Inter...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://afn.by/images/facebook-icon-28x28.png
Requested by: Host: afn.by
URL: https://afn.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.173.140.157 Moscow, Russian Federation, ASN34300 (SPACENET-AS Internet Service Provider, RU),
Reverse DNS: afn.today
Software: Microsoft-IIS/10.0 /
Resource Hash: a2108bb3f86caf930d09e8a85ae0eccf3a11a5d51296a620201e8a76a9b030c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:53 GMT
last-modified: Wed, 20 Nov 2019 20:28:42 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "91d37219e19fd51:0"
content-length: 1482
content-type: image/png

GET
H2 200 twitter-icon-28x28.png
afn.by/images/ 1 KB
1 KB 51ms
49ms Image
image/png 62.173.140.157
SPACENET-AS Inter...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://afn.by/images/twitter-icon-28x28.png
Requested by: Host: afn.by
URL: https://afn.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.173.140.157 Moscow, Russian Federation, ASN34300 (SPACENET-AS Internet Service Provider, RU),
Reverse DNS: afn.today
Software: Microsoft-IIS/10.0 /
Resource Hash: 75bb660f0c38697ed9be3b33be8e5a24365708ee94922da9dd44875efc3776e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:53 GMT
last-modified: Wed, 20 Nov 2019 20:34:16 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "c7dd92e0e19fd51:0"
content-length: 1157
content-type: image/png

GET
H2 200 feed-icon-28x28.png
afn.by/images/ 2 KB
2 KB 51ms
49ms Image
image/png 62.173.140.157
SPACENET-AS Inter...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://afn.by/images/feed-icon-28x28.png
Requested by: Host: afn.by
URL: https://afn.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.173.140.157 Moscow, Russian Federation, ASN34300 (SPACENET-AS Internet Service Provider, RU),
Reverse DNS: afn.today
Software: Microsoft-IIS/10.0 /
Resource Hash: 473feba11f89b4d197a2263ebb6567e53b75a969cff0679ccf50f6634fa3a4f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:53 GMT
last-modified: Thu, 27 Jul 2006 11:33:24 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "01a567870b1c61:0"
content-length: 1737
content-type: image/png

GET
H2 200 mail-icon-28x28.png
afn.by/images/ 1 KB
1 KB 51ms
49ms Image
image/png 62.173.140.157
SPACENET-AS Inter...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://afn.by/images/mail-icon-28x28.png
Requested by: Host: afn.by
URL: https://afn.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.173.140.157 Moscow, Russian Federation, ASN34300 (SPACENET-AS Internet Service Provider, RU),
Reverse DNS: afn.today
Software: Microsoft-IIS/10.0 /
Resource Hash: 1ddb0b820dec7b14a548cd751c4a24db01dec9d0716daa5724ee5c65d3c347ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:53 GMT
last-modified: Tue, 27 May 2014 16:44:49 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "18b1c1f9ca79cf1:0"
content-length: 1262
content-type: image/png

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
47 KB 164ms
84ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5271363197717881

Requested by

Host: afn.by
URL: https://afn.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ca7303cb16c078c0bcfd488899772dcba2ce31c67e30b24ed8407127da7a97c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://afn.by/
Origin: https://afn.by
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47913
x-xss-protection: 0
server: cafe
etag: 2586603906178004286
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 20 Apr 2023 16:26:53 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 116ms
36ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: afn.by
URL: https://afn.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 20 Apr 2023 14:27:45 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 7148
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 20 Apr 2023 16:27:45 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 213 KB
73 KB 208ms
97ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: afn.by
URL: https://afn.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

d02406cd88a47de122e1e34f06500c9fa249d0ee521af39e6906243e9f8c22a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Wed, 19 Apr 2023 15:07:00 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "643fd964-1237b"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 74619
expires: Thu, 20 Apr 2023 17:26:53 GMT

GET
H2 200 aci.js Show response
www.acint.net/ 24 KB
8 KB 46ms
12ms Script
application/x-javascript 167.235.177.246
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/aci.js
Requested by: Host: afn.by
URL: https://afn.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.235.177.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz2024477.sapientru.net
Software: openresty /
Resource Hash: eaba4c606dbd8ce6ad26a8bb999d30e855f8c1c5e194dc675b459c60679e8cb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:53 GMT
content-encoding: gzip
last-modified: Fri, 24 Mar 2023 20:32:18 GMT
server: openresty
etag: "641e08d2-1e68"
content-type: application/x-javascript
cache-control: max-age=43200
content-length: 7784
expires: Fri, 21 Apr 2023 04:26:53 GMT

GET
H2 200 icons.png
afn.by/images/ 3 KB
3 KB 48ms
48ms Image
image/png 62.173.140.157
SPACENET-AS Inter...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://afn.by/images/icons.png
Requested by: Host: afn.by
URL: https://afn.by/styles/cocss.css?v=2020-09-16T2305
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.173.140.157 Moscow, Russian Federation, ASN34300 (SPACENET-AS Internet Service Provider, RU),
Reverse DNS: afn.today
Software: Microsoft-IIS/10.0 /
Resource Hash: ebb3597f3a327fe00b7b1b766dd19e454e3f8b34ad5d45505439b42bf1c24d42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://afn.by/styles/cocss.css?v=2020-09-16T2305
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:53 GMT
last-modified: Sat, 02 Aug 2008 10:28:49 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "10b0818d8af4c81:0"
content-length: 2939
content-type: image/png

GET
H2

200

/ Show response
www.acint.net/mc/ Frame 1D81
Redirect Chain

https://www.acint.net/mc/?dp=10
https://www.acint.net/mc/?dp=10&tc=1

4 KB
4 KB

12ms
11ms

Document
text/html

167.235.177.246
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/mc/?dp=10&tc=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/aci.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.235.177.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz2024477.sapientru.net
Software: openresty /
Resource Hash: 379e9267c135f7515414a84dc87ac6f3adf849488d8f75a6e67e8bda6d37eec0

Request headers

Referer: https://afn.by/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Thu, 20 Apr 2023 16:26:53 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
server: openresty

Redirect headers

content-length: 154
content-type: text/html
date: Thu, 20 Apr 2023 16:26:53 GMT
location: /mc/?dp=10&tc=1
server: openresty

GET
H2 200 oci.js Show response
www.acint.net/ 31 KB
14 KB 13ms
12ms Script
application/x-javascript 167.235.177.246
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/oci.js?t=1682008013381
Requested by: Host: www.acint.net
URL: https://www.acint.net/aci.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.235.177.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz2024477.sapientru.net
Software: openresty /
Resource Hash: 8ba3e3e1912ff8d885aa686201303d50274fc681d2c37edf4b9ed5a8e19e3617

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:53 GMT
content-encoding: gzip
last-modified: Fri, 24 Mar 2023 20:32:13 GMT
server: openresty
etag: W/"641e08cd-7dac"
content-type: application/x-javascript

GET
H2 200 /
www.acint.net/hit/ 43 B
341 B 11ms
11ms Image
image/gif 167.235.177.246
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/hit/?v=0.5.1&uid=4f7f3bb3-e337-44ef-83c6-30c0fe985811&dp=10&tz=%2B00%3A00&nc=08852945&u=https%3A%2F%2Fafn.by%2F&r=&rs=1600x1200&t=AFN.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%D0%9F%D0%BE%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D1%8D%D0%BA%D0%BE%D0%BD%D0%BE%D0%BC%D0%B8%D0%BA%D0%B0%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D1%8B%20%D1%8D%D0%BD%D0%B5%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BE%D0%B1%D1%89%D0%B5%D1%81%D1%82%D0%B2%D0%BE&oE=1&oP=1&dT=2023-04-20T16%3A26%3A53.378&fu=1e5ba734-a8d1-497b-9dc8-b73ffbba8dc0
Requested by: Host: afn.by
URL: https://afn.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.235.177.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz2024477.sapientru.net
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif
date: Thu, 20 Apr 2023 16:26:53 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

match
acint.net/ Frame 1D81
Redirect Chain

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
https://acint.net/match?dp=14&euid=2B03420ACD674164C4003C3502724503

43 B
269 B

16ms
11ms

Image
image/gif

167.235.177.246
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=14&euid=2B03420ACD674164C4003C3502724503
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 167.235.177.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz2024477.sapientru.net
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:53 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Thu, 20 Apr 2023 16:26:53 GMT
Server: openresty
Access-Control-Allow-Methods: GET
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Location: https://acint.net/match?dp=14&euid=2B03420ACD674164C4003C3502724503
Content-Type: text/html
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 142
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

match
acint.net/ Frame 1D81
Redirect Chain

https://px.adhigh.net/p/cm/sape?u=0100007FCD674164BB037866027A7299
https://px.adhigh.net/p/cm/sape?u=0100007FCD674164BB037866027A7299&bounced=1
https://acint.net/match?dp=17&euid=Fv0kTO1bJS.AikABlGHn317DQ

43 B
269 B

11ms
11ms

Image
image/gif

167.235.177.246
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=17&euid=Fv0kTO1bJS.AikABlGHn317DQ
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 167.235.177.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz2024477.sapientru.net
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:53 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:53 GMT
server: nginx
x-backend-id: f2-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
location: https://acint.net/match?dp=17&euid=Fv0kTO1bJS.AikABlGHn317DQ
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 1D81
Redirect Chain

https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-6386191052
https://www.acint.net/rmatch?dp=45&euid=Awrd0rlr_IkW5nTDB2hv3YA&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FCD674164BB037866027A7299

42 B
201 B

108ms
73ms

Image
image/gif

81.222.128.215
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FCD674164BB037866027A7299
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Server: 81.222.128.215 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad15.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Thu, 20 Apr 2023 16:26:53 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

date: Thu, 20 Apr 2023 16:26:53 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FCD674164BB037866027A7299
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 154
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 204 sync
a.utraff.com/ Frame 1D81 0
792 B 45ms
18ms Image
text/plain 2606:4700:3032::6815:3b42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.utraff.com/sync?ssp=Sape
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:3b42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2FFbImffnKPBA2lMUl%2FEgLc0c2uw6tAoM5sZ4Ka%2Bs4uEKD%2Faenvw9sVt2q92VL%2BVmAkZnwVwwEKL20GEtGhh04XMAnrjTu18%2FW7pQHxkivbxlfcTShVK%2F3ihzAOUjSh978UN4Yzfgtdemdk%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cf-ray: 7baec0644ce99207-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 match
dm-eu.hybrid.ai/ Frame 1D81 0
282 B 64ms
18ms Image
text/plain 37.230.131.16
HYBRID-POLAND

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm-eu.hybrid.ai/match?id=106&vid=0100007FCD674164BB037866027A7299

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.230.131.16 Amsterdam, Netherlands, ASN200197 (HYBRID-POLAND, PL),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:53 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: https://www.acint.net
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-mode: 507
x-xss-protection: 1; mode=block
expires: -1

GET
H/1.1 200
OK adcm.js Show response
tag.digitaltarget.ru/ Frame 1D81 3 KB
3 KB 139ms
42ms Script
application/javascript 185.15.175.145
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/adcm.js
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.15.175.145 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Thu, 20 Apr 2023 16:26:53 GMT
Last-Modified: Thu, 20 Apr 2023 16:04:30 GMT
Server: nginx
ETag: "6441628e-beb"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3051

GET
H2 204 sape
sync.dmp.otm-r.com/match/ Frame 1D81 0
70 B 93ms
50ms Image
text/plain 116.202.85.93
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/sape?id=0100007FCD674164BB037866027A7299
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 116.202.85.93 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.93.85.202.116.clients.your-server.de
Software: nginx/1.17.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 20 Apr 2023 16:26:53 GMT
server: nginx/1.17.10

GET
H2

200

match
acint.net/ Frame 1D81
Redirect Chain

https://sync.upravel.com/sape/sync
https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
https://www.acint.net/match?dp=71&euid=c5d2ac60-16bd-421d-a69f-130ec8bd759a
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D&dp=14
https://acint.net/match?dp=14&euid=2B03420ACD674164C4003C3502724503

43 B
269 B

12ms
12ms

Image
image/gif

167.235.177.246
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=14&euid=2B03420ACD674164C4003C3502724503
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 167.235.177.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz2024477.sapientru.net
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:53 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Thu, 20 Apr 2023 16:26:53 GMT
Server: openresty
Access-Control-Allow-Methods: GET
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Location: https://acint.net/match?dp=14&euid=2B03420ACD674164C4003C3502724503
Content-Type: text/html
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 142
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 1D81 42 B
201 B 306ms
74ms Image
image/gif 81.222.128.215
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=0100007FCD674164BB037866027A7299
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.215 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad15.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Thu, 20 Apr 2023 16:26:53 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2

200

match
www.acint.net/ Frame 1D81
Redirect Chain

https://ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
https://www.acint.net/match?dp=95&euid=YJPSYPZD

43 B
269 B

11ms
11ms

Image
image/gif

167.235.177.246
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=95&euid=YJPSYPZD
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 167.235.177.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz2024477.sapientru.net
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:53 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/match?dp=95&euid=YJPSYPZD
Date: Thu, 20 Apr 2023 16:26:53 GMT
Server: nginx/1.16.1
Connection: keep-alive
Content-Length: 74
Content-Type: text/html; charset=utf-8

GET
H2

200

match
www.acint.net/ Frame 1D81
Redirect Chain

https://sync.adspend.space/sape?uid=0100007FCD674164BB037866027A7299
https://sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3D3a1f0fbb-d3c8-44cc-b824-3702959657e8
https://www.acint.net/match?dp=98&euid=3a1f0fbb-d3c8-44cc-b824-3702959657e8

43 B
269 B

12ms
12ms

Image
image/gif

167.235.177.246
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=98&euid=3a1f0fbb-d3c8-44cc-b824-3702959657e8
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 167.235.177.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz2024477.sapientru.net
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:53 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=98&euid=3a1f0fbb-d3c8-44cc-b824-3702959657e8
date: Thu, 20 Apr 2023 16:26:53 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 102
content-type: text/html; charset=utf-8

GET
H2 200 pixel.gif
sync.1dmp.io/ Frame 1D81 12 B
155 B 128ms
40ms Image
text/html 87.242.89.90
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FCD674164BB037866027A7299
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 87.242.89.90 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),
Reverse DNS
Software: elb /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:53 GMT
last-modified: Mon, 30 Jan 2023 18:57:34 GMT
server: elb
accept-ranges: bytes
etag: "63d8131e-c"
content-length: 12
content-type: text/html

GET
H2

200

match
www.acint.net/ Frame 1D81
Redirect Chain

https://sape-sync.rutarget.ru/sync
https://www.acint.net/match?dp=104&euid=5FLG06xeIlKU

43 B
269 B

13ms
12ms

Image
image/gif

167.235.177.246
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=104&euid=5FLG06xeIlKU
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 167.235.177.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz2024477.sapientru.net
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:53 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/match?dp=104&euid=5FLG06xeIlKU
Date: Thu, 20 Apr 2023 16:26:53 GMT
Server: nginx
Connection: close
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2

200

match
acint.net/ Frame 1D81
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=35313&external_user_id=0100007FCD674164BB037866027A7299&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=35313&external_user_id=0100007FCD674164BB037866027A7299&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
https://acint.net/match?dp=107&euid=95198a82-dfaf-526e-a81c-44facc5d2337

43 B
269 B

11ms
11ms

Image
image/gif

167.235.177.246
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=107&euid=95198a82-dfaf-526e-a81c-44facc5d2337
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 167.235.177.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz2024477.sapientru.net
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:53 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://acint.net/match?dp=107&euid=95198a82-dfaf-526e-a81c-44facc5d2337
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

match
acint.net/ Frame 1D81
Redirect Chain

https://ads.adlook.me/csync?pid=sape&uid=0100007FCD674164BB037866027A7299&url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
https://acint.net/match?dp=110&euid=1672935d1adc4aaebb634ed6aef3a39a

43 B
269 B

14ms
14ms

Image
image/gif

167.235.177.246
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=110&euid=1672935d1adc4aaebb634ed6aef3a39a
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 167.235.177.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz2024477.sapientru.net
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:53 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://acint.net/match?dp=110&euid=1672935d1adc4aaebb634ed6aef3a39a
date: Thu, 20 Apr 2023 16:26:53 GMT
server: Microsoft-IIS/10.0

GET
H2

404

D93KMiYHSQKzWlCklwt_PA
an.yandex.ru/setud/mts_banner/ Frame 1D81
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=sape&id=0100007FCD674164BB037866027A7299
https://sm.rtb.mts.ru/match/second?ssp=30&exu=0100007FCD674164BB037866027A7299
https://tech.rtb.mts.ru/?dsp_uid=0fddca32-2607-4902-b35a-50a4970b7f3c&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FD93KMiYHSQKzWlCklwt_PA%3Flocation%3Dhttps%253A%252F%252Fsm.rtb.mts...
https://an.yandex.ru/setud/mts_banner/D93KMiYHSQKzWlCklwt_PA?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D0&sign=769295378

43 B
104 B

65ms
64ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/setud/mts_banner/D93KMiYHSQKzWlCklwt_PA?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D0&sign=769295378

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 20 Apr 2023 16:26:54 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=windows-1251
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 20 Apr 2023 16:26:54 GMT

Redirect headers

Date: Thu, 20 Apr 2023 16:26:54 GMT
Server: nginx/1.20.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Location: https://an.yandex.ru/setud/mts_banner/D93KMiYHSQKzWlCklwt_PA?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D0&sign=769295378
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2

200

match
www.acint.net/ Frame 1D81
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
https://www.acint.net/match?dp=126&euid=fa6706da-280e-4cd9-6147-021d500f8cad

43 B
269 B

12ms
11ms

Image
image/gif

167.235.177.246
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=126&euid=fa6706da-280e-4cd9-6147-021d500f8cad
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 167.235.177.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz2024477.sapientru.net
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:53 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=126&euid=fa6706da-280e-4cd9-6147-021d500f8cad
date: Thu, 20 Apr 2023 16:26:52 GMT
server: nginx
content-length: 115
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2

200

match
www.acint.net/ Frame 1D81
Redirect Chain

https://s.uuidksinc.net/match/396/?remote_uid=0100007FCD674164BB037866027A7299
https://www.acint.net/match?dp=127&euid=gQzVdeKe8Sj7PgITOXQm

43 B
269 B

11ms
11ms

Image
image/gif

167.235.177.246
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=127&euid=gQzVdeKe8Sj7PgITOXQm
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 167.235.177.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz2024477.sapientru.net
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:53 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=127&euid=gQzVdeKe8Sj7PgITOXQm
date: Thu, 20 Apr 2023 16:26:53 GMT
server: nginx/1.23.2
content-length: 0

GET
H2

200

match
www.acint.net/ Frame 1D81
Redirect Chain

https://ssp.bidvol.com/usersync?dspcsid=8&redirect=1
https://www.acint.net/match?dp=129&euid=baveqe52rl

43 B
269 B

24ms
16ms

Image
image/gif

167.235.177.246
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=129&euid=baveqe52rl
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 167.235.177.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz2024477.sapientru.net
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:53 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:53 GMT
server: nginx/1.22.0
surrogate-control: no-store
vary: Origin
access-control-allow-origin: *
location: https://www.acint.net/match?dp=129&euid=baveqe52rl
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
x-request-id: 92f413b2-f11d-42f6-afdb-d1e7d68f754e
expires: 0

GET
H/1.1 204
No Content userbind
match.new-programmatic.com/ Frame 1D81 0
215 B 155ms
45ms Image
text/plain 217.65.2.150
CITYTELECOM-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.new-programmatic.com/userbind?src=sape&id=0100007FCD674164BB037866027A7299
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.65.2.150 Moscow, Russian Federation, ASN3175 (CITYTELECOM-MSK, RU),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 20 Apr 2023 16:26:53 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.22.1
Connection: keep-alive
Content-Length: 0
Vary: Origin

GET
H2

204

0.gif
x01.aidata.io/ Frame 1D81
Redirect Chain

https://x01.aidata.io/0.gif?pid=9401454&id=0100007FCD674164BB037866027A7299
https://x01.aidata.io/0.gif?pid=9401454&id=0100007FCD674164BB037866027A7299&bounce=1
https://counter.yadro.ru/id-redir/aidata.gif?back=STOP
https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP

0
433 B

62ms
59ms

Image
text/plain

89.108.119.28
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 89.108.119.28 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51802.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:54 GMT
last-modified: Thu, 20 Apr 2023 16:26:53 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires: Thu, 20 Apr 2023 16:26:53 GMT

Redirect headers

Location: https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP
Date: Thu, 20 Apr 2023 16:26:54 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Connection: keep-alive
Content-Length: 324
Content-Type: text/html; charset=iso-8859-1

GET
H2

200

sape.js
sync.gonet-ads.com/match/ Frame 1D81
Redirect Chain

https://sync.gonet-ads.com/match/sape.js?id=0100007FCD674164BB037866027A7299
https://sync.gonet-ads.com/match/sape.js?id=0100007FCD674164BB037866027A7299&chk=1

268 B
268 B

20ms
20ms

Image
application/javascript

188.42.105.220
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.gonet-ads.com/match/sape.js?id=0100007FCD674164BB037866027A7299&chk=1

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Server

188.42.105.220 , Luxembourg, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-xss-protection: 1; mode=block

Redirect headers

date: Thu, 20 Apr 2023 16:26:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/javascript
location: https://sync.gonet-ads.com/match/sape.js?id=0100007FCD674164BB037866027A7299&chk=1
content-length: 0
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

/
sync.bumlam.com/ Frame 1D81
Redirect Chain

https://sync.bumlam.com/?src=sap1&uid=0100007FCD674164BB037866027A7299
https://sync.bumlam.com/?src=sap1&s_data=CAIQARjNz4WiBmIgMDEwMDAwN0ZDRDY3NDE2NEJCMDM3ODY2MDI3QTcyOTmiARApNd1I35gR7YbgACWQwGR8

0
523 B

9ms
8ms

Image
text/html

31.172.81.158
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=sap1&s_data=CAIQARjNz4WiBmIgMDEwMDAwN0ZDRDY3NDE2NEJCMDM3ODY2MDI3QTcyOTmiARApNd1I35gR7YbgACWQwGR8
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Server: 31.172.81.158 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: text/html; charset=utf-8
Date: Thu, 20 Apr 2023 16:26:53 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date: Thu, 20 Apr 2023 16:26:53 GMT
Server: nginx
ETag: 2935dd48-df98-11ed-86e0-002590c0647c
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sap1&s_data=CAIQARjNz4WiBmIgMDEwMDAwN0ZDRDY3NDE2NEJCMDM3ODY2MDI3QTcyOTmiARApNd1I35gR7YbgACWQwGR8
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

done
pix.bumlam.com/sync/sape/ Frame 1D81
Redirect Chain

https://pix.bumlam.com/sync/sape/check?sspuid=0100007FCD674164BB037866027A7299
https://sync.bumlam.com/?src=sape
https://pix.bumlam.com/sync/sape/sync_ok?guid=2935dd48-df98-11ed-86e0-002590c0647c
https://2935dd48-df98-11ed-86e0-002590c0647c.n1.sync.bumlam.com/?src=sape
https://pix.bumlam.com/sync/sape/done

43 B
673 B

13ms
10ms

Image
image/gif

31.172.81.160
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.bumlam.com/sync/sape/done

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

HTTP/1.1

Server

31.172.81.160 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Apr 2023 16:26:54 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.acint.net
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
X-Xss-Protection: 0
Expires: 05-Jun-2005 22:00:00 GMT

Redirect headers

location: https://pix.bumlam.com/sync/sape/done
date: Thu, 20 Apr 2023 16:26:54 GMT
server: nginx/1.22.1
content-length: 0

GET
H2 200 0100007FCD674164BB037866027A7299
an.yandex.ru/mapuid/sapeis/ Frame 1D81 43 B
571 B 212ms
89ms Image
image/gif 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/sapeis/0100007FCD674164BB037866027A7299

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 20 Apr 2023 16:26:53 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 20 Apr 2023 16:26:53 GMT

GET
H/1.1 200
OK cm
nr.bidderstack.com/sape/ Frame 1D81 44 B
384 B 366ms
58ms Image
image/gif 23.88.12.14
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nr.bidderstack.com/sape/cm?user_id=0100007FCD674164BB037866027A7299
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.88.12.14 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.14.12.88.23.clients.your-server.de
Software: nginx /
Resource Hash: 82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 20 Apr 2023 16:26:54 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 44
Content-Type: image/gif

GET
H2

200

match
www.acint.net/ Frame 1D81
Redirect Chain

https://cs.agency2.ru/p?ssp=sp&uid=0100007FCD674164BB037866027A7299
https://www.acint.net/match?dp=186&euid=290d6a68-e95c-429a-bd3f-8c94996e5de5

43 B
269 B

41ms
19ms

Image
image/gif

167.235.177.246
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=186&euid=290d6a68-e95c-429a-bd3f-8c94996e5de5
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 167.235.177.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz2024477.sapientru.net
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:54 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Thu, 20 Apr 2023 16:26:53 GMT
Server: fasthttp
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Location: https://www.acint.net/match?dp=186&euid=290d6a68-e95c-429a-bd3f-8c94996e5de5
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
X-Host: 23.111.107.44
Connection: keep-alive
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

match
www.acint.net/ Frame 1D81
Redirect Chain

https://sp.ohmy.bid/cm?ssp=sape&redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D217%26euid%3D%7Buid%7D
https://www.acint.net/match?dp=217&euid=50c364de-7e6e-4fde-8607-6472d8f9f069

43 B
269 B

13ms
12ms

Image
image/gif

167.235.177.246
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=217&euid=50c364de-7e6e-4fde-8607-6472d8f9f069
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 167.235.177.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz2024477.sapientru.net
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:54 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/match?dp=217&euid=50c364de-7e6e-4fde-8607-6472d8f9f069
Date: Thu, 20 Apr 2023 16:26:54 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK user-sync
sync.adkernel.com/ Frame 1D81 0
160 B 84ms
29ms Image
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Apr 2023 16:26:53 GMT
Cache-Control: no-store
Server: nginx
Connection: close
Age: 0
Content-Length: 0

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/awg/custom/7536/i/ Frame 1D81
Redirect Chain

https://sync.programmatica.com/match/01
https://sync.programmatica.com/match/01?chk=1
https://www.acint.net/rmatch?dp=235&euid=NWY5NGViNDU4MDc1NThhYg&r=https%3A%2F%2Fsync.programmatica.com%2Fmatch%2F01%3Fid%3D%24%7BUSER_ID%7D%26fp%3D1642882560
https://sync.programmatica.com/match/01?id=0100007FCD674164BB037866027A7299&fp=1642882560
https://dmg.digitaltarget.ru/1/7536/i/i?a=1051&e=NWY5NGViNDU4MDc1NThhYg&i=lcya70qdknfo
https://dmg.digitaltarget.ru/awg/custom/7536/i/i?call_source=awg&ts=1682008014315&a=1051&e=NWY5NGViNDU4MDc1NThhYg&i=lcya70qdknfo

49 B
602 B

56ms
54ms

Image
image/gif

185.15.175.145
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/awg/custom/7536/i/i?call_source=awg&ts=1682008014315&a=1051&e=NWY5NGViNDU4MDc1NThhYg&i=lcya70qdknfo

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

HTTP/1.1

Server

185.15.175.145 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Thu, 20 Apr 2023 16:26:54 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 6
Connection: keep-alive
Content-Length: 64
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: DENY
Content-Type: image/gif
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true

Redirect headers

Date: Thu, 20 Apr 2023 16:26:54 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: nginx
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 1
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://dmg.digitaltarget.ru/awg/custom/7536/i/i?call_source=awg&ts=1682008014315&a=1051&e=NWY5NGViNDU4MDc1NThhYg&i=lcya70qdknfo
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H2

429

weborama-sync
adx.com.ru/ Frame 1D81
Redirect Chain

https://adx.com.ru/sape-sync?uid=0100007FCD674164BB037866027A7299
https://adx.com.ru/sync?sspKey=25&sspUserID=0100007FCD674164BB037866027A7299
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D644167ced41e060001aeeb73%2526r%253D%26webouid%3...
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D644167ced41e060001aeeb73%2526r%253D%26webouid%3...
https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fprodmp.ru%2Fyabbi.gif%3Fuid%3D644167ced41e060001aeeb73%26r%3D&webouid=p06OiAVrcZXZhHCxlY9UEu

0
0

52ms
46ms

Image
text/html

83.222.105.70
MNOGOBYTE-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fprodmp.ru%2Fyabbi.gif%3Fuid%3D644167ced41e060001aeeb73%26r%3D&webouid=p06OiAVrcZXZhHCxlY9UEu
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 83.222.105.70 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:54 GMT
via: 1.1 google
last-modified: Thu, 20 Apr 2023 16:26:54 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fprodmp.ru%2Fyabbi.gif%3Fuid%3D644167ced41e060001aeeb73%26r%3D&webouid=p06OiAVrcZXZhHCxlY9UEu
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2

404

D93KMiYHSQKzWlCklwt_PA
an.yandex.ru/setud/mts_banner/ Frame 1D81
Redirect Chain

https://kimberlite.io/rtb/sync/sape2?u=0100007FCD674164BB037866027A7299
https://sm.rtb.mts.ru/p?ssp=toptraffic&id=ZEFnzhG9SSk
https://sm.rtb.mts.ru/match/second?ssp=59&exu=ZEFnzhG9SSk
https://tech.rtb.mts.ru/?dsp_uid=0fddca32-2607-4902-b35a-50a4970b7f3c&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FD93KMiYHSQKzWlCklwt_PA%3Flocation%3Dhttps%253A%252F%252Fsm.rtb.mts...
https://an.yandex.ru/setud/mts_banner/D93KMiYHSQKzWlCklwt_PA?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D59%26em%3D0&sign=1904105073

43 B
80 B

69ms
66ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/setud/mts_banner/D93KMiYHSQKzWlCklwt_PA?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D59%26em%3D0&sign=1904105073

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 20 Apr 2023 16:26:54 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=windows-1251
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 20 Apr 2023 16:26:54 GMT

Redirect headers

Date: Thu, 20 Apr 2023 16:26:54 GMT
Server: nginx/1.20.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Location: https://an.yandex.ru/setud/mts_banner/D93KMiYHSQKzWlCklwt_PA?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D59%26em%3D0&sign=1904105073
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H/1.1 200
OK cm.gif
ad.mail.ru/ Frame 1D81 43 B
764 B 210ms
52ms Image
image/gif 2a00:1148:db00::17
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mail.ru/cm.gif?p=48&id=0100007FCD674164BB037866027A7299
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Thu, 20 Apr 2023 16:26:54 GMT
Last-Modified: Thu, 20 Apr 2023 16:26:54 GMT
Server: nginx
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Embedder-Policy: require-corp
Content-Type: image/gif
Cache-Control: max-age=21600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
Expires: Thu, 20 Apr 2023 22:26:54 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
203 B 43ms
42ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=2063691867&t=pageview&_s=1&dl=https%3A%2F%2Fafn.by%2F&ul=en-us&de=UTF-8&dt=AFN.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%D0%9F%D0%BE%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D1%8D%D0%BA%D0%BE%D0%BD%D0%BE%D0%BC%D0%B8%D0%BA%D0%B0%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D1%8B%20%D1%8D%D0%BD%D0%B5%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BE%D0%B1%D1%89%D0%B5%D1%81%D1%82%D0%B2%D0%BE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=612670468&gjid=68439991&cid=449161101.1682008013&tid=UA-261460-1&_gid=1402774173.1682008013&_r=1&_slc=1&z=1235217553

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://afn.by/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://afn.by
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.acint.net/oci/ 43 B
224 B 13ms
13ms Image
image/gif 167.235.177.246
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/oci/?v=0.5.1&uid=4f7f3bb3-e337-44ef-83c6-30c0fe985811&dp=10&tz=%2B00%3A00&nc=85395443&oid=41202ed8725301474fd4e4560f16ccb1
Requested by: Host: afn.by
URL: https://afn.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.235.177.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz2024477.sapientru.net
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif
date: Thu, 20 Apr 2023 16:26:53 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 1161ad05ba4dfe9436a9.js Show response
yastatic.net/partner-code-bundles/760136/ 14 KB
5 KB 211ms
110ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/760136/1161ad05ba4dfe9436a9.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

9b3caf7e73a6fa4b377170b0070fc293b70726966823e7a72fc841437148c09d

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://afn.by/
Origin: https://afn.by
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:53 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4859
last-modified: Wed, 19 Apr 2023 17:21:11 GMT
server: nginx/1.17.9
etag: "08e3b665d5724d75edbf5f7e57cccf30"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sat, 19 Apr 2053 23:02:45 GMT

GET
H2 200 e61840d1b8c6ec5092aa.js Show response
yastatic.net/partner-code-bundles/760136/ 113 KB
24 KB 233ms
133ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/760136/e61840d1b8c6ec5092aa.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

37b20394d252b7dce644fcccd75602abaec32080c336b02ad4dbb545d39d0bcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://afn.by/
Origin: https://afn.by
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:53 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 24053
last-modified: Wed, 19 Apr 2023 17:21:11 GMT
server: nginx/1.17.9
etag: "696b405d9d4044d85fb7aa460c6d90cb"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sat, 19 Apr 2053 23:02:45 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 249ms
150ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://afn.by/
Origin: https://afn.by
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:53 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sat, 19 Apr 2053 23:02:45 GMT

GET
H2 200 text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ 25 KB
26 KB 186ms
89ms Font
font/woff2 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://afn.by/
Origin: https://afn.by
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:53 GMT
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 26004
x-amz-meta-owner: {"role":"admin","login":"4eb0da"}
last-modified: Mon, 25 Apr 2022 14:02:39 GMT
server: nginx/1.17.9
etag: "7f0cdaf91230f9789ca4162aedff612e"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31556952
x-nginx-request-id: 8cbb9f29ad1c53b9
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Apr 2024 22:15:57 GMT

GET
H2 200 465488 Show response
yandex.ru/ads/meta/ 120 KB
36 KB 267ms
266ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/meta/465488?target-ref=https%3A%2F%2Fafn.by%2F&charset=utf-8&pcode-test-ids=657518%2C0%2C43%3B731913%2C0%2C10%3B749183%2C0%2C75%3B749166%2C0%2C84%3B757576%2C0%2C28%3B755250%2C0%2C42%3B755254%2C0%2C94%3B756836%2C0%2C16%3B757572%2C0%2C96%3B757711%2C0%2C17%3B734894%2C0%2C70%3B758322%2C0%2C64%3B758311%2C0%2C58%3B760136%2C0%2C97%3B681843%2C0%2C31&pcode-flags-map=eJylWGtv2zYU%2FSuD97Xo9KSsfKMkyiYsiRpFxXWLgvAaN%2FGQx5CmXZei%2F32XpGxLckKnLQIkiuxzeHmfh%2Fw2OceNbOZsKXEmC5yQQuaMS1rJBFcV4ZOzd98mX9bXnzeTs4ngLZm8mjxsPj3QC%2FgfId8Posn3968ONDVnWZuKRrJK1rhtiJUhcuPANwykwklBJElZeSApaCOUMec0I0w9wKcJk5iXA9rN139GrKEfataMNpo2ZW0lJCcZ5SRVlLiu7ZZ5ThB4%2B73BRmTZFoJyVhTAVgn1QLhcYpHOSSYFLYlked4QYef1PSc6%2BCxphWBqWwUb%2Bvp3P%2Fo4xKE4RBpXpywjA6SO2dBHLyXbB05QAX7CVSYTlq1UOtSY45II2GRGcgybH3DmuGiGOwuiAB12xongK5UFFRFLxheScM7s%2BRSFKIjig1lCh%2B6c8IayaoCMwmkAEe5jkeOFB2yXTU2K4XdBF%2FDY8nOyAmuWsJ2Gziq7KciJ%2FOiI7mc52ooWDGfERAqXg9x7uP%2B86cECb%2BrHjoFB1jWNLscRZpzyPRBEriGkkixpCJg7dPnmdv3X9WaA9JEXGytz%2BkaWsNac0NlcyErYlwxCP3Y1cAVpQ95I3sqMlZhWNljoRJ6P9uslnC3AWFhLzjjNrEgXwo6eXFBCnQtOEyvccx0UaPhbUnkyb6GSlzQTc0lLPCNWbOAGU%2BeA3bWVhHEVVI4z2ja%2FvZBhhZXdxmCJiyVeNXakH3V%2BzvIa6qqpWQWJoToOa4dF6TmOM8QGjh%2F0ukaqoJWwrxcCTZdKOQMvE5W7u%2FUkeWNNC1gyirxjOM1VT1mquobs%2FBmGnQHnuGgH0fKdp9EFwbySJePQRDCneLRvb7Bo6Didl2tOGadiJZMVNFWyrBm3OwxFqKu9XV50YyZtuBUYu9G0l5G0kSmGLikkTlOIUmPpEmHsh647wOosbiClxVy5qcZZRquZnSQIA2O5HpCQymJVE%2BnbrQ6mUdgLT8lT8FNDE1qA1%2BzLxRF6FqmGRVrQdHFi9R2HnsdGpkhosDmFMUzVJnKc2qs5nnrdDDZ2dCRmggqmh1%2BBVwlOF71Zb6OE6RP43iAcc6IbPmiO41ExRruhh0wc1GzhJIcqn8uCzWhqx039rqWBmTnlpcpZTqrdpKk5SexNFUFX9NxB8sLU4ZBJoJdA2YAHVKNsUq5mStNYax%2B5sRsEfTk3Em6dkIAXOa2oIJCk6QLkh7W%2BUBA6CA1MbErMhfyzJS1R5KfMChFC4X6YizkHvTOyTKsTlYG0gv5CYYYWJ6yK3KiLOIiMAqCd33Gu6ojmSjxJPfXtAYimMYr34z7nFGiKlTR4Nflr%2B%2BaG%2BGQhG%2FrWmv4IxX4XpR6iOSUij9aNAyfas0CvzRSDVZgjNA2QO15ZliDLsX0tz3OMr3vJqPSC0mELwewemqLA9XdVAmMXjhawVUgaCWLc6ADdd8xIPz73HPFFU%2F94F2Jm3wOEaer2a%2BMgI59wvW7jpw46KPZQJypMRTQLWkvBdd861UlRDGcvAx4tnRdMqdSsk70nSKZdFTxHopNrwPFx%2B1XerL%2FKq8328urhGTp9RJMLkuBEglC0nvccmEiDUjTVvJxDlvQSpoLJqvvkrIWurE5Q0CtTQs%2FtFRq5TtANPM6ladCiBWVhKl07WjeVdjY%2FcdoFJlOqBX670s1Bal3Wh32bfNw8fLgq1%2FeX29vJmRuCurm5%2B2t7vWk%2BrK%2B3t5eTM%2B%2F7gDWEcdZLAtMWQabJpFCZoA7R%2FQXeTW7W2%2BvX95%2FBtv%2FWtxebr%2FD8x%2FZmfbn5NHh1ub7Rby4eN7fm6%2Bsv24c783jzuvfPxe22e6uY9wzw4n79eH33eNV9%2FHhv%2Fn6%2BX7%2B%2B3fz76egLf6%2FvbrYa%2Bv7pLfYr7hBae%2FjQLs8HYJWf%2BETgAWlKtsIC0gQ6FZ91%2FUoKPLPqdpgOXq%2FZ5QRSjhOcCjjMngCGvuMdyxNa1TCWlT75QXECx30fTZ8l7LUj6B92Xx6YGiL241zTVG2ZnLAjdP3IREJfDelrGEDC1E1IasadloP2ngM0kRP%2B8KVRzpg45SfQL%2F5eJ9Tm3AEaupPW9uIOYlBje%2FBOqQCJvjI6kJ26RYndTuzosapP4mJOyqFLPjxcD10CP2g8IJ8aLjClJC%2Fr8dR7iQ6LwtALnV9YRH%2F%2BwhW6yL5soRdyjhPiwH28GqtVnXZfLkfXT0fehyWMoBIzps5wDGJXKJUK%2BwfBAZNsHPgjK9HUP4Q9w3zxwqibRgGxa4tMqlMjJ91dnr7HUwISjgU%2Fpu2ANuoOlx2xvokSq4LMWmD5dVbQXuZ2SgpSQjsT9or3g2lsHMxJyaARt5UenuR8fJlx5CLQE8ZFpmuP9HVBq4W9GQNBZ7Se1OMLtQg5LgRueO3n6lB%2B%2Fx%2B5W96C&pcode-icookie=hQavDTiQPug5eoUR8QIUkdv2%2BT%2BOxmBxXEFxxikKZNB2kBYkuZn3t%2BdPL0VyHyzN2NNKwl9nCLA2x6OBpucUN3%2FTE0Y%3D&imp-id=1&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=180319906955266&ad-session-id=499641682008013567&target-id=83613843&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fafn.by&top-ancestor-undetermined=0&pcode-version=760136&pcodever=760136&flash-ver=0&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.2%2C%22supportHDRBrightness%22%3Afalse%2C%22isInIframe%22%3Afalse%2C%22w%22%3A4000%2C%22h%22%3A0%2C%22width%22%3A4000%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A20%2C%22top%22%3A20%2C%22ad_no%22%3A0%2C%22req_no%22%3A0%7D&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo0MTF9ChKjpJCkJoqBYKBOXlj7X9ahi3i5uviyJf-y_Vti6bou-LVdnJ2L_LZwFMEW7SYctUmDZov9OOFwzBFbv65rXbtsHbK_gT4ewBWlIKWEYMSatmHmW2f4NBvGBBNCCUWBlFKCpwA0YAHdBC7AZuQ5hBbyQlnI4xJziUJxDmGH0lAYyrkkXEIu8aCHugiEoXgQhaJQnrnwFkBeyF-AgoQWyAueH8pD_jKNP9z5oZRLEmIvoATn8sDhwl_0Q_FSCL7eycyiBWAnI0fnYHHRgOZhL4Ovqx14vcNuIFou0ryIhrhNvmVYHkq4-CH2csVfpHIuXC5RXkQIFx7-EGPhxcyABZAQUrHB-67YIQ-wwnzuO-jvgXtQeVgdMizqZXxZzSEQTtJddZndRYHAJZxVuGCe9mUyhxiLEGsBiZdJeSjMzT2U5EGGtcgwdvpDFDmX4Fw-vll3QUu5CM6smAs3fzv5It1luXgf4m61zV7mltLdVvxpiZfRaUvvhetonHjWgrpjnOHwZ67S3WeZGqLt6ARDGxeXS8TFyz1TLmGaf6-Btevj2levLOuNev3wXMIsvDbjnvqVfL-lDuOd7_Hzt7EzqZNfdPaWbxNzOj4AiFObhxZpkQ58OqQKCkpaOqQaLRUtnUKtoNTQghB1QMfWe9NRaBTaTK6l0IDHTqVRUqvUpAo1GTl7piYjV2jIFeCxh3BCyCG02Uu6c5YvPOJXoeAD_97-BcTTfifZYSx4ku_YY3pNuEhptiek2Y7IZieJTXnzDqPKarjK3nfc2Ze_A96cW9be20HH8w5ziM_F3_p40vFf7gROotP7l_ienVZd6bsy4dC_q4nNqZBltbQk0WNiZ_POA2wNIsRkKiql_UhwfHRMVZCEOAlVEKZPZpHdjNyNxkBL5X4SQH5iJnBLBcYrAGsSeZHip1y0K8ahpKN4kA0f6oc9HIgHtPzTEA-5Nyc2g8TNDNbQuLBJCn11TrociVNXN-0s-t6s8zfiHrR1r0_E5baFskFpUuKzHJLMBAgG5h7gFIIo02gotSokykyuQazMpGSUaoWaWplpkCjV5BqlMmu2a2QUiDIFGbkGUUZGptIAVKbRkoOtzGRqyowMiYYya8g1KqAgympyJRKVlpxak0lVarC0CjVAaicLs0qjXc5KhVahmYJm60BOQ0aFiJZuGaSgpaNSg5WpKbVKJXjsWiUp0DUKQFZTUWnI2ZfPIoVYBF5wHhAJLurlgGQDKaU6oUamVikVi0pLG8KcEkupScemXRgo1cPpiLyx0okIsq8w7WGqSgwQs83mvfV5w3ibiV6dyzDmgHNz8RNcTY6MjJ12QvJyEb4p0w5pe81O7AopoZR-fbvJyGpar67LBkZ6g67mzGY3Sz_NiFVaUlKNit2LbtuwPUFOSqml1iAlo6Q6AjbOs-AAf-JKseA1WjelSKkWBFI9rStQbfnq7RmnIqO2hUH38UC49-z4z6h_0N2i2XFIno0sJiNjNjLQG1nzbPRY1pytJzWEJKUNoYdADMGwO_mPfHva1-uDuajgtluQ_tZXKJQNrBOel5wV07B7hwk_5_93Pa5NsOR6ek_YLKqgxPC2hIHzYsR8Kd6_9JOebT9Y2W-m-LHo3HIKnrNsX1KZB8Febl_wirGIfx856DZyCh8OHvzmQXaTBolgAuRbjXlXVpGPxMc69tERLqvye-Nt8bR1SYAgFfpSIUjTr5WGiDCfghO6UmNE7YWH_M-aENRes0se6kkg_N7SIbiJjo303QNj6td6QRfpeNMnnC0xYY-nm4fVBdbfHSDurz1vvnmJ7rbHfxPdU_0qIe8380KblkEqJjlc8qrfmQ_B4cDdD_1RYJ38dv0-zJPz7_Tf9lfBcSbZripM7Wj00zxPvva4Tj3Jcuf_nsjTz68NejPJfQmCOB08O8qW9s6Uw8yfwsBoU_79bv5TYjs889wi7PL1JHcYxEPhlPCiqs_4pBdXRseGwMqxRvnJW5tt13WG11m40_pjF34AeLad4OUnpORVDOkL4tVIKvZO6N8hbaD_r78tLnnxPlv6JKezDrdD9vsfzeBk7T67xL_KxN5K2eSpx_RSdrTLbiKiD58kkbgCr6hfRkCF3GtpPsHSAcR6DUqHf1Egf7zz9e1ezT-mvgXF-3Poi3obbmCA_uwSp-yaUb4avxb_SAn6YArN7Trcpt0En9c6dkpgcadcciu53fef0HS-KxzMoHI7gYm9wW2zZep4ugP_hnv6esN_3ldX07wV-ENfrvCM7cuxiY8YwWUPehkKTBM52357X-d2LK3N4pjnXgryfIrPHrNNpKc8ds2FcOJcJzZ_HNK6OxgfseyxFuGDEuZt5q4NortMaS7am-_GMHPAPoDVjS24gBRCeZfyidyvt6IWxgkieyC-YSCsENYGaLE3Pqgf-TwQzDTCXbhdDqmVu6H8RfM6mOCXqf_N6JSkWvKEVqGm0LDT_mNmAxO9jpWObZC4-K6xtKcQyr2UIEgh_BQksb8Tr23Btg2moPozR-PAX3Gxbona7vcG4vbPP728ZG-G_LSm_yZBFDmZ6Q0MnMkJLECgd3_oCazJM_GCp9_-8KvdVpZm9hDmQWKMZZNDWK-VNibl7Chfx0BvZOLU9cdO4eucfy0uSV9ZaUelIDKnnJOuc3ufZVMPU1YylC9opNcbOS6YvtlE108LQRqh89tNgCa635_qlm1XJJWp_OKZQvDPr_2nrSDo8jBj-qKKfMY1rlk4kg_W_DAADeHcYoqv4zcv7Q4pxg2-PUkk6dX-RXtSHBPVexgY3mYdPQunNsOaoi4lfh3sCVJ_bH7VYrexHbOUi2Aa7NAUTm-hvr_i_mqbF4LgKPDOI4Yrj8GdCk3SttQkB8qJoqdn4ZTQ6P8a-wa36SSPSSHsdy1ZUOUKWs0tL5Xwb29p1dCzRN0Eu5FiHS442FpOZQWqLS3AcPWJ26YyMJmMunGmrMxotKkcRDKw5hv1rQP3a0zSbbAbO4Muh6ClmfclEKc7mDwCiDLcdIQAJgSlVwPozpX0xK9vrurCKP1SDFGOy9YnsYIk5oNHoANzUGHOPzej1ULQYdqeQC2Sl_9Q8DyMx9PHK0MD58cR0q0mfvApvFONVrTsW9Vf3QnPLIqKB0-EybgqNj8d17uJrwErGOiwaQ6crNzPc_JE5jeByrnaGy5DQBsfKm-kPH8wR2BdtpZnA9QiGeEt9hYIu_6yhU1XUS_aGo804rLJkwZl6IY9t8FlO3AJfcp7r4XASz7_CuFdT3CvQNK111RhfDijhGnSuYsXbjIXeMn2jWbuEw2rNPqifnRSv7kpWGd6Ya6oDcQBZV9N88i4BDUFv-2L067vYnNfHvIDFYCvwuTZv77HluKVppzI3TR-e6OZcftmqe8xt4vGchlQkvK2bXMnU71iaP-wXQtdywDKSSxI1ojjFXVcX7Zw92THAMl7-ybyY5pzie5lP164vra6xLnxfPFvkslbNNfStyQxtC6TQYvlSfsLPdssAu7kAoJAiUVYC3hVMBPXkoSO99D-WpQnibf4jqITCKutcEl7fkN5_ss503B9wrcyh3HS_zoNZe_4KYe2aQ7l8TKJySRN8UdtX8qvUYfauZWqLcxtlb61-HaYMLfS3m8jcJj7deZlNcrMnf6t6pbtYDDe6Z9D4JhBQAPLwMzxG0Kv9K3nFXWpo71PeoooB0nDkeSyXTtqx-vDv06xi6oDia2utVVlwnaK_vA66AF8DVNQUGpKGQ3oG38dSbeDgMJ08r2sOz2TqPGStNY8Cm7k-RVwQaJEDWo7NaISmvWZqZ875QRqCBnlxGWl13G6FiDfj-OXCgBeeXmiuvVJ6vVYJZtMFVcvH1juqzoA3yeLfDo2rF_QnvQ2Uh54qOQ2olAelYZ3EU-HviFhK_7FzBUuhBPpCEsmj_F3fO9SvkiYPMazQDp2yu6hN-bUyS48fpsmsPbwwEY5sdE1V30lGAKpd35yw20rqX3_rIYfHJzORIzuZ58dt7MRlxBkzGaUL8HKyYYAfSoU98rAmRce8vQAXqhOqw8jfkbewzovM5qZRnmGzyU2FWb_drKiYu7aHJSSX8-IvgoecFcXB2rLEmOLWkl_XMr9tff34s4xKjcGygtU3iZFYQGeFXBLP3pX3doYnzj7N20_EoQyopx45FFtQoHoWGVdRti2liEbmehZ0GaEgRroy5KWpf70de-VzM7gYb8Ahu9Tbg-lx8aL6aifpDXr84RV7iQRwIWFdI5H25Lw0yu51xp4-4qfigu9kg8IMHOnLJpoaugPNYWLM8ctXwiQDJX4r0BOojzLtvNbccNLoqsYyzgTle-xHDznQBxoANzSGb9sveTbtdKN2HEHldvZX4vNMnH9FWl6JWm_S-aQd3Rco7WDHT8qPy6K-p-cLQRBJAvMSl6LfOwV6QxtIPN_j3s20wHojzsTdaVxMlD7lsFLpuY4PA7tbczAWKnOfLpvvtP2q6hB_GdeqrBbwSXs65KG7TNjIl5PfynLcgmSClMnlPLY8V7bGTCmwfZIcgf-5p2T2coMC-SKbZtFVTtWukCfhDxJj32kj3Z23ODHAc1fQ56fSqIxCG0pizn6vkaKpZwP71iLyJtRnCRXnz34fsvPbzFP8HZGd_GNDl5yoi3ZjPn6FjX-a-m6WEYzS8mH7_w2PF2_I_p1fuPLpQV2l2B8sk9qLUA_G5Lkr-VpN8e82fLZHbf2xxZEuP4KtjYwQvSDcpHTf0qHjwXBZKaRAvIa3QQW4ojb3o-fPurwJ3Js_UtPSnFuAWbhkh5jfFyflN6_WUWlv9SJ8xUD3YXOzGL0LBOtJ4tVAD8zXCtmSi2KFvvmmMeTfVXRhecl0iqD4C5r9nw5jmuXFgxJX9dCC1dsk4EYxlyUeBv1HG-r191gXyHPa0Fq5VBJlG7Qwui4ul67PMkMKt721phfEW9uGZHAWZyokI4bGen1Og4ipktcYyiM6vS-iuxNqsI_LGDPCaeJsPVxrWFvfUo_QH5UxV-2TfBo29p9cRQYgz42eDlWSIEOCc5eRCioJRPTO8lAb2RAuxH0RiYLJNqCvgf4&uniformat=true&callback=Ya%5B4811360767169%5D

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

d59e6c0d8ac22edc7e91a4591995b316622ce1e932a90c33d5b8db3a7eede928

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://afn.by/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 20 Apr 2023 16:26:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
ssr: true
x-yandex-req-id: 1682008013618086-12292744365763617126-balancer-l7leveler-kubr-yp-vla-66-BAL-5997
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type: Direct
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 20 Apr 2023 16:26:53 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
uniformat: true
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: application/json
access-control-allow-origin: https://afn.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Thu, 20 Apr 2023 16:26:53 GMT

GET
H2 200 c6b3d201ce10ef17c427.js Show response
yastatic.net/partner-code-bundles/760136/ 23 KB
8 KB 203ms
154ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/760136/c6b3d201ce10ef17c427.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

ffa6abd2363fe1549402399772fca75af523315847efb822e62471f388bce0c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://afn.by/
Origin: https://afn.by
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:53 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 7939
last-modified: Wed, 19 Apr 2023 17:21:11 GMT
server: nginx/1.17.9
etag: "ce343b78df19a20fcbe91a33e1a17393"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sat, 19 Apr 2053 23:02:45 GMT

GET
H2 200 1e4750bea4757274d47b.js Show response
yastatic.net/partner-code-bundles/760136/ 7 KB
3 KB 202ms
154ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/760136/1e4750bea4757274d47b.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

b40478394cf2d970975a1375d5991783644354a01ab75e14d41c94ef983d8e29

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://afn.by/
Origin: https://afn.by
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:53 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 2070
last-modified: Wed, 19 Apr 2023 17:21:11 GMT
server: nginx/1.17.9
etag: "159ef37867a06700e5ad61966e152d06"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sat, 19 Apr 2053 23:02:45 GMT

GET
H2 200 c1175567e7cf2b55dab7.js Show response
yastatic.net/partner-code-bundles/760136/ 612 KB
117 KB 138ms
138ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/760136/c1175567e7cf2b55dab7.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

76cc6d360b479ab721bc5154dc51b098f12bc82f7467a60623c863fd2c5a61ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://afn.by/
Origin: https://afn.by
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:53 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 119480
last-modified: Wed, 19 Apr 2023 17:21:11 GMT
server: nginx/1.17.9
etag: "2d4fd8ac40e48a45b1140a9397c2b725"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sat, 19 Apr 2053 23:00:41 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
343 B 57ms
18ms XHR
text/plain 2a00:1450:400c:c0a::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-261460-1&cid=449161101.1682008013&jid=612670468&gjid=68439991&_gid=1402774173.1682008013&_u=IEBAAEAAAAAAACAAI~&z=1876586654

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://afn.by/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 20 Apr 2023 16:26:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://afn.by
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/ 347 KB
116 KB 181ms
109ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5271363197717881&plah=afn.by

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5271363197717881

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f31d187aa243380e4b44f52f9c1d5f333a98dfd9dcb563fbc639aa437dafdd0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118931
x-xss-protection: 0
server: cafe
etag: 7355679033101888344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 20 Apr 2023 16:26:53 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230417/r20190131/ Frame 9947 10 KB
5 KB 113ms
35ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230417/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5271363197717881

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://afn.by/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 30275
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 08:02:18 GMT
etag: 2378337311435320485
expires: Thu, 04 May 2023 08:02:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9979.PRoRhgwQ8DOIUjLh1_UUHfymZju5aSElwAk1wqWKvTOKZq44AHd1YyE8fwD4k3LB.aw08HRzr8SPPCSgA1U1ay8zq-4A%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9979.3DARVzSwERzuLLCc4DC5-Mvcq4iBgp-RrQlKdv2RvCTJZC4ZpaPB0FfLWvD3HoEhT_s_V68jjG-OIExP4R77XFyGlxWzD6DqVkcSITfQWsqnklG5r1R4ItKMT818LHhVondo9Yx06EW...

43 B
481 B

50ms
50ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9979.3DARVzSwERzuLLCc4DC5-Mvcq4iBgp-RrQlKdv2RvCTJZC4ZpaPB0FfLWvD3HoEhT_s_V68jjG-OIExP4R77XFyGlxWzD6DqVkcSITfQWsqnklG5r1R4ItKMT818LHhVondo9Yx06EWrpd7usWNM3LBzh4MuEYSxK5WHs3F-IuZOlwNsaygz85dixpOqRcAgiid7P4BMl0-YYmFk56PiqSNiZlaoM_cEAxAfv8cmX6g%2C.xuN174__EkepMTkzARuPDNSbvKY%2C

Requested by

Host: afn.by
URL: https://afn.by/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:53 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9979.3DARVzSwERzuLLCc4DC5-Mvcq4iBgp-RrQlKdv2RvCTJZC4ZpaPB0FfLWvD3HoEhT_s_V68jjG-OIExP4R77XFyGlxWzD6DqVkcSITfQWsqnklG5r1R4ItKMT818LHhVondo9Yx06EWrpd7usWNM3LBzh4MuEYSxK5WHs3F-IuZOlwNsaygz85dixpOqRcAgiid7P4BMl0-YYmFk56PiqSNiZlaoM_cEAxAfv8cmX6g%2C.xuN174__EkepMTkzARuPDNSbvKY%2C
date: Thu, 20 Apr 2023 16:26:53 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

sync_cookie_image_decide
mc.yandex.by/
Redirect Chain

https://mc.yandex.by/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.by&token=9979.qJSPQh9mSYg2bPuYuq53cOBsenVnv-Xaa8zyLyweoy0SUoULYzKstebPZAbJAtny.TAMHdnuB6gzNuLgmU-z5MMjCLGU%2C
https://mc.yandex.by/sync_cookie_image_decide?token=9979.iWt3k0GdNVUQ-aZNhWdlAKgBnnRwtdYQadl2tHMT-x330dbtiqRJ2NL2sZhze2e7iFtrd0NjOtJdcCNKqyytDkyr2PoPLFXPbeqF9rkq79-3O3QyceffHxirmnxHMkM8xXRyU0GhE0iw...

43 B
480 B

52ms
52ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.by/sync_cookie_image_decide?token=9979.iWt3k0GdNVUQ-aZNhWdlAKgBnnRwtdYQadl2tHMT-x330dbtiqRJ2NL2sZhze2e7iFtrd0NjOtJdcCNKqyytDkyr2PoPLFXPbeqF9rkq79-3O3QyceffHxirmnxHMkM8xXRyU0GhE0iwtMquF9zHnKmGYGNduI7iLbarsijxXubLr1aD72XZbGHFr0AfHAFIoZ1hgT-KbPTxZWvX_gro_wRpqabWGDdX3WYWPdRBBTQ%2C.3O5EZlfSdOESIz1BVhxUJm3xsL0%2C

Requested by

Host: afn.by
URL: https://afn.by/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:53 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.by/sync_cookie_image_decide?token=9979.iWt3k0GdNVUQ-aZNhWdlAKgBnnRwtdYQadl2tHMT-x330dbtiqRJ2NL2sZhze2e7iFtrd0NjOtJdcCNKqyytDkyr2PoPLFXPbeqF9rkq79-3O3QyceffHxirmnxHMkM8xXRyU0GhE0iwtMquF9zHnKmGYGNduI7iLbarsijxXubLr1aD72XZbGHFr0AfHAFIoZ1hgT-KbPTxZWvX_gro_wRpqabWGDdX3WYWPdRBBTQ%2C.3O5EZlfSdOESIz1BVhxUJm3xsL0%2C
date: Thu, 20 Apr 2023 16:26:53 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
113 B 50ms
49ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: afn.by
URL: https://afn.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:53 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 19 Apr 2023 15:07:00 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "643fd964-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Thu, 20 Apr 2023 17:26:53 GMT

GET
H/1.1 200
OK processor.js Show response
tag.digitaltarget.ru/ Frame 1D81 16 KB
16 KB 100ms
89ms Script
application/javascript 185.15.175.145
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/processor.js?i=801969228494636
Requested by: Host: tag.digitaltarget.ru
URL: https://tag.digitaltarget.ru/adcm.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.15.175.145 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 4569d4e1b0e52b6316681f7312674f43ecb2b72ea8ab4adb2375e3686862c7dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Thu, 20 Apr 2023 16:26:54 GMT
Last-Modified: Thu, 20 Apr 2023 16:04:31 GMT
Server: nginx
ETag: "6441628f-3e14"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15892

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 160ms
75ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-261460-1&cid=449161101.1682008013&jid=612670468&_u=IEBAAEAAAAAAACAAI~&z=64581328

Requested by

Host: afn.by
URL: https://afn.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 153ms
75ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-261460-1&cid=449161101.1682008013&jid=612670468&_u=IEBAAEAAAAAAACAAI~&z=64581328

Requested by

Host: afn.by
URL: https://afn.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/421539/
Redirect Chain

https://mc.yandex.com/watch/421539?wmode=7&page-url=https%3A%2F%2Fafn.by%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aihb4q796484i93c2xtzqhr%3Afp%3A1595%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ae...
https://mc.yandex.com/watch/421539/1?wmode=7&page-url=https%3A%2F%2Fafn.by%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aihb4q796484i93c2xtzqhr%3Afp%3A1595%3Afu%3A0%3Aen%3Autf-8%3Ala%3...

474 B
582 B

60ms
58ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/421539/1?wmode=7&page-url=https%3A%2F%2Fafn.by%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aihb4q796484i93c2xtzqhr%3Afp%3A1595%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1025%3Acn%3A1%3Adp%3A0%3Als%3A70872403400%3Ahid%3A1055585198%3Az%3A0%3Ai%3A20230420162653%3Aet%3A1682008014%3Ac%3A1%3Arn%3A446260790%3Arqn%3A1%3Au%3A1682008014157799749%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A1291%2C101%2C58%2C47%2C%2C0%2C%2C56%2C0%2C%2C%2C%2C1554%3Aco%3A0%3Acpf%3A1%3Ans%3A1682008011774%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1682008014%3At%3AAFN.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%D0%9F%D0%BE%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D1%8D%D0%BA%D0%BE%D0%BD%D0%BE%D0%BC%D0%B8%D0%BA%D0%B0%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D1%8B%20%D1%8D%D0%BD%D0%B5%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BE%D0%B1%D1%89%D0%B5%D1%81%D1%82%D0%B2%D0%BE&t=gdpr%2814%29mc%28p-1%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Host: afn.by
URL: https://afn.by/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

d63a18e8be1bbb529d3ff08b48fc963701a9d1c8a662194312e9a30f818e4d74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Thu, 20-Apr-2023 16:26:54 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://afn.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 474
x-xss-protection: 1; mode=block
expires: Thu, 20-Apr-2023 16:26:54 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:53 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 20-Apr-2023 16:26:53 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/421539/1?wmode=7&page-url=https%3A%2F%2Fafn.by%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aihb4q796484i93c2xtzqhr%3Afp%3A1595%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1025%3Acn%3A1%3Adp%3A0%3Als%3A70872403400%3Ahid%3A1055585198%3Az%3A0%3Ai%3A20230420162653%3Aet%3A1682008014%3Ac%3A1%3Arn%3A446260790%3Arqn%3A1%3Au%3A1682008014157799749%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A1291%2C101%2C58%2C47%2C%2C0%2C%2C56%2C0%2C%2C%2C%2C1554%3Aco%3A0%3Acpf%3A1%3Ans%3A1682008011774%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1682008014%3At%3AAFN.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%D0%9F%D0%BE%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D1%8D%D0%BA%D0%BE%D0%BD%D0%BE%D0%BC%D0%B8%D0%BA%D0%B0%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D1%8B%20%D1%8D%D0%BD%D0%B5%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BE%D0%B1%D1%89%D0%B5%D1%81%D1%82%D0%B2%D0%BE&t=gdpr%2814%29mc%28p-1%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://afn.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 20-Apr-2023 16:26:53 GMT

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 180ms
55ms Preflight 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://afn.by
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://afn.by
access-control-max-age: 1728000
content-encoding: gzip
date: Thu, 20 Apr 2023 16:26:54 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-xss-protection: 1; mode=block

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
182 B 97ms
51ms XHR
text/plain 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://afn.by/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 20 Apr 2023 16:26:54 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://afn.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 20 Apr 2023 16:26:54 GMT

GET
H2 200 465488 Show response
mc.yandex.com/watch/ 408 B
500 B 80ms
80ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/465488?wmode=7&page-url=https%3A%2F%2Fafn.by%2F&nohit=1&charset=utf-8&cnt-class=1&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aihb4q796484i93c2xtzqhr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1025%3Acn%3A2%3Adp%3A1%3Als%3A819173116912%3Ahid%3A1055585198%3Az%3A0%3Ai%3A20230420162653%3Aet%3A1682008014%3Ac%3A1%3Arn%3A910557562%3Au%3A1682008014157799749%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1682008011774%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1682008014%3At%3AAFN.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%D0%9F%D0%BE%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D1%8D%D0%BA%D0%BE%D0%BD%D0%BE%D0%BC%D0%B8%D0%BA%D0%B0%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D1%8B%20%D1%8D%D0%BD%D0%B5%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BE%D0%B1%D1%89%D0%B5%D1%81%D1%82%D0%B2%D0%BE&t=mc(p-1)clc(0-0-0)lt(5900)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

08f19ecd3a659e397d785841e224bde93f5c499fbb974d6f1f2ac507a81671be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Thu, 20-Apr-2023 16:26:53 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://afn.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 408
x-xss-protection: 1; mode=block
expires: Thu, 20-Apr-2023 16:26:53 GMT

GET
H2 200 y300
avatars.mds.yandex.net/get-direct/5739142/mDL9FRF6RoLCeuNIif0Keg/ 31 KB
31 KB 227ms
90ms Image
image/webp 2a02:6b8::184
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/5739142/mDL9FRF6RoLCeuNIif0Keg/y300
Requested by: Host: afn.by
URL: https://afn.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: 2db3be6364b8d39d14f4546b022c5739cb1dce1239795cb2481861ca9fc3c2b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:54 GMT
last-modified: Tue, 21 Mar 2023 15:22:51 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=MYT"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
content-length: 31798
x-request-id: b6996c3ae1d864b0

GET
H/1.1 200
Ok mrqz.me
favicon.yandex.net/favicon/ 1 KB
1 KB 187ms
54ms Image
image/png 2a02:6b8::36
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/mrqz.me?size=32&stub=2

Requested by

Host: afn.by
URL: https://afn.by/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

740e0b69971698972748e856a3b7f592c71b30f3d7f5fbc57ba26647362342b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2 200 render.html Show response
yastatic.net/safeframe-bundles/0.83/1-1-0/ Frame BAF0 24 KB
7 KB 156ms
49ms Document
text/html 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/host.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://afn.by/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
content-length: 6262
content-type: text/html
date: Thu, 20 Apr 2023 16:26:54 GMT
etag: "eb77de48712912aadc9aa8171ac75ede"
expires: Sat, 19 Apr 2053 23:01:41 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
server: nginx/1.17.9
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow

GET
H3 200 rum_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20230417/r20110914/ 55 KB
21 KB 48ms
39ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230417/r20110914/rum_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5271363197717881&plah=afn.by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e8a8dad2cdf4a7da0f38040d138a7716b70e4d8f13dc318aa5e9b0a7f77b63c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 07:20:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32763
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21730
x-xss-protection: 0
server: cafe
etag: 6215119229082367783
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 May 2023 07:20:51 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 379 B
598 B 167ms
46ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=afn.by&callback=_gfp_s_&client=ca-pub-5271363197717881

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b79e23911eefeaca5867708a66b84e64409d0b586b0be32b0a4e58dbd358f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 246
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 167ms
50ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=afn.by

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 166ms
49ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=afn.by

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5B5C 34 KB
13 KB 186ms
165ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271363197717881&output=html&adk=1812271804&adf=3025194257&lmt=1682008014&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fafn.by%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682008013614&bpp=4&bdt=387&idt=429&shv=r20230417&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5339548214821&rume=1&frm=20&pv=2&ga_vid=449161101.1682008013&ga_sid=1682008014&ga_hid=2063691867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C42531705%2C44788442%2C44789819%2C31061691%2C31061692&oid=2&pvsid=2084868377474032&tmod=1936465578&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&ifi=1&uci=a!1&fsb=1&dtd=485

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86d6b15af4993c90a65859c39f007c202beed7fe9f013ed8cdae7a695c2af2ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://afn.by/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 12975
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 16:26:54 GMT
expires: Thu, 20 Apr 2023 16:26:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 586D 88 KB
33 KB 679ms
678ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271363197717881&output=html&h=600&slotname=5761908397&adk=3519307484&adf=1131236467&pi=t.ma~as.5761908397&w=160&lmt=1682008014&format=160x600&url=https%3A%2F%2Fafn.by%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682008013618&bpp=1&bdt=390&idt=497&shv=r20230417&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5339548214821&rume=1&frm=20&pv=1&ga_vid=449161101.1682008013&ga_sid=1682008014&ga_hid=2063691867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=3855&ady=793&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C42531705%2C44788442%2C44789819%2C31061691%2C31061692&oid=2&pvsid=2084868377474032&tmod=1936465578&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=2&uci=a!2&fsb=1&xpc=UMIZUdID3b&p=https%3A//afn.by&dtd=509

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

576bf806a6ecd7c875739b2c77be848285ef7f557d3616565b1317b8d377303b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://afn.by/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 33185
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 16:26:54 GMT
expires: Thu, 20 Apr 2023 16:26:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 1 Show response
mc.yandex.com/watch/465488/ 43 B
86 B 56ms
54ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/465488/1?page-url=https%3A%2F%2Fafn.by%2F&charset=utf-8&cnt-class=1&hittoken=1682008013_7e1574b6e248c4a906c9047a784c0e3b03ab11f058323c5c0abebe3aef9007fc&browser-info=pa%3A1%3Aar%3A1%3Avf%3Aihb4q796484i93c2xtzqhr%3Afp%3A1595%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1025%3Acn%3A2%3Adp%3A1%3Als%3A819173116912%3Ahid%3A1055585198%3Az%3A0%3Ai%3A20230420162654%3Aet%3A1682008014%3Ac%3A1%3Arn%3A722005935%3Arqn%3A1%3Au%3A1682008014157799749%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A1291%2C101%2C58%2C47%2C%2C0%2C%2C56%2C0%2C%2C%2C%2C1554%3Aco%3A0%3Acpf%3A1%3Ans%3A1682008011774%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1682008014&t=mc(p-2-h-1)clc(0-0-0)rqnt(1)lt(16000)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://afn.by/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:54 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 20-Apr-2023 16:26:54 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://afn.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 20-Apr-2023 16:26:54 GMT

GET
H2 200 465488 Show response
mc.yandex.com/watch/ 43 B
74 B 61ms
60ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/465488?page-url=https%3A%2F%2Fafn.by%2F&charset=utf-8&cnt-class=1&hittoken=1682008013_7e1574b6e248c4a906c9047a784c0e3b03ab11f058323c5c0abebe3aef9007fc&browser-info=pv%3A1%3Aar%3A1%3Avf%3Aihb4q796484i93c2xtzqhr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1025%3Acn%3A2%3Adp%3A1%3Als%3A819173116912%3Ahid%3A1055585198%3Az%3A0%3Ai%3A20230420162654%3Aet%3A1682008014%3Ac%3A1%3Arn%3A843155924%3Arqn%3A2%3Au%3A1682008014157799749%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1682008011774%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1682008014%3At%3AAFN.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%D0%9F%D0%BE%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D1%8D%D0%BA%D0%BE%D0%BD%D0%BE%D0%BC%D0%B8%D0%BA%D0%B0%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D1%8B%20%D1%8D%D0%BD%D0%B5%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BE%D0%B1%D1%89%D0%B5%D1%81%D1%82%D0%B2%D0%BE&t=mc(p-2-h-1)clc(0-0-0)rqnt(2)lt(16000)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:54 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 20-Apr-2023 16:26:54 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://afn.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 20-Apr-2023 16:26:54 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/421539/ 43 B
74 B 56ms
55ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/421539/1?page-url=https%3A%2F%2Fafn.by%2F&charset=utf-8&hittoken=1682008014_79a257d3e51083ff798431d7898e34f6da04d14535bb12ff54befaff17e4ce39&browser-info=pa%3A1%3Aar%3A1%3Avf%3Aihb4q796484i93c2xtzqhr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1025%3Acn%3A1%3Adp%3A1%3Als%3A70872403400%3Ahid%3A1055585198%3Az%3A0%3Ai%3A20230420162654%3Aet%3A1682008014%3Ac%3A1%3Arn%3A9848856%3Arqn%3A2%3Au%3A1682008014157799749%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1682008011774%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1682008014&t=gdpr(14%2C14)mc(p-2-h-1)clc(0-0-0)rqnt(2)lt(16000)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://afn.by/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:54 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 20-Apr-2023 16:26:54 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://afn.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 20-Apr-2023 16:26:54 GMT

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 53ms
53ms Preflight 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://afn.by
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://afn.by
access-control-max-age: 1728000
content-encoding: gzip
date: Thu, 20 Apr 2023 16:26:54 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-xss-protection: 1; mode=block

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
51 B 58ms
56ms XHR
text/plain 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://afn.by/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 20 Apr 2023 16:26:54 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://afn.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 20 Apr 2023 16:26:54 GMT

GET
H2 200 1P_CRJEx0IS200000000U9nJFDkzuUmpjn0-Gu5dJ_xMopJAM9vDTqnX009Fc4YebD0khzW0ANQ6L4QWUAR0Cvyl8F5I4A_sAf1ePGJfw0JnWO29OIRZgmO8Uo6ZHJA4jP9nXYQ4jPTnIJ0Nmr4m_omZCr3aAYD8wrr61Xa6Xh-CivWO6EOoWKJMCaK1oRDC_u7W5... Show response
yandex.ru/an/rtbcount/ 43 B
388 B 56ms
55ms XHR
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/rtbcount/1P_CRJEx0IS200000000U9nJFDkzuUmpjn0-Gu5dJ_xMopJAM9vDTqnX009Fc4YebD0khzW0ANQ6L4QWUAR0Cvyl8F5I4A_sAf1ePGJfw0JnWO29OIRZgmO8Uo6ZHJA4jP9nXYQ4jPTnIJ0Nmr4m_omZCr3aAYD8wrr61Xa6Xh-CivWO6EOoWKJMCaK1oRDC_u7W5PC0AyUDPmBF61YoOpIPZlzaPVZBn0Aod9aLIFOoAmB9gSmWRNEPcK0M0aa5i8KRcV__4iWk4ttFTf8Pvj-hO9LtmUHFPWSdVeXpMNZFMuDPArXUDJ9jOFaF0umxaDW7aDWtMI2--c3_a6LZs0nxdoktxD-oWFosW9Np96lmL6wmz0NM1eMRh6TFpzgzmjp0xoihI6y7MmFB1BQpqm-zVNDduYg-6MnN3WSlODip-TVi1HUFNbPToGOpxm2RnmasvaTil6LPJbOMERaLHXd96UOlsM0s_uIp9hAlRVPlEsdxnduMEvkvcO6XiTa2TiODx4mxs7bEi8i_O6-_rRHpqgSDYxb_iFCiu03wSGN7ZcEC6pXc1E_WOBp5WH76JpaO61hi0Hoil8S0

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://afn.by/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 20 Apr 2023 16:26:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1682008014175476-6305876490160690181-balancer-l7leveler-kubr-yp-vla-66-BAL
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 20 Apr 2023 16:26:54 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: image/gif
access-control-allow-origin: https://afn.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Thu, 20 Apr 2023 16:26:54 GMT

GET
H/1.1 200
Ok d.png
ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/ Frame BAF0 95 B
400 B 184ms
55ms Image
image/png 2a02:6b8::5:114
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes

Requested by

Host: afn.by
URL: https://afn.by/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::5:114 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Thu, 20 Apr 2023 16:26:54 GMT
Strict-Transport-Security: max-age=315360000; includeSubDomains
Server: nginx/1.14.2
X-RT-IH: 0.0002
Content-Type: image/png
Cache-Control: private
Connection: close
X-RT-IQ: 0.0001
Content-Length: 95
Expires: Fri, 21 Apr 2023 16:26:54 GMT

GET
H2

200

9f3964b6e4c28e92279059
an.yandex.ru/mapuid/arcspireis/ Frame BAF0
Redirect Chain

https://px.arcspire.io/yndx?id=9d4cd41a-f59d-4815-8a89-9d30806f5389
https://an.yandex.ru/mapuid/arcspireis/9f3964b6e4c28e92279059

43 B
80 B

64ms
59ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/arcspireis/9f3964b6e4c28e92279059

Requested by

Host: afn.by
URL: https://afn.by/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 20 Apr 2023 16:26:54 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 20 Apr 2023 16:26:54 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/arcspireis/9f3964b6e4c28e92279059
date: Thu, 20 Apr 2023 16:26:54 GMT
x-envoy-upstream-service-time: 0
server: envoy
content-length: 0

GET
H2

200

0100007FCD674164BB037866027A7299
an.yandex.ru/mapuid/sapeis/ Frame BAF0
Redirect Chain

https://acint.net/rmatch/?dp=151&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F%24%7BUSER_ID%7D
https://an.yandex.ru/mapuid/sapeis/0100007FCD674164BB037866027A7299

43 B
80 B

69ms
69ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/sapeis/0100007FCD674164BB037866027A7299

Requested by

Host: afn.by
URL: https://afn.by/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 20 Apr 2023 16:26:54 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 20 Apr 2023 16:26:54 GMT

Redirect headers

date: Thu, 20 Apr 2023 16:26:54 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location: https://an.yandex.ru/mapuid/sapeis/0100007FCD674164BB037866027A7299
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 154
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

95198a82-dfaf-526e-a81c-44facc5d2337
an.yandex.ru/mapuid/betweendigitalis/ Frame BAF0
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D
https://an.yandex.ru/mapuid/betweendigitalis/95198a82-dfaf-526e-a81c-44facc5d2337

43 B
80 B

68ms
68ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/betweendigitalis/95198a82-dfaf-526e-a81c-44facc5d2337

Requested by

Host: afn.by
URL: https://afn.by/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 20 Apr 2023 16:26:54 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 20 Apr 2023 16:26:54 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/betweendigitalis/95198a82-dfaf-526e-a81c-44facc5d2337
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame BAF0
Redirect Chain

https://yandex.ru/an/mapuid/adobedmp/
https://dpm.demdex.net/ibs:dpid=423652&dpuuid=2012DD4D3043E270
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=2012DD4D3043E270

42 B
942 B

31ms
31ms

Image
image/gif

54.154.173.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=2012DD4D3043E270

Requested by

Host: afn.by
URL: https://afn.by/

Protocol

HTTP/1.1

Server

54.154.173.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-154-173-64.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v047-054dec948.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: E/e08i2oRlk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v047-04acc5c01.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: gzZvNhDXQKY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=2012DD4D3043E270
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

match
match.360yield.com/ul_cb/ Frame BAF0
Redirect Chain

https://yandex.ru/an/mapuid/azerionis/
https://match.360yield.com/match?external_user_id=C8EB2F8A6A03FE8A&publisher_dsp_id=429&publisher_call_type=redirect
https://match.360yield.com/ul_cb/match?external_user_id=C8EB2F8A6A03FE8A&publisher_dsp_id=429&publisher_call_type=redirect

43 B
198 B

29ms
28ms

Image
image/gif

18.200.127.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/ul_cb/match?external_user_id=C8EB2F8A6A03FE8A&publisher_dsp_id=429&publisher_call_type=redirect
Requested by: Host: afn.by
URL: https://afn.by/
Protocol: H2
Server: 18.200.127.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-127-67.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 20 Apr 2023 16:26:54 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://match.360yield.com/ul_cb/match?external_user_id=C8EB2F8A6A03FE8A&publisher_dsp_id=429&publisher_call_type=redirect
access-control-allow-origin: *
date: Thu, 20 Apr 2023 16:26:54 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 /
yandex.ru/an/mapuid/behaviorx/ Frame BAF0 0
0 64ms
55ms Image
text/html 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yandex.ru/an/mapuid/behaviorx/
Requested by: Host: afn.by
URL: https://afn.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H2

200

match
ads.betweendigital.com/ Frame BAF0
Redirect Chain

https://yandex.ru/an/mapuid/betweenx/
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=BC5C0A5FBE25928C

68 B
598 B

21ms
16ms

Image
image/png

188.42.196.115
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=161&external_user_id=BC5C0A5FBE25928C
Requested by: Host: afn.by
URL: https://afn.by/
Protocol: H2
Server: 188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Thu, 20 Apr 2023 16:26:54 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1682008014241710-14934072177412084244-balancer-l7leveler-kubr-yp-vla-66-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://ads.betweendigital.com/match?bidder_id=161&external_user_id=BC5C0A5FBE25928C
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 20 Apr 2023 16:26:54 GMT

GET
H/1.1

204
No Content

pixel
im.bluevoox.com/ Frame BAF0
Redirect Chain

https://yandex.ru/an/mapuid/blueseaxcom/
https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=8638100EF8D1056A

0
241 B

350ms
107ms

Image
text/plain

52.45.175.185
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=8638100EF8D1056A
Requested by: Host: afn.by
URL: https://afn.by/
Protocol: HTTP/1.1
Server: 52.45.175.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-175-185.compute-1.amazonaws.com
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Connection: close
Date: Thu, 20 Apr 2023 16:26:54 GMT
Server: openresty

Redirect headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Thu, 20 Apr 2023 16:26:54 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1682008014242029-12407701723500334760-balancer-l7leveler-kubr-yp-vla-66-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=8638100EF8D1056A
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 20 Apr 2023 16:26:54 GMT

GET
H2 200 /
yandex.ru/an/mapuid/eplanningrtb/ Frame BAF0 0
0 64ms
56ms Image
text/html 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yandex.ru/an/mapuid/eplanningrtb/
Requested by: Host: afn.by
URL: https://afn.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame BAF0
Redirect Chain

https://yandex.ru/an/mapuid/google/?partner-tag=yandex_llc
https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=C81C0073CCEF850E&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

170 B
232 B

158ms
49ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=C81C0073CCEF850E&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Requested by

Host: afn.by
URL: https://afn.by/

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Thu, 20 Apr 2023 16:26:54 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1682008014242501-11383653690396117772-balancer-l7leveler-kubr-yp-vla-66-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=C81C0073CCEF850E&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 20 Apr 2023 16:26:54 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame BAF0
Redirect Chain

https://yandex.ru/an/mapuid/google/?partner-tag=yandexcom
https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=C81C0073CCEF850E&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

170 B
409 B

157ms
49ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=C81C0073CCEF850E&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Requested by

Host: afn.by
URL: https://afn.by/

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Thu, 20 Apr 2023 16:26:54 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1682008014242722-3864650443910996411-balancer-l7leveler-kubr-yp-vla-66-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=C81C0073CCEF850E&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 20 Apr 2023 16:26:54 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame BAF0
Redirect Chain

https://yandex.ru/an/mapuid/google/?partner-tag=yandexru
https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=C81C0073CCEF850E&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

170 B
232 B

158ms
49ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=C81C0073CCEF850E&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Requested by

Host: afn.by
URL: https://afn.by/

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Thu, 20 Apr 2023 16:26:54 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1682008014243057-1871006103060535362-balancer-l7leveler-kubr-yp-vla-66-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=C81C0073CCEF850E&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 20 Apr 2023 16:26:54 GMT

GET
H2

200

sync
t.adx.opera.com/ Frame BAF0
Redirect Chain

https://yandex.ru/an/mapuid/operacom/
https://t.adx.opera.com/sync?vendor=60143&uid=A35D6690B26A3515

35 B
466 B

106ms
23ms

Image
image/gif

82.145.213.8
NO-OPERA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.adx.opera.com/sync?vendor=60143&uid=A35D6690B26A3515
Requested by: Host: afn.by
URL: https://afn.by/
Protocol: H2
Server: 82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS: n-sysadmin-jumpbox-03.feednews.opera.technology
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:54 GMT
server: nginx
access-control-allow-methods: POST, GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Thu, 20 Apr 2023 16:26:54 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1682008014243456-42962226248414458-balancer-l7leveler-kubr-yp-vla-66-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://t.adx.opera.com/sync?vendor=60143&uid=A35D6690B26A3515
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 20 Apr 2023 16:26:54 GMT

GET
H2

200

user-sync
rtb.programattik.com/ Frame BAF0
Redirect Chain

https://yandex.ru/an/mapuid/turktelekomrtb/
https://rtb.programattik.com/user-sync?dsp=5&t=image&uid=D708477C4F987C2B

42 B
152 B

178ms
52ms

Image
image/gif

85.111.6.50
TTNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.programattik.com/user-sync?dsp=5&t=image&uid=D708477C4F987C2B
Requested by: Host: afn.by
URL: https://afn.by/
Protocol: H2
Server: 85.111.6.50 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS: ns1.ttidc.com.tr
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:54 GMT
cache-control: no-store
server: nginx
age: 0
content-length: 42
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Thu, 20 Apr 2023 16:26:54 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1682008014291205-9689279330286811922-balancer-l7leveler-kubr-yp-vla-66-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://rtb.programattik.com/user-sync?dsp=5&t=image&uid=D708477C4F987C2B
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 20 Apr 2023 16:26:54 GMT

GET
H2 200 /
yandex.ru/an/mapuid/xapadsssp/ Frame BAF0 43 B
186 B 113ms
106ms Image
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yandex.ru/an/mapuid/xapadsssp/

Requested by

Host: afn.by
URL: https://afn.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Thu, 20 Apr 2023 16:26:54 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1682008014291497-11239235708405202357-balancer-l7leveler-kubr-yp-vla-66-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 20 Apr 2023 16:26:54 GMT

GET
H2

200

035a390d5f89fb608ff5c4e86cc1f067cc407de52dd129d75eecd3c98553fbf0
an.yandex.ru/mapuid/mediascope/ Frame BAF0
Redirect Chain

https://cm.tns-counter.ru/yacm
https://an.yandex.ru/mapuid/mediascope/035a390d5f89fb608ff5c4e86cc1f067cc407de52dd129d75eecd3c98553fbf0

43 B
80 B

66ms
66ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/mediascope/035a390d5f89fb608ff5c4e86cc1f067cc407de52dd129d75eecd3c98553fbf0

Requested by

Host: afn.by
URL: https://afn.by/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 20 Apr 2023 16:26:54 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 20 Apr 2023 16:26:54 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:54 GMT
server: ms-counter-4.0.4/1.22.1
content-type: text/html
location: https://an.yandex.ru/mapuid/mediascope/035a390d5f89fb608ff5c4e86cc1f067cc407de52dd129d75eecd3c98553fbf0
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 204 match
dm.hybrid.ai/ Frame BAF0 0
279 B 171ms
51ms Image
text/plain 37.18.16.21
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm.hybrid.ai/match?id=182

Requested by

Host: afn.by
URL: https://afn.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.21 , Russian Federation, ASN205675 (HYBRID-AS, DE),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:54 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: https://yastatic.net
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-mode: 113
x-xss-protection: 1; mode=block
expires: -1

GET
H2 204 yandexdmp-match
dm.hybrid.ai/ Frame BAF0 0
237 B 171ms
52ms Image
text/plain 37.18.16.21
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm.hybrid.ai/yandexdmp-match

Requested by

Host: afn.by
URL: https://afn.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.21 , Russian Federation, ASN205675 (HYBRID-AS, DE),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:54 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 114
x-xss-protection: 1; mode=block
expires: -1

GET
H2

200

LZL1NAnhMoF3FJi7SOlC
an.yandex.ru/mapuid/dmpamberdata/ Frame BAF0
Redirect Chain

https://dmg.digitaltarget.ru/1/119/i/i?i=1682008013
https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&ts=1682008014353&i=1682008013
https://an.yandex.ru/mapuid/dmpamberdata/LZL1NAnhMoF3FJi7SOlC

43 B
80 B

58ms
58ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpamberdata/LZL1NAnhMoF3FJi7SOlC

Requested by

Host: afn.by
URL: https://afn.by/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 20 Apr 2023 16:26:54 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 20 Apr 2023 16:26:54 GMT

Redirect headers

Date: Thu, 20 Apr 2023 16:26:54 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: nginx
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 4
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://an.yandex.ru/mapuid/dmpamberdata/LZL1NAnhMoF3FJi7SOlC
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H2

200

match
match.360yield.com/ Frame BAF0
Redirect Chain

https://euw-ice.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F{PUB_USER_ID}
https://euw-ice.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F%7BPUB_USER_ID%7D
https://an.yandex.ru/mapuid/azerionis/0fac157a-389e-437a-899e-7a1a994a2371
https://match.360yield.com/match?external_user_id=0fac157a-389e-437a-899e-7a1a994a2371&publisher_dsp_id=429&publisher_call_type=redirect

43 B
198 B

29ms
29ms

Image
image/gif

18.200.127.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match?external_user_id=0fac157a-389e-437a-899e-7a1a994a2371&publisher_dsp_id=429&publisher_call_type=redirect
Requested by: Host: afn.by
URL: https://afn.by/
Protocol: H2
Server: 18.200.127.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-127-67.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 20 Apr 2023 16:26:54 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 20 Apr 2023 16:26:54 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://match.360yield.com/match?external_user_id=0fac157a-389e-437a-899e-7a1a994a2371&publisher_dsp_id=429&publisher_call_type=redirect
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 20 Apr 2023 16:26:54 GMT

GET
H2

200

ba7f49ca-b920-4a8f-70ff-1a15625ad147
an.yandex.ru/mapuid/buzzooladspis/ Frame BAF0
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect/yandex?redirect_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbuzzooladspis%2F%24%7BUUID%7D
https://an.yandex.ru/mapuid/buzzooladspis/ba7f49ca-b920-4a8f-70ff-1a15625ad147

43 B
80 B

58ms
57ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/buzzooladspis/ba7f49ca-b920-4a8f-70ff-1a15625ad147

Requested by

Host: afn.by
URL: https://afn.by/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 20 Apr 2023 16:26:54 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 20 Apr 2023 16:26:54 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/buzzooladspis/ba7f49ca-b920-4a8f-70ff-1a15625ad147
date: Thu, 20 Apr 2023 16:26:56 GMT
server: nginx
content-length: 113
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2

200

match
www.acint.net/ Frame BAF0
Redirect Chain

https://kimberlite.io/rtb/sync/yandex
https://ads.betweendigital.com/match?bidder_id=45004&callback_url=https%3A%2F%2Fkimberlite.io%2Frtb%2Fsync%2Fbetween2%3Fu%3D%24%7BUSER_ID%7D%26f%3Dhttps%253A%252F%252Fwww.acint.net%252Fmatch%253Fdp...
https://kimberlite.io/rtb/sync/between2?u=95198a82-dfaf-526e-a81c-44facc5d2337&f=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D243%26euid%3DZEFnzhG9SSk&n=2
https://solta-sync.rutarget.ru/sync
https://kimberlite.io/rtb/sync/segmento?u=5FLG06xeIlKU
https://sm.rtb.mts.ru/p?ssp=toptraffic&id=ZEFnzhG9SSk
https://sm.rtb.mts.ru/match/second?ssp=59&exu=ZEFnzhG9SSk
https://tech.rtb.mts.ru/?dsp_uid=0fddca32-2607-4902-b35a-50a4970b7f3c&return_url=https%3A%2F%2Fpixel.konnektu.ru%2Fredirect%2Fmts%3Fcallback_url%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%...
https://pixel.konnektu.ru/redirect/mts?callback_url=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D59%26em%3D1%26ssp%3Dkonnektu%26id%3D%7BUSER_ID%7D
https://sm.rtb.mts.ru/em?next=59&em=1&ssp=konnektu&id=
https://kimberlite.io/rtb/sync/mts?u=0fddca32-2607-4902-b35a-50a4970b7f3c
https://www.acint.net/match?dp=243&euid=ZEFnzhG9SSk

43 B
269 B

11ms
11ms

Image
image/gif

167.235.177.246
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=243&euid=ZEFnzhG9SSk
Protocol: H2
Server: 167.235.177.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz2024477.sapientru.net
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:55 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Thu, 20 Apr 2023 16:26:55 GMT
referrer-policy: no-referrer
Server: nginx
access-control-allow-origin: *
location: https://www.acint.net/match?dp=243&euid=ZEFnzhG9SSk
cache-control: no-store
access-control-allow-credentials: true
Connection: keep-alive
server-timing: app;srv=5;dur=0.0004
Content-Length: 0

GET
H2

200

/
an.yandex.ru/mapuid/targetrtbis/ Frame BAF0
Redirect Chain

https://match.new-programmatic.com/userbind?src=yandex&pbf=1&gi=1
https://an.yandex.ru/mapuid/targetrtbis/

43 B
80 B

63ms
62ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/targetrtbis/

Requested by

Host: afn.by
URL: https://afn.by/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 20 Apr 2023 16:26:54 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 20 Apr 2023 16:26:54 GMT

Redirect headers

Date: Thu, 20 Apr 2023 16:26:54 GMT
Server: nginx/1.22.1
Vary: Origin
Access-Control-Allow-Origin: *
Location: https://an.yandex.ru/mapuid/targetrtbis/
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET pixel
mitdmp.whiteboxdigital.ru/ Frame BAF0 0
0

GET
H2

200

c0c34729-0391-4b7c-3aaa-349f574d2bc1
an.yandex.ru/mapuid/hyperdspis/ Frame BAF0
Redirect Chain

https://nr.bidderstack.com/yandex/cm?r=https://an.yandex.ru/mapuid/hyperdspis/
https://an.yandex.ru/mapuid/hyperdspis/c0c34729-0391-4b7c-3aaa-349f574d2bc1

43 B
80 B

66ms
65ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/hyperdspis/c0c34729-0391-4b7c-3aaa-349f574d2bc1

Requested by

Host: afn.by
URL: https://afn.by/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 20 Apr 2023 16:26:54 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 20 Apr 2023 16:26:54 GMT

Redirect headers

Location: https://an.yandex.ru/mapuid/hyperdspis/c0c34729-0391-4b7c-3aaa-349f574d2bc1
Access-Control-Allow-Origin: *
Date: Thu, 20 Apr 2023 16:26:54 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

/
an.yandex.ru/mapuid/ramblerssp/ Frame BAF0
Redirect Chain

https://profile.ssp.rambler.ru/sync3.302?pid=188
https://an.yandex.ru/mapuid/ramblerssp/

43 B
80 B

58ms
58ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/ramblerssp/

Requested by

Host: afn.by
URL: https://afn.by/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 20 Apr 2023 16:26:54 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 20 Apr 2023 16:26:54 GMT

Redirect headers

date: Thu, 20 Apr 2023 16:26:54 GMT
strict-transport-security: max-age=0
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
location: //an.yandex.ru/mapuid/ramblerssp/
content-type: application/x-javascript; charset=Windows-1251
x-passed: 0bal1
content-length: 0

GET
H2

200

Fv0kTO1bJS.AikABlGHn317DQ
an.yandex.ru/mapuid/getintentis/ Frame BAF0
Redirect Chain

https://px.adhigh.net/p/cm/yandexssp
https://an.yandex.ru/mapuid/getintentis/Fv0kTO1bJS.AikABlGHn317DQ

43 B
80 B

74ms
57ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/getintentis/Fv0kTO1bJS.AikABlGHn317DQ

Requested by

Host: afn.by
URL: https://afn.by/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 20 Apr 2023 16:26:54 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 20 Apr 2023 16:26:54 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:54 GMT
server: nginx
x-backend-id: f2-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
location: https://an.yandex.ru/mapuid/getintentis/Fv0kTO1bJS.AikABlGHn317DQ
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

p06OiAVrcZXZhHCxlY9UEu
an.yandex.ru/mapuid/dmpweborama/ Frame BAF0
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https://an.yandex.ru/mapuid/dmpweborama/{WEBO_CID}
https://an.yandex.ru/mapuid/dmpweborama/p06OiAVrcZXZhHCxlY9UEu

43 B
80 B

71ms
70ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpweborama/p06OiAVrcZXZhHCxlY9UEu

Requested by

Host: afn.by
URL: https://afn.by/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 20 Apr 2023 16:26:54 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 20 Apr 2023 16:26:54 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:53 GMT
via: 1.1 google
last-modified: Thu, 20 Apr 2023 16:26:54 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://an.yandex.ru/mapuid/dmpweborama/p06OiAVrcZXZhHCxlY9UEu
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 y
rtb-eu-warsaw.intent.ai/um/ Frame BAF0 68 B
840 B 123ms
57ms Image
image/png 2606:4700:20::681a:f45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb-eu-warsaw.intent.ai/um/y

Requested by

Host: afn.by
URL: https://afn.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f45 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:54 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 68
pragma: no-cache
last-modified: Thu, 20 Apr 2023 16:26:54 GMT
server: cloudflare
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5FFTnU3ZJwJaMzkujRDRyA0BIBizf4evw8ULol2DWkDNXF4xvdhZTUeQwMW3QknRuML1orVMaZCTKEzpfcHIcL7mbxAISOMP1U57N4kJVCrKDwupxgwTU68y59h%2FfRrdz%2Bek23fXJPnDSrAxuqj5ENU3Y%2F%2Bh"}],"group":"cf-nel","max_age":604800}
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
cf-ray: 7baec06a491a3606-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Wed, 11 Nov 1998 11:11:11 GMT

GET
H2

200

gQzVdeKe8Sj7PgITOXQm
an.yandex.ru/mapuid/kadamis/ Frame BAF0
Redirect Chain

https://s.uuidksinc.net/match/501
https://an.yandex.ru/mapuid/kadamis/gQzVdeKe8Sj7PgITOXQm

43 B
80 B

59ms
59ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/kadamis/gQzVdeKe8Sj7PgITOXQm

Requested by

Host: afn.by
URL: https://afn.by/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 20 Apr 2023 16:26:54 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 20 Apr 2023 16:26:54 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/kadamis/gQzVdeKe8Sj7PgITOXQm
date: Thu, 20 Apr 2023 16:26:54 GMT
server: nginx/1.23.2
content-length: 0

GET
H2

200

0fddca32-2607-4902-b35a-50a4970b7f3c
an.yandex.ru/mapuid/mtsdspis/ Frame BAF0
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=yandex&id=map
https://sm.rtb.mts.ru/match/second?ssp=55&exu=map
https://tech.rtb.mts.ru/?dsp_uid=0fddca32-2607-4902-b35a-50a4970b7f3c&return_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fmtsdspis%2F0fddca32-2607-4902-b35a-50a4970b7f3c
https://an.yandex.ru/mapuid/mtsdspis/0fddca32-2607-4902-b35a-50a4970b7f3c

43 B
80 B

58ms
57ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/mtsdspis/0fddca32-2607-4902-b35a-50a4970b7f3c

Requested by

Host: afn.by
URL: https://afn.by/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 20 Apr 2023 16:26:54 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 20 Apr 2023 16:26:54 GMT

Redirect headers

Date: Thu, 20 Apr 2023 16:26:54 GMT
Server: nginx/1.20.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Location: https://an.yandex.ru/mapuid/mtsdspis/0fddca32-2607-4902-b35a-50a4970b7f3c
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2

200

data_sess_sync.php
sonar.semantiqo.com/fbfli/ Frame BAF0
Redirect Chain

https://sonar.semantiqo.com/dmp/scr.php
https://counter.yadro.ru/id127/reff-id.gif?sid=94c6ffdbb873467196b9466893016b4e
https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=94c6ffdbb873467196b9466893016b4e

0
355 B

33ms
33ms

Image
text/html

95.217.109.66
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=94c6ffdbb873467196b9466893016b4e
Requested by: Host: afn.by
URL: https://afn.by/
Protocol: H2
Server: 95.217.109.66 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.66.109.217.95.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:54 GMT
content-encoding: gzip
mode: no-cors
server: nginx/1.20.1
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers

Redirect headers

Location: https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=94c6ffdbb873467196b9466893016b4e
Date: Thu, 20 Apr 2023 16:26:54 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Connection: keep-alive
Content-Length: 364
Content-Type: text/html; charset=iso-8859-1

GET
H2

200

wrd0rlr_IkW5nTDB2hv3YA
an.yandex.ru/mapuid/dmpadriver/ Frame BAF0
Redirect Chain

https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=109
https://an.yandex.ru/mapuid/dmpadriver/wrd0rlr_IkW5nTDB2hv3YA?sign=2132252727

43 B
80 B

58ms
58ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpadriver/wrd0rlr_IkW5nTDB2hv3YA?sign=2132252727

Requested by

Host: afn.by
URL: https://afn.by/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 20 Apr 2023 16:26:54 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 20 Apr 2023 16:26:54 GMT

Redirect headers

Location: //an.yandex.ru/mapuid/dmpadriver/wrd0rlr_IkW5nTDB2hv3YA?sign=2132252727
Date: Thu, 20 Apr 2023 16:26:54 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked

GET
H2

200

Awrd0rlr_IkW5nTDB2hv3YA
an.yandex.ru/mapuid/adriveris/ Frame BAF0
Redirect Chain

https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=19
https://an.yandex.ru/mapuid/adriveris/Awrd0rlr_IkW5nTDB2hv3YA

43 B
80 B

62ms
61ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/adriveris/Awrd0rlr_IkW5nTDB2hv3YA

Requested by

Host: afn.by
URL: https://afn.by/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 20 Apr 2023 16:26:54 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 20 Apr 2023 16:26:54 GMT

Redirect headers

Location: //an.yandex.ru/mapuid/adriveris/Awrd0rlr_IkW5nTDB2hv3YA
Date: Thu, 20 Apr 2023 16:26:54 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked

GET
H2 200 pixel.gif
sync.1dmp.io/ Frame BAF0 12 B
154 B 45ms
40ms Image
text/html 87.242.89.90
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au
Requested by: Host: afn.by
URL: https://afn.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 87.242.89.90 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),
Reverse DNS
Software: elb /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:54 GMT
last-modified: Mon, 30 Jan 2023 18:57:34 GMT
server: elb
accept-ranges: bytes
etag: "63d8131e-c"
content-length: 12
content-type: text/html

GET
H/1.1 200
OK /
sync.bumlam.com/ Frame BAF0 43 B
552 B 7ms
7ms Image
image/gif 31.172.81.158
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=yandex
Requested by: Host: afn.by
URL: https://afn.by/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 31.172.81.158 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/gif
Date: Thu, 20 Apr 2023 16:26:54 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Length: 43
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 204 yandexortb
sync.dmp.otm-r.com/match/ Frame BAF0 0
69 B 113ms
108ms Image
text/plain 116.202.85.93
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/yandexortb
Requested by: Host: afn.by
URL: https://afn.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 116.202.85.93 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.93.85.202.116.clients.your-server.de
Software: nginx/1.17.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 20 Apr 2023 16:26:54 GMT
server: nginx/1.17.10

GET
H2

200

NjcyMmEwMWYyN2UyNDU2ZQ
an.yandex.ru/mapuid/gonetisnew/ Frame BAF0
Redirect Chain

https://sync.gonet-ads.com/match/yandex?id=[buyerUid]
https://an.yandex.ru/mapuid/gonetisnew/NjcyMmEwMWYyN2UyNDU2ZQ

43 B
80 B

63ms
57ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/gonetisnew/NjcyMmEwMWYyN2UyNDU2ZQ

Requested by

Host: afn.by
URL: https://afn.by/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 20 Apr 2023 16:26:54 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 20 Apr 2023 16:26:54 GMT

Redirect headers

date: Thu, 20 Apr 2023 16:26:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
location: https://an.yandex.ru/mapuid/gonetisnew/NjcyMmEwMWYyN2UyNDU2ZQ
content-length: 0
x-xss-protection: 1; mode=block

GET
H2

200

c5d2ac60-16bd-421d-a69f-130ec8bd759a
an.yandex.ru/mapuid/upravelis/ Frame BAF0
Redirect Chain

https://sync.upravel.com/yandex/sync
https://an.yandex.ru/mapuid/upravelis/c5d2ac60-16bd-421d-a69f-130ec8bd759a

43 B
80 B

65ms
64ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/upravelis/c5d2ac60-16bd-421d-a69f-130ec8bd759a

Requested by

Host: afn.by
URL: https://afn.by/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 20 Apr 2023 16:26:54 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 20 Apr 2023 16:26:54 GMT

Redirect headers

date: Thu, 20 Apr 2023 16:26:54 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://an.yandex.ru/mapuid/upravelis/c5d2ac60-16bd-421d-a69f-130ec8bd759a
access-control-allow-origin: *
content-type: image/png
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 0

GET
H2

200

WaMMihBMeiQTJbe6RVOB%2Bw
an.yandex.ru/mapuid/dmpaidatame/ Frame BAF0
Redirect Chain

https://x01.aidata.io/0.gif?pid=YANDEX
https://an.yandex.ru/mapuid/dmpaidatame/WaMMihBMeiQTJbe6RVOB%2Bw?sign=2823620263

43 B
80 B

66ms
57ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpaidatame/WaMMihBMeiQTJbe6RVOB%2Bw?sign=2823620263

Requested by

Host: afn.by
URL: https://afn.by/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 20 Apr 2023 16:26:54 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 20 Apr 2023 16:26:54 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:54 GMT
last-modified: Thu, 20 Apr 2023 16:26:53 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
location: https://an.yandex.ru/mapuid/dmpaidatame/WaMMihBMeiQTJbe6RVOB%2Bw?sign=2823620263
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Thu, 20 Apr 2023 16:26:53 GMT

GET
H2

200

5FLG06xeIlKU
an.yandex.ru/mapuid/dmpsegmento/ Frame BAF0
Redirect Chain

https://yandex-dmp-sync.rutarget.ru/sync
https://an.yandex.ru/mapuid/dmpsegmento/5FLG06xeIlKU?sign=2939993143

43 B
80 B

60ms
59ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpsegmento/5FLG06xeIlKU?sign=2939993143

Requested by

Host: afn.by
URL: https://afn.by/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 20 Apr 2023 16:26:54 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 20 Apr 2023 16:26:54 GMT

Redirect headers

Location: https://an.yandex.ru/mapuid/dmpsegmento/5FLG06xeIlKU?sign=2939993143
Date: Thu, 20 Apr 2023 16:26:54 GMT
Server: nginx
Connection: close
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2

200

5FLG06xeIlKU
an.yandex.ru/mapuid/rutargetis/ Frame BAF0
Redirect Chain

https://yandex-sync.rutarget.ru/sync
https://an.yandex.ru/mapuid/rutargetis/5FLG06xeIlKU

43 B
80 B

58ms
57ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/rutargetis/5FLG06xeIlKU

Requested by

Host: afn.by
URL: https://afn.by/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 20 Apr 2023 16:26:54 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 20 Apr 2023 16:26:54 GMT

Redirect headers

Location: https://an.yandex.ru/mapuid/rutargetis/5FLG06xeIlKU
Date: Thu, 20 Apr 2023 16:26:54 GMT
Server: nginx
Connection: close
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2

200

counter
top-fwz1.mail.ru/ Frame 1D81
Redirect Chain

https://dmg.digitaltarget.ru/1/1093/i/i?i=386895588667711.754942521283220&a=77&e=0100007FCD674164BB037866027A7299&pref=https%3A%2F%2Fafn.by%2F&c=ss:77.up:0100007FCD674164BB037866027A7299.sync:up.xd...
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1682008014349&i=386895588667711.754942521283220&a=77&e=0100007FCD674164BB037866027A7299&pref=https%3A%2F%2Fafn.by%2F&c=ss:77.up:0...
https://top-fwz1.mail.ru/counter?id=3210372;pid=RdKST16l5a7fRI.75cob

43 B
875 B

165ms
47ms

Image
image/gif

95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter?id=3210372;pid=RdKST16l5a7fRI.75cob

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:54 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

Redirect headers

Date: Thu, 20 Apr 2023 16:26:54 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: nginx
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 5
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://top-fwz1.mail.ru/counter?id=3210372;pid=RdKST16l5a7fRI.75cob
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H/1.1

200
OK

done
pix.bumlam.com/sync/amb4/ Frame 1D81
Redirect Chain

https://dmg.digitaltarget.ru/1/1093/i/i?i=386895588667711.780223436045769&a=77&e=0100007FCD674164BB037866027A7299&pref=https%3A%2F%2Fafn.by%2F&c=ss:77.up:0100007FCD674164BB037866027A7299.sync:up.xd...
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1682008014348&i=386895588667711.780223436045769&a=77&e=0100007FCD674164BB037866027A7299&pref=https%3A%2F%2Fafn.by%2F&c=ss:77.up:0...
https://pix.bumlam.com/sync/amb4/check?uid=RdKST16l5a7fRI.75cob
https://2935dd48-df98-11ed-86e0-002590c0647c.n4.sync.bumlam.com/?src=amb4
https://pix.bumlam.com/sync/amb4/done

43 B
673 B

14ms
14ms

Image
image/gif

31.172.81.160
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.bumlam.com/sync/amb4/done

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

HTTP/1.1

Server

31.172.81.160 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Apr 2023 16:26:54 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.acint.net
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
X-Xss-Protection: 0
Expires: 05-Jun-2005 22:00:00 GMT

Redirect headers

location: https://pix.bumlam.com/sync/amb4/done
date: Thu, 20 Apr 2023 16:26:54 GMT
server: nginx/1.22.1
content-length: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/ 150 KB
51 KB 101ms
100ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78ce92a2658446efba8b14c81c505ba1b5a3e8fb945144eca8315cef2c8c250a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52072
x-xss-protection: 0
server: cafe
etag: 12334825085564241297
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 20 Apr 2023 16:26:54 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 50ms
47ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=afn.by

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 50ms
48ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=afn.by

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/ Frame 6F60 10 KB
4 KB 40ms
39ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://afn.by/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 85281
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 19 Apr 2023 16:45:33 GMT
etag: 2378337311435320485
expires: Wed, 03 May 2023 16:45:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B0F6 624 B
246 B 82ms
80ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMvN-gEQ3_CHsQMYnIes5gEwAQ&v=APEucNUFzRC8k55WT4s8_cYkjlu0S6Crx3emLtvNioM8nwnfFRsK79y0K3S5q8rGfZdU2hJffusIMMtvQh5ORXE5baM0fx05QPS_B0waKqttLvLn-Ai7ST3I7Toc8JxdS1wWAvH4NeGm5PPjzMZHCCGyhlBLP4sMVHG2jukR6RNbYwR8kbFrbHU

Requested by

Host: afn.by
URL: https://afn.by/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 16:26:54 GMT
expires: Thu, 20 Apr 2023 16:26:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 4408 78 KB
27 KB 121ms
121ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: afn.by
URL: https://afn.by/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28043
x-xss-protection: 0
server: cafe
etag: 15270303690107644053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 20 Apr 2023 16:26:54 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/ Frame 4408 3 KB
2 KB 118ms
35ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/window_focus_fy2021.js

Requested by

Host: afn.by
URL: https://afn.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 12:38:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13697
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 May 2023 12:38:37 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/ Frame 4408 20 KB
8 KB 215ms
133ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: afn.by
URL: https://afn.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8509
x-xss-protection: 0
server: cafe
etag: 3034682829645713766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 May 2023 16:26:54 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4408 159 KB
49 KB 153ms
50ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: afn.by
URL: https://afn.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Apr 2023 16:26:54 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4408 42 B
63 B 76ms
75ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DZYh4-eDoiBOK3SpUg78lmeag0T-0u0JtrCjWtmwGxUGza7uasHvCZm5GITaZ778B-k-ndj3nfghHCyVQvEntUiReYglcscxAdCVmisVVljArmSXE

Requested by

Host: afn.by
URL: https://afn.by/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4408 0
20 B 79ms
77ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=9781523803971974930&x=1&ct=119

Requested by

Host: afn.by
URL: https://afn.by/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B0F6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJy0qlRoRgp1L6SkJRWiL-A&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJy0qlRoRgp1L6SkJRWiL-A&google_cver=1&C=1

43 B
632 B

12ms
10ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJy0qlRoRgp1L6SkJRWiL-A&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMvN-gEQ3_CHsQMYnIes5gEwAQ&v=APEucNUFzRC8k55WT4s8_cYkjlu0S6Crx3emLtvNioM8nwnfFRsK79y0K3S5q8rGfZdU2hJffusIMMtvQh5ORXE5baM0fx05QPS_B0waKqttLvLn-Ai7ST3I7Toc8JxdS1wWAvH4NeGm5PPjzMZHCCGyhlBLP4sMVHG2jukR6RNbYwR8kbFrbHU
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Apr 2023 16:26:54 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 20 Apr 2023 16:26:54 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEJy0qlRoRgp1L6SkJRWiL-A&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B0F6
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZEFnzs9qjffiwi6dApG9vgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJy0qlRoRgp1L6SkJRWiL-A&google_cver=1

43 B
632 B

8ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJy0qlRoRgp1L6SkJRWiL-A&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMvN-gEQ3_CHsQMYnIes5gEwAQ&v=APEucNUFzRC8k55WT4s8_cYkjlu0S6Crx3emLtvNioM8nwnfFRsK79y0K3S5q8rGfZdU2hJffusIMMtvQh5ORXE5baM0fx05QPS_B0waKqttLvLn-Ai7ST3I7Toc8JxdS1wWAvH4NeGm5PPjzMZHCCGyhlBLP4sMVHG2jukR6RNbYwR8kbFrbHU
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Apr 2023 16:26:54 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJy0qlRoRgp1L6SkJRWiL-A&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame B0F6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEJUywz5XHpwuA79P1e6NKcQ&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJUywz5XHpwuA79P1e6NKcQ%26google_cver%3D1

43 B
1 KB

17ms
16ms

Image
image/gif

185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJUywz5XHpwuA79P1e6NKcQ%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMvN-gEQ3_CHsQMYnIes5gEwAQ&v=APEucNUFzRC8k55WT4s8_cYkjlu0S6Crx3emLtvNioM8nwnfFRsK79y0K3S5q8rGfZdU2hJffusIMMtvQh5ORXE5baM0fx05QPS_B0waKqttLvLn-Ai7ST3I7Toc8JxdS1wWAvH4NeGm5PPjzMZHCCGyhlBLP4sMVHG2jukR6RNbYwR8kbFrbHU

Protocol

HTTP/1.1

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Apr 2023 16:26:54 GMT
AN-X-Request-Uuid: e753eef9-dce0-4ca1-a267-175bffecd3ce
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.196; 185.213.155.196; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 20 Apr 2023 16:26:54 GMT
AN-X-Request-Uuid: 9692d528-15f8-4267-94d5-2d0d19a58fe8
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJUywz5XHpwuA79P1e6NKcQ%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.196; 185.213.155.196; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B0F6
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODEyMzM2MTE4NzQ2ODA3MjE2Nw%3D%3D

170 B
188 B

59ms
58ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODEyMzM2MTE4NzQ2ODA3MjE2Nw%3D%3D

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 20 Apr 2023 16:26:54 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.196; 185.213.155.196; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 92652b98-6ca9-48fa-a851-1af6354462ca
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODEyMzM2MTE4NzQ2ODA3MjE2Nw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4408 0
20 B 72ms
72ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1415015097359&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4408 0
20 B 71ms
70ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1415015097359&version=m202301230201&ct=119&x=1&cor=9781523803971975000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 4408 82 KB
35 KB 72ms
70ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ABx_EQedqewQnwTNAhtf01cIBPLQEE1Os_xBKW9C0wUKYXzNhhIsmbNgRKcQSCLMCa5gs2uy3tl2uCmpnPpeiE8I0CUKCWEmv6NG2GNdFW2w8kM2EFOS-WP10nCCQLkNsnfE0mR9Xl84qXbc4ef4D1kP0p3bMdqomPYuioZYJVTnRmryo&cry=1&dbm_d=AKAmf-Aj48wWvSOcJqZ0vNs36Wpgucj66sY12YxHv7QIE0K_fLoDn2DyINdlUx0oh5-Vj_3QDX8QvRIEtuZpra6Sjsx6Xd9_pgVjx4zu3pODJeBw1Ac7g4jQ34f_YMie_EAiLuGFe_RjNBolF4E1-NIizv3k4n97BJSkuFYxG3zfeasbq99zBxVvBwXZlu5K1CITWkxXbch-TEyrJ7E_zz8nMSyS9JkY5wm_VSZdGDIc8sdhu_EUzDElXz8I0B3w3jjeVSKAb3W4FMtNnZVdNE0VJ0amQg9drdPzas19eZ9J-SsYobjYb3dCFR1awsHlKjXnhHGhILv8q5e8T0FsqMYeA5dX4QyqKNBX2JKWW0hK5P42iyj3s_EeW_EU7UG-ETUypVG8FEMaznMw_MzQB21vjZ2DEvjcxAOglX8r7MP_wxSqkZ6PBoRB9n4h2Ws1XwYV2WrrP2OhT_0FDSs0Nx8wKNG0ixqXyN0fDsXUTe21gQ1zyyao7WiRCsLRCT--zn8cb9-p0QtxHZ7eUnQKEyB3v8uUHjAmXP7xcEhO8V1dKjz_rwQpCmfTEq25L4Wz_PshD6nWcj2NauvE0-Yj6gImRPm06j-7KVF0J7x2BPSHW-YJx2Z_K47bwcnCch2g4sHShZeJIobGp_eon0GUoq3Fp7rRL6-TF7Px_kXbDG_aXl8bbb76P_wDs7Mg7nDeZLIZkR1xx-Ma2jwigfW1_3iXGmoFF1Qib6w_NW_Iy_79FZ_H5RpAqGuv66BH9H0yvBJVMeIauwtCRnnUTxlc2DbAuBjircmk2RP_S20nL41DZtI0AIi6FIAzav0laaaerIu7mQBGMXgHLTU3sOPIrePzDcGzOa4cFbx-oTDdYrnguv5Kv0NHNB6LVEr3nYFzj1WQ0SW4lhP5NR8In-Mktt2X0tzneGH3O85X57rt6oU8CReJ55zDJoc-knShMi3Q7ubD_qx8Nd5aN0pebCu--D8wFoIcBXYsRoOJD55Q8mcLptD4TBrNwxF0nKTca1XQdvOCTlmHuoTp23SA3K9_hRJTHeDxm0-Wmd5pGk5K-67fP2cq-oEK9-0Ng8THDoq148fSujutpPK0Vqy_BKWhhLfpppq0FfyS-gvzYQqtFocU18a5U1toYYs8owFE7pi6WYqH509GvYIOGZxuLag7VVNyOPC68cs3JfCv_FI_9SCtOy6b5CyUsfdJbHWpZcLRAzpIIGyDaKVbSADGJ7D64XwRIxU6WKm_DglQj-twVKfDARyjDQhW1SUXk88p0uOCmbcKFLDvgPdi1krdYp_iO0UVls8ePzDER7kdGp4d9-mBE_ES7jx62qcH7rZbHvEkqyAviu9Fh_xLdL1eeV7gY0DabAuwGpUbjDiRES32SU2r_-RaD3Cnspb4zjqssFfTfBDLFXC626jP61NVhDbWmg7Byd6IgDnEfLvI67MawpyClC3D9kjRfDB-Lte7DJeYLfshm9GZQyopUjbZwfZcn_VScXWUF_2HIP2CKNnmLJoq9OH9JVmWSTKYLg7Ai3mCCaIvQagpUUoGP6wZBjmhzbZxYl4tidajQXU1Csrd53VBPG3h-dBTat5oI_3GOVw9TTXUQmC09Mqj6XoTPUhNjULQIhnGU1Zt06MdSCUGPHLfQfAM1L-WzDFDqOMxIJAu8pNgg0DWOWiHJUGww6K9wtLF366xRC8R2QHZl984lvowqNJ6iM8WVbJjGgScWgi01d9HdmKXDaM3m7Gs6XivDkFCM0MA56K-XmHRM3wC-bHRU5EqbTaYOCSq57pMk6rfQgmNgYOcIXMUEqgppztudB20Cjp-mMCaEtBqrjrZkbJ_vTVa3iS3x6p0uZUNA00gXUhDgmjj50tVvZyQbjI5IAOxOqZrQnwmwJOxH_CQMezsFcRsRNzWLoprmM1UqjJ-H4V1GfLalzIhrHAsRsXY16D3W1XObkVMQUlWwHlzVXWfzfaKJYHrPGPeoGL2j505TSjVRz2oQakVYDVdDLQkagFlIwWNax0eCEMKSF6Ecrmbvcgt0AKFG-0k2_eHf99AmY4FMUR2GXA2r7X3oluo1uT78DJGFxKvIsnpeLyvRIFfjXYSuIrd7LPtFmfHW1IxnZzCLy0CHzWyR7fQ1gdeHzsuQ1RovCASF8ZjFqr2D3JiGvjBFtQtlu7AGB_ziGNsW8NJeKzNVw_JYnSiB9XeygnzwAv82W0J1vIIAUGLtEWj0kp8lvau47vtSeXicBay5NtW9OXjKkSm1VdVRy3__xiy17EZOOoV3nH1qELlt8BzhHqdtPykMnRu7PDR_EUvDeiqbU8w-mYxtJ2uhKKqWgqjEddgiI2iTsZt5p_rEzR2LjctMD7MV3_sNTTArYeczCx_CVeMP4a0YhC9lRPch8DEQr96IT6ZiP98uvoTBAOY0jhl8KQXkmR6SNI2jEf--mEc2YtnPXcwRis2pq0n9z319WzrlIDOMgaCxHWm1Z-kauSX2SLDt6X-nMlIdgGEoP409uvYhMQO-djnGR5NXO95pHafKhNr1B_JBKV4ioNq6Mu5XA_Vy5AzbJkR59SLBZG_iOu_qqdpWe86Nf3JLJvMgz8WPjPhd3cNkh_srUvbe7b9iFViwJWRZT9t0mQy1CH3pOVHz0ztyTjh523QAXAHY9bylqBslIg4thLa7i3-E0R7MH9NrV1QptbAtBJ1NwZcstYrkRCusxNIU4LmCnpDtnUNk5s7RdySNCwF3zXRFTnl33R1zqEcCKfU5nqurqI1ksd6fB7Qk1b7UO-Iilv4XRzIqj5UGqEs0jFUP7lJUCSdre2zN7F7JZC1wwLKbxWN_SoguNPXHMyM9WIEcNmSqtiJBLtOc9lmaOdQQbMHQLx83x2QDsO6VW1GUdQNWBNujnWe1j0e0IzdrxN1r0f5GKxb9qvK1upA8EXFFNjYH2P-fnufB939yP_1RhsU_BiC6bR2YmVU_kAblnse5R3P8srjQeK_Qaf0_IuXrlegtlQwv7cT4xwn6papAN4HszvtAcHXlS8DukcIwicyd_jC4_9OFsz6r9QwZKSArColtTWLcrMrmEA2j_-1xyl6B1zowBPfwr3CEQ85fdePppg-SIOhFeSfMC06IzM-KDZWGvbbnrlx903TAg9b3h-rKNEtZXc5fEVwn9GCWgYLDxeCUW3F66ShE8CDdhjEHgDi3lVMdTd3iyBM7MqUmO8VaXT9lIryrJVrJ_aliQ6KH70_tw8PA2DWMbFJJDFIrBVFy0hI8wtEum6p_t1fYHqUG6tqySgWDAJ-hTwEdxPs-jhckR1MmLo6fZqsTgGxxDHY5s-qM7zS8HGQkU3Lgj-lzbqWlEXEqbFC44zRl8t5nM5ZE66GUN8AO9-MSxTHL_2NOHTw_O5DkUih7LCimuFv6nAB-JiwivQot5osFSpDF9rCkH-5O4IN0aJIFGC2ppZjrKMOzsZUy3mHcYil11OB7uCGm9s4inZ3mc7A9KOAUfXf4Ds4CSFC_Q8vmv8Ee-ZWUygRMktcL12ZGV93_U3OrOcn4haASmH_53lJVB8jyPFZRteA5S-dhNj8lMzHx-FTFluWHQv2xho&cid=CAQSGwBygQiD1_U0_MpZkmsnFWweRzSvPEI6C4au9RgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fafn.by%2F&ds=l&xdt=1&iif=1&cor=9781523803971975000&adk=1726166460&idt=131&cac=0&dtd=8

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79ef360d982ba517a72216b0bc5cbc29e2ab1a2d363cbb15a7a81ccc097c5847

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35568
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 4408 106 KB
37 KB 167ms
40ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: afn.by
URL: https://afn.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 12:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14878
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 21 Apr 2023 12:18:56 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230417/r20110914/elements/html/ Frame 4408 11 KB
4 KB 84ms
82ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230417/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ABx_EQedqewQnwTNAhtf01cIBPLQEE1Os_xBKW9C0wUKYXzNhhIsmbNgRKcQSCLMCa5gs2uy3tl2uCmpnPpeiE8I0CUKCWEmv6NG2GNdFW2w8kM2EFOS-WP10nCCQLkNsnfE0mR9Xl84qXbc4ef4D1kP0p3bMdqomPYuioZYJVTnRmryo&cry=1&dbm_d=AKAmf-Aj48wWvSOcJqZ0vNs36Wpgucj66sY12YxHv7QIE0K_fLoDn2DyINdlUx0oh5-Vj_3QDX8QvRIEtuZpra6Sjsx6Xd9_pgVjx4zu3pODJeBw1Ac7g4jQ34f_YMie_EAiLuGFe_RjNBolF4E1-NIizv3k4n97BJSkuFYxG3zfeasbq99zBxVvBwXZlu5K1CITWkxXbch-TEyrJ7E_zz8nMSyS9JkY5wm_VSZdGDIc8sdhu_EUzDElXz8I0B3w3jjeVSKAb3W4FMtNnZVdNE0VJ0amQg9drdPzas19eZ9J-SsYobjYb3dCFR1awsHlKjXnhHGhILv8q5e8T0FsqMYeA5dX4QyqKNBX2JKWW0hK5P42iyj3s_EeW_EU7UG-ETUypVG8FEMaznMw_MzQB21vjZ2DEvjcxAOglX8r7MP_wxSqkZ6PBoRB9n4h2Ws1XwYV2WrrP2OhT_0FDSs0Nx8wKNG0ixqXyN0fDsXUTe21gQ1zyyao7WiRCsLRCT--zn8cb9-p0QtxHZ7eUnQKEyB3v8uUHjAmXP7xcEhO8V1dKjz_rwQpCmfTEq25L4Wz_PshD6nWcj2NauvE0-Yj6gImRPm06j-7KVF0J7x2BPSHW-YJx2Z_K47bwcnCch2g4sHShZeJIobGp_eon0GUoq3Fp7rRL6-TF7Px_kXbDG_aXl8bbb76P_wDs7Mg7nDeZLIZkR1xx-Ma2jwigfW1_3iXGmoFF1Qib6w_NW_Iy_79FZ_H5RpAqGuv66BH9H0yvBJVMeIauwtCRnnUTxlc2DbAuBjircmk2RP_S20nL41DZtI0AIi6FIAzav0laaaerIu7mQBGMXgHLTU3sOPIrePzDcGzOa4cFbx-oTDdYrnguv5Kv0NHNB6LVEr3nYFzj1WQ0SW4lhP5NR8In-Mktt2X0tzneGH3O85X57rt6oU8CReJ55zDJoc-knShMi3Q7ubD_qx8Nd5aN0pebCu--D8wFoIcBXYsRoOJD55Q8mcLptD4TBrNwxF0nKTca1XQdvOCTlmHuoTp23SA3K9_hRJTHeDxm0-Wmd5pGk5K-67fP2cq-oEK9-0Ng8THDoq148fSujutpPK0Vqy_BKWhhLfpppq0FfyS-gvzYQqtFocU18a5U1toYYs8owFE7pi6WYqH509GvYIOGZxuLag7VVNyOPC68cs3JfCv_FI_9SCtOy6b5CyUsfdJbHWpZcLRAzpIIGyDaKVbSADGJ7D64XwRIxU6WKm_DglQj-twVKfDARyjDQhW1SUXk88p0uOCmbcKFLDvgPdi1krdYp_iO0UVls8ePzDER7kdGp4d9-mBE_ES7jx62qcH7rZbHvEkqyAviu9Fh_xLdL1eeV7gY0DabAuwGpUbjDiRES32SU2r_-RaD3Cnspb4zjqssFfTfBDLFXC626jP61NVhDbWmg7Byd6IgDnEfLvI67MawpyClC3D9kjRfDB-Lte7DJeYLfshm9GZQyopUjbZwfZcn_VScXWUF_2HIP2CKNnmLJoq9OH9JVmWSTKYLg7Ai3mCCaIvQagpUUoGP6wZBjmhzbZxYl4tidajQXU1Csrd53VBPG3h-dBTat5oI_3GOVw9TTXUQmC09Mqj6XoTPUhNjULQIhnGU1Zt06MdSCUGPHLfQfAM1L-WzDFDqOMxIJAu8pNgg0DWOWiHJUGww6K9wtLF366xRC8R2QHZl984lvowqNJ6iM8WVbJjGgScWgi01d9HdmKXDaM3m7Gs6XivDkFCM0MA56K-XmHRM3wC-bHRU5EqbTaYOCSq57pMk6rfQgmNgYOcIXMUEqgppztudB20Cjp-mMCaEtBqrjrZkbJ_vTVa3iS3x6p0uZUNA00gXUhDgmjj50tVvZyQbjI5IAOxOqZrQnwmwJOxH_CQMezsFcRsRNzWLoprmM1UqjJ-H4V1GfLalzIhrHAsRsXY16D3W1XObkVMQUlWwHlzVXWfzfaKJYHrPGPeoGL2j505TSjVRz2oQakVYDVdDLQkagFlIwWNax0eCEMKSF6Ecrmbvcgt0AKFG-0k2_eHf99AmY4FMUR2GXA2r7X3oluo1uT78DJGFxKvIsnpeLyvRIFfjXYSuIrd7LPtFmfHW1IxnZzCLy0CHzWyR7fQ1gdeHzsuQ1RovCASF8ZjFqr2D3JiGvjBFtQtlu7AGB_ziGNsW8NJeKzNVw_JYnSiB9XeygnzwAv82W0J1vIIAUGLtEWj0kp8lvau47vtSeXicBay5NtW9OXjKkSm1VdVRy3__xiy17EZOOoV3nH1qELlt8BzhHqdtPykMnRu7PDR_EUvDeiqbU8w-mYxtJ2uhKKqWgqjEddgiI2iTsZt5p_rEzR2LjctMD7MV3_sNTTArYeczCx_CVeMP4a0YhC9lRPch8DEQr96IT6ZiP98uvoTBAOY0jhl8KQXkmR6SNI2jEf--mEc2YtnPXcwRis2pq0n9z319WzrlIDOMgaCxHWm1Z-kauSX2SLDt6X-nMlIdgGEoP409uvYhMQO-djnGR5NXO95pHafKhNr1B_JBKV4ioNq6Mu5XA_Vy5AzbJkR59SLBZG_iOu_qqdpWe86Nf3JLJvMgz8WPjPhd3cNkh_srUvbe7b9iFViwJWRZT9t0mQy1CH3pOVHz0ztyTjh523QAXAHY9bylqBslIg4thLa7i3-E0R7MH9NrV1QptbAtBJ1NwZcstYrkRCusxNIU4LmCnpDtnUNk5s7RdySNCwF3zXRFTnl33R1zqEcCKfU5nqurqI1ksd6fB7Qk1b7UO-Iilv4XRzIqj5UGqEs0jFUP7lJUCSdre2zN7F7JZC1wwLKbxWN_SoguNPXHMyM9WIEcNmSqtiJBLtOc9lmaOdQQbMHQLx83x2QDsO6VW1GUdQNWBNujnWe1j0e0IzdrxN1r0f5GKxb9qvK1upA8EXFFNjYH2P-fnufB939yP_1RhsU_BiC6bR2YmVU_kAblnse5R3P8srjQeK_Qaf0_IuXrlegtlQwv7cT4xwn6papAN4HszvtAcHXlS8DukcIwicyd_jC4_9OFsz6r9QwZKSArColtTWLcrMrmEA2j_-1xyl6B1zowBPfwr3CEQ85fdePppg-SIOhFeSfMC06IzM-KDZWGvbbnrlx903TAg9b3h-rKNEtZXc5fEVwn9GCWgYLDxeCUW3F66ShE8CDdhjEHgDi3lVMdTd3iyBM7MqUmO8VaXT9lIryrJVrJ_aliQ6KH70_tw8PA2DWMbFJJDFIrBVFy0hI8wtEum6p_t1fYHqUG6tqySgWDAJ-hTwEdxPs-jhckR1MmLo6fZqsTgGxxDHY5s-qM7zS8HGQkU3Lgj-lzbqWlEXEqbFC44zRl8t5nM5ZE66GUN8AO9-MSxTHL_2NOHTw_O5DkUih7LCimuFv6nAB-JiwivQot5osFSpDF9rCkH-5O4IN0aJIFGC2ppZjrKMOzsZUy3mHcYil11OB7uCGm9s4inZ3mc7A9KOAUfXf4Ds4CSFC_Q8vmv8Ee-ZWUygRMktcL12ZGV93_U3OrOcn4haASmH_53lJVB8jyPFZRteA5S-dhNj8lMzHx-FTFluWHQv2xho&cid=CAQSGwBygQiD1_U0_MpZkmsnFWweRzSvPEI6C4au9RgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fafn.by%2F&ds=l&xdt=1&iif=1&cor=9781523803971975000&adk=1726166460&idt=131&cac=0&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4123
x-xss-protection: 0
server: cafe
etag: 4541610132340792384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 May 2023 16:26:54 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230417/r20110914/ Frame 4408 28 KB
11 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230417/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e6a2c48ddf656dd18431ca6f656e4d671a93141d2db4f304587d74280ecfbe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 05:17:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40137
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11036
x-xss-protection: 0
server: cafe
etag: 7166013058933939784
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 May 2023 05:17:57 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/ Frame 586D 2 KB
846 B 44ms
42ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271363197717881&output=html&h=600&slotname=5761908397&adk=3519307484&adf=1131236467&pi=t.ma~as.5761908397&w=160&lmt=1682008014&format=160x600&url=https%3A%2F%2Fafn.by%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682008013618&bpp=1&bdt=390&idt=497&shv=r20230417&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5339548214821&rume=1&frm=20&pv=1&ga_vid=449161101.1682008013&ga_sid=1682008014&ga_hid=2063691867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=3855&ady=793&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C42531705%2C44788442%2C44789819%2C31061691%2C31061692&oid=2&pvsid=2084868377474032&tmod=1936465578&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=2&uci=a!2&fsb=1&xpc=UMIZUdID3b&p=https%3A//afn.by&dtd=509

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 16:31:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86149
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 May 2023 16:31:05 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/ Frame 586D 22 KB
9 KB 124ms
122ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8756
x-xss-protection: 0
server: cafe
etag: 5179999606349116156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 May 2023 16:26:54 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/ Frame 586D 3 KB
1 KB 51ms
29ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 12:38:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13697
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 May 2023 12:38:37 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/ Frame 586D 20 KB
8 KB 117ms
116ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8509
x-xss-protection: 0
server: cafe
etag: 3034682829645713766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 May 2023 16:26:54 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 586D 159 KB
49 KB 52ms
50ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Apr 2023 16:26:54 GMT

GET
H2 200 c15427455071565d8097eb04c444439b.js Show response
www.gstatic.com/mysidia/ Frame 586D 33 KB
14 KB 167ms
38ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c15427455071565d8097eb04c444439b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 07:47:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31190
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14106
x-xss-protection: 0
last-modified: Fri, 14 Apr 2023 00:44:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 19 Jul 2023 07:47:05 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 586D 0
0 115ms
99ms Fetch
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CsEA8zmdBZMGwEcS-vcAPuZe0wAvwmNmLb5acqOm_D4iAz7fPLxABIKyWuQNgleKQgqAHoAGtlprZA8gBAagDAcgDywSqBOcBT9AI4O824Q6gaBwP_dqdek-gLvqif4GOlxJEkNIwF8Y3GlmTggqt3_r2xpNDVTAO0iAO8Js9_vjoblcyFq24_seCiVS5HP0ui5wMU32SqfaHBp8xpSiv2o_qxjVYqsbEVwspPr7wT6RSKSkLC1y8is7-MAc5dlB7qfkLzRnSog45bUvjD3LIryrK3zbYBGOrrNU4Apr9hnMQ6-TbWzRUDRKsa5QgXq67s4nsq7vHiZsQl3a_3cj3aeVL76DVn7BWsSQpDVGnaCnk4jPxNdt3ol2CiFQZVdtOBlrYwyxCLpMJ_wylEOcTwATagaGq9wOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHu-nlJqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcDEKE60ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItNTI3MTM2MzE5NzcxNzg4MRgA&sigh=c7rQ7oPgMMs&uach_m=[UACH]&cid=CAQSGwBygQiDFND6airfq2MJc4KgnH6DQX27f9PNsBgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271363197717881&output=html&h=600&slotname=5761908397&adk=3519307484&adf=1131236467&pi=t.ma~as.5761908397&w=160&lmt=1682008014&format=160x600&url=https%3A%2F%2Fafn.by%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682008013618&bpp=1&bdt=390&idt=497&shv=r20230417&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5339548214821&rume=1&frm=20&pv=1&ga_vid=449161101.1682008013&ga_sid=1682008014&ga_hid=2063691867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=3855&ady=793&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C42531705%2C44788442%2C44789819%2C31061691%2C31061692&oid=2&pvsid=2084868377474032&tmod=1936465578&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=2&uci=a!2&fsb=1&xpc=UMIZUdID3b&p=https%3A//afn.by&dtd=509
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 20 Apr 2023 16:26:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 2487348504855511743
tpc.googlesyndication.com/daca_images/simgad/ Frame 586D 10 KB
10 KB 98ms
80ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/2487348504855511743?w=180&h=360

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edc7fe15992efc5f19bbc82199cc606b11f81e65b4df4282bbd2afcb0ec1017

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:54 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9995
x-xss-protection: 0
last-modified: Wed, 19 Apr 2023 20:17:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 27 Apr 2023 16:26:54 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 4408 41 KB
15 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 03:50:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45362
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Apr 2024 03:50:52 GMT

GET
DATA 200
OK truncated
/ Frame 4408 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d350a934a5404343109b312ed3c9a675f3e5805555c3b2b33bb63519882d4371

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 5108 22 KB
8 KB 44ms
43ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 108996
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 19 Apr 2023 10:10:19 GMT
expires: Thu, 18 Apr 2024 10:10:19 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 586D 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6079294df6502356b0e384df722a5fb75266504f3e1b7901116e65e46b0e750f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 aulus-728x90-DE.html Show response
s0.2mdn.net/sadbundle/11207411921136063200/ Frame C89A 6 KB
2 KB 124ms
39ms Document
text/html 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11207411921136063200/aulus-728x90-DE.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf5a32878407b7e1f4fae574fdd255f300dd3002c7cc3561b4d5b03df1edb5b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 51918
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2378
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 02:01:37 GMT
expires: Fri, 19 Apr 2024 02:01:37 GMT
last-modified: Tue, 11 Apr 2023 12:03:09 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4408 0
0 221ms
85ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstQEm454siVjKm5CIZg8I6pjmp7Y4ED_Go3LeGB_6cbFYG4uRozcVFR6y4rdy8zwa22CIO6uN1I6X_1kLVdA3EfQIhH0NWKUkKDX5WhMXOUutgpk4OlQOU1m-Tn77FAcnu04apnRy-vOlHwwhI-YWRujmQxakQ-OdkYFKDSszDBvysCK8VKpse5QtNWKLnS7OXGP_BdhPChYGXSwmyzjH8L5TEmjxhyEBEOMx554IihPAD_J6-W9YwmPZCEpr_5mnE-fC6XJrLu8QCnWNb4Ef9QOXH9OjVwjStxh6QByOOoqjw29fMwwuybefqDY-tNHrTjgOR08k6ifvXSuvbPemrOTGN7Km4lLKDkVT1L4yh5W4-A6HcUrc43ynOCehdk3-SP66bVToy-3V9OLFLxdDNTspN74vL6C-Kodr_1Rpp5MKXqBzeUqAuz_fErIzAytVALlJwBsL4KHBCVoOolJaMDOZ_kX0RO4hcVv-CKQeQCRUTAHcvQcOfPw59aEzKZ56XsZd6IHmLct4K5DeB11t_zZLH-oLlTLOgJcugDGsPTWOtXw6tX4vs4q0LM9nW7f-ksQsycSw19Zj5AYE05TjDUP-bbXROvEiI399AQTnmkzFhLx87XbL86c_s_ge57QEhHvrcVK5vX77fGdZIFrwdPVu60CZJdflQBqHrI7lGC5IM4_aTshcCFg9EftYW5st8jboqfKS_iE3mb94ufvB8NXIRAZ0VFy8m2ZjnRZtjqVymVmAJGZ01sJlpdc9y9TPgqfSmfBvUmc9l0ll_jvegyy-5a5X9LJXR0RkLmyicvfdWm0KLzNOm49aMH2X-GMKwNmrnqvb71r4MY-QuqG_UUPv8fog5u_e-c9f-Ifp_GVuUw9fxgqW9CRLpQAYZzo-1u4Rlh8xSn922UZkCcfWVNMqCIxukQvj9Wke0aCubgZmqOyW-DzOJink_nMTXDdFKvDijCXJ_5RrM-JvhO9fzs0GqhUYURIPQKyJusVAiQ5_q-yrJoXK55zX0_oaajvkdHPkoQmx0oId7QSuH9vea8ZfeSLHK6IzbyhgH0oP_K3ULh2a47TEDZq44yYLnRz1wmaMyemUFPnixqisM3C1tvbqvr3N6H5de9BeArvY-tDxPtakypjKMNs7OmwH2Z0uj2fyWudrPbIf2wQVq_GKmcR0wzLO5RJynpxy6sdqqT3ZN_5odqy6z33R9kbATZaoFzefaxZ_A2fr0&sai=AMfl-YTeESw_6QoDQ1JAp15a3lIm3Ur9Tenq8piekFmAMk95eO5ZQ4Zw7r0ehsd8FujgDpJR2Ls9xg6plFTahZ5aZc6FjkM6n8AzaP1FeIynG4u7xl33Z0559_zLVql3TJwSbN1IY7fK2J5hnUjEHX9qPDpnWwrPrEw8UgM4wCxnTSVYV8erQq0&sig=Cg0ArKJSzErND7i5HEIHEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=250&cbvp=1&cstd=246&cisv=r20230417.60132&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: afn.by
URL: https://afn.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 20 Apr 2023 16:26:55 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Thu, 20 Apr 2023 16:26:55 GMT

GET
H3 200 MezC-G1ZF-1GZ9yqq0o7IScgI3uEZvBcP5CgXoWKMDE.js Show response
pagead2.googlesyndication.com/bg/ Frame 5108 36 KB
14 KB 38ms
35ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MezC-G1ZF-1GZ9yqq0o7IScgI3uEZvBcP5CgXoWKMDE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31ecc2f86d5917ed4667dcaaab4a3b212720237b8466f05c3f90a05e858a3031

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 19:05:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 163283
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14288
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Apr 2024 19:05:32 GMT

GET
H3 200 MezC-G1ZF-1GZ9yqq0o7IScgI3uEZvBcP5CgXoWKMDE.js Show response
pagead2.googlesyndication.com/bg/ Frame A680 36 KB
14 KB 43ms
39ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MezC-G1ZF-1GZ9yqq0o7IScgI3uEZvBcP5CgXoWKMDE.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31ecc2f86d5917ed4667dcaaab4a3b212720237b8466f05c3f90a05e858a3031

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 19:05:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 163283
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14288
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Apr 2024 19:05:32 GMT

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 586D 63 KB
24 KB 143ms
35ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fea6ea9b6b0765ec97bb7d710da40a4416285fbe81016e64ff38adf03b11493b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:09:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1029
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23897
x-xss-protection: 0
server: cafe
etag: 4499765138105498878
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Thu, 20 Apr 2023 17:09:46 GMT

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame C89A 236 KB
63 KB 93ms
73ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11207411921136063200/aulus-728x90-DE.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11207411921136063200/aulus-728x90-DE.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 20 Apr 2023 16:26:55 GMT

GET
H3 200 aulus-728x90-DE.js Show response
s0.2mdn.net/sadbundle/11207411921136063200/ Frame C89A 142 KB
14 KB 59ms
39ms Script
application/x-javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11207411921136063200/aulus-728x90-DE.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11207411921136063200/aulus-728x90-DE.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8126a786b178c58984fe63249ce3fabaa0236797990fe6f75082bc49c9dcb0d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11207411921136063200/aulus-728x90-DE.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 07:34:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31940
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14409
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 12:03:09 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 19 Apr 2024 07:34:35 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 586D 0
234 B 183ms
42ms Ping
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lgpc56w2&chm=1&ctx=2&gqid=zmdBZL7QCP2R7_UPvL2JyA0&qqid=CMHPzZHwuP4CFURfDwIduQsNuA&met.4=fb.ld~lb.p9~ol.rz~bdt.-p0~bpp.-e5~idt.-d~dtd.-1~dt.-e6&met.3=733.pc~748.q3~742.pc_u~739.qz~555.rg~556.rg_2~738.rv~749.rv_4~735.s4_1~113.z7_5~112.z5_7&met.1=1.lgpc55ww~6.1~7.1~8.1~9.1~10.1~12.2~13.iw~14.jl~15.l1~16.qz~17.qz~18.r0~19.rm~20.rm~21.rz&met.7=CAUQCBgBMMEFOO8HaAFwqAV4zYUCgAGhgwKIAae8BbABAbgBAw~CBwQChgBIPwFKPwFMKkGOC1o_gVwqAZ4jgiAAeIFiAGRDLABAbgBAw~CAkQChgBIPwFKPwFMIAHOIMBaP4FcPgGeOBGgAG0RIgBkq8BsAEBuAED~CB4QChgBIPwFKPwFMLkGODxojgZwuAZ4gAyAAdQJiAGBFbABAbgBAw~CBwQChgBIPwFKPwFMPgGOHxo_gVw8gZ46USAAb1CiAHLogGwAQG4AQM~CE0QChgBIP0FKP0FMMUGOEho_gVwsQZ4tIYDgAGIhAOIAf30CbABAbgBAw~CBsQChgBIP0FKP0FMLQHOLcB~CCEQBBgBIIgGKIgGMP4GOHdomwZw_gZ4rAKwAQG4AQM~CBcQAhgBIIoGKIoGMPIGOGhomwZw7QZ4t1CAAYtOiAGLTrABAbgBAw~CCgQChgBIPIHKPIHMKYJOLUBQPYHSPkHUPkHWOAIYJ4IaOEIcIQJeIW9AYAB2boBiAGL9QOwAQG4AQM
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:55 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5108 0
20 B 173ms
155ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B1eYmzmdBZPrvLJXf3wOBmLfgCwAAAAA4AeAEAg&bg=!W1ilWAzNAAZA7GLoYOw7ADkAdvg8WuIZsNFatHTaSOSkFCGmxfXObcUVuBrkR3irT5eUbQzdTMaUCw6jJYSP5Jr2qwRopv5adVECAAAA9FIAAAAEaAEHmQMYEbdLae_pHfdyggd7080EiiJMdPf_HsP1awYwlLvPOaQy-pl9TahivFlfG3NN8L1oj6S2jWneOjxUoAjYwTmeKVyJ7TsQMxQAni6mPIdT4SL_pgftGACky9fRIZtwZ57oalqw4UzYt152P9PuNqI3oVNgNQUCim5QzD87eoeVrwwJSzZGkn5_ndoJdeiiHU3AFpunDqoNvToKJ41SnkoGmxndIQ32ILAdycJtNnhTTW_sj263RkONY5g_ZfroPp5PpGzUI2OJwudjYfB1zmth57CSCsbU0BkbREWVZnrq3rD9FOMnO9U0vEoHFyHApVxgn3ik6vD6jf6rxOaJiavf2rh31SGnyj86N0eMLrFNSFyjNq9nWrGh66edqslAUWGmfGBU6e1FxE0XQbsUkIKZAtLrFNvFIImkme0nxhK-nWEzvVKoaD57H9AW-hGeeOU8LgOFsFKTarejQ9WPZJfbs8aNNHAOxGZZ2O-Uko0a2zTdShK_R4LTa4xIAPrDeegftYVn2qcpWUUpQptgc_gMwskFByWk1zqZEK0aLTamosZ0mmCN0d8qc4fTBYWBe1yo7sANK3ka35qIIRBhJR6u6FqSJgUzUM0gGjvjw4kLKlvA4F-aCQIZi4SQx6fwq5vNi_K9XzrZl2LAlWzGz_DHKZX8bWOpsZyKnA4FKcbr_-F-HN_ls7hiKGBSvZU7VqXCqxhR-11NzKuCQ1tx9Xep46SnFt9KKIdXpQ968J8v0wh-0r-p6DoglfwO6TaA-dS-Ah5WrtQop-sD8yqb1wrugPo53Mi7JKaMputmj34ZrJ4ek82P3HD3MK0ez9s-SqR_18EWSU9jepZOGgTR-INOCI413xig9baTM6ZxWOAkV7yoVCb9eWYCww313iS88QX2_XfgeReLJ_eTImSg1hO9Jp0ZSi30uj5NgJREQdKG15VAfuF3OWoPmIMgZeMHVmmqUwCB-CgD6xffkdglL00AVWq28wIqxuokuYD71J0wQ1B_E3mNiZXw98YCFwU6XVMXAQb7OqjZUPNw53BzZwpMdDo3k7Fisdev

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 aulus_728x90_DE_atlas_1.jpg
s0.2mdn.net/sadbundle/11207411921136063200/images/ Frame C89A 2 MB
2 MB 42ms
41ms Image
image/jpeg 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11207411921136063200/images/aulus_728x90_DE_atlas_1.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1c57474d88bc77066cc29ddbaaa5e853c3dc5e4892ab6cfe64ec36be3058389

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11207411921136063200/aulus-728x90-DE.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:57:44 GMT
x-content-type-options: nosniff
age: 55751
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2173118
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 12:03:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 19 Apr 2024 00:57:44 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4408 0
0 77ms
76ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstQEm454siVjKm5CIZg8I6pjmp7Y4ED_Go3LeGB_6cbFYG4uRozcVFR6y4rdy8zwa22CIO6uN1I6X_1kLVdA3EfQIhH0NWKUkKDX5WhMXOUutgpk4OlQOU1m-Tn77FAcnu04apnRy-vOlHwwhI-YWRujmQxakQ-OdkYFKDSszDBvysCK8VKpse5QtNWKLnS7OXGP_BdhPChYGXSwmyzjH8L5TEmjxhyEBEOMx554IihPAD_J6-W9YwmPZCEpr_5mnE-fC6XJrLu8QCnWNb4Ef9QOXH9OjVwjStxh6QByOOoqjw29fMwwuybefqDY-tNHrTjgOR08k6ifvXSuvbPemrOTGN7Km4lLKDkVT1L4yh5W4-A6HcUrc43ynOCehdk3-SP66bVToy-3V9OLFLxdDNTspN74vL6C-Kodr_1Rpp5MKXqBzeUqAuz_fErIzAytVALlJwBsL4KHBCVoOolJaMDOZ_kX0RO4hcVv-CKQeQCRUTAHcvQcOfPw59aEzKZ56XsZd6IHmLct4K5DeB11t_zZLH-oLlTLOgJcugDGsPTWOtXw6tX4vs4q0LM9nW7f-ksQsycSw19Zj5AYE05TjDUP-bbXROvEiI399AQTnmkzFhLx87XbL86c_s_ge57QEhHvrcVK5vX77fGdZIFrwdPVu60CZJdflQBqHrI7lGC5IM4_aTshcCFg9EftYW5st8jboqfKS_iE3mb94ufvB8NXIRAZ0VFy8m2ZjnRZtjqVymVmAJGZ01sJlpdc9y9TPgqfSmfBvUmc9l0ll_jvegyy-5a5X9LJXR0RkLmyicvfdWm0KLzNOm49aMH2X-GMKwNmrnqvb71r4MY-QuqG_UUPv8fog5u_e-c9f-Ifp_GVuUw9fxgqW9CRLpQAYZzo-1u4Rlh8xSn922UZkCcfWVNMqCIxukQvj9Wke0aCubgZmqOyW-DzOJink_nMTXDdFKvDijCXJ_5RrM-JvhO9fzs0GqhUYURIPQKyJusVAiQ5_q-yrJoXK55zX0_oaajvkdHPkoQmx0oId7QSuH9vea8ZfeSLHK6IzbyhgH0oP_K3ULh2a47TEDZq44yYLnRz1wmaMyemUFPnixqisM3C1tvbqvr3N6H5de9BeArvY-tDxPtakypjKMNs7OmwH2Z0uj2fyWudrPbIf2wQVq_GKmcR0wzLO5RJynpxy6sdqqT3ZN_5odqy6z33R9kbATZaoFzefaxZ_A2fr0&sai=AMfl-YTeESw_6QoDQ1JAp15a3lIm3Ur9Tenq8piekFmAMk95eO5ZQ4Zw7r0ehsd8FujgDpJR2Ls9xg6plFTahZ5aZc6FjkM6n8AzaP1FeIynG4u7xl33Z0559_zLVql3TJwSbN1IY7fK2J5hnUjEHX9qPDpnWwrPrEw8UgM4wCxnTSVYV8erQq0&sig=Cg0ArKJSzErND7i5HEIHEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=680&vt=11&dtpt=430&dett=3&cstd=246&cisv=r20230417.60132&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: afn.by
URL: https://afn.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 20 Apr 2023 16:26:55 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 89ms
85ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230417&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e0406dcd67de7c7084ef36057aa5296a4fe77e342c96b3ef1d3846169d833a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11196
x-xss-protection: 0

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 4408 63 KB
23 KB 37ms
35ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230417/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fea6ea9b6b0765ec97bb7d710da40a4416285fbe81016e64ff38adf03b11493b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:09:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1029
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23897
x-xss-protection: 0
server: cafe
etag: 4499765138105498878
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Thu, 20 Apr 2023 17:09:46 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 4408 0
54 B 68ms
14ms Ping
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lgpc571y&chm=1&ctx=2&gqid=zmdBZIu4CO-L7_UPu8KcsAE&qqid=CLa0xZHwuP4CFa-T_QcdICIAPw&met.4=fb.8~lb.ag~ol.rk~bdt.-10y~bpp.-q3~idt.-ea~dtd.-cq~dt.-q7&met.3=733.al~748.bj~742.al_12~739.bn~374.ca~749.ca_5~736.ch~735.ci_1~735.pj_1~738.rj~113.t6_4~113.t9~112.t5_4&met.1=1.lgpc568t~14.6~15.0~16.6~17.6~18.6~19.6~20.6~21.6~22.bw~23.bw~1.lgpc566u~6.4~7.9~8.9~9.9~10.9~11.9~12.a~13.1d~14.1e~15.1j~16.2g~17.2g~18.2g~19.ti~20.ti~21.ti&met.7=CCgQBRgBIAooCjBdOFRoDXBdeIoEgAHeAYgB8ASwAQG4AQM~CBwQChgBIAooCjCNATiDAWgLcIMBeLfdAYABi9sBiAGp7gSwAQG4AQM~CB4QChgBIAooCjCBATh3aF5wgQF4gAyAAdQJiAGBFbABAbgBAw~CBwQChgBIAooCjDoATjdAUANSA1QDVhcYDBoXnDiAXjpRIABvUKIAcuiAbABAbgBAw~CE0QChgBIAooCjDYATjNAUANSCFQIVhxYEVocnCkAXi0hgOAAYiEA4gB_fQJsAEBuAED~CBwQBhgBIAsoCzBbOFBoDXBXeNYCgAEqiAEqsAEBuAED~CBwQBhgBIAsoCzBaOE9oDXBaeKwCsAEBuAED~CBwQARgBIJIBKJIBMNwBOElokwFw2wF4rAKwAQG4AQM~CBwQARgBIJcBKJcBMOIBOEtomQFw3gF4rAKwAQG4AQM~CCgQChgBIJwBKJwBMIECOGVooAFw5wF4nJgCgAHwlQKIAYqRBbABAbgBAw~CCkQChgBILACKLACMIcEONcBQLICSNcCUNcCWK8DYP0CaLADcNcDeJyqAoAB8KcCiAGrzgawAQG4AQM~CBwQChgBILECKLECMIcDOFZotAJwhgN4xyKAAZsgiAGwVrABAbgBAw~CAkQChgBILcCKLcCMO4CODdotwJw5gJ4yFiAAZxWiAHQ4wGwAQG4AQM~CCcQChgBIPQCKPQCMKYDODJo9QJwngN4k3mAAed2iAGKxQKwAQG4AQM~CCcQBRgBILkDKLkDMOcDOC9ougNw5AN490OAActBiAHqsgGwAQG4AQM~CB8QBRgBIK0EKK0EMKMGOPcBUKQFWPgFYKUFaPgFcKAGePYUgAHKEogB8C-wAQG4AQM~CCIQBBgBIK8EKK8EMJcGOOgBQLoESNoEUNoEWLkFYP0EaLsFcJYGeKwCsAEBuAED~CCgQChgBIOIHKOIHMJQIODJo5QdwiAh4hb0BgAHZugGIAYv1A7ABAbgBAw~CAwQCBgBKAQwMjinCGgKcDF48SWAAcUjiAG5UaABuf__________AbABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:55 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 348ms
283ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 20 Apr 2023 16:26:55 GMT

GET
H2 200 bundle.js Show response
yastatic.net/q/set/s/rsya-tag-users/ Frame BAF0 105 KB
37 KB 70ms
68ms Script
application/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Requested by

Host: afn.by
URL: https://afn.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:55 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
last-modified: Fri, 29 Oct 2021 11:19:01 GMT
server: nginx/1.17.9
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
etag: W/"82bdc8db563d3e71c35534315f8a9fd5"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952
x-nginx-request-id: ad74fb2d80a0d737
timing-allow-origin: *
expires: Sun, 23 Apr 2023 04:23:37 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4408 42 B
64 B 74ms
73ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssMBeZMkNy8FycjzJNP0weM20cjfohb4sJzxcrfxPb9JfFt-OoZaL21tziNBs6bCg3yrOIIHgzSI2Dk5I-f4pUo-kxexlE4s0gM8sbK8PXW8xstMs4Pb10xMrW3&sai=AMfl-YQFHRiBkGde6Hs0tzPVUox3WgefA1uoyFq_-9UOqgERT2khd2AuGJyceU_IpmCMBL1xuwMQVISDFBC2&sig=Cg0ArKJSzNcxALDE0i2_EAE&cid=CAQSGwBygQiD1_U0_MpZkmsnFWweRzSvPEI6C4au9RgB&id=lidar2&mcvt=1046&p=0,0,90,728&mtos=579,1046,1046,1046,1046&tos=579,467,0,0,0&v=20230419&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1682008014557&rpt=442&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ Frame BAF0 164 KB
58 KB 50ms
49ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

4a29005bef08386b18e8fde48b782d349d4632de2ee2b557114dfa0c930ed676

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Wed, 19 Apr 2023 15:07:00 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "643fd964-e5c9"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 58825
expires: Thu, 20 Apr 2023 17:26:56 GMT

GET
H2 200 data Show response
yandex.ru/set/s/rsya-tag-users/ Frame BAF0 403 B
751 B 78ms
77ms Fetch
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/set/s/rsya-tag-users/data?referrer=https%3A%2F%2Fafn.by%2F

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

51ef8192d851de7483184d42110bbabb158453547a177637f11183f72b3608af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1682008016101693-16103014987723823083-balancer-l7leveler-kubr-yp-vla-66-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: public,max-age=300
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F96E 13 KB
5 KB 37ms
35ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://afn.by/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 13698
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 12:38:38 GMT
expires: Fri, 19 Apr 2024 12:38:38 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CEE2 783 B
970 B 53ms
48ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

434358ee4e4756c856e8f17a5424a43462ad31156ccabde4852995e3ac386ef0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pchgRzSxmD1fDx8-4xYwPw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://afn.by/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-pchgRzSxmD1fDx8-4xYwPw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 16:26:56 GMT
expires: Thu, 20 Apr 2023 16:26:56 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 MezC-G1ZF-1GZ9yqq0o7IScgI3uEZvBcP5CgXoWKMDE.js Show response
pagead2.googlesyndication.com/bg/ Frame F96E 36 KB
14 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MezC-G1ZF-1GZ9yqq0o7IScgI3uEZvBcP5CgXoWKMDE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31ecc2f86d5917ed4667dcaaab4a3b212720237b8466f05c3f90a05e858a3031

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 19:05:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 163284
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14288
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Apr 2024 19:05:32 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame BAF0 44 KB
16 KB 207ms
102ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

2a348f9793269ef74e8bd0be51c68f47b76b1bbd1c054b78b8fa3feb0bb82971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16233
x-xss-protection: 0
server: cafe
etag: 7413974659963572443
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 20 Apr 2023 16:26:56 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/1014923426/ Frame BAF0
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=0GdBZMDaG4Oh6gTa-Kv4Aw...
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=68648844&crd=&is_vtc=1&random=3882443270
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=68648844&crd=&is_vtc=1&random=3882443270&ipr=y

42 B
64 B

50ms
50ms

Image
image/gif

2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=68648844&crd=&is_vtc=1&random=3882443270&ipr=y

Protocol

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:56 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:56 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=68648844&crd=&is_vtc=1&random=3882443270&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/1014923426/ Frame BAF0
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=0GdBZODgG5Gg6wST_J-QBA...
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=17077754&crd=&is_vtc=1&random=3212398753
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=17077754&crd=&is_vtc=1&random=3212398753&ipr=y

42 B
64 B

53ms
53ms

Image
image/gif

2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=17077754&crd=&is_vtc=1&random=3212398753&ipr=y

Protocol

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:56 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:56 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=17077754&crd=&is_vtc=1&random=3212398753&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CEE2 0
0 71ms
70ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230417&jk=2084868377474032&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H2 200 advert.gif
mc.yandex.com/metrika/ Frame BAF0 43 B
101 B 52ms
51ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:56 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 19 Apr 2023 15:07:00 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "643fd964-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Thu, 20 Apr 2023 17:26:56 GMT

GET
H2 200 3 Show response
mc.yandex.com/watch/ Frame BAF0 256 B
356 B 51ms
51ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fafn.by%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aiwhcse2c9umatouo0rfee7%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1025%3Acn%3A1%3Adp%3A0%3Als%3A40984507496%3Ahid%3A322891214%3Az%3A0%3Ai%3A20230420162656%3Aet%3A1682008016%3Ac%3A1%3Arn%3A364050143%3Arqn%3A1%3Au%3A1682008016812182612%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C97%2C50%2C1%2C4%2C0%2C%2C23%2C0%2C184%2C184%2C0%2C184%3Aco%3A0%3Acpf%3A1%3Ans%3A1682008014015%3Ast%3A1682008016&t=clc(0-0-0)rqnt(1)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

c5396d90ec6684959f36e65e7a9d9c0d626464ee4da664c85c31dc19607dc735

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:56 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Thu, 20-Apr-2023 16:26:56 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 256
x-xss-protection: 1; mode=block
expires: Thu, 20-Apr-2023 16:26:56 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F96E 0
10 B 36ms
36ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Nr2WSw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:26:56 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame BAF0 3 KB
1 KB 79ms
78ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1682008016379&cv=9&fst=1682008016379&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fafn.by%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7468a07d6bdcbb8fb9d1a09754d68f6f2fc5337ce1fa9f401e80ac80250d11bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1369
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame BAF0 3 KB
1 KB 78ms
78ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1682008016383&cv=9&fst=1682008016383&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fafn.by%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87cfe15677287c25e935fef3515e328ea145b269dc99491286243a5b7882d3d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1380
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame BAF0 3 KB
1 KB 81ms
81ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1682008016389&cv=9&fst=1682008016389&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fafn.by%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa60a16481c070bb6f15a2e863913eb591b24e9215a66fe3f7f3c43dd976d489

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1367
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame BAF0 3 KB
1 KB 87ms
86ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1682008016390&cv=9&fst=1682008016390&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fafn.by%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

842cad37302d9de83ca2a6ae9b33e3bd4e601d2cf30935a2826303a454688e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1380
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.acint.net/ping/ 43 B
224 B 12ms
12ms Image
image/gif 167.235.177.246
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/ping/?v=0.5.1&uid=4f7f3bb3-e337-44ef-83c6-30c0fe985811&dp=10&tz=%2B00%3A00&nc=17107526&dT=2023-04-20T16%3A26%3A56.395
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.235.177.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz2024477.sapientru.net
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif
date: Thu, 20 Apr 2023 16:26:56 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 WPWejI_zOFu0TGm0b1HAkX8Qr2fjsGK0_W4GW8200J7DPq5a000003YWwJY80W6v0j6Hq54i2Cfpy0A6mU7H0u0fk0R80Sa6pOkmpUP6L0wf1n3cJFH_784S-0S1q0Y2W8200WK8sEOGvW00Qrmf0iVvy0i6u0s2W821W82029WEpPV2xUpSaQeEg0-Gp9Fl_u_7m... Show response
yandex.ru/an/count/ 43 B
691 B 61ms
61ms XHR
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/count/WPWejI_zOFu0TGm0b1HAkX8Qr2fjsGK0_W4GW8200J7DPq5a000003YWwJY80W6v0j6Hq54i2Cfpy0A6mU7H0u0fk0R80Sa6pOkmpUP6L0wf1n3cJFH_784S-0S1q0Y2W8200WK8sEOGvW00Qrmf0iVvy0i6u0s2W821W82029WEpPV2xUpSaQeEg0-Gp9Fl_u_7m1oG4D7UkCgYeyQy786gpwiHy18FY1C2a1Cou1G1y1N1YlRieu-y_6EO5f2hgg46e1QGmzIX1iaMy3_O5e4Ng1S9q1WX-1ZIcyZ7zj_urWk06OaPKvKB6RWP____0S0PpPVht8lrZPXEqXaIUM5YSrzpPN9sPN8lSZWnCoqnw1cW7_0PWC83c1hKmrEm6qYu6mE270rsQa8wE6njU39eOsWtwHo07Vz_y1y1W202Y20Cq27___y1rIB__t__WIEW8m7o8nG0U6lggLvIW_-66HN7amE_ezLC4UYV6JeJIi0XZSGbUqiCZZ-UhkgZPi06Eo9NpjevL9IevWXtvoW3M3HoaqDaS0y0~1=WQOejI_zOD00vGm0D1T0zeu6q072qOEXlEAEWwC1W041Y07udeVdem6G0SRMnzZcW8200fW1njR7s6Qu0VYrixecs060b_Em0U01hA_2i07e0Re2-07seDw-0PW2pfEM5w02z9ZK5i022x030XI81PBsTv05XOM40R05yCWXk0Nmo2701P2FZ0F81T3QPD05euaEg0Qg0wa74EPCz7ySWHou1xG6q0SMu0U6meA01k08keog2-W91u0A0VWAWBKOw0oJ0fWDf-4tmQ8Ic17FtYsXkO0KW23G50te58m2c1QGgwgX1g0MaCFKeGR95l0_q1ONhhIqCRWN0S0NjTO1e1cg0xWP_m7u6U62i2A16l__WvhmY_yUe1hMWjAFiBFFo2Me7W6m7m787_6ygcQf88KvJ6VLLDG_k23ExooG8itUBP0Ypjuja2BFtYsG8lo7Bf0Y_OSka2B-XoxL8l__V_-18m3mFuaZPju_a2EA-eM0rO2UlI6O8z6Yoll0afFnT0m0GDG3zy39rPgHDoR6g1WEsp4NbfkNIMENpFvaw7PM4GXZC5WK0G00~1?stat-id=1&test-tag=180319907011089&banner-sizes=eyI3MjA1NzYwNzgyMDk5ODA1MSI6IjE2MDB4MzAwIn0%3D&format-type=118&actual-format=8&pcodever=760136&banner-test-tags=eyI3MjA1NzYwNzgyMDk5ODA1MSI6IjQzODI3MzcifQ%3D%3D&constructor-rendered-assets=eyI3MjA1NzYwNzgyMDk5ODA1MSI6MjE3OTcyNX0&pcode-active-testids=758322%2C0%2C64&width=4000&height=300&confirmTime=2101000&confirmRatio=400000&wmode=0

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://afn.by/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 20 Apr 2023 16:26:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1682008016453017-10886999739843521180-balancer-l7leveler-kubr-yp-vla-66-BAL
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 20 Apr 2023 16:26:56 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: image/gif
access-control-allow-origin: https://afn.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Thu, 20 Apr 2023 16:26:56 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame BAF0 42 B
64 B 49ms
48ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1682008016379&cv=9&fst=1682006400000&num=1&guid=ON&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fafn.by%2F&async=1&fmt=3&is_vtc=1&random=4057004545&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:56 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/947884341/ Frame BAF0 42 B
108 B 49ms
48ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/947884341/?random=1682008016379&cv=9&fst=1682006400000&num=1&guid=ON&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fafn.by%2F&async=1&fmt=3&is_vtc=1&random=4057004545&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:56 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame BAF0 42 B
64 B 53ms
52ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1682008016383&cv=9&fst=1682006400000&num=1&guid=ON&eid=466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fafn.by%2F&async=1&fmt=3&is_vtc=1&random=1149824989&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:56 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/693627671/ Frame BAF0 42 B
154 B 48ms
47ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/693627671/?random=1682008016383&cv=9&fst=1682006400000&num=1&guid=ON&eid=466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fafn.by%2F&async=1&fmt=3&is_vtc=1&random=1149824989&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:56 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame BAF0 42 B
64 B 52ms
51ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1682008016389&cv=9&fst=1682006400000&num=1&guid=ON&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fafn.by%2F&async=1&fmt=3&is_vtc=1&random=150822801&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:56 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/947884341/ Frame BAF0 42 B
108 B 50ms
49ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/947884341/?random=1682008016389&cv=9&fst=1682006400000&num=1&guid=ON&eid=466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fafn.by%2F&async=1&fmt=3&is_vtc=1&random=150822801&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:56 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame BAF0 42 B
64 B 50ms
50ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1682008016390&cv=9&fst=1682006400000&num=1&guid=ON&eid=466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fafn.by%2F&async=1&fmt=3&is_vtc=1&random=3378282552&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:56 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/693627671/ Frame BAF0 42 B
108 B 49ms
47ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/693627671/?random=1682008016390&cv=9&fst=1682006400000&num=1&guid=ON&eid=466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fafn.by%2F&async=1&fmt=3&is_vtc=1&random=3378282552&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:56 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 37412095 Show response
mc.yandex.com/watch/ Frame BAF0 439 B
475 B 50ms
50ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fafn.by%2F&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%220%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22chrome%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aiwhcse2c9umatouo0rfee7%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1025%3Acn%3A2%3Adp%3A1%3Als%3A43913005186%3Ahid%3A322891214%3Aphid%3A1055585198%3Az%3A0%3Ai%3A20230420162656%3Aet%3A1682008016%3Ac%3A1%3Arn%3A173098324%3Arqn%3A1%3Au%3A1682008016812182612%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C97%2C50%2C1%2C4%2C0%2C%2C23%2C0%2C184%2C184%2C0%2C184%3Aco%3A0%3Acpf%3A1%3Ans%3A1682008014015%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1682008016%3At%3A&t=gdpr(6)clc(0-0-0)rqnt(1)lt(23900)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

467602e639afda3f2c90076d53a76a1f7a837efbc3bcfeefcb22a320826f2d15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:56 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Thu, 20-Apr-2023 16:26:56 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 439
x-xss-protection: 1; mode=block
expires: Thu, 20-Apr-2023 16:26:56 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4408 0
20 B 69ms
69ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1415015097359&version=m202301230201&ct=119&x=1&cor=9781523803971975000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ 0
17 B 43ms
43ms Ping
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~lgpc55xl&c=2084868377474032&e=44759837%2C44759875%2C44759926%2C42531705%2C44788442%2C31061691%2C31061692&ctx=1&met.3=782.1f6~1001.1f5_1__1~164.1f7_1~165.1f4_4~164.1f9~165.1f8_1~166.1ev_n~1032.1r1~326.1r4_2~832.1r7~868.1r7~216.1r1_9~215.1r1_9~843.1r0_a~889.1sh~639.1ss~1032.1t1~326.1t1~832.1t1~868.1t1~216.1t1_2~215.1t1_2~889.1ta~639.1tf~112.1u3_2~629.1wc_4~429.1yg_1~210.21z_1~1032.221~326.221~832.222~868.222~164.221_17~165.220_18~466.220_19~522.220_19~1013.23f~525.23a_b~639.23m~264.23m~264.23t~264.23u~264.24d~264.24p~264.25m~264.25r~264.263~264.26j~264.270~264.27h~264.283~264.28h~264.296~264.29n~264.29s~264.2a9~264.2ap~264.2b6~264.2bn~264.2c3~264.2cm~264.2d1~264.2di~264.2en~264.2ez~264.2f3~264.2fc~168.2h0~168.2h0~168.2h0~168.2h0~168.2h0~168.2h0_1~168.2h0_1~264.2h2~264.2h8~264.2ha~264.2hr~264.2i5~264.2jk~168.2jn~168.2jn~168.2jn~168.2jn_1~168.2jn_1~168.2jo~168.2jo~264.2k8~264.2ke~264.2kw~264.2ld~264.2lg~264.2lt~264.2ma~264.2mr~264.2n7~264.2no~264.2o6~264.2pd~264.2pe~264.2pq~264.2rt~264.2sg~264.2sr~264.2su~264.2tq~264.2uc~264.2uo~264.2vb~264.2vl~264.2w1~264.2wk~273.2wu~113.2ww_1~264.2wx~264.2xh_3~264.2xv~264.2yd~264.2yx~264.2za~264.2zt~257.308~264.306_2~264.30n&met.1=1.lgpc543i~6.0~7.1~8.zw~9.zw~10.12q~11.117~12.12q~13.14c~14.15n~15.14d~16.176~17.176~18.176~19.2wv~20.2wv~21.2ww~22.18b~23.18b
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20230417/r20110914/rum_fy2021.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 16:26:56 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 79ms
77ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230417&jk=2084868377474032&bg=!lJell8PNAAZA7GLoYOw7ADkAdvg8WvGyIZrX1oKrPfOzfkNvNpjqhKXRtEdik2FE_JcZBBVxgcHI1S9oLVPyl01koeQhOAiRJPECAAAArVIAAAADaAEHCgCe7tbvEq48OiK61Oq1VJYBjmty8I5qtJoMXKk6xTiRkCouN423RSeZbj1Hg0qEVgKF1wctM23pRs97iF-fNBhoRJjKuSdivIPZPi4sFFQ4PUbr4O4N-LzhPocXK8FvZi2sAikAsOlj-sp4sKEvq4wDyTxwnkxTUqZhGvoI3XnJIEKqm_4O0RI8wnCRbFIxDQKwKTCGgYtP5s_90mBvXVCZAtALM6RN5p5i29evLFQZ-oIUSEOtoYSZ-2nny7-EuAgD9xvjb8Woek8395NNd7wMxxOU7FfWPGEo5bpICNbrPj-TacSA6dVm-ViuazCMLbwLGlw8LU7zw-MC4nl0sR6IYKmgQwicfku9h8HA9e42sXUNuf4oYY9BAq62P4bMassKKzhzFVS0wnmDavcID5RqiYfALSkqoHfucZOYPQyBYBOyTPXEgZMrOq5jBH-9VzypeKINEA3-A6S2_upRJn834DtByJcQvvCnUpoeMkp07YH7VG8KtuVnwi8NdFinwq7MOB8X2jF7rN-8PZYKLIW06n9YoI7uIQ1VROo4hDLHCEgslFaTEATXG7bkEnnBx6d5bOCe5Z1gzF1fKv7K81ciEGx7BVh2pSqd7AcXgPIPXef_tFtqVWGNkvFcDK1GOZo7pVlD5_0gg9XQj6Om5fS4m75mbU92nzvCutVhJnSMTiKzbrUvp0utM3U127pX-2Np4Ka48LDkrfBZvsPwvcu5zgJ-gGmpodQ0j4HHskpjT6mSkHWtSx-1tI0Wky6RItZ6jpY-gUmzcDr3GxZtq2NNgYTmJqbKg51WdhJzFiOtZ2PM2QdrUI7SdeWxd2tvXVWjv5KQ-5J67STqxlRQ40oC2ad2v3xtNdV3UVaNf0u102hYWr0Ws61kHV2J6J1toXMALk_RrUVRd029Jyeac2FYzUgN1ggWIF-JdDnmdNEuAKzsN599FIFab_v0De8Id0yTGMNo-68-Z46ducuxXLtCr3boANlHLu-RwzYpeMBGjQKWp_JEPsg1Picos1ZsoWwrH3Y2z-V722AY4RYbXH9n4K9ZyO8M4n97IeuoMfGuA0i_PEvpdI9T-vuYm9AbN_2GACIrf_VLAp4x9v-zxjsgA5eCsETqys-HZKBZFk28hcwO6jjBy9h3wq5kwaoYH-WThVzUB0CS30gv1BNexuph9Uw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://afn.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mitdmp.whiteboxdigital.ru
URL: https://mitdmp.whiteboxdigital.ru/pixel?id=a&source=yandex&redirect=false&href=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fqbitis%2F%7Bmiid%7D

Verdicts & Comments Add Verdict or Comment

156 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

119 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 11:14:54	Name: afpix Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 11:22:06	Name: pcssspb Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 11:14:54	Name: pcs3 Value: 1
kimberlite.io/rtb/sync	1970-01-20 11:13:28	Name: f Value: https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D243%26euid%3DZEFnzhG9SSk
kimberlite.io/rtb/sync	1970-01-20 11:13:28	Name: n Value: 4
afn.by/	1970-01-20 20:49:28	Name: fid Value: 1e5ba734-a8d1-497b-9dc8-b73ffbba8dc0
.acint.net/	1970-01-20 11:13:28	Name: test_cookie Value: CheckForPermission
.acint.net/	1970-01-20 20:49:28	Name: aid Value: fwAAAWRBZ81meAO7mXJ6Arbv085jdf9SbxHiffUfAZB2mx++
.yandex.ru/	1970-01-20 20:49:28	Name: i Value: DxTOu5+sLEyEXM6BJ+8VXVDcXE774TiF+oViKwjMcNXpA87rZsgl16JRtgM/fEIyz0cdJpxRz+GPcbnEbqYKnkv5NBo=
.yandex.ru/	1970-01-20 20:49:28	Name: yandexuid Value: 1032528171682008013
.acint.net/	1970-01-20 11:56:40	Name: cSyncDp14v4 Value: 1682008013
.acint.net/	1970-01-20 11:56:40	Name: cSyncDp17 Value: 1682008013
.acint.net/	1970-01-20 11:14:54	Name: cSyncDp45v4 Value: 1682008013
.acint.net/	1970-01-20 11:56:40	Name: cSyncDp53v2 Value: 1682008013
.acint.net/	1970-01-20 11:56:40	Name: cSyncDp62 Value: 1682008013
.acint.net/	1970-01-20 11:56:40	Name: cSyncDp67v2 Value: 1682008013
.acint.net/	1970-01-20 11:56:40	Name: cSyncDp68 Value: 1682008013
.acint.net/	1970-01-20 11:56:40	Name: cSyncDp71 Value: 1682008013
.acint.net/	1970-01-20 11:56:40	Name: cSyncDp85 Value: 1682008013
.acint.net/	1970-01-20 11:56:40	Name: cSyncDp95v3 Value: 1682008013
.acint.net/	1970-01-20 11:56:40	Name: cSyncDp98v2 Value: 1682008013
.acint.net/	1970-01-20 11:56:40	Name: cSyncDp101 Value: 1682008013
.acint.net/	1970-01-20 11:33:37	Name: cSyncDp104v2 Value: 1682008013
.acint.net/	1970-01-20 11:56:40	Name: cSyncDp107v1 Value: 1682008013
.acint.net/	1970-01-20 11:56:40	Name: cSyncDp110v2 Value: 1682008013
.acint.net/	1970-01-20 11:35:04	Name: cSyncDp125v3 Value: 1682008013
.acint.net/	1970-01-20 11:56:40	Name: cSyncDp126 Value: 1682008013
.acint.net/	1970-01-20 11:56:40	Name: cSyncDp127 Value: 1682008013
.acint.net/	1970-01-20 11:56:40	Name: cSyncDp129 Value: 1682008013
.acint.net/	1970-01-20 11:56:40	Name: cSyncDp136v2 Value: 1682008013
.acint.net/	1970-01-20 11:56:40	Name: cSyncDp146 Value: 1682008013
.acint.net/	1970-01-20 11:56:40	Name: cSyncDp148v1 Value: 1682008013
.acint.net/	1970-01-20 11:56:40	Name: cSyncDp149v2 Value: 1682008013
.acint.net/	1970-01-20 11:56:40	Name: cSyncDp151 Value: 1682008013
.acint.net/	1970-01-20 11:56:40	Name: cSyncDp178 Value: 1682008013
.acint.net/	1970-01-20 11:56:40	Name: cSyncDp186 Value: 1682008013
.acint.net/	1970-01-20 11:56:40	Name: cSyncDp217 Value: 1682008013
.acint.net/	1970-01-20 11:56:40	Name: cSyncDp221 Value: 1682008013
.acint.net/	1970-01-20 11:56:40	Name: cSyncDp235v1 Value: 1682008013
.acint.net/	1970-01-20 11:56:40	Name: cSyncDp239 Value: 1682008013
.acint.net/	1970-01-20 11:56:40	Name: cSyncDp243 Value: 1682008013
.acint.net/	1970-01-20 11:56:40	Name: cSyncDp244 Value: 1682008013
.afn.by/	1970-01-20 20:49:28	Name: _ga Value: GA1.2.449161101.1682008013
.afn.by/	1970-01-20 11:14:54	Name: _gid Value: GA1.2.1402774173.1682008013
.afn.by/	1970-01-20 11:13:28	Name: _gat Value: 1
.utraff.com/	1970-01-20 11:56:50	Name: preutid Value: 1
afn.by/	1970-01-20 20:49:28	Name: _ac_oid Value: 41202ed8725301474fd4e4560f16ccb1%3A1682011613511
.upravel.com/	1970-01-20 11:13:28	Name: session_tptc Value: 1682008013533
.ssp-rtb.sape.ru/	1970-01-20 20:49:28	Name: sspuid Value: CkIDK2RBZ801PADEA0VyAlzEdEp6LcvtzqpRbjQUQPtIe06B
.adhigh.net/	1970-01-20 19:59:04	Name: gi_u Value: Fv0kTO1bJS.AikABlGHn317DQ
.upravel.com/	1970-01-20 20:49:28	Name: user_id Value: c5d2ac60-16bd-421d-a69f-130ec8bd759a
.acint.net/	1970-01-20 11:56:40	Name: cSyncDp14v3 Value: 1682008013
.afn.by/	1970-01-20 19:59:04	Name: _ym_uid Value: 1682008014157799749
.afn.by/	1970-01-20 19:59:04	Name: _ym_d Value: 1682008014
.betweendigital.com/	1970-01-20 19:59:04	Name: dc Value: lux1
.betweendigital.com/	1970-01-20 19:59:04	Name: tuuid Value: 95198a82-dfaf-526e-a81c-44facc5d2337
.betweendigital.com/	1970-01-20 19:59:04	Name: ss Value: 1
sync.adspend.space/	1970-01-20 19:59:04	Name: as-user Value: 3a1f0fbb-d3c8-44cc-b824-3702959657e8
.adhigh.net/	1970-01-20 19:59:04	Name: sape_sync Value: LKI3
.mc.yandex.com/	1970-01-20 11:13:28	Name: sync_cookie_csrf Value: 176685906fake
.afn.by/	1970-01-20 11:14:40	Name: _ym_isad Value: 2
.rutarget.ru/	1970-01-20 15:32:40	Name: userId Value: 5FLG06xeIlKU
.mc.yandex.by/	1970-01-20 11:13:28	Name: sync_cookie_csrf Value: 1460694625fake
.adriver.ru/	1970-01-20 20:49:28	Name: cid Value: Awrd0rlr_IkW5nTDB2hv3YA
.uuidksinc.net/	1970-01-20 19:59:04	Name: jcsuuid Value: gQzVdeKe8Sj7PgITOXQm
.mc.yandex.ru/	1970-01-20 11:13:28	Name: sync_cookie_csrf Value: 2093999703fake
.mts.ru/	1970-01-20 19:46:06	Name: dspid Value: 0fddca32-2607-4902-b35a-50a4970b7f3c
.bumlam.com/	1970-01-20 20:49:28	Name: suuid3 Value: IiQyOTM1ZGQ0OC1kZjk4LTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
.yandex.com/	1970-01-20 19:59:04	Name: yandexuid Value: 1032528171682008013
.yandex.com/	1970-01-20 19:59:04	Name: yuidss Value: 1032528171682008013
.yandex.com/	1970-01-20 20:49:28	Name: i Value: DxTOu5+sLEyEXM6BJ+8VXVDcXE774TiF+oViKwjMcNXpA87rZsgl16JRtgM/fEIyz0cdJpxRz+GPcbnEbqYKnkv5NBo=
.mc.yandex.com/	1970-01-20 11:14:54	Name: sync_cookie_ok Value: synced
ssp.bidvol.com/	1970-01-20 20:49:28	Name: bvuid Value: baveqe52rl
.yandex.by/	1970-01-20 20:49:28	Name: yandexuid Value: 1032528171682008013
.yandex.by/	1970-01-20 20:49:28	Name: yuidss Value: 1032528171682008013
.yandex.by/	1970-01-20 20:49:28	Name: i Value: DxTOu5+sLEyEXM6BJ+8VXVDcXE774TiF+oViKwjMcNXpA87rZsgl16JRtgM/fEIyz0cdJpxRz+GPcbnEbqYKnkv5NBo=
.mc.yandex.by/	1970-01-20 11:14:54	Name: sync_cookie_ok Value: synced
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 478724971682008013
.yandex.com/	1970-01-20 19:59:04	Name: ymex Value: 1713544013.yrts.1682008013
.yandex.com/	1970-01-20 19:59:04	Name: bh Value: KgI/MA==
sync.gonet-ads.com/	1969-12-31 23:59:59	Name: chk Value: 1
.aidata.io/	1970-01-20 20:49:28	Name: __upin Value: WaMMihBMeiQTJbe6RVOB+w
.aidata.io/	1970-01-20 20:49:28	Name: __upints Value: 1682008013
.yandex.ru/	1970-01-20 20:49:28	Name: yuidss Value: 1032528171682008013
sync.programmatica.com/	1969-12-31 23:59:59	Name: chk Value: 1
.agency2.ru/	1970-01-20 19:46:06	Name: uuid Value: 290d6a68-e95c-429a-bd3f-8c94996e5de5
.programmatica.com/	1970-01-20 20:49:28	Name: pid Value: NWY5NGViNDU4MDc1NThhYg
x01.aidata.io/	1970-01-20 11:17:47	Name: livin Value: 1
.mts.ru/	1970-01-20 20:49:28	Name: mts_id Value: 858a1b7d-d590-48a4-9623-72d98e3be007
.mts.ru/	1970-01-20 20:49:28	Name: mts_id_last_sync Value: 1682008014
.adx.com.ru/	1970-01-20 19:59:04	Name: user Value: 644167ced41e060001aeeb73
kimberlite.io/	1970-01-20 13:23:04	Name: u Value: ZEFnzhG9SSk~28_qz-NCpABOn6qtGfZqyR3DWeY
.afn.by/	1970-01-20 20:35:04	Name: __gads Value: ID=a8e5fc2dd884789b-22781e8ea4dd003a:T=1682008014:RT=1682008014:S=ALNI_Ma-DMVbMykCXf50qDlbfkx-klMVMQ
.afn.by/	1970-01-20 20:35:04	Name: __gpi Value: UID=00000bede09463ae:T=1682008014:RT=1682008014:S=ALNI_MbmKH-lDby0tB8-NB4pB_TY_u__Qg
.adhigh.net/	1970-01-20 19:59:04	Name: yandexssp_sync Value: LKI3
x01.aidata.io/	1970-01-20 11:23:32	Name: yaya Value: 1
.gonet-ads.com/	1970-01-20 20:00:30	Name: pid Value: NjcyMmEwMWYyN2UyNDU2ZQ
px.arcspire.io/	1970-01-20 11:56:40	Name: arcid Value: 9f3964b6e4c28e92279059
.betweendigital.com/	1970-01-20 19:59:04	Name: ut Value: ZEFnzgAEcLjU0P9Eat8d2H4-UZKe4K41w6XBYg==
.weborama.fr/	1970-01-20 20:39:23	Name: AFFICHE_W Value: StR7MMsFljFK22
.360yield.com/	1970-01-20 13:23:04	Name: tuuid_lu Value: 1682008014
.360yield.com/	1970-01-20 13:23:04	Name: tuuid Value: aa7fe0d7-ca2b-4bea-9d99-d6ab9144f877
.tns-counter.ru/	1970-01-20 19:59:04	Name: guid Value: 80936A05644167CEX1682008014
.dmg.digitaltarget.ru/	1970-01-20 20:49:28	Name: viuserid Value: LZL1NAnhMoF3FJi7SOlC
.adx.opera.com/	1970-01-20 19:59:04	Name: UID Value: OPU2ef2661d8e274b13b563e18b11ebcec3
.demdex.net/	1970-01-20 15:32:40	Name: demdex Value: 25530872302400509532672743920279775215
.sonar.semantiqo.com/	1970-01-20 20:49:28	Name: semantiqo_a Value: 94c6ffdbb873467196b9466893016b4e
.sonar.semantiqo.com/	1970-01-20 20:09:08	Name: check Value: e2862e2a1459489aa7cae82c080cc68a
.dpm.demdex.net/	1970-01-20 15:32:40	Name: dpm Value: 25530872302400509532672743920279775215
.mail.ru/	1970-01-20 20:00:30	Name: VID Value: 0mG0Jz3xbMYH002Dqj1NW12H:::0-0-0-95bc08e:CAASEHdI6leIJrW2z4t29XdHOd8aYNXbz0ce9xKlYsm6DwuADcuI2HB9AgAW9DZqHg8ceBV4jbbHyrp6YVfL8x4ow_RkQK35eVS2RHoJwvfBa1IXvZFzA5xaYtBueFQT6_Qok1MaEwHzWUHghfaUzFKerRxyNg
.doubleclick.net/	1970-01-20 20:35:04	Name: IDE Value: AHWqTUlNtkpFSvRImvumiSl226eA83ecUxYhlPcODpmZv-hc_zZbuvLENspGfYRR
.adnxs.com/	1970-01-20 13:23:04	Name: uuid2 Value: 8123361187468072167
.casalemedia.com/	1970-01-20 19:59:04	Name: CMID Value: ZEFnzs9qjffiwi6dApG9vgAA
.casalemedia.com/	1970-01-20 13:23:04	Name: CMPS Value: 1117
.casalemedia.com/	1970-01-20 13:23:04	Name: CMPRO Value: 1117
.adnxs.com/	1970-01-20 13:23:04	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C$MMjSIv!@wnfH8K6pQK`!5=E<*L5?%K3`)MCj4wC$ab`^Cf4?KXtgl2D5>zP1+jo]Fk%nugO%v4VB%nlpf)mWL.
.ohmy.bid/	1970-01-20 11:56:40	Name: uid Value: 50c364de-7e6e-4fde-8607-6472d8f9f069.644167ce.c13c0a7f01701db4
.yandex.ru/	1970-01-20 20:49:28	Name: is_gdpr Value: 1
.yandex.ru/	1970-01-20 20:49:28	Name: is_gdpr_b Value: CI7aQhDrsgEYAQ==

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://an.yandex.ru/setud/mts_banner/D93KMiYHSQKzWlCklwt_PA?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D0&sign=769295378 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fprodmp.ru%2Fyabbi.gif%3Fuid%3D644167ced41e060001aeeb73%26r%3D&webouid=p06OiAVrcZXZhHCxlY9UEu Message: Failed to load resource: the server responded with a status of 429 ()
network	error	URL: https://an.yandex.ru/setud/mts_banner/D93KMiYHSQKzWlCklwt_PA?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D59%26em%3D0&sign=1904105073 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2935dd48-df98-11ed-86e0-002590c0647c.n1.sync.bumlam.com
2935dd48-df98-11ed-86e0-002590c0647c.n4.sync.bumlam.com
a.utraff.com
acint.net
ad.mail.ru
ads.adlook.me
ads.betweendigital.com
adservice.google.com
adservice.google.de
adx.com.ru
afn.by
an.yandex.ru
avatars.mds.yandex.net
cm.g.doubleclick.net
cm.tns-counter.ru
counter.yadro.ru
cs.agency2.ru
csi.gstatic.com
dm-eu.hybrid.ai
dm.hybrid.ai
dmg.digitaltarget.ru
dpm.demdex.net
dsum-sec.casalemedia.com
euw-ice.360yield.com
ev.adriver.ru
exchange.buzzoola.com
favicon.yandex.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
im.bluevoox.com
kimberlite.io
match.360yield.com
match.new-programmatic.com
mc.yandex.by
mc.yandex.com
mc.yandex.ru
mitdmp.whiteboxdigital.ru
nr.bidderstack.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.bumlam.com
pixel.konnektu.ru
profile.ssp.rambler.ru
px.adhigh.net
px.arcspire.io
redirect.frontend.weborama.fr
rtb-eu-warsaw.intent.ai
rtb.programattik.com
s.uuidksinc.net
s0.2mdn.net
sape-sync.rutarget.ru
securepubads.g.doubleclick.net
sm.rtb.mts.ru
solta-sync.rutarget.ru
sonar.semantiqo.com
sp.ohmy.bid
ssp-rtb.sape.ru
ssp.adriver.ru
ssp.bestssp.com
ssp.bidvol.com
stats.g.doubleclick.net
sync.1dmp.io
sync.adkernel.com
sync.adspend.space
sync.bumlam.com
sync.dmp.otm-r.com
sync.gonet-ads.com
sync.programmatica.com
sync.upravel.com
t.adx.opera.com
tag.digitaltarget.ru
tech.rtb.mts.ru
top-fwz1.mail.ru
tpc.googlesyndication.com
www.acint.net
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
x01.aidata.io
yandex-dmp-sync.rutarget.ru
yandex-sync.rutarget.ru
yandex.ru
yastatic.net
ysa-static.passport.yandex.ru
mitdmp.whiteboxdigital.ru
116.202.85.93
130.193.58.13
142.250.181.226
142.250.184.194
142.250.186.130
148.251.236.118
167.235.117.42
167.235.14.51
167.235.177.246
176.122.21.139
18.200.127.67
185.147.80.35
185.15.175.145
185.196.197.130
185.80.39.216
185.89.210.122
188.120.241.47
188.120.241.50
188.42.105.220
188.42.196.115
188.72.107.194
188.72.109.103
193.232.148.141
193.3.184.200
195.209.108.56
2001:6d0:4001::226
212.76.129.181
213.87.44.187
217.65.2.150
217.66.147.39
23.111.107.44
23.88.12.14
2606:4700:20::681a:f45
2606:4700:3032::6815:3b42
2a00:1148:db00::17
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:811::2003
2a00:1450:4001:811::2004
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2006
2a00:1450:4001:830::2002
2a00:1450:4001:830::200e
2a00:1450:4001:831::2003
2a00:1450:400c:c0a::9a
2a02:6b8:20::215
2a02:6b8::184
2a02:6b8::1:119
2a02:6b8::36
2a02:6b8::5:114
2a02:6b8::90
2a02:6b8:a::a
31.172.81.158
31.172.81.160
35.177.4.157
35.190.24.218
37.18.16.21
37.230.131.16
49.12.83.94
52.45.175.185
54.154.173.64
62.173.140.157
65.109.65.187
77.245.57.72
81.222.128.215
82.145.213.8
83.222.105.70
85.111.6.50
87.242.89.90
87.242.93.185
88.212.201.204
89.108.119.28
89.108.127.68
91.192.150.14
95.163.52.67
95.217.109.66
02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
08f19ecd3a659e397d785841e224bde93f5c499fbb974d6f1f2ac507a81671be
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e0406dcd67de7c7084ef36057aa5296a4fe77e342c96b3ef1d3846169d833a6
0edc7fe15992efc5f19bbc82199cc606b11f81e65b4df4282bbd2afcb0ec1017
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
1ddb0b820dec7b14a548cd751c4a24db01dec9d0716daa5724ee5c65d3c347ec
21805f6753661b417e371bc6d07627765a0bdb09ff769049bd4fa36a22cac022
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5
2a348f9793269ef74e8bd0be51c68f47b76b1bbd1c054b78b8fa3feb0bb82971
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2db3be6364b8d39d14f4546b022c5739cb1dce1239795cb2481861ca9fc3c2b2
2e6a2c48ddf656dd18431ca6f656e4d671a93141d2db4f304587d74280ecfbe4
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31ecc2f86d5917ed4667dcaaab4a3b212720237b8466f05c3f90a05e858a3031
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
379e9267c135f7515414a84dc87ac6f3adf849488d8f75a6e67e8bda6d37eec0
37b20394d252b7dce644fcccd75602abaec32080c336b02ad4dbb545d39d0bcd
3b9bfffdd25b235582aed4cf08b709719aa5af611d5ca3f3f4a5cb5a17d9b6ee
3ca7303cb16c078c0bcfd488899772dcba2ce31c67e30b24ed8407127da7a97c
3d8799c171813adffb4105be1ee07dfd2e7716ba4a5fdd8b785736285a3bf677
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80
434358ee4e4756c856e8f17a5424a43462ad31156ccabde4852995e3ac386ef0
4569d4e1b0e52b6316681f7312674f43ecb2b72ea8ab4adb2375e3686862c7dc
467602e639afda3f2c90076d53a76a1f7a837efbc3bcfeefcb22a320826f2d15
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
473feba11f89b4d197a2263ebb6567e53b75a969cff0679ccf50f6634fa3a4f5
4a29005bef08386b18e8fde48b782d349d4632de2ee2b557114dfa0c930ed676
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51ef8192d851de7483184d42110bbabb158453547a177637f11183f72b3608af
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
576bf806a6ecd7c875739b2c77be848285ef7f557d3616565b1317b8d377303b
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
59943b80e0488ef668f629dbe33c5af3a0602aefa260f3600553f62e2d77f9f0
6079294df6502356b0e384df722a5fb75266504f3e1b7901116e65e46b0e750f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2
740e0b69971698972748e856a3b7f592c71b30f3d7f5fbc57ba26647362342b6
7468a07d6bdcbb8fb9d1a09754d68f6f2fc5337ce1fa9f401e80ac80250d11bb
75bb660f0c38697ed9be3b33be8e5a24365708ee94922da9dd44875efc3776e0
76cc6d360b479ab721bc5154dc51b098f12bc82f7467a60623c863fd2c5a61ab
78ce92a2658446efba8b14c81c505ba1b5a3e8fb945144eca8315cef2c8c250a
79ef360d982ba517a72216b0bc5cbc29e2ab1a2d363cbb15a7a81ccc097c5847
8126a786b178c58984fe63249ce3fabaa0236797990fe6f75082bc49c9dcb0d2
82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
842cad37302d9de83ca2a6ae9b33e3bd4e601d2cf30935a2826303a454688e98
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86d6b15af4993c90a65859c39f007c202beed7fe9f013ed8cdae7a695c2af2ea
87cfe15677287c25e935fef3515e328ea145b269dc99491286243a5b7882d3d1
8b79e23911eefeaca5867708a66b84e64409d0b586b0be32b0a4e58dbd358f39
8ba3e3e1912ff8d885aa686201303d50274fc681d2c37edf4b9ed5a8e19e3617
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
9b3caf7e73a6fa4b377170b0070fc293b70726966823e7a72fc841437148c09d
9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a2108bb3f86caf930d09e8a85ae0eccf3a11a5d51296a620201e8a76a9b030c7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aa60a16481c070bb6f15a2e863913eb591b24e9215a66fe3f7f3c43dd976d489
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d
b40478394cf2d970975a1375d5991783644354a01ab75e14d41c94ef983d8e29
b5d520cab597e7a79eb25c34d6ad5e9324b9beb35752acab41abe88ef3b3152d
bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bf5a32878407b7e1f4fae574fdd255f300dd3002c7cc3561b4d5b03df1edb5b3
c1c57474d88bc77066cc29ddbaaa5e853c3dc5e4892ab6cfe64ec36be3058389
c5396d90ec6684959f36e65e7a9d9c0d626464ee4da664c85c31dc19607dc735
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d02406cd88a47de122e1e34f06500c9fa249d0ee521af39e6906243e9f8c22a7
d350a934a5404343109b312ed3c9a675f3e5805555c3b2b33bb63519882d4371
d59e6c0d8ac22edc7e91a4591995b316622ce1e932a90c33d5b8db3a7eede928
d63a18e8be1bbb529d3ff08b48fc963701a9d1c8a662194312e9a30f818e4d74
e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e8a8dad2cdf4a7da0f38040d138a7716b70e4d8f13dc318aa5e9b0a7f77b63c2
eaba4c606dbd8ce6ad26a8bb999d30e855f8c1c5e194dc675b459c60679e8cb0
ebb3597f3a327fe00b7b1b766dd19e454e3f8b34ad5d45505439b42bf1c24d42
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192
f31d187aa243380e4b44f52f9c1d5f333a98dfd9dcb563fbc639aa437dafdd0e
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
fea6ea9b6b0765ec97bb7d710da40a4416285fbe81016e64ff38adf03b11493b
ffa6abd2363fe1549402399772fca75af523315847efb822e62471f388bce0c8

afn.by Open in urlscan Pro 62.173.140.157 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

213 Requests

69 %HTTPS

30 %IPv6

62 Domains

88 Subdomains

53 IPs

13 Countries

3659 kBTransfer

6506 kBSize

119 Cookies

4 Outgoing links

Redirected requests

213 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

afn.by Open in urlscan Pro
62.173.140.157 Public Scan

Screenshot
Live screenshot

Full Image

213
Requests

69 %
HTTPS

30 %
IPv6

62
Domains

88
Subdomains

53
IPs

13
Countries

3659 kB
Transfer

6506 kB
Size

119
Cookies

213 HTTP transactions
2 data transactions