media-polesye.by Open in urlscan Pro
178.172.136.207 Public Scan

URL:
https://media-polesye.by/news/
Submission: On April 05 via manual (April 5th 2020, 9:41:29 pm UTC) from BY

Summary HTTP 103 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 19 IPs in 4 countries across 18 domains to perform 103 HTTP transactions. The main IP is 178.172.136.207, located in Belarus and belongs to BN-AS Belarussian data communication service provider., BY. The main domain is media-polesye.by.
TLS certificate: Issued by Let's Encrypt Authority X3 on March 9th 2020. Valid for: 3 months.

This is the only time media-polesye.by was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
22	178.172.136.207 178.172.136.207	12406 (BN-AS Bel...) (BN-AS Belarussian data communication service provider.)
14	2a00:1450:400... 2a00:1450:4001:81f::2002	15169 (GOOGLE) (GOOGLE)
6	2a02:6b8:20::215 2a02:6b8:20::215	13238 (YANDEX) (YANDEX)
1	195.181.175.55 195.181.175.55	60068 (CDN77) (CDN77)
1	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
1 10	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1	2a00:1450:400... 2a00:1450:4001:821::200a	15169 (GOOGLE) (GOOGLE)
1 4	2a02:6b8::16b 2a02:6b8::16b	13238 (YANDEX) (YANDEX)
7	2a02:6b8::90 2a02:6b8::90	13238 (YANDEX) (YANDEX)
3 12	77.88.21.179 77.88.21.179	13238 (YANDEX) (YANDEX)
5	2a00:1450:400... 2a00:1450:4001:820::2003	15169 (GOOGLE) (GOOGLE)
1	80.94.224.227 80.94.224.227	21305 (IPTEL-AS) (IPTEL-AS)
3	217.69.133.145 217.69.133.145	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
1 2	88.212.201.216 88.212.201.216	39134 (UNITEDNET) (UNITEDNET)
2	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
3	172.217.22.98 172.217.22.98	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:81a::2001	15169 (GOOGLE) (GOOGLE)
9	2a02:6b8::184 2a02:6b8::184	13238 (YANDEX) (YANDEX)
103	19

22 178.172.136.207 (Belarus)

ASN12406 (BN-AS Belarussian data communication service provider., BY)
PTR: 178-172-136-207.hosterby.com

media-polesye.by	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6b8:20::215 (Russian Federation)

ASN13238 (YANDEX, RU)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.181.175.55 (Frankfurt am Main, Germany)

ASN60068 (CDN77, GB)
PTR: unn-195-181-175-55.datapacket.com

web.webpushs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

informer.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::16b (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

matchid.adfox.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::90 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 77.88.21.179 (Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)
PTR: adfox-external-l3-engine.stable.qloud-b.yandex.net

ads.adfox.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.94.224.227 (Belarus)

ASN21305 (IPTEL-AS, BY)
PTR: nbrb.gov.by

www.nbrb.by	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 217.69.133.145 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.216 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host216.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.22.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s18-in-f98.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:6b8::184 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

avatars.mds.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	media-polesye.by media-polesye.by	173 KB
21	yandex.ru 2 redirects informer.yandex.ru matchid.adfox.yandex.ru an.yandex.ru mc.yandex.ru	320 KB
12	adfox.ru 3 redirects ads.adfox.ru	32 KB
11	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	141 KB
9	yandex.net avatars.mds.yandex.net	212 KB
6	yastatic.net yastatic.net	98 KB
5	doubleclick.net googleads.g.doubleclick.net securepubads.g.doubleclick.net	89 KB
5	gstatic.com fonts.gstatic.com	46 KB
3	googletagservices.com www.googletagservices.com	69 KB
3	mail.ru top-fwz1.mail.ru	10 KB
2	google-analytics.com www.google-analytics.com	18 KB
2	yadro.ru 1 redirects counter.yadro.ru	2 KB
2	google.com adservice.google.com	342 B
2	google.de adservice.google.de	490 B
1	nbrb.by www.nbrb.by
1	googleapis.com fonts.googleapis.com	1 KB
1	googletagmanager.com www.googletagmanager.com	28 KB
1	webpushs.com web.webpushs.com	17 KB
103	18

	Domain	Requested by
22	media-polesye.by	media-polesye.by pagead2.googlesyndication.com
12	ads.adfox.ru	3 redirects media-polesye.by yastatic.net
9	avatars.mds.yandex.net	media-polesye.by an.yandex.ru
9	mc.yandex.ru	1 redirects media-polesye.by mc.yandex.ru
7	an.yandex.ru	yastatic.net an.yandex.ru
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
6	yastatic.net	media-polesye.by yastatic.net an.yandex.ru
5	fonts.gstatic.com	pagead2.googlesyndication.com media-polesye.by
5	pagead2.googlesyndication.com	media-polesye.by pagead2.googlesyndication.com securepubads.g.doubleclick.net
4	matchid.adfox.yandex.ru	1 redirects yastatic.net media-polesye.by
3	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
3	www.googletagservices.com	pagead2.googlesyndication.com yastatic.net securepubads.g.doubleclick.net
3	top-fwz1.mail.ru	media-polesye.by top-fwz1.mail.ru
2	www.google-analytics.com	www.googletagmanager.com media-polesye.by
2	counter.yadro.ru	1 redirects media-polesye.by
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	adservice.google.com	pagead2.googlesyndication.com www.googletagservices.com
2	adservice.google.de	pagead2.googlesyndication.com www.googletagservices.com
1	www.nbrb.by	media-polesye.by
1	fonts.googleapis.com	media-polesye.by
1	informer.yandex.ru	media-polesye.by
1	www.googletagmanager.com	media-polesye.by
1	web.webpushs.com	media-polesye.by
103	23

This site contains links to these domains. Also see Links.

Domain
an.yandex.ru
direct.yandex.ru
metrika.yandex.ru
www.liveinternet.ru

Subject Issuer	Validity	Valid
media-polesye.by Let's Encrypt Authority X3	`2020-03-09` - `2020-06-07`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
static.yandex.net Yandex CA	`2019-09-06` - `2020-09-05`	a year	crt.sh
web.webpushs.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-17` - `2021-01-15`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2019-09-23` - `2020-09-22`	a year	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
matchid.adfox.yandex.ru Yandex CA	`2020-02-26` - `2021-02-25`	a year	crt.sh
bs.yandex.ru Yandex CA	`2019-09-24` - `2020-09-23`	a year	crt.sh
*.adfox.ru Yandex CA	`2019-08-01` - `2020-07-31`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
www.nbrb.by GeoTrust EV RSA CA 2018	`2020-02-11` - `2022-05-11`	2 years	crt.sh
*.mail.ru GlobalSign Organization Validation CA - SHA256 - G2	`2019-01-18` - `2021-01-18`	2 years	crt.sh
counter.yadro.ru GoGetSSL ECC DV CA	`2020-02-02` - `2022-05-02`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.avatars.yandex.net Yandex CA	`2019-10-04` - `2020-10-03`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://media-polesye.by/news/
Frame ID: 35D4164BDEE4552D076823C1BFE86075
Requests: 89 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200401/r20190131/zrt_lookup.html
Frame ID: 626CC04A82F38D53DF35F01153A621F6
Requests: 1 HTTP requests in this frame

Frame: https://www.nbrb.by/Statistics/Rates/Banner.asp?lan=ru&fnt=Tahoma%2C%20Arial&datatype=1&lnkcolor=black&bgcolor=gray&brdcolor=BEF781&fntcolor=%23555555&fntsize=11px
Frame ID: 4CEA39EA30C9A6A348891D113C15E8ED
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2126924377903893&output=html&adk=1812271804&adf=3025194257&lmt=1586122871&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fmedia-polesye.by%2Fnews%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1586122871380&bpp=13&bdt=237&fdt=74&idt=74&shv=r20200401&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4913337921973&frm=20&pv=2&ga_vid=1863524063.1586122871&ga_sid=1586122871&ga_hid=1754441233&ga_fc=0&iag=0&icsg=3219170303&dssz=33&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44713363%2C21060079&oid=3&pvsid=2514341274216289&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=85
Frame ID: 7304BDF93166E79FFD7B332727C564E9
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 274D4983AE2C2A5A97A36D12B150466D
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Frame ID: C3F35FBDA85C9EB3F69A3E4336739690
Requests: 1 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.69/1-1-0/render.html
Frame ID: ABD88FE7F5A64BC228D25AB70B894912
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 329AFE689D8488EA0E6B4D3562A0447F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: A2851750A177B9E1C83EB5BB513438B7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /https?:\/\/an\.yandex\.ru\//i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

103
Requests

100 %
HTTPS

61 %
IPv6

18
Domains

23
Subdomains

19
IPs

4
Countries

1251 kB
Transfer

3943 kB
Size

15
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://an.yandex.ru/count/WWOejI_zOEO1vGy0T1byVABdIiLNaWK0vW8nTr2ANW00000uZjS_kkQAg0s00PVMg9h5rSpn6OW1sB34mJwG0PwfoFumc07Iqep0CQ01dAd8_Z2e0SRIZC0nk07ahfFM6i010jW1t9-K5k01YBgte0BizVyIkG9s5C3uL8jBP_02kjk4tmg00-degP8AY0FBwkFe3fW3uktu5FW4oQSFY0NWk0kG1Scd3w05YCK4g0M8nGIm1OZ51BW5YCK4m0MifGhIxBowzOe1e0RC0QW6p06f1zU8E4k29ImOmlRwlmd92WMfB1pJSVe9AN7CruW00650LmAIekWBuBWBgGn0Mm8Cw1RFF-WC0PWD_TX2Fw0Em8Gzrv72iwImYPOOsG_WTiUErypt-g7A4f0GzghZrAxVwzlAyzh2jnFW4PkDuW7e4VZhZOto_ihglZ24G9oLDg0lHyJW4uZ518WKYE_WX_xxqyfve1I8nGIe5Ccd_FREtmNW507e51ZG5Vpspjy5s1N1YlRieu-y_6FmW1QLaC20WD1Ce1RGf9dq1SaMq1RYnjw-0Hq0I1O9kcovZ5GzZFJ9E9lhy0r5vjTJ10p3X0oK3Q8glMM3rIRuWIQCX1fmAe_0ywVxRKnOZdUwUWiEa5ik3jBW9E3UOOz6OGTg56tfLeu5ih6i11tLemGz8mlPC1bpZDecnW00~1?stat-id=1&test-tag=307863679457281&format-type=54&actual-format=40&banner-test-tags=eyI2NTc1MTYzOTgzIjoiMzQzNTk3NzExMzcifQ%3D%3D

Search URL Search Domain Scan URL

URL: https://direct.yandex.ru/?partner
Title: Яндекс.Директ

Search URL Search Domain Scan URL

URL: https://an.yandex.ru/count/WYiejI_zO0S23H40r1jEFVizuIp5KWK01mCGW8200J5tK8fU000003YErp-wvege3O01bzQeciNLpF4PY07OiCJ1Ff01dgd8_Z2O0TBIZC0ne06SgSZ-CAW1njACm36u0UIkazOQm042s07SdvGMu068khS5e0BizVyIkG9s5C3uL8jBP_02b9sErGE00wF2eRK9Y0FTwgoX2PW3zBO2qIhu1Eo83OW5lTqCa0NiY0sW1ONm0wW5XV03i0M5y0Eu1ONm0y05hAKAWigyklMA0Q06p06e1im1oGPtG1eKgH3FKD46TzHFYwaGpr1Kis5CKOibB1ZW1wGFmlRwlmd92cOuaRTCa_Q82mgg2n0_nqZxis4001o5MGAIekWBlTqCgGpG8TSVLaAuF-WC6vWDtVY9e0x0X3spmx7Xix69bXZP3wmjBfnUKVgXoXAG4FQguzIkt-lRolFQmhSJu16HZk81w176jxhnjgU5hKj07DH04polB6OSlU0JXV03Y1Ir-ghhv_gT--a1e1I5y0Ee5Eo8_FREtmNW507e51ZG5Vpspjy5s1N1YlRieu-y_6FmW1QLaC20WD1Ce1RGf9dq1SaMy3_G5kB6thu1700-oIFeicKNMVKm4YZZRBx3H-GHkEc83SW96J0SHFMFm3Am0SWztHbJbkjFzzkOi5plT9PTBWxQu2JWNYiudEW-Hp6uB6IDCKWeOvIcaerbUalzmJMXPtaX82PZZcRRX1C0~1?stat-id=5&test-tag=307863482292225&format-type=22&actual-format=41&banner-test-tags=eyI2NTc1MTYzOTgzIjoiMzQzNTk3NzExMzcifQ%3D%3D

Search URL Search Domain Scan URL

URL: https://an.yandex.ru/count/WVGejI_zO1i2LGy011XEFVizEouspGK06mCGW8200J5tK8fU000003YErp_WivpM3801rx770eW1uGBO0RQi1NOKmFXKYqjdy0AKdOxL0vW3m8G8mYlu19Ab38W5fuuCa0MIfGoW1Sxs4QW5plOHi0NEzX6u1S_s4S05lQC8o0MlYGpG1Vszp06e1im1oGPtG1eKgH3FKD46TzHFYwaGpr1Kis5CKOibB1W1mcJlQaSihUy_oGfex5oJiShtFyT8-xDX000SXLa2agBe2wUE3AaCeDzB9kj8mZ_e31kO3TtuYR0-e0x0X3spmx7Xix69bXZYvOqBa13sgkFKhj_hsye1CFFQmhSJu16HZk81w176jxhnjgU5hKj07DH0N0JE7DnPjk0Jp_OHY1Ir-ghhv_gT--a1e1JFzX6e59Ab3B0KWzsE0RWKiEod0S0KWEINq1B850JO5E2bg_45u1G1w1GOq1NWfQln1TWLmOhsxAEFlFnZy80MbP30W83GJA0MqAIPz0N95j0MuiRUlW4V05GM2P7B5c516SSa7Zx2aC3wd70koeg12_JLxb00iWOjPfsn7gh-T7-E2UlqJbUpmG5Abyk63GuGLZK3o0x1IYC6-nmMmHLgDSOmHjP2emsAY5eVGm1IkBCZWhG_iEO1GaDbjaqu0G00~1?stat-id=5&test-tag=307863482292225&format-type=22&actual-format=41&banner-test-tags=eyI1Mjg5NDQxOTY1IjoiMzQzNTk3NzExMzgifQ%3D%3D

Search URL Search Domain Scan URL

URL: https://an.yandex.ru/count/WYOejI_zO1y2vH0011jEFVizrz5_R0K07mCGW8200J5tK8fU000003YErp-OaCAI1e01el2G3OW1hzt5xocG0SxQykuec06qvh_s9g01qDhoxYYe0R3cl_Ock07OnfsO5i01ykFX1NOKmFXKYqjdy0AKdOxL0vW3m8Gzynpu1EJf4eW5ivOHa0NawHAW1PZV1QW5rEG4i0NKv0Iu1TJa1C05dyaKo0MydGNG1O6Z0im1g0RC0Sa6Tq0Q5AaGpr3H1dVKJukf4CzGLBDXJ56B9ImO0SBxvY9eFP_gFyaAl5dfavUl_0gg2n0_nqZxis4001o5MGAIekWBivOHy0i6Y0pou-6-0QaCC7Bm0sMQr3_e31kO3TtuYN0ze0x0X3spmx7Xix69bXZKrCiEa13sgkFKhj_hsye1cVFQmhSJu16HZk81w176jxhnjgU5hKj07DH0fP3wgurdoE0JrEG4Y1Ir-ghhv_gT--a1e1JKv0Ie5EJf4h0KWFoa0hWKWF9Nm1I0kDIEElIWf_G5u1G1w1GOq1NqeAVq1TWLmOhsxAEFlFnZy80MbP30W83GJA0MqAIPz0N95j0MykFXlW4X060M2RhitArkqT2ee8op4GyVKKXWRKvW00Bm3QEu92jsBCzNkoC1o1gqEDGPz_S30PJUwQ5xplPokQpMu00PW343oExHP1p0tjJdC0QNETKO0v6Bl2YjLsABuuv-0GaGZ6CVrHwQRHDE~1?stat-id=5&test-tag=307863482292225&format-type=22&actual-format=41&banner-test-tags=eyI1NDg0OTkyMTY3IjoiMzQzNTk3NzExMzkifQ%3D%3D

Search URL Search Domain Scan URL

URL: https://an.yandex.ru/count/WWmejI_zOEy15H00j1bEFVizJYpOYGK0xm8GW8200J5tK8fU000003YErp_i_UV02hhDpVb8a06qaFJeDvW1_hgIyZ-W0Sgyx-Wtg07UkfBoFxW1t9xOlnwStwaSu064gUi2w06c0GMO0kgEXnUW0koEXnUv0dOKmFXKYqjdy0AKdOxL0vW3m8ILRVW4uAe4Y0MZx06G1U2g1A05eAa1g0M5ZG6m1OMD0RW5XOq1m0Nup0F81PXrq0N_GkRbxOW6e0RC0QW6p0791dT06XIf4CzGqGPtr4-BgH3FKDa60000aBDXJ56B9ImO0OI1WhR7myaAdrcuPfT1ymgg2n0_nqZxis4001o5MGAIekWBe-m1gGo04cfZmhkbl-WC6vWDtVY9e0x0X3spmx7Xix69bXZP3wkN5v0GzghZrAxVwzlA2FFQmhSJu16HZk81w176jxhnjgU5hKj07DH02Ucgy6Ekgk0JXOq1Y1Ir-ghhv_gT--a1e1I5ZG6e5E2g1E0K0UWK6DWLmOhsxAEFlFnZy80MbP30W83GJA0MqAIPz0N95j0MuiRUlW4U028M2NNPD1meu-p0mqVu4LX_4yuLEDXLD320vH7Udk2wIQUp03jZFLpzwNuV4rRgdHw-vsoVoyNn6lG3v9aqsGAmj_Kv33-OfnvFsdebe5Id10bYZVdXFxKKm2sVcP6VsJQH1m00~1?stat-id=5&test-tag=307863482292225&format-type=22&actual-format=41&banner-test-tags=eyI3NDkxOTc4MjY2IjoiMzQzNTk3NzExNDAifQ%3D%3D

Search URL Search Domain Scan URL

URL: https://metrika.yandex.ru/stat/?id=53635162&from=informer

Search URL Search Domain Scan URL

URL: https://www.liveinternet.ru/click

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://ads.adfox.ru/330607/getBulk/v2?dl=https%3A%2F%2Fmedia-polesye.by%2Fnews%2F&date=2020-04-05T23%3A41%3A11.366%2B02%3A00&pd=5&pdh=1200&pdw=1600&pr1=3212914318&pr=3380940850&prr=&pv=23&pw=0&extid_loader=&extid_tag_loader=media-polesye.by&ylv=0.1638&ybv=0.1637&ytt=337000314963989&is-turbo=0&skip-token=&ad-session-id=458021586122871368&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22width%22%3A1110%2C%22height%22%3A0%2C%22left%22%3A245%2C%22top%22%3A0%2C%22visible%22%3A1%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pp=g&ps=dubc&p2=y&slotNumber=1&bids=W10%3D&grab=dNCh0YLRgNCw0L3QuNGG0LAg0L3QtSDQvdCw0LnQtNC10L3QsCDigJQg0JzQtdC00LjQsC3Qn9C-0LvQtdGB0YzQtSDigJQg0L3QvtCy0L7RgdGC0Lgg0Lgg0YDQtdC60LvQsNC80LAg0J_QuNC90YHQutCwLCDQm9GD0L3QuNC90YbQsCwg0KHRgtC-0LvQuNC90LAK&utf8=%E2%9C%93 HTTP 302
https://ads.adfox.ru/330607/getBulkTest/v2?dl=https%3A%2F%2Fmedia-polesye.by%2Fnews%2F&date=2020-04-05T23%3A41%3A11.366%2B02%3A00&pd=5&pdh=1200&pdw=1600&pr1=3212914318&pr=3380940850&prr=&pv=23&pw=0&extid_loader=&extid_tag_loader=media-polesye.by&ylv=0.1638&ybv=0.1637&ytt=337000314963989&is-turbo=0&skip-token=&ad-session-id=458021586122871368&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22width%22%3A1110%2C%22height%22%3A0%2C%22left%22%3A245%2C%22top%22%3A0%2C%22visible%22%3A1%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pp=g&ps=dubc&p2=y&slotNumber=1&bids=W10%3D&grab=dNCh0YLRgNCw0L3QuNGG0LAg0L3QtSDQvdCw0LnQtNC10L3QsCDigJQg0JzQtdC00LjQsC3Qn9C-0LvQtdGB0YzQtSDigJQg0L3QvtCy0L7RgdGC0Lgg0Lgg0YDQtdC60LvQsNC80LAg0J_QuNC90YHQutCwLCDQm9GD0L3QuNC90YbQsCwg0KHRgtC-0LvQuNC90LAK&utf8=%E2%9C%93

Request Chain 40

https://ads.adfox.ru/330607/getBulk/v2?dl=https%3A%2F%2Fmedia-polesye.by%2Fnews%2F&date=2020-04-05T23%3A41%3A11.413%2B02%3A00&pd=5&pdh=1200&pdw=1600&pr1=748880670&pr=3380940850&prr=&pv=23&pw=0&extid_loader=&extid_tag_loader=media-polesye.by&ylv=0.1638&ybv=0.1637&ytt=337000314963989&is-turbo=0&skip-token=&ad-session-id=458021586122871368&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22width%22%3A1120%2C%22height%22%3A0%2C%22left%22%3A240%2C%22top%22%3A336%2C%22visible%22%3A1%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pp=ygo&ps=dubc&p2=y&slotNumber=3&bids=W10%3D&grab=dNCh0YLRgNCw0L3QuNGG0LAg0L3QtSDQvdCw0LnQtNC10L3QsCDigJQg0JzQtdC00LjQsC3Qn9C-0LvQtdGB0YzQtSDigJQg0L3QvtCy0L7RgdGC0Lgg0Lgg0YDQtdC60LvQsNC80LAg0J_QuNC90YHQutCwLCDQm9GD0L3QuNC90YbQsCwg0KHRgtC-0LvQuNC90LAKMTQwNCDQodGC0YDQsNC90LjRhtCwINC90LUg0L3QsNC50LTQtdC90LAgCg%3D%3D&utf8=%E2%9C%93 HTTP 302
https://ads.adfox.ru/330607/getBulkTest/v2?dl=https%3A%2F%2Fmedia-polesye.by%2Fnews%2F&date=2020-04-05T23%3A41%3A11.413%2B02%3A00&pd=5&pdh=1200&pdw=1600&pr1=748880670&pr=3380940850&prr=&pv=23&pw=0&extid_loader=&extid_tag_loader=media-polesye.by&ylv=0.1638&ybv=0.1637&ytt=337000314963989&is-turbo=0&skip-token=&ad-session-id=458021586122871368&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22width%22%3A1120%2C%22height%22%3A0%2C%22left%22%3A240%2C%22top%22%3A336%2C%22visible%22%3A1%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pp=ygo&ps=dubc&p2=y&slotNumber=3&bids=W10%3D&grab=dNCh0YLRgNCw0L3QuNGG0LAg0L3QtSDQvdCw0LnQtNC10L3QsCDigJQg0JzQtdC00LjQsC3Qn9C-0LvQtdGB0YzQtSDigJQg0L3QvtCy0L7RgdGC0Lgg0Lgg0YDQtdC60LvQsNC80LAg0J_QuNC90YHQutCwLCDQm9GD0L3QuNC90YbQsCwg0KHRgtC-0LvQuNC90LAKMTQwNCDQodGC0YDQsNC90LjRhtCwINC90LUg0L3QsNC50LTQtdC90LAgCg%3D%3D&utf8=%E2%9C%93

Request Chain 43

https://counter.yadro.ru/hit?t14.6;r;s1600*1200*24;uhttps%3A//media-polesye.by/news/;h%u0421%u0442%u0440%u0430%u043D%u0438%u0446%u0430%20%u043D%u0435%20%u043D%u0430%u0439%u0434%u0435%u043D%u0430%20%u2014%20%u041C%u0435%u0434%u0438%u0430-%u041F%u043E%u043B%u0435%u0441%u044C%u0435%20%u2014%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0438%20%u0440%u0435%u043A%u043B%u0430%u043C%u0430%20%u041F%u0438%u043D%u0441%u043A%u0430%2C%20%u041B%u0443%u043D%u0438%u043D%u0446%u0430%2C%20%u0421%u0442%u043E%u043B%u0438%u043D%u0430;0.8523325291751758 HTTP 302
https://counter.yadro.ru/hit?q;t14.6;r;s1600*1200*24;uhttps%3A//media-polesye.by/news/;h%u0421%u0442%u0440%u0430%u043D%u0438%u0446%u0430%20%u043D%u0435%20%u043D%u0430%u0439%u0434%u0435%u043D%u0430%20%u2014%20%u041C%u0435%u0434%u0438%u0430-%u041F%u043E%u043B%u0435%u0441%u044C%u0435%20%u2014%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0438%20%u0440%u0435%u043A%u043B%u0430%u043C%u0430%20%u041F%u0438%u043D%u0441%u043A%u0430%2C%20%u041B%u0443%u043D%u0438%u043D%u0446%u0430%2C%20%u0421%u0442%u043E%u043B%u0438%u043D%u0430;0.8523325291751758

Request Chain 52

https://mc.yandex.ru/watch/53635162?wmode=7&page-url=https%3A%2F%2Fmedia-polesye.by%2Fnews%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1586122870829%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200405234111%3Aet%3A1586122872%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A1018939462%3Ahid%3A1001736361%3Ads%3A0%2C110%2C195%2C2%2C0%2C0%2C0%2C294%2C5%2C%2C%2C%2C608%3Afp%3A572%3Awn%3A17870%3Ahl%3A2%3Agdpr%3A14%3Av%3A1837%3Awv%3A2%3Ast%3A1586122872%3Au%3A1586122872216987043%3At%3A%D0%A1%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0%20%D0%BD%D0%B5%20%D0%BD%D0%B0%D0%B9%D0%B4%D0%B5%D0%BD%D0%B0%20%E2%80%94%20%D0%9C%D0%B5%D0%B4%D0%B8%D0%B0-%D0%9F%D0%BE%D0%BB%D0%B5%D1%81%D1%8C%D0%B5%20%E2%80%94%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%B8%20%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%B0%20%D0%9F%D0%B8%D0%BD%D1%81%D0%BA%D0%B0%2C%20%D0%9B%D1%83%D0%BD%D0%B8%D0%BD%D1%86%D0%B0%2C%20%D0%A1%D1%82%D0%BE%D0%BB%D0%B8%D0%BD%D0%B0 HTTP 302
https://mc.yandex.ru/watch/53635162/1?wmode=7&page-url=https%3A%2F%2Fmedia-polesye.by%2Fnews%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1586122870829%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200405234111%3Aet%3A1586122872%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A1018939462%3Ahid%3A1001736361%3Ads%3A0%2C110%2C195%2C2%2C0%2C0%2C0%2C294%2C5%2C%2C%2C%2C608%3Afp%3A572%3Awn%3A17870%3Ahl%3A2%3Agdpr%3A14%3Av%3A1837%3Awv%3A2%3Ast%3A1586122872%3Au%3A1586122872216987043%3At%3A%D0%A1%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0%20%D0%BD%D0%B5%20%D0%BD%D0%B0%D0%B9%D0%B4%D0%B5%D0%BD%D0%B0%20%E2%80%94%20%D0%9C%D0%B5%D0%B4%D0%B8%D0%B0-%D0%9F%D0%BE%D0%BB%D0%B5%D1%81%D1%8C%D0%B5%20%E2%80%94%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%B8%20%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%B0%20%D0%9F%D0%B8%D0%BD%D1%81%D0%BA%D0%B0%2C%20%D0%9B%D1%83%D0%BD%D0%B8%D0%BD%D1%86%D0%B0%2C%20%D0%A1%D1%82%D0%BE%D0%BB%D0%B8%D0%BD%D0%B0

Request Chain 54

https://ads.adfox.ru/330607/getBulkTest/v2?dl=https%3A%2F%2Fmedia-polesye.by%2Fnews%2F&date=2020-04-05T23%3A41%3A11.413%2B02%3A00&pd=5&pdh=1200&pdw=1600&pr1=748880670&pr=3380940850&prr=&pv=23&pw=0&extid_loader=&extid_tag_loader=media-polesye.by&ylv=0.1638&ybv=0.1637&ytt=337000314963989&is-turbo=0&skip-token=&ad-session-id=458021586122871368&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22width%22%3A1120%2C%22height%22%3A0%2C%22left%22%3A240%2C%22top%22%3A336%2C%22visible%22%3A1%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pp=ygo&ps=dubc&p2=y&slotNumber=3&bids=W10%3D&grab=dNCh0YLRgNCw0L3QuNGG0LAg0L3QtSDQvdCw0LnQtNC10L3QsCDigJQg0JzQtdC00LjQsC3Qn9C-0LvQtdGB0YzQtSDigJQg0L3QvtCy0L7RgdGC0Lgg0Lgg0YDQtdC60LvQsNC80LAg0J_QuNC90YHQutCwLCDQm9GD0L3QuNC90YbQsCwg0KHRgtC-0LvQuNC90LAKMTQwNCDQodGC0YDQsNC90LjRhtCwINC90LUg0L3QsNC50LTQtdC90LAgCg%3D%3D&utf8=%E2%9C%93 HTTP 302
https://matchid.adfox.yandex.ru/?url=a8075bf1c7376ab37971b6d80664e4d2b86256a684f5e709bdedb1a0c309178d0d5161bbb9a796ad3a511c85d2875f95e842788b3a4130c0abb8c49e8bdecf27098b5aa5c5335767bb22aa42aad12ce8124c4c2cfbf8dec351099c3c6bf823f2&sign=ffc24e839c5bb3d9cf8b919c986441f5

Request Chain 58

https://matchid.adfox.yandex.ru/?url=a8075bf1c7376ab37971b6d80664e4d2b86256a684f5e709bdedb1a0c309178d0d5161bbb9a796ad3a511c85d2875f95e842788b3a4130c0abb8c49e8bdecf27098b5aa5c5335767bb22aa42aad12ce8124c4c2cfbf8dec351099c3c6bf823f2&sign=ffc24e839c5bb3d9cf8b919c986441f5 HTTP 302
https://ads.adfox.ru/330607/getBulkTest/v2?yandexuid=14068254678769787370&sign=ac810a2ef203ea72371fe2afbf8ff0e9&rqs=AAAAAAAAAAB3UIpelOUHledkCHf5eoD8&matchid-br=1

103 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 404 Primary Request / Show response
media-polesye.by/news/ 43 KB
11 KB 307ms
195ms Document
text/html 178.172.136.207
BN-AS Belarussian...

General

Check archive.org

Show headers Download Go to

Full URL: https://media-polesye.by/news/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.172.136.207 , Belarus, ASN12406 (BN-AS Belarussian data communication service provider., BY),
Reverse DNS: 178-172-136-207.hosterby.com
Software: nginx/1.16.1 / PHP/7.3.16
Resource Hash: 7e117b45ccce9b4c70ffb8901c2dee7ca0db7e7bcae71a0285a0ce85cd857734

Request headers

:method: GET
:authority: media-polesye.by
:scheme: https
:path: /news/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

status: 404
server: nginx/1.16.1
date: Sun, 05 Apr 2020 21:41:11 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.3.16
vary: Accept-Encoding,Cookie
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://media-polesye.by/wp-json/>; rel="https://api.w.org/"
content-encoding: gzip

GET
H2 200 style.min.css
media-polesye.by/wp-includes/css/dist/block-library/ 40 KB
7 KB 60ms
53ms Stylesheet
text/css 178.172.136.207
BN-AS Belarussian...

General

Check archive.org

Show headers Download Go to

Full URL

https://media-polesye.by/wp-includes/css/dist/block-library/style.min.css?ver=5.3.2

Requested by

Host: media-polesye.by
URL: https://media-polesye.by/news/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.172.136.207 , Belarus, ASN12406 (BN-AS Belarussian data communication service provider., BY),

Reverse DNS

178-172-136-207.hosterby.com

Software

nginx/1.16.1 /

Resource Hash

d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://media-polesye.by/news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Sun, 05 Apr 2020 21:41:11 GMT
content-encoding: gzip
last-modified: Sun, 01 Mar 2020 17:48:33 GMT
server: nginx/1.16.1
etag: W/"5e5bf571-a1fb"
strict-transport-security: max-age=31536000;
content-type: text/css
status: 200
cache-control: max-age=1209600
expires: Sun, 19 Apr 2020 21:41:11 GMT

GET
H2 200 styles.css
media-polesye.by/wp-content/plugins/contact-form-7/includes/css/ 2 KB
921 B 61ms
53ms Stylesheet
text/css 178.172.136.207
BN-AS Belarussian...

General

Check archive.org

Show headers Download Go to

Full URL

https://media-polesye.by/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.7

Requested by

Host: media-polesye.by
URL: https://media-polesye.by/news/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.172.136.207 , Belarus, ASN12406 (BN-AS Belarussian data communication service provider., BY),

Reverse DNS

178-172-136-207.hosterby.com

Software

nginx/1.16.1 /

Resource Hash

811e8960b8f79f14983e30df80a4ccc69d82430ccc0520d2a1a3d1405cfbb2a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://media-polesye.by/news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Sun, 05 Apr 2020 21:41:11 GMT
content-encoding: gzip
last-modified: Tue, 10 Mar 2020 00:13:10 GMT
server: nginx/1.16.1
etag: W/"5e66db96-6d2"
strict-transport-security: max-age=31536000;
content-type: text/css
status: 200
cache-control: max-age=1209600
expires: Sun, 19 Apr 2020 21:41:11 GMT

GET
H2 200 dashicons.min.css
media-polesye.by/wp-includes/css/ 46 KB
29 KB 91ms
83ms Stylesheet
text/css 178.172.136.207
BN-AS Belarussian...

General

Check archive.org

Show headers Download Go to

Full URL

https://media-polesye.by/wp-includes/css/dashicons.min.css?ver=5.3.2

Requested by

Host: media-polesye.by
URL: https://media-polesye.by/news/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.172.136.207 , Belarus, ASN12406 (BN-AS Belarussian data communication service provider., BY),

Reverse DNS

178-172-136-207.hosterby.com

Software

nginx/1.16.1 /

Resource Hash

5f82734ab93780b4ee45a2fd866281b671827552defa03eda00920f66183cd26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://media-polesye.by/news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Sun, 05 Apr 2020 21:41:11 GMT
content-encoding: gzip
last-modified: Sun, 01 Mar 2020 17:48:33 GMT
server: nginx/1.16.1
etag: W/"5e5bf571-b9a3"
strict-transport-security: max-age=31536000;
content-type: text/css
status: 200
cache-control: max-age=1209600
expires: Sun, 19 Apr 2020 21:41:11 GMT

GET
H2 200 frontend.css
media-polesye.by/wp-content/plugins/post-views-counter/css/ 289 B
409 B 99ms
91ms Stylesheet
text/css 178.172.136.207
BN-AS Belarussian...

General

Check archive.org

Show headers Download Go to

Full URL

https://media-polesye.by/wp-content/plugins/post-views-counter/css/frontend.css?ver=1.3.1

Requested by

Host: media-polesye.by
URL: https://media-polesye.by/news/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.172.136.207 , Belarus, ASN12406 (BN-AS Belarussian data communication service provider., BY),

Reverse DNS

178-172-136-207.hosterby.com

Software

nginx/1.16.1 /

Resource Hash

f46d96d805c7e9e467422dfe516c43edb4632c0273cea26722fee7ba885f869e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://media-polesye.by/news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Sun, 05 Apr 2020 21:41:11 GMT
content-encoding: gzip
last-modified: Wed, 25 Mar 2020 19:46:17 GMT
server: nginx/1.16.1
etag: W/"5e7bb509-121"
strict-transport-security: max-age=31536000;
content-type: text/css
status: 200
cache-control: max-age=1209600
expires: Sun, 19 Apr 2020 21:41:11 GMT

GET
H2 200 selection-sharer.css
media-polesye.by/wp-content/themes/mptheme/css/ 8 KB
4 KB 100ms
92ms Stylesheet
text/css 178.172.136.207
BN-AS Belarussian...

General

Check archive.org

Show headers Download Go to

Full URL

https://media-polesye.by/wp-content/themes/mptheme/css/selection-sharer.css?ver=5.3.2

Requested by

Host: media-polesye.by
URL: https://media-polesye.by/news/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.172.136.207 , Belarus, ASN12406 (BN-AS Belarussian data communication service provider., BY),

Reverse DNS

178-172-136-207.hosterby.com

Software

nginx/1.16.1 /

Resource Hash

bef7f0a8213f9685468549895833f5e1a4e26568ab22865ce21793e39b614a03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://media-polesye.by/news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Sun, 05 Apr 2020 21:41:11 GMT
content-encoding: gzip
last-modified: Sun, 01 Mar 2020 17:48:33 GMT
server: nginx/1.16.1
etag: W/"5e5bf571-20ef"
strict-transport-security: max-age=31536000;
content-type: text/css
status: 200
cache-control: max-age=1209600
expires: Sun, 19 Apr 2020 21:41:11 GMT

GET
H2 200 bootstrap.min.css
media-polesye.by/wp-content/themes/mptheme/bootstrap/css/ 152 KB
26 KB 107ms
100ms Stylesheet
text/css 178.172.136.207
BN-AS Belarussian...

General

Check archive.org

Show headers Download Go to

Full URL

https://media-polesye.by/wp-content/themes/mptheme/bootstrap/css/bootstrap.min.css?ver=5.3.2

Requested by

Host: media-polesye.by
URL: https://media-polesye.by/news/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.172.136.207 , Belarus, ASN12406 (BN-AS Belarussian data communication service provider., BY),

Reverse DNS

178-172-136-207.hosterby.com

Software

nginx/1.16.1 /

Resource Hash

9fd9256100a4d4ff9ece48f584f67f1e116d0747f9282a913dbf3b1b9128d2ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://media-polesye.by/news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Sun, 05 Apr 2020 21:41:11 GMT
content-encoding: gzip
last-modified: Sun, 01 Mar 2020 17:48:33 GMT
server: nginx/1.16.1
etag: W/"5e5bf571-25f69"
strict-transport-security: max-age=31536000;
content-type: text/css
status: 200
cache-control: max-age=1209600
expires: Sun, 19 Apr 2020 21:41:11 GMT

GET
H2 200 style.css
media-polesye.by/wp-content/themes/mptheme/ 17 KB
5 KB 126ms
119ms Stylesheet
text/css 178.172.136.207
BN-AS Belarussian...

General

Check archive.org

Show headers Download Go to

Full URL

https://media-polesye.by/wp-content/themes/mptheme/style.css?ver=1584605359

Requested by

Host: media-polesye.by
URL: https://media-polesye.by/news/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.172.136.207 , Belarus, ASN12406 (BN-AS Belarussian data communication service provider., BY),

Reverse DNS

178-172-136-207.hosterby.com

Software

nginx/1.16.1 /

Resource Hash

ba69c5839865614a91121084a0b4f07e5319de7637a6ebc5c30b60c33f151dc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://media-polesye.by/news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Sun, 05 Apr 2020 21:41:11 GMT
content-encoding: gzip
last-modified: Thu, 19 Mar 2020 08:09:19 GMT
server: nginx/1.16.1
etag: W/"5e7328af-435b"
strict-transport-security: max-age=31536000;
content-type: text/css
status: 200
cache-control: max-age=1209600
expires: Sun, 19 Apr 2020 21:41:11 GMT

GET
H2 200 jquery.js Show response
media-polesye.by/wp-includes/js/jquery/ 95 KB
36 KB 125ms
119ms Script
application/javascript 178.172.136.207
BN-AS Belarussian...

General

Check archive.org

Show headers Download Go to

Full URL

https://media-polesye.by/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Requested by

Host: media-polesye.by
URL: https://media-polesye.by/news/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.172.136.207 , Belarus, ASN12406 (BN-AS Belarussian data communication service provider., BY),

Reverse DNS

178-172-136-207.hosterby.com

Software

nginx/1.16.1 /

Resource Hash

f71089a6451d9363f1a9cf2c3b6e560e392c8337f8b3307ecac16bbc2b7a044a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://media-polesye.by/news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 05 Apr 2020 21:41:11 GMT
content-encoding: gzip
last-modified: Sun, 01 Mar 2020 17:48:33 GMT
server: nginx/1.16.1
etag: W/"5e5bf571-17a0f"
strict-transport-security: max-age=31536000;
content-type: application/javascript
status: 200
cache-control: max-age=1209600
expires: Sun, 19 Apr 2020 21:41:11 GMT

GET
H2 200 jquery-migrate.min.js Show response
media-polesye.by/wp-includes/js/jquery/ 10 KB
4 KB 125ms
119ms Script
application/javascript 178.172.136.207
BN-AS Belarussian...

General

Check archive.org

Show headers Download Go to

Full URL

https://media-polesye.by/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1

Requested by

Host: media-polesye.by
URL: https://media-polesye.by/news/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.172.136.207 , Belarus, ASN12406 (BN-AS Belarussian data communication service provider., BY),

Reverse DNS

178-172-136-207.hosterby.com

Software

nginx/1.16.1 /

Resource Hash

01ebeb3fcdc269ef402f29f9fba025d3266fcd5c54ae7bca44aaa7c2cf738d93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://media-polesye.by/news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 05 Apr 2020 21:41:11 GMT
content-encoding: gzip
last-modified: Sun, 01 Mar 2020 17:48:33 GMT
server: nginx/1.16.1
etag: W/"5e5bf571-26e7"
strict-transport-security: max-age=31536000;
content-type: application/javascript
status: 200
cache-control: max-age=1209600
expires: Sun, 19 Apr 2020 21:41:11 GMT

GET
H2 200 ajax-filter-posts.js Show response
media-polesye.by/wp-content/themes/mptheme/js/ 811 B
639 B 125ms
119ms Script
application/javascript 178.172.136.207
BN-AS Belarussian...

General

Check archive.org

Show headers Download Go to

Full URL

https://media-polesye.by/wp-content/themes/mptheme/js/ajax-filter-posts.js?ver=1.2

Requested by

Host: media-polesye.by
URL: https://media-polesye.by/news/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.172.136.207 , Belarus, ASN12406 (BN-AS Belarussian data communication service provider., BY),

Reverse DNS

178-172-136-207.hosterby.com

Software

nginx/1.16.1 /

Resource Hash

57a18ea15e5287a7953f68eee98e59ed3884a7a6d37e2318c457db6c90792893

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://media-polesye.by/news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 05 Apr 2020 21:41:11 GMT
content-encoding: gzip
last-modified: Sun, 01 Mar 2020 17:48:34 GMT
server: nginx/1.16.1
etag: W/"5e5bf572-32b"
strict-transport-security: max-age=31536000;
content-type: application/javascript
status: 200
cache-control: max-age=1209600
expires: Sun, 19 Apr 2020 21:41:11 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 107 KB
38 KB 28ms
22ms Script
text/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: media-polesye.by
URL: https://media-polesye.by/news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0974fd2c6ebe7ff6f794b625cdff0691a372f84668adc46502cd5dc34dbf753

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://media-polesye.by/news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 05 Apr 2020 21:41:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 39159
x-xss-protection: 0
server: cafe
etag: 14040473416781760607
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 05 Apr 2020 21:41:11 GMT

GET
H2 200 loader.js Show response
yastatic.net/pcode/adfox/ 173 KB
40 KB 105ms
32ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/pcode/adfox/loader.js

Requested by

Host: media-polesye.by
URL: https://media-polesye.by/news/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.8 /

Resource Hash

2b2d86b4155092442bc7f653d52ad1cb2751c41faa6f6bad86d359cf557f31de

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://media-polesye.by/news/
Origin: https://media-polesye.by
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 05 Apr 2020 21:41:11 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=43200000; includeSubDomains;
content-length: 40698
timing-allow-origin: *
last-modified: Fri, 03 Apr 2020 15:49:33 GMT
server: nginx/1.17.8
etag: "32215f0842bbac0e0671a1099fdd3438"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 05 Apr 2020 22:38:26 GMT

GET
H2 200 cea6669b49f176cb6ebb7a68ccb1102d_1.js Show response
web.webpushs.com/js/push/ 49 KB
17 KB 105ms
32ms Script
application/javascript 195.181.175.55
CDN77

General

Check archive.org

Show headers Download Go to

Full URL

https://web.webpushs.com/js/push/cea6669b49f176cb6ebb7a68ccb1102d_1.js

Requested by

Host: media-polesye.by
URL: https://media-polesye.by/news/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.181.175.55 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),

Reverse DNS

unn-195-181-175-55.datapacket.com

Software

CDN77-Turbo /

Resource Hash

4251cb9ad90ac3754f9ee23490b5bc83d2ba1267d7f60445af69f57cbd44ab6f

Security Headers

Name	Value
Content-Security-Policy	default-src wss://* blob: data: sendpulse.com .sendpulse.com .sendpulse.com:4434 .pulse-stat.com .stat-pulse.com .pulse-stat.com:8080 .stat-pulse.com:8080 http://.sendpulse.com:4434 http://.pulse-stat.com http://.stat-pulse.com http://.pulse-stat.com:8080 http://.stat-pulse.com:8080 .sendpulse.ua .sendpulse.by .sendpulse.kz .sendpulse.cl .sendpulse.com.tr .sendpulse.ng .routee.net .bizml.ru .jquery.com .youtube.com .ytimg.com .vimeo.com .vimeocdn.com .tinymce.com .ampproject.org .hotjar.com .hotjar.io .ipinfo.io .highcharts.com .appspot.com .doubleclick.net .facebook.com .facebook.net .fbcdn.net .fbsbx.com .rawgit.com .cloudflare.com .jsdelivr.net .kissmetrics.com .bitrix24.com .quantserve.com .quantcount.com .twitter.com .offershub.ru .stripe.com .braintreegateway.com .mlstatic.com .cloudpayments.ru .woopra.com .jivosite.com .google.com .google.com.ua .googleadservices.com .google-analytics.com .googleapis.com .googletagmanager.com .gstatic.com .online-metrix.net .retently.com .maxmind.com .revisionme.com .yandex.ru .ymetrica.ru .mmapiws.com .bootstrapcdn.com .kaptcha.com .paypal.com .paypalobjects.com .mercadopago.com.br .mercadopago.com .braintree-api.com vk.com .webformscr.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: ; font-src data: ; style-src 'unsafe-inline';, frame-ancestors 'self';
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://media-polesye.by/news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 05 Apr 2020 21:41:11 GMT
content-encoding: br
x-content-type-options: nosniff
x-edge-location: frankfurtDE
x-cache: HIT
status: 200
x-age: 48337
x-xss-protection: 1; mode=block
x-sp-ma: ma5
last-modified: Sun, 05 Apr 2020 08:13:08 GMT
server: CDN77-Turbo
etag: W/"c30c-5a286b88500fd"
vary: Accept-Encoding, Accept-Encoding,User-Agent,Host
content-type: application/javascript
x-sp-pr: lpr4
cache-control: max-age=604800
x-edge-ip: 195.181.175.53
content-security-policy: default-src wss://* blob: data: sendpulse.com *.sendpulse.com *.sendpulse.com:4434 *.pulse-stat.com *.stat-pulse.com *.pulse-stat.com:8080 *.stat-pulse.com:8080 http://*.sendpulse.com:4434 http://*.pulse-stat.com http://*.stat-pulse.com http://*.pulse-stat.com:8080 http://*.stat-pulse.com:8080 *.sendpulse.ua *.sendpulse.by *.sendpulse.kz *.sendpulse.cl *.sendpulse.com.tr *.sendpulse.ng *.routee.net *.bizml.ru *.jquery.com *.youtube.com *.ytimg.com *.vimeo.com *.vimeocdn.com *.tinymce.com *.ampproject.org *.hotjar.com *.hotjar.io *.ipinfo.io *.highcharts.com *.appspot.com *.doubleclick.net *.facebook.com *.facebook.net *.fbcdn.net *.fbsbx.com *.rawgit.com *.cloudflare.com *.jsdelivr.net *.kissmetrics.com *.bitrix24.com *.quantserve.com *.quantcount.com *.twitter.com *.offershub.ru *.stripe.com *.braintreegateway.com *.mlstatic.com *.cloudpayments.ru *.woopra.com *.jivosite.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.online-metrix.net *.retently.com *.maxmind.com *.revisionme.com *.yandex.ru *.ymetrica.ru *.mmapiws.com *.bootstrapcdn.com *.kaptcha.com *.paypal.com *.paypalobjects.com *.mercadopago.com.br *.mercadopago.com *.braintree-api.com vk.com *.webformscr.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: *; font-src data: *; style-src * 'unsafe-inline';, frame-ancestors 'self';
expires: Sun, 12 Apr 2020 08:15:34 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 76 KB
28 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-30457381-1

Requested by

Host: media-polesye.by
URL: https://media-polesye.by/news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a001f26da6f35d3db69329d245d12efc884b9ce5e9378737fa31d955858e81b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://media-polesye.by/news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 05 Apr 2020 21:41:11 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 29062
x-xss-protection: 0
last-modified: Sun, 05 Apr 2020 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 05 Apr 2020 21:41:11 GMT

GET
H/1.1 200
OK 3_0_FFFFFFFF_EFEFEFFF_0_pageviews
informer.yandex.ru/informer/53635162/ 1 KB
2 KB 121ms
41ms Image
image/png 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://informer.yandex.ru/informer/53635162/3_0_FFFFFFFF_EFEFEFFF_0_pageviews

Requested by

Host: media-polesye.by
URL: https://media-polesye.by/news/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

9b254cfca4fe5a134b9effc194fe1e884852996a425bb762d03461d0291aea7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://media-polesye.by/news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Sun, 05 Apr 2020 21:41:11 GMT
Last-Modified: Sun, 05-Apr-2020 21:41:11 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 1340
X-XSS-Protection: 1; mode=block
Expires: Sun, 05-Apr-2020 21:41:11 GMT

GET
H2 200 scripts.js Show response
media-polesye.by/wp-content/plugins/contact-form-7/includes/js/ 14 KB
5 KB 86ms
85ms Script
application/javascript 178.172.136.207
BN-AS Belarussian...

General

Check archive.org

Show headers Download Go to

Full URL

https://media-polesye.by/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.7

Requested by

Host: media-polesye.by
URL: https://media-polesye.by/news/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.172.136.207 , Belarus, ASN12406 (BN-AS Belarussian data communication service provider., BY),

Reverse DNS

178-172-136-207.hosterby.com

Software

nginx/1.16.1 /

Resource Hash

b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://media-polesye.by/news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 05 Apr 2020 21:41:11 GMT
content-encoding: gzip
last-modified: Tue, 10 Mar 2020 00:13:10 GMT
server: nginx/1.16.1
etag: W/"5e66db96-3868"
strict-transport-security: max-age=31536000;
content-type: application/javascript
status: 200
cache-control: max-age=1209600
expires: Sun, 19 Apr 2020 21:41:11 GMT

GET
H2 200 bootstrap.bundle.min.js Show response
media-polesye.by/wp-content/themes/mptheme/bootstrap/js/ 77 KB
25 KB 94ms
94ms Script
application/javascript 178.172.136.207
BN-AS Belarussian...

General

Check archive.org

Show headers Download Go to

Full URL

https://media-polesye.by/wp-content/themes/mptheme/bootstrap/js/bootstrap.bundle.min.js?ver=4.3.1

Requested by

Host: media-polesye.by
URL: https://media-polesye.by/news/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.172.136.207 , Belarus, ASN12406 (BN-AS Belarussian data communication service provider., BY),

Reverse DNS

178-172-136-207.hosterby.com

Software

nginx/1.16.1 /

Resource Hash

943ae64f3cb50e20b1c74879d1ac8707bd0ec467b63f78d929007055099f69d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://media-polesye.by/news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 05 Apr 2020 21:41:11 GMT
content-encoding: gzip
last-modified: Sun, 01 Mar 2020 17:48:35 GMT
server: nginx/1.16.1
etag: W/"5e5bf573-1320b"
strict-transport-security: max-age=31536000;
content-type: application/javascript
status: 200
cache-control: max-age=1209600
expires: Sun, 19 Apr 2020 21:41:11 GMT

GET
H2 200 selection-sharer.js Show response
media-polesye.by/wp-content/themes/mptheme/js/ 10 KB
4 KB 87ms
87ms Script
application/javascript 178.172.136.207
BN-AS Belarussian...

General

Check archive.org

Show headers Download Go to

Full URL

https://media-polesye.by/wp-content/themes/mptheme/js/selection-sharer.js?ver=5.3.2

Requested by

Host: media-polesye.by
URL: https://media-polesye.by/news/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.172.136.207 , Belarus, ASN12406 (BN-AS Belarussian data communication service provider., BY),

Reverse DNS

178-172-136-207.hosterby.com

Software

nginx/1.16.1 /

Resource Hash

9efb279963e8fa4331bc15854db8c60a3bad6f19035d32e22c8bad5149133846

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://media-polesye.by/news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 05 Apr 2020 21:41:11 GMT
content-encoding: gzip
last-modified: Sun, 01 Mar 2020 17:48:35 GMT
server: nginx/1.16.1
etag: W/"5e5bf573-28e0"
strict-transport-security: max-age=31536000;
content-type: application/javascript
status: 200
cache-control: max-age=1209600
expires: Sun, 19 Apr 2020 21:41:11 GMT

GET
H2 200 lazyload.js Show response
media-polesye.by/wp-content/themes/mptheme/js/ 2 KB
1 KB 53ms
53ms Script
application/javascript 178.172.136.207
BN-AS Belarussian...

General

Check archive.org

Show headers Download Go to

Full URL

https://media-polesye.by/wp-content/themes/mptheme/js/lazyload.js?ver=5.3.2

Requested by

Host: media-polesye.by
URL: https://media-polesye.by/news/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.172.136.207 , Belarus, ASN12406 (BN-AS Belarussian data communication service provider., BY),

Reverse DNS

178-172-136-207.hosterby.com

Software

nginx/1.16.1 /

Resource Hash

c48deb07a2e6b4ca58a0099f5f556d7bd90a74e82e13f638e45010cd0d28c21e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://media-polesye.by/news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 05 Apr 2020 21:41:11 GMT
content-encoding: gzip
last-modified: Tue, 28 Jan 2020 21:06:15 GMT
server: nginx/1.16.1
etag: W/"5e30a247-898"
strict-transport-security: max-age=31536000;
content-type: application/javascript
status: 200
cache-control: max-age=1209600
expires: Sun, 19 Apr 2020 21:41:11 GMT

GET
H2 200 wp-embed.min.js Show response
media-polesye.by/wp-includes/js/ 1 KB
969 B 54ms
53ms Script
application/javascript 178.172.136.207
BN-AS Belarussian...

General

Check archive.org

Show headers Download Go to

Full URL

https://media-polesye.by/wp-includes/js/wp-embed.min.js?ver=5.3.2

Requested by

Host: media-polesye.by
URL: https://media-polesye.by/news/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.172.136.207 , Belarus, ASN12406 (BN-AS Belarussian data communication service provider., BY),

Reverse DNS

178-172-136-207.hosterby.com

Software

nginx/1.16.1 /

Resource Hash

0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://media-polesye.by/news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 05 Apr 2020 21:41:11 GMT
content-encoding: gzip
last-modified: Sun, 01 Mar 2020 17:48:35 GMT
server: nginx/1.16.1
etag: W/"5e5bf573-577"
strict-transport-security: max-age=31536000;
content-type: application/javascript
status: 200
cache-control: max-age=1209600
expires: Sun, 19 Apr 2020 21:41:11 GMT

GET
H2 200 wp-emoji-release.min.js Show response
media-polesye.by/wp-includes/js/ 14 KB
5 KB 54ms
53ms Script
application/javascript 178.172.136.207
BN-AS Belarussian...

General

Check archive.org

Show headers Download Go to

Full URL

https://media-polesye.by/wp-includes/js/wp-emoji-release.min.js?ver=5.3.2

Requested by

Host: media-polesye.by
URL: https://media-polesye.by/news/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.172.136.207 , Belarus, ASN12406 (BN-AS Belarussian data communication service provider., BY),

Reverse DNS

178-172-136-207.hosterby.com

Software

nginx/1.16.1 /

Resource Hash

1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://media-polesye.by/news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 05 Apr 2020 21:41:11 GMT
content-encoding: gzip
last-modified: Tue, 05 Nov 2019 22:16:02 GMT
server: nginx/1.16.1
etag: W/"5dc1f4a2-362a"
strict-transport-security: max-age=31536000;
content-type: application/javascript
status: 200
cache-control: max-age=1209600
expires: Sun, 19 Apr 2020 21:41:11 GMT

GET
H2 200 css
fonts.googleapis.com/ 31 KB
1 KB 18ms
17ms Stylesheet
text/css 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lora:400,400i,700,700i|Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic-ext

Requested by

Host: media-polesye.by
URL: https://media-polesye.by/news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

91edf9b788c2aaf284f6a880211dff2ac1352d05c007ab91f9b5413b70f04740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://media-polesye.by/news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 05 Apr 2020 21:41:11 GMT
server: ESF
date: Sun, 05 Apr 2020 21:41:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Apr 2020 21:41:11 GMT

GET
H2 200 strip.css
media-polesye.by/wp-content/themes/mptheme/css/ 5 KB
1 KB 56ms
56ms Stylesheet
text/css 178.172.136.207
BN-AS Belarussian...

General

Check archive.org

Show headers Download Go to

Full URL

https://media-polesye.by/wp-content/themes/mptheme/css/strip.css

Requested by

Host: media-polesye.by
URL: https://media-polesye.by/news/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.172.136.207 , Belarus, ASN12406 (BN-AS Belarussian data communication service provider., BY),

Reverse DNS

178-172-136-207.hosterby.com

Software

nginx/1.16.1 /

Resource Hash

533e2cd8e98b3c23c5843d6868beae55941d5948be8374094f2e36c6144925de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://media-polesye.by/news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Sun, 05 Apr 2020 21:41:11 GMT
content-encoding: gzip
last-modified: Sat, 25 Jan 2020 10:16:51 GMT
server: nginx/1.16.1
etag: W/"5e2c1593-1569"
strict-transport-security: max-age=31536000;
content-type: text/css
status: 200
cache-control: max-age=1209600
expires: Sun, 19 Apr 2020 21:41:11 GMT

OPTIONS
H2 200 getcookie Show response
matchid.adfox.yandex.ru/ 0
289 B 128ms
42ms XHR
text/plain 2a02:6b8::16b
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://matchid.adfox.yandex.ru/getcookie

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::16b Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Access-Control-Request-Method: POST
Origin: https://media-polesye.by
Referer: https://media-polesye.by/news/
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

date: Sun, 05 Apr 2020 21:41:11 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://media-polesye.by
access-control-allow-methods: GET, POST, OPTIONS
status: 200
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: accept, accept-encoding, accept-language, cache-control, content-type, dnt, origin, x-requested-with
content-length: 0

GET
H2 200 banner_direct.js Show response
yastatic.net/pcode-bundles/0.1637/banner_direct/ 53 KB
13 KB 98ms
32ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/pcode-bundles/0.1637/banner_direct/banner_direct.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.8 /

Resource Hash

ae092043973b507ff20ba29bef01948bc684efd9d2e1613f7a225a9c347c07cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://media-polesye.by/news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 05 Apr 2020 21:41:11 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=43200000; includeSubDomains;
content-length: 13020
timing-allow-origin: *
last-modified: Fri, 03 Apr 2020 13:23:13 GMT
server: nginx/1.17.8
etag: "90fa786d32fcf34a44df26fd32fc6976"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=216013
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 08 Apr 2020 09:40:04 GMT

GET
H2 200 context.js Show response
an.yandex.ru/system/ 56 KB
17 KB 183ms
95ms Script
text/javascript 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/system/context.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

4879d0d648f0a95018c816976aada4ad3e2f5ffa197e988cdc9b92957a592956

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://media-polesye.by/news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 05 Apr 2020 21:41:11 GMT
content-encoding: br
server: nginx/1.12.2
access-control-allow-origin: *
etag: 4200217833
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=31536000
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 05 Apr 2020 22:41:11 GMT

GET
H2

302

v2 Show response
ads.adfox.ru/330607/getBulkTest/
Redirect Chain

https://ads.adfox.ru/330607/getBulk/v2?dl=https%3A%2F%2Fmedia-polesye.by%2Fnews%2F&date=2020-04-05T23%3A41%3A11.366%2B02%3A00&pd=5&pdh=1200&pdw=1600&pr1=3212914318&pr=3380940850&prr=&pv=23&pw=0&ext...
https://ads.adfox.ru/330607/getBulkTest/v2?dl=https%3A%2F%2Fmedia-polesye.by%2Fnews%2F&date=2020-04-05T23%3A41%3A11.366%2B02%3A00&pd=5&pdh=1200&pdw=1600&pr1=3212914318&pr=3380940850&prr=&pv=23&pw=0...

0
-1 B

256ms
95ms

XHR

77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adfox.ru/330607/getBulkTest/v2?dl=https%3A%2F%2Fmedia-polesye.by%2Fnews%2F&date=2020-04-05T23%3A41%3A11.366%2B02%3A00&pd=5&pdh=1200&pdw=1600&pr1=3212914318&pr=3380940850&prr=&pv=23&pw=0&extid_loader=&extid_tag_loader=media-polesye.by&ylv=0.1638&ybv=0.1637&ytt=337000314963989&is-turbo=0&skip-token=&ad-session-id=458021586122871368&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22width%22%3A1110%2C%22height%22%3A0%2C%22left%22%3A245%2C%22top%22%3A0%2C%22visible%22%3A1%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pp=g&ps=dubc&p2=y&slotNumber=1&bids=W10%3D&grab=dNCh0YLRgNCw0L3QuNGG0LAg0L3QtSDQvdCw0LnQtNC10L3QsCDigJQg0JzQtdC00LjQsC3Qn9C-0LvQtdGB0YzQtSDigJQg0L3QvtCy0L7RgdGC0Lgg0Lgg0YDQtdC60LvQsNC80LAg0J_QuNC90YHQutCwLCDQm9GD0L3QuNC90YbQsCwg0KHRgtC-0LvQuNC90LAK&utf8=%E2%9C%93

Requested by

Host: media-polesye.by
URL: https://media-polesye.by/news/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://media-polesye.by/news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Apr 2020 21:41:11 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://media-polesye.by
location: /330607/getBulkTest/v2?dl=https%3A%2F%2Fmedia-polesye.by%2Fnews%2F&date=2020-04-05T23%3A41%3A11.366%2B02%3A00&pd=5&pdh=1200&pdw=1600&pr1=3212914318&pr=3380940850&prr=&pv=23&pw=0&extid_loader=&extid_tag_loader=media-polesye.by&ylv=0.1638&ybv=0.1637&ytt=337000314963989&is-turbo=0&skip-token=&ad-session-id=458021586122871368&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22width%22%3A1110%2C%22height%22%3A0%2C%22left%22%3A245%2C%22top%22%3A0%2C%22visible%22%3A1%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pp=g&ps=dubc&p2=y&slotNumber=1&bids=W10%3D&grab=dNCh0YLRgNCw0L3QuNGG0LAg0L3QtSDQvdCw0LnQtNC10L3QsCDigJQg0JzQtdC00LjQsC3Qn9C-0LvQtdGB0YzQtSDigJQg0L3QvtCy0L7RgdGC0Lgg0Lgg0YDQtdC60LvQsNC80LAg0J_QuNC90YHQutCwLCDQm9GD0L3QuNC90YbQsCwg0KHRgtC-0LvQuNC90LAK&utf8=%E2%9C%93
p3p: policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
status: 302
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 0
expires: Mon, 04 Dec 1999 21:29:02 GMT

Redirect headers

pragma: no-cache
date: Sun, 05 Apr 2020 21:41:11 GMT
x-content-type-options: nosniff
status: 302
location: /330607/getBulkTest/v2?dl=https%3A%2F%2Fmedia-polesye.by%2Fnews%2F&date=2020-04-05T23%3A41%3A11.366%2B02%3A00&pd=5&pdh=1200&pdw=1600&pr1=3212914318&pr=3380940850&prr=&pv=23&pw=0&extid_loader=&extid_tag_loader=media-polesye.by&ylv=0.1638&ybv=0.1637&ytt=337000314963989&is-turbo=0&skip-token=&ad-session-id=458021586122871368&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22width%22%3A1110%2C%22height%22%3A0%2C%22left%22%3A245%2C%22top%22%3A0%2C%22visible%22%3A1%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pp=g&ps=dubc&p2=y&slotNumber=1&bids=W10%3D&grab=dNCh0YLRgNCw0L3QuNGG0LAg0L3QtSDQvdCw0LnQtNC10L3QsCDigJQg0JzQtdC00LjQsC3Qn9C-0LvQtdGB0YzQtSDigJQg0L3QvtCy0L7RgdGC0Lgg0Lgg0YDQtdC60LvQsNC80LAg0J_QuNC90YHQutCwLCDQm9GD0L3QuNC90YbQsCwg0KHRgtC-0LvQuNC90LAK&utf8=%E2%9C%93
p3p: policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
access-control-allow-origin: https://media-polesye.by
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 0
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
319 B 16ms
16ms Script
application/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=media-polesye.by

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://media-polesye.by/news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 05 Apr 2020 21:41:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 17ms
17ms Script
application/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=media-polesye.by

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://media-polesye.by/news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 05 Apr 2020 21:41:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200401/r20190131/ 215 KB
81 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200401/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc838f64df4a89f6387e1bcfecf8271ee720484a2b76fa94f24e9462ecd4e228

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://media-polesye.by/news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 05 Apr 2020 21:41:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 82822
x-xss-protection: 0
server: cafe
etag: 1643823074256303265
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Apr 2020 21:41:11 GMT

GET
H2 200 hamburger.svg
media-polesye.by/wp-content/themes/mptheme/images/ 156 B
371 B 64ms
64ms Image
image/svg+xml 178.172.136.207
BN-AS Belarussian...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-polesye.by/wp-content/themes/mptheme/images/hamburger.svg

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.172.136.207 , Belarus, ASN12406 (BN-AS Belarussian data communication service provider., BY),

Reverse DNS

178-172-136-207.hosterby.com

Software

nginx/1.16.1 /

Resource Hash

c768728f133b19853c539d97dbf9ae20430ee6d7b1e31051777808b7957d0441

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://media-polesye.by/wp-content/themes/mptheme/style.css?ver=1584605359
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 05 Apr 2020 21:41:11 GMT
last-modified: Sat, 25 Jan 2020 10:16:51 GMT
server: nginx/1.16.1
etag: "5e2c1593-9c"
strict-transport-security: max-age=31536000;
content-type: image/svg+xml
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 156
expires: Sun, 19 Apr 2020 21:41:11 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/ 7 KB
7 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfABc4AMP6lbBP.woff2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4512a0f507a7df3a354a3f552a4b34e2e642ce0e4902c002dfd1ce55e33abce4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Lora:400,400i,700,700i|Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic-ext
Origin: https://media-polesye.by
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Mar 2020 16:25:38 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:10 GMT
server: sffe
age: 2265333
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 6824
x-xss-protection: 0
expires: Wed, 10 Mar 2021 16:25:38 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Lora:400,400i,700,700i|Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic-ext
Origin: https://media-polesye.by
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 01 Apr 2020 18:22:23 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 357528
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11016
x-xss-protection: 0
expires: Thu, 01 Apr 2021 18:22:23 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Lora:400,400i,700,700i|Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic-ext
Origin: https://media-polesye.by
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 Jan 2020 00:50:19 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 5691052
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11020
x-xss-protection: 0
expires: Sat, 30 Jan 2021 00:50:19 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200401/r20190131/ Frame 626C 0
0 6ms
5ms Document
text/html 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200401/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200401/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://media-polesye.by/news/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://media-polesye.by/news/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Wed, 01 Apr 2020 16:26:22 GMT
expires: Wed, 15 Apr 2020 16:26:22 GMT
content-type: text/html; charset=UTF-8
etag: 10348540741379653356
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4494
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 364489
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2
fonts.gstatic.com/s/roboto/v20/ 7 KB
7 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2

Requested by

Host: media-polesye.by
URL: https://media-polesye.by/news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daf6c28c5a080458eba26ba64a95b1fcff823944d429ccb84e8a4f3a0baf05ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Lora:400,400i,700,700i|Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic-ext
Origin: https://media-polesye.by
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 06 Mar 2020 07:31:43 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:40 GMT
server: sffe
age: 2642968
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 6720
x-xss-protection: 0
expires: Sat, 06 Mar 2021 07:31:43 GMT

GET
H/1.1 200
OK Cookie set Banner.asp
www.nbrb.by/Statistics/Rates/ Frame 4CEA 0
0 521ms
89ms Document
text/html 80.94.224.227
IPTEL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nbrb.by/Statistics/Rates/Banner.asp?lan=ru&fnt=Tahoma%2C%20Arial&datatype=1&lnkcolor=black&bgcolor=gray&brdcolor=BEF781&fntcolor=%23555555&fntsize=11px
Requested by: Host: media-polesye.by
URL: https://media-polesye.by/news/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 80.94.224.227 , Belarus, ASN21305 (IPTEL-AS, BY),
Reverse DNS: nbrb.gov.by
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Host: www.nbrb.by
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://media-polesye.by/news/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://media-polesye.by/news/

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
Set-Cookie: ASP.NET_SessionId=qappfpaistxbdejyjqw2shbj; path=/; HttpOnly; SameSite=Lax
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Sun, 05 Apr 2020 21:41:14 GMT
Content-Length: 913

GET
H2 200 search.svg
media-polesye.by/wp-content/themes/mptheme/images/ 763 B
978 B 53ms
52ms Image
image/svg+xml 178.172.136.207
BN-AS Belarussian...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-polesye.by/wp-content/themes/mptheme/images/search.svg

Requested by

Host: media-polesye.by
URL: https://media-polesye.by/news/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.172.136.207 , Belarus, ASN12406 (BN-AS Belarussian data communication service provider., BY),

Reverse DNS

178-172-136-207.hosterby.com

Software

nginx/1.16.1 /

Resource Hash

f3e042579e974bd37084618be3a9a65bc88cfc1f887d96bb2ed7aa5d6e7d3cce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://media-polesye.by/wp-content/themes/mptheme/style.css?ver=1584605359
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 05 Apr 2020 21:41:11 GMT
last-modified: Sat, 25 Jan 2020 10:16:51 GMT
server: nginx/1.16.1
etag: "5e2c1593-2fb"
strict-transport-security: max-age=31536000;
content-type: image/svg+xml
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 763
expires: Sun, 19 Apr 2020 21:41:11 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff2

Requested by

Host: media-polesye.by
URL: https://media-polesye.by/news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b6863771c330f7b6a857dbfee3959d8e8c61c0e34f1e9ba5f6f38268d05573d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Lora:400,400i,700,700i|Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic-ext
Origin: https://media-polesye.by
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 09 Mar 2020 09:54:07 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:08 GMT
server: sffe
age: 2375224
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11012
x-xss-protection: 0
expires: Tue, 09 Mar 2021 09:54:07 GMT

GET
H2 200 icon.svg
media-polesye.by/ 1 KB
2 KB 53ms
53ms Image
image/svg+xml 178.172.136.207
BN-AS Belarussian...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-polesye.by/icon.svg

Requested by

Host: media-polesye.by
URL: https://media-polesye.by/news/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.172.136.207 , Belarus, ASN12406 (BN-AS Belarussian data communication service provider., BY),

Reverse DNS

178-172-136-207.hosterby.com

Software

nginx/1.16.1 /

Resource Hash

d18fa7761403604227fd7ad3843cc5e83e9d8df16252d06a4d0ecbd319eb0f3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://media-polesye.by/wp-content/themes/mptheme/style.css?ver=1584605359
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 05 Apr 2020 21:41:11 GMT
last-modified: Thu, 05 Mar 2020 09:23:36 GMT
server: nginx/1.16.1
etag: "5e60c518-571"
strict-transport-security: max-age=31536000;
content-type: image/svg+xml
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 1393
expires: Sun, 19 Apr 2020 21:41:11 GMT

GET
H2

302

v2 Show response
ads.adfox.ru/330607/getBulkTest/
Redirect Chain

https://ads.adfox.ru/330607/getBulk/v2?dl=https%3A%2F%2Fmedia-polesye.by%2Fnews%2F&date=2020-04-05T23%3A41%3A11.413%2B02%3A00&pd=5&pdh=1200&pdw=1600&pr1=748880670&pr=3380940850&prr=&pv=23&pw=0&exti...
https://ads.adfox.ru/330607/getBulkTest/v2?dl=https%3A%2F%2Fmedia-polesye.by%2Fnews%2F&date=2020-04-05T23%3A41%3A11.413%2B02%3A00&pd=5&pdh=1200&pdw=1600&pr1=748880670&pr=3380940850&prr=&pv=23&pw=0&...

0
-1 B

213ms
95ms

XHR

77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adfox.ru/330607/getBulkTest/v2?dl=https%3A%2F%2Fmedia-polesye.by%2Fnews%2F&date=2020-04-05T23%3A41%3A11.413%2B02%3A00&pd=5&pdh=1200&pdw=1600&pr1=748880670&pr=3380940850&prr=&pv=23&pw=0&extid_loader=&extid_tag_loader=media-polesye.by&ylv=0.1638&ybv=0.1637&ytt=337000314963989&is-turbo=0&skip-token=&ad-session-id=458021586122871368&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22width%22%3A1120%2C%22height%22%3A0%2C%22left%22%3A240%2C%22top%22%3A336%2C%22visible%22%3A1%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pp=ygo&ps=dubc&p2=y&slotNumber=3&bids=W10%3D&grab=dNCh0YLRgNCw0L3QuNGG0LAg0L3QtSDQvdCw0LnQtNC10L3QsCDigJQg0JzQtdC00LjQsC3Qn9C-0LvQtdGB0YzQtSDigJQg0L3QvtCy0L7RgdGC0Lgg0Lgg0YDQtdC60LvQsNC80LAg0J_QuNC90YHQutCwLCDQm9GD0L3QuNC90YbQsCwg0KHRgtC-0LvQuNC90LAKMTQwNCDQodGC0YDQsNC90LjRhtCwINC90LUg0L3QsNC50LTQtdC90LAgCg%3D%3D&utf8=%E2%9C%93

Requested by

Host: media-polesye.by
URL: https://media-polesye.by/news/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://media-polesye.by/news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Apr 2020 21:41:11 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://media-polesye.by
location: /330607/getBulkTest/v2?dl=https%3A%2F%2Fmedia-polesye.by%2Fnews%2F&date=2020-04-05T23%3A41%3A11.413%2B02%3A00&pd=5&pdh=1200&pdw=1600&pr1=748880670&pr=3380940850&prr=&pv=23&pw=0&extid_loader=&extid_tag_loader=media-polesye.by&ylv=0.1638&ybv=0.1637&ytt=337000314963989&is-turbo=0&skip-token=&ad-session-id=458021586122871368&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22width%22%3A1120%2C%22height%22%3A0%2C%22left%22%3A240%2C%22top%22%3A336%2C%22visible%22%3A1%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pp=ygo&ps=dubc&p2=y&slotNumber=3&bids=W10%3D&grab=dNCh0YLRgNCw0L3QuNGG0LAg0L3QtSDQvdCw0LnQtNC10L3QsCDigJQg0JzQtdC00LjQsC3Qn9C-0LvQtdGB0YzQtSDigJQg0L3QvtCy0L7RgdGC0Lgg0Lgg0YDQtdC60LvQsNC80LAg0J_QuNC90YHQutCwLCDQm9GD0L3QuNC90YbQsCwg0KHRgtC-0LvQuNC90LAKMTQwNCDQodGC0YDQsNC90LjRhtCwINC90LUg0L3QsNC50LTQtdC90LAgCg%3D%3D&utf8=%E2%9C%93
p3p: policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
status: 302
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 0
expires: Mon, 04 Dec 1999 21:29:02 GMT

Redirect headers

pragma: no-cache
date: Sun, 05 Apr 2020 21:41:11 GMT
x-content-type-options: nosniff
status: 302
location: /330607/getBulkTest/v2?dl=https%3A%2F%2Fmedia-polesye.by%2Fnews%2F&date=2020-04-05T23%3A41%3A11.413%2B02%3A00&pd=5&pdh=1200&pdw=1600&pr1=748880670&pr=3380940850&prr=&pv=23&pw=0&extid_loader=&extid_tag_loader=media-polesye.by&ylv=0.1638&ybv=0.1637&ytt=337000314963989&is-turbo=0&skip-token=&ad-session-id=458021586122871368&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22width%22%3A1120%2C%22height%22%3A0%2C%22left%22%3A240%2C%22top%22%3A336%2C%22visible%22%3A1%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pp=ygo&ps=dubc&p2=y&slotNumber=3&bids=W10%3D&grab=dNCh0YLRgNCw0L3QuNGG0LAg0L3QtSDQvdCw0LnQtNC10L3QsCDigJQg0JzQtdC00LjQsC3Qn9C-0LvQtdGB0YzQtSDigJQg0L3QvtCy0L7RgdGC0Lgg0Lgg0YDQtdC60LvQsNC80LAg0J_QuNC90YHQutCwLCDQm9GD0L3QuNC90YbQsCwg0KHRgtC-0LvQuNC90LAKMTQwNCDQodGC0YDQsNC90LjRhtCwINC90LUg0L3QsNC50LTQtdC90LAgCg%3D%3D&utf8=%E2%9C%93
p3p: policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
access-control-allow-origin: https://media-polesye.by
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 0
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H/1.1 200
OK tag.js Show response
mc.yandex.ru/metrika/ 363 KB
92 KB 83ms
83ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: media-polesye.by
URL: https://media-polesye.by/news/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

ea77330dcedcb5369ed0b2c02b75c4d12aba0e6c39036038d23aa3ac9a4d62ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://media-polesye.by/news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sun, 05 Apr 2020 21:41:11 GMT
Content-Encoding: br
Last-Modified: Tue, 31 Mar 2020 08:20:27 GMT
Server: nginx/1.14.2
ETag: "5e82fd4b-16fbf"
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Content-Length: 94143
Expires: Sun, 05 Apr 2020 22:41:11 GMT

GET
H/1.1 200
OK code.js Show response
top-fwz1.mail.ru/js/ 16 KB
7 KB 210ms
70ms Script
application/javascript 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/js/code.js

Requested by

Host: media-polesye.by
URL: https://media-polesye.by/news/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

0921a7dc8054b08e4b5dd8e6ca764c72370ef59b7a7bb80be61efdc320d077a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://media-polesye.by/news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sun, 05 Apr 2020 21:41:11 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection: keep-alive
Keep-Alive: timeout=60
AMP-Access-Control-Allow-Source-Origin: *
Last-Modified: Mon, 10 Feb 2020 15:35:40 GMT
Server: nginx
ETag: W/"5e41784c-4083"
Access-Control-Allow-Methods: GET, POST, HEAD, PUT, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Cache-control: max-age=7200, private
Access-Control-Allow-Credentials: true
Accept-CH-Lifetime: 86400
Accept-CH: DPR, Width, Viewport-Width, Downlink, Device-Memory
Timing-Allow-Origin: *
Access-Control-Allow-Headers: *

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t14.6;r;s1600*1200*24;uhttps%3A//media-polesye.by/news/;h%u0421%u0442%u0440%u0430%u043D%u0438%u0446%u0430%20%u043D%u0435%20%u043D%u0430%u0439%u0434%u0435%u043D%u0430%20...
https://counter.yadro.ru/hit?q;t14.6;r;s1600*1200*24;uhttps%3A//media-polesye.by/news/;h%u0421%u0442%u0440%u0430%u043D%u0438%u0446%u0430%20%u043D%u0435%20%u043D%u0430%u0439%u0434%u0435%u043D%u0430%...

255 B
634 B

65ms
65ms

Image
image/gif

88.212.201.216
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://counter.yadro.ru/hit?q;t14.6;r;s1600*1200*24;uhttps%3A//media-polesye.by/news/;h%u0421%u0442%u0440%u0430%u043D%u0438%u0446%u0430%20%u043D%u0435%20%u043D%u0430%u0439%u0434%u0435%u043D%u0430%20%u2014%20%u041C%u0435%u0434%u0438%u0430-%u041F%u043E%u043B%u0435%u0441%u044C%u0435%20%u2014%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0438%20%u0440%u0435%u043A%u043B%u0430%u043C%u0430%20%u041F%u0438%u043D%u0441%u043A%u0430%2C%20%u041B%u0443%u043D%u0438%u043D%u0446%u0430%2C%20%u0421%u0442%u043E%u043B%u0438%u043D%u0430;0.8523325291751758
Requested by: Host: media-polesye.by
URL: https://media-polesye.by/news/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 88.212.201.216 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS: host216.rax.ru
Software: nginx/1.17.9 /
Resource Hash: 171716e680cc00175812d003da81cad68fbfa5fbfbc0723c73c7907babf2cb70

Request headers

Referer: https://media-polesye.by/news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Apr 2020 21:41:11 GMT
Server: nginx/1.17.9
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 255
Expires: Sat, 06 Apr 2019 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 05 Apr 2020 21:41:11 GMT
Server: nginx/1.17.9
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;t14.6;r;s1600*1200*24;uhttps%3A//media-polesye.by/news/;h%u0421%u0442%u0440%u0430%u043D%u0438%u0446%u0430%20%u043D%u0435%20%u043D%u0430%u0439%u0434%u0435%u043D%u0430%20%u2014%20%u041C%u0435%u0434%u0438%u0430-%u041F%u043E%u043B%u0435%u0441%u044C%u0435%20%u2014%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0438%20%u0440%u0435%u043A%u043B%u0430%u043C%u0430%20%u041F%u0438%u043D%u0441%u043A%u0430%2C%20%u041B%u0443%u043D%u0438%u043D%u0446%u0430%2C%20%u0421%u0442%u043E%u043B%u0438%u043D%u0430;0.8523325291751758
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Sat, 06 Apr 2019 21:00:00 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d85943f9a3e66ded0349113d8aaac99a3158b3e604f9c8041e82aea681ccdbcd

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 376 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4842ef7436621848a836428439486a2f2e0b346ce5a8b4b9e3c79e46ac9032bf

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

POST
H2 200 admin-ajax.php Show response
media-polesye.by/wp-admin/ 10 KB
3 KB 218ms
218ms XHR
text/html 178.172.136.207
BN-AS Belarussian...

General

Check archive.org

Show headers Download Go to

Full URL

https://media-polesye.by/wp-admin/admin-ajax.php

Requested by

Host: media-polesye.by
URL: https://media-polesye.by/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.172.136.207 , Belarus, ASN12406 (BN-AS Belarussian data communication service provider., BY),

Reverse DNS

178-172-136-207.hosterby.com

Software

nginx/1.16.1 / PHP/7.3.16

Resource Hash

e8936e10f2022700ffff2f5e75582c0330743e2e8de58b6f6a00ee61a2418df2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://media-polesye.by/news/
Origin: https://media-polesye.by
X-Requested-With: XMLHttpRequest
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 05 Apr 2020 21:41:11 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.16.1
status: 200
x-powered-by: PHP/7.3.16
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://media-polesye.by
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=31536000;
x-robots-tag: noindex
x-content-type-options: nosniff
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-30457381-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://media-polesye.by/news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 4059
date: Sun, 05 Apr 2020 20:33:32 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 18174
expires: Sun, 05 Apr 2020 22:33:32 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 7304 0
0 73ms
73ms Document
text/html 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2126924377903893&output=html&adk=1812271804&adf=3025194257&lmt=1586122871&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fmedia-polesye.by%2Fnews%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1586122871380&bpp=13&bdt=237&fdt=74&idt=74&shv=r20200401&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4913337921973&frm=20&pv=2&ga_vid=1863524063.1586122871&ga_sid=1586122871&ga_hid=1754441233&ga_fc=0&iag=0&icsg=3219170303&dssz=33&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44713363%2C21060079&oid=3&pvsid=2514341274216289&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=85

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200401/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2126924377903893&output=html&adk=1812271804&adf=3025194257&lmt=1586122871&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fmedia-polesye.by%2Fnews%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1586122871380&bpp=13&bdt=237&fdt=74&idt=74&shv=r20200401&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4913337921973&frm=20&pv=2&ga_vid=1863524063.1586122871&ga_sid=1586122871&ga_hid=1754441233&ga_fc=0&iag=0&icsg=3219170303&dssz=33&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44713363%2C21060079&oid=3&pvsid=2514341274216289&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=85
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://media-polesye.by/news/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://media-polesye.by/news/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 05 Apr 2020 21:41:11 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 05-Apr-2020 21:56:11 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
expires: Sun, 05 Apr 2020 21:41:11 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
27 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200401/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3647b49a385374990c3b8a8ffcc1e7979ef25a7029b3711ac37e1eebb370e6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://media-polesye.by/news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 05 Apr 2020 21:41:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1585953408266222"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 27981
x-xss-protection: 0
expires: Sun, 05 Apr 2020 21:41:11 GMT

POST
H2 200 getcookie Show response
matchid.adfox.yandex.ru/ 112 B
380 B 146ms
50ms XHR
application/json 2a02:6b8::16b
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://matchid.adfox.yandex.ru/getcookie

Requested by

Host: media-polesye.by
URL: https://media-polesye.by/news/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::16b Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

81238b811a07aa89584bd0600b00cb2241c1d168ea5716fde171b67713a41bac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://media-polesye.by/news/
Origin: https://media-polesye.by
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 05 Apr 2020 21:41:11 GMT
x-content-type-options: nosniff
status: 200
content-type: application/json
access-control-allow-origin: https://media-polesye.by
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 112

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
108 B 18ms
18ms Image
image/gif 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1754441233&t=pageview&_s=1&dl=https%3A%2F%2Fmedia-polesye.by%2Fnews%2F&ul=en-us&de=UTF-8&dt=%D0%A1%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0%20%D0%BD%D0%B5%20%D0%BD%D0%B0%D0%B9%D0%B4%D0%B5%D0%BD%D0%B0%20%E2%80%94%20%D0%9C%D0%B5%D0%B4%D0%B8%D0%B0-%D0%9F%D0%BE%D0%BB%D0%B5%D1%81%D1%8C%D0%B5%20%E2%80%94%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%B8%20%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%B0%20%D0%9F%D0%B8%D0%BD%D1%81%D0%BA%D0%B0%2C%20%D0%9B%D1%83%D0%BD%D0%B8%D0%BD%D1%86%D0%B0%2C%20%D0%A1%D1%82%D0%BE%D0%BB%D0%B8%D0%BD%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAUAB~&jid=234266247&gjid=1410047904&cid=1863524063.1586122871&tid=UA-30457381-1&_gid=129974131.1586122871&_r=1&gtm=2ou3p1&z=423192041

Requested by

Host: media-polesye.by
URL: https://media-polesye.by/news/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://media-polesye.by/news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sun, 05 Apr 2020 21:41:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

302
Found

1 Show response
mc.yandex.ru/watch/53635162/
Redirect Chain

https://mc.yandex.ru/watch/53635162?wmode=7&page-url=https%3A%2F%2Fmedia-polesye.by%2Fnews%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1586122870829%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A2...
https://mc.yandex.ru/watch/53635162/1?wmode=7&page-url=https%3A%2F%2Fmedia-polesye.by%2Fnews%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1586122870829%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3...

0
-1 B

42ms
42ms

XHR

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/53635162/1?wmode=7&page-url=https%3A%2F%2Fmedia-polesye.by%2Fnews%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1586122870829%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200405234111%3Aet%3A1586122872%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A1018939462%3Ahid%3A1001736361%3Ads%3A0%2C110%2C195%2C2%2C0%2C0%2C0%2C294%2C5%2C%2C%2C%2C608%3Afp%3A572%3Awn%3A17870%3Ahl%3A2%3Agdpr%3A14%3Av%3A1837%3Awv%3A2%3Ast%3A1586122872%3Au%3A1586122872216987043%3At%3A%D0%A1%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0%20%D0%BD%D0%B5%20%D0%BD%D0%B0%D0%B9%D0%B4%D0%B5%D0%BD%D0%B0%20%E2%80%94%20%D0%9C%D0%B5%D0%B4%D0%B8%D0%B0-%D0%9F%D0%BE%D0%BB%D0%B5%D1%81%D1%8C%D0%B5%20%E2%80%94%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%B8%20%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%B0%20%D0%9F%D0%B8%D0%BD%D1%81%D0%BA%D0%B0%2C%20%D0%9B%D1%83%D0%BD%D0%B8%D0%BD%D1%86%D0%B0%2C%20%D0%A1%D1%82%D0%BE%D0%BB%D0%B8%D0%BD%D0%B0

Requested by

Host: media-polesye.by
URL: https://media-polesye.by/news/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://media-polesye.by/news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Apr 2020 21:41:11 GMT
Last-Modified: Sun, 05-Apr-2020 21:41:11 GMT
Server: nginx/1.14.2
Location: /watch/53635162/1?wmode=7&page-url=https%3A%2F%2Fmedia-polesye.by%2Fnews%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1586122870829%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200405234111%3Aet%3A1586122872%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A1018939462%3Ahid%3A1001736361%3Ads%3A0%2C110%2C195%2C2%2C0%2C0%2C0%2C294%2C5%2C%2C%2C%2C608%3Afp%3A572%3Awn%3A17870%3Ahl%3A2%3Agdpr%3A14%3Av%3A1837%3Awv%3A2%3Ast%3A1586122872%3Au%3A1586122872216987043%3At%3A%D0%A1%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0%20%D0%BD%D0%B5%20%D0%BD%D0%B0%D0%B9%D0%B4%D0%B5%D0%BD%D0%B0%20%E2%80%94%20%D0%9C%D0%B5%D0%B4%D0%B8%D0%B0-%D0%9F%D0%BE%D0%BB%D0%B5%D1%81%D1%8C%D0%B5%20%E2%80%94%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%B8%20%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%B0%20%D0%9F%D0%B8%D0%BD%D1%81%D0%BA%D0%B0%2C%20%D0%9B%D1%83%D0%BD%D0%B8%D0%BD%D1%86%D0%B0%2C%20%D0%A1%D1%82%D0%BE%D0%BB%D0%B8%D0%BD%D0%B0
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Origin: https://media-polesye.by
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Sun, 05-Apr-2020 21:41:11 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 05 Apr 2020 21:41:11 GMT
Last-Modified: Sun, 05-Apr-2020 21:41:11 GMT
Server: nginx/1.14.2
Access-Control-Allow-Origin: https://media-polesye.by
Strict-Transport-Security: max-age=31536000
Location: /watch/53635162/1?wmode=7&page-url=https%3A%2F%2Fmedia-polesye.by%2Fnews%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1586122870829%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200405234111%3Aet%3A1586122872%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A1018939462%3Ahid%3A1001736361%3Ads%3A0%2C110%2C195%2C2%2C0%2C0%2C0%2C294%2C5%2C%2C%2C%2C608%3Afp%3A572%3Awn%3A17870%3Ahl%3A2%3Agdpr%3A14%3Av%3A1837%3Awv%3A2%3Ast%3A1586122872%3Au%3A1586122872216987043%3At%3A%D0%A1%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0%20%D0%BD%D0%B5%20%D0%BD%D0%B0%D0%B9%D0%B4%D0%B5%D0%BD%D0%B0%20%E2%80%94%20%D0%9C%D0%B5%D0%B4%D0%B8%D0%B0-%D0%9F%D0%BE%D0%BB%D0%B5%D1%81%D1%8C%D0%B5%20%E2%80%94%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%B8%20%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%B0%20%D0%9F%D0%B8%D0%BD%D1%81%D0%BA%D0%B0%2C%20%D0%9B%D1%83%D0%BD%D0%B8%D0%BD%D1%86%D0%B0%2C%20%D0%A1%D1%82%D0%BE%D0%BB%D0%B8%D0%BD%D0%B0
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Sun, 05-Apr-2020 21:41:11 GMT

GET
H2 200 v2 Show response
ads.adfox.ru/330607/getBulkTest/ 8 KB
2 KB 254ms
254ms XHR
application/json 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: media-polesye.by
URL: https://media-polesye.by/news/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

72e758ad1a2cb8de7081057ac0cba524ad911ba81bc42ee24854c09dcc8517e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://media-polesye.by/news/
Origin: https://media-polesye.by
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Apr 2020 21:41:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
status: 200
content-type: application/json
access-control-allow-origin: https://media-polesye.by
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2

302

/ Show response
matchid.adfox.yandex.ru/
Redirect Chain

https://ads.adfox.ru/330607/getBulkTest/v2?dl=https%3A%2F%2Fmedia-polesye.by%2Fnews%2F&date=2020-04-05T23%3A41%3A11.413%2B02%3A00&pd=5&pdh=1200&pdw=1600&pr1=748880670&pr=3380940850&prr=&pv=23&pw=0&...
https://matchid.adfox.yandex.ru/?url=a8075bf1c7376ab37971b6d80664e4d2b86256a684f5e709bdedb1a0c309178d0d5161bbb9a796ad3a511c85d2875f95e842788b3a4130c0abb8c49e8bdecf27098b5aa5c5335767bb22aa42aad12ce8...

0
-1 B

91ms
91ms

XHR

77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://matchid.adfox.yandex.ru/?url=a8075bf1c7376ab37971b6d80664e4d2b86256a684f5e709bdedb1a0c309178d0d5161bbb9a796ad3a511c85d2875f95e842788b3a4130c0abb8c49e8bdecf27098b5aa5c5335767bb22aa42aad12ce8124c4c2cfbf8dec351099c3c6bf823f2&sign=ffc24e839c5bb3d9cf8b919c986441f5

Requested by

Host: media-polesye.by
URL: https://media-polesye.by/news/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://media-polesye.by/news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Apr 2020 21:41:11 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://media-polesye.by
location: https://matchid.adfox.yandex.ru/?url=a8075bf1c7376ab37971b6d80664e4d2b86256a684f5e709bdedb1a0c309178d0d5161bbb9a796ad3a511c85d2875f95e842788b3a4130c0abb8c49e8bdecf27098b5aa5c5335767bb22aa42aad12ce8124c4c2cfbf8dec351099c3c6bf823f2&sign=ffc24e839c5bb3d9cf8b919c986441f5
status: 302
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 0
expires: Mon, 04 Dec 1999 21:29:02 GMT

Redirect headers

pragma: no-cache
date: Sun, 05 Apr 2020 21:41:11 GMT
x-content-type-options: nosniff
status: 302
location: https://matchid.adfox.yandex.ru/?url=a8075bf1c7376ab37971b6d80664e4d2b86256a684f5e709bdedb1a0c309178d0d5161bbb9a796ad3a511c85d2875f95e842788b3a4130c0abb8c49e8bdecf27098b5aa5c5335767bb22aa42aad12ce8124c4c2cfbf8dec351099c3c6bf823f2&sign=ffc24e839c5bb3d9cf8b919c986441f5
access-control-allow-origin: https://media-polesye.by
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 0
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H/1.1 200
OK advert.gif
mc.yandex.ru/metrika/ 43 B
425 B 75ms
42ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: media-polesye.by
URL: https://media-polesye.by/news/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://media-polesye.by/news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sun, 05 Apr 2020 21:41:11 GMT
Last-Modified: Fri, 17 Jan 2020 08:05:01 GMT
Server: nginx/1.14.2
ETag: "5e216aad-2b"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Sun, 05 Apr 2020 22:41:11 GMT

POST
H/1.1 200
OK counter
top-fwz1.mail.ru/ 43 B
1 KB 68ms
68ms Other
image/gif 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/counter?js=13;id=3141509;u=https%3A//media-polesye.by/news/;st=1586122871437;title=%D0%A1%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0%20%D0%BD%D0%B5%20%D0%BD%D0%B0%D0%B9%D0%B4%D0%B5%D0%BD%D0%B0%20%E2%80%94%20%D0%9C%D0%B5%D0%B4%D0%B8%D0%B0-%D0%9F%D0%BE%D0%BB%D0%B5%D1%81%D1%8C%D0%B5%20%E2%80%94%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%B8%20%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%B0%20%D0%9F%D0%B8%D0%BD%D1%81%D0%BA%D0%B0%2C%20%D0%9B%D1%83%D0%BD%D0%B8%D0%BD%D1%86%D0%B0%2C%20%D0%A1%D1%82%D0%BE%D0%BB%D0%B8%D0%BD%D0%B0;s=1600*1200;vp=1600*1200;touch=0;hds=1;flash=;sid=a90f98f4fe173cfd;ver=60.1.0;tz=-120%2FEurope%2FBerlin;ni=10//4g/0/0/;lvid=1586122871648%3A1586122871659%3A1%3A108dceb10f4c6418499532f41216c471;opts=dl;_=0.5432737920521868

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://media-polesye.by/news/
Origin: https://media-polesye.by
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sun, 05 Apr 2020 21:41:11 GMT
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection: keep-alive
Content-Length: 43
Keep-Alive: timeout=60
Pragma: no-cache
AMP-Access-Control-Allow-Source-Origin: https://media-polesye.by
Server: nginx
Access-Control-Allow-Methods: GET, POST, HEAD, PUT, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://media-polesye.by
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Cache-control: private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials: true
Accept-CH-Lifetime: 86400
Accept-CH: DPR, Width, Viewport-Width, Downlink, Device-Memory
Timing-Allow-Origin: https://media-polesye.by
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK 1 Show response
mc.yandex.ru/watch/53635162/ 152 B
704 B 97ms
53ms XHR
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: media-polesye.by
URL: https://media-polesye.by/news/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

fb980bbaffe93700d868f695d29c48586fd17e8954d35bc052bd53a599405ac9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://media-polesye.by/news/
Origin: https://media-polesye.by
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Sun, 05 Apr 2020 21:41:11 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 05-Apr-2020 21:41:11 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=31536000
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://media-polesye.by
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 152
X-XSS-Protection: 1; mode=block
Expires: Sun, 05-Apr-2020 21:41:11 GMT

GET
H2

302

v2 Show response
ads.adfox.ru/330607/getBulkTest/
Redirect Chain

https://matchid.adfox.yandex.ru/?url=a8075bf1c7376ab37971b6d80664e4d2b86256a684f5e709bdedb1a0c309178d0d5161bbb9a796ad3a511c85d2875f95e842788b3a4130c0abb8c49e8bdecf27098b5aa5c5335767bb22aa42aad12ce8...
https://ads.adfox.ru/330607/getBulkTest/v2?yandexuid=14068254678769787370&sign=ac810a2ef203ea72371fe2afbf8ff0e9&rqs=AAAAAAAAAAB3UIpelOUHledkCHf5eoD8&matchid-br=1

0
-1 B

48ms
47ms

XHR

2a02:6b8::16b
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adfox.ru/330607/getBulkTest/v2?yandexuid=14068254678769787370&sign=ac810a2ef203ea72371fe2afbf8ff0e9&rqs=AAAAAAAAAAB3UIpelOUHledkCHf5eoD8&matchid-br=1

Requested by

Host: media-polesye.by
URL: https://media-polesye.by/news/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::16b Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://media-polesye.by/news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 05 Apr 2020 21:41:11 GMT
x-content-type-options: nosniff
access-control-allow-origin: null
location: https://ads.adfox.ru/330607/getBulkTest/v2?yandexuid=14068254678769787370&sign=ac810a2ef203ea72371fe2afbf8ff0e9&rqs=AAAAAAAAAAB3UIpelOUHledkCHf5eoD8&matchid-br=1
status: 302
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 0

Redirect headers

date: Sun, 05 Apr 2020 21:41:11 GMT
x-content-type-options: nosniff
status: 302
location: https://ads.adfox.ru/330607/getBulkTest/v2?yandexuid=14068254678769787370&sign=ac810a2ef203ea72371fe2afbf8ff0e9&rqs=AAAAAAAAAAB3UIpelOUHledkCHf5eoD8&matchid-br=1
access-control-allow-origin: null
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 0

POST
H/1.1 200
OK 1
mc.yandex.ru/watch/53635162/ 43 B
539 B 43ms
42ms Other
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/53635162/1?page-url=https%3A%2F%2Fmedia-polesye.by%2Fnews%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Ans%3A1586122870829%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Az%3A120%3Ai%3A20200405234111%3Aet%3A1586122872%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Apa%3A1%3Arn%3A235619417%3Ahid%3A1001736361%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%3Agdpr%3A14%3Av%3A1837%3Awv%3A2%3Ast%3A1586122872%3Au%3A1586122872216987043%3App%3A3629563401

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://media-polesye.by/news/
Origin: https://media-polesye.by
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sun, 05 Apr 2020 21:41:11 GMT
Last-Modified: Sun, 05-Apr-2020 21:41:11 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Access-Control-Allow-Origin: https://media-polesye.by
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: Sun, 05-Apr-2020 21:41:11 GMT

GET
H2 200 v2 Show response
ads.adfox.ru/330607/getBulkTest/ 52 KB
19 KB 257ms
256ms XHR
application/json 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adfox.ru/330607/getBulkTest/v2?yandexuid=14068254678769787370&sign=ac810a2ef203ea72371fe2afbf8ff0e9&rqs=AAAAAAAAAAB3UIpelOUHledkCHf5eoD8&matchid-br=1

Requested by

Host: media-polesye.by
URL: https://media-polesye.by/news/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

4eada13a5f05e40ac2d74bf00151fced60150f4ce882692ab3fea20181b26262

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://media-polesye.by/news/
Origin: null
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Apr 2020 21:41:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
status: 200
content-type: application/json
access-control-allow-origin: null
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 banner_dfp.js Show response
yastatic.net/pcode-bundles/0.1637/banner_dfp/ 96 KB
23 KB 41ms
40ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/pcode-bundles/0.1637/banner_dfp/banner_dfp.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.8 /

Resource Hash

7db85bed172e0fe1768a7850fcbdd8360f0f241fb2d7c4ce02944f95785b3a75

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://media-polesye.by/news/
Origin: https://media-polesye.by
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 05 Apr 2020 21:41:11 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=43200000; includeSubDomains;
content-length: 23483
timing-allow-origin: *
last-modified: Fri, 03 Apr 2020 13:23:13 GMT
server: nginx/1.17.8
etag: "d9b9c79e50748e084da218bb74a501dd"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=216013
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 08 Apr 2020 09:37:36 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 274D 43 KB
15 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode-bundles/0.1637/banner_dfp/banner_dfp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f383fac1daa00f952f4e8f303206b76a2e97b3d66d8c002a2a96a292af6e175c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://media-polesye.by/news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 05 Apr 2020 21:41:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "478 / 825 of 1000 / last-modified: 1585943864"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 14689
x-xss-protection: 0
expires: Sun, 05 Apr 2020 21:41:12 GMT

GET
H2 204 event
ads.adfox.ru/330607/ 0
34 B 98ms
97ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/330607/event?hash=4922a0aa83635a60&rand=djrepxg&pm=bmo&dm-lite=1&ad-session-id=458021586122871368&lts=fdmxrpv&pxo=w-ffoSULpvp6ulCvc17JEPDUWwEV9gBLGqisDguyE2QefQ_TjPGjh_q-LvPO0Pk2yxUBiKG63drYvwJXXdN7wUXvxFAXoW0mRIf1qFv7wwxYpmxxO7fyhRZSt4gHTttGmSnFNmwDPvcGdVfCKKTZX4oUpgsI6WkkhwL1xi9fQ-2iIFuJfWoaKw%3D%3D&ytt=337000314963989&p2=y&rtb-si=b&ylv=0.1638&dl=https%3A%2F%2Fmedia-polesye.by%2Fnews%2F&ybv=0.1637&p5=hvmsw&pr=kyonfuo&p1=cikox&rqs=AAAAAAAAAAB3UIpeTy1b3Jo72e5E3-DT

Requested by

Host: media-polesye.by
URL: https://media-polesye.by/news/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://media-polesye.by/news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 204
date: Sun, 05 Apr 2020 21:41:12 GMT
x-content-type-options: nosniff
access-control-allow-origin: *
timing-allow-origin: *

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 274D 109 B
171 B 16ms
15ms Script
application/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=media-polesye.by

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://media-polesye.by/news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 05 Apr 2020 21:41:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 274D 109 B
171 B 20ms
20ms Script
application/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=media-polesye.by

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://media-polesye.by/news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 05 Apr 2020 21:41:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020032401.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 274D 168 KB
62 KB 143ms
75ms Script
text/javascript 172.217.22.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032401.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

sffe /

Resource Hash

123d4b411f97e36f72e2f44be0b18944489e908ff159f59ab8aba984c69517fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://media-polesye.by/news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 05 Apr 2020 21:41:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 24 Mar 2020 13:43:01 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 62966
x-xss-protection: 0
expires: Sun, 05 Apr 2020 21:41:12 GMT

GET
H2 200 banner_direct.js Show response
yastatic.net/pcode-bundles/0.1637/banner_direct/ 53 KB
13 KB 40ms
39ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/pcode-bundles/0.1637/banner_direct/banner_direct.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.8 /

Resource Hash

ae092043973b507ff20ba29bef01948bc684efd9d2e1613f7a225a9c347c07cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://media-polesye.by/news/
Origin: https://media-polesye.by
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 05 Apr 2020 21:41:12 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=43200000; includeSubDomains;
content-length: 13020
timing-allow-origin: *
last-modified: Fri, 03 Apr 2020 13:23:13 GMT
server: nginx/1.17.8
etag: "90fa786d32fcf34a44df26fd32fc6976"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=216013
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 08 Apr 2020 09:40:04 GMT

GET
H2 200 f3df3362ed4280339b8f.js Show response
an.yandex.ru/partner-code-bundles/10800/ 59 KB
16 KB 86ms
86ms Script
text/javascript 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/partner-code-bundles/10800/f3df3362ed4280339b8f.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

05d413fadbbb4292a3acd302fd35dd4701b46938dc75d3b2794c5e458947befb

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;, max-age=31536000

Request headers

Referer: https://media-polesye.by/news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 05 Apr 2020 21:41:12 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=43200000; includeSubDomains;, max-age=31536000
content-length: 15597
timing-allow-origin: *
last-modified: Fri, 03 Apr 2020 07:23:46 GMT
server: nginx/1.12.2
etag: "57e1cc5126f40f22afa29b3cedc66f6c"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=216013
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nofollow
expires: Mon, 06 Apr 2020 03:32:41 GMT

GET
H2 200 context_static.js Show response
an.yandex.ru/partner-code-bundles/10800/ 1 MB
186 KB 85ms
85ms Script
text/javascript 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/partner-code-bundles/10800/context_static.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

1f050d5eb062529ca069291fa74925c84b970f9981ca451591534c555efec468

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;, max-age=31536000

Request headers

Referer: https://media-polesye.by/news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 05 Apr 2020 21:41:12 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=43200000; includeSubDomains;, max-age=31536000
content-length: 189572
timing-allow-origin: *
last-modified: Fri, 03 Apr 2020 07:23:46 GMT
server: nginx/1.12.2
etag: "814840e084c7b458974eb26f2d0e2eec"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=216013
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nofollow
expires: Mon, 06 Apr 2020 03:32:43 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 274D 4 KB
3 KB 222ms
222ms XHR
text/plain 172.217.22.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1440538250239907&correlator=1368143859513800&output=ldjh&impl=fifs&adsid=NT&eid=21062797%2C21065686&vrg=2020032401&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200405&iu_parts=21881731037%2CDM320%2C21952411170&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x90%7C2x1&cust_params=CPM_21941615301%3D3.2&cookie_enabled=1&cdm=media-polesye.by&bc=31&abxe=1&lmt=1586122872&dt=1586122872240&dlt=1586122872006&idt=224&ea=0&frm=23&biw=1600&bih=1200&isw=970&ish=90&oid=3&adxs=315&adys=0&adks=1722700510&ucis=4xvqola4sk34&ifi=1&ifk=986188983&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fmedia-polesye.by%2Fnews%2F&top=https%3A%2F%2Fmedia-polesye.by%2Fnews%2F&dssz=7&icsg=170&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x90&msz=970x-1&ga_vid=1863524063.1586122871&ga_sid=1586122872&ga_hid=804764288&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

cafe /

Resource Hash

fca5e936b1433ebe6824d447e77ab659743fb559db8db88fd7a5b127f4fb7d90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://media-polesye.by/news/
Origin: https://media-polesye.by
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 05 Apr 2020 21:41:12 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 2038
x-xss-protection: 0
google-lineitem-id: 5331387813
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138307210900
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://media-polesye.by
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020032401.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 274D 66 KB
24 KB 70ms
69ms Script
text/javascript 172.217.22.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032401.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

sffe /

Resource Hash

0290a012deb1b25451f5211d8cb8b40d8fa6f3942d23ecc12d96670e4c0ed7a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://media-polesye.by/news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 05 Apr 2020 21:41:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 24 Mar 2020 13:43:01 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 24573
x-xss-protection: 0
expires: Sun, 05 Apr 2020 21:41:12 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 274D 0
0 17ms
6ms Other
text/html 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032401.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://media-polesye.by/news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.69/ 29 KB
8 KB 36ms
36ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.69/host.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/partner-code-bundles/10800/context_static.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.8 /

Resource Hash

9fa8c2bb49f0e9e391d87f70459663c0e3898f32d4506c81239151b9c0b870d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://media-polesye.by/news/
Origin: https://media-polesye.by
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 05 Apr 2020 21:41:12 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=43200000; includeSubDomains;
content-length: 8104
timing-allow-origin: *
last-modified: Tue, 20 Aug 2019 11:55:41 GMT
server: nginx/1.17.8
etag: "901e860c36afb614c88b40352db2214f"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=216013
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 08 Apr 2020 09:39:46 GMT

GET
DATA 200
OK truncated
/ 333 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f1e572871055c1d0e152936f664d5fb075f505b99b412a4776f65a7abe80b505

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

POST
H/1.1 200
OK 521671 Show response
mc.yandex.ru/watch/ 35 B
586 B 42ms
42ms XHR
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/521671?wmode=7&cnt-class=1&nohit=1&page-url=https%3A%2F%2Fmedia-polesye.by%2Fnews%2F&charset=utf-8&browser-info=ti%3A10%3Adp%3A1%3Ans%3A1586122870829%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A2%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200405234111%3Aet%3A1586122873%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aad%3A1%3Apv%3A1%3Arn%3A645420124%3Ahid%3A1001736361%3Agdpr%3A14%3Aeu%3A1%3Av%3A1837%3Awv%3A2%3Ast%3A1586122873%3Au%3A1586122872216987043%3At%3A%D0%A1%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0%20%D0%BD%D0%B5%20%D0%BD%D0%B0%D0%B9%D0%B4%D0%B5%D0%BD%D0%B0%20%E2%80%94%20%D0%9C%D0%B5%D0%B4%D0%B8%D0%B0-%D0%9F%D0%BE%D0%BB%D0%B5%D1%81%D1%8C%D0%B5%20%E2%80%94%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%B8%20%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%B0%20%D0%9F%D0%B8%D0%BD%D1%81%D0%BA%D0%B0%2C%20%D0%9B%D1%83%D0%BD%D0%B8%D0%BD%D1%86%D0%B0%2C%20%D0%A1%D1%82%D0%BE%D0%BB%D0%B8%D0%BD%D0%B0

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://media-polesye.by/news/
Origin: https://media-polesye.by
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Sun, 05 Apr 2020 21:41:12 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 05-Apr-2020 21:41:12 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=31536000
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://media-polesye.by
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 35
X-XSS-Protection: 1; mode=block
Expires: Sun, 05-Apr-2020 21:41:12 GMT

POST
H/1.1 200
OK 1
mc.yandex.ru/watch/521671/ 43 B
539 B 43ms
43ms Other
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/521671/1?cnt-class=1&page-url=https%3A%2F%2Fmedia-polesye.by%2Fnews%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1586122870829%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A2%3Az%3A120%3Ai%3A20200405234112%3Aet%3A1586122873%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Apa%3A1%3Arn%3A525074792%3Ahid%3A1001736361%3Ads%3A0%2C110%2C195%2C2%2C0%2C0%2C0%2C294%2C5%2C%2C%2C%2C608%3Afp%3A572%3Agdpr%3A14%3Aeu%3A1%3Av%3A1837%3Awv%3A2%3Ast%3A1586122873%3Au%3A1586122872216987043

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://media-polesye.by/news/
Origin: https://media-polesye.by
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sun, 05 Apr 2020 21:41:12 GMT
Last-Modified: Sun, 05-Apr-2020 21:41:12 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Access-Control-Allow-Origin: https://media-polesye.by
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: Sun, 05-Apr-2020 21:41:12 GMT

POST
H/1.1 200
OK 521671
mc.yandex.ru/watch/ 43 B
539 B 50ms
50ms Other
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/521671?cnt-class=1&page-url=https%3A%2F%2Fmedia-polesye.by%2Fnews%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1586122870829%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A2%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200405234112%3Aet%3A1586122873%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Apv%3A1%3Arn%3A108568742%3Ahid%3A1001736361%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1837%3Awv%3A2%3Ast%3A1586122873%3Au%3A1586122872216987043%3At%3A%D0%A1%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0%20%D0%BD%D0%B5%20%D0%BD%D0%B0%D0%B9%D0%B4%D0%B5%D0%BD%D0%B0%20%E2%80%94%20%D0%9C%D0%B5%D0%B4%D0%B8%D0%B0-%D0%9F%D0%BE%D0%BB%D0%B5%D1%81%D1%8C%D0%B5%20%E2%80%94%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%B8%20%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%B0%20%D0%9F%D0%B8%D0%BD%D1%81%D0%BA%D0%B0%2C%20%D0%9B%D1%83%D0%BD%D0%B8%D0%BD%D1%86%D0%B0%2C%20%D0%A1%D1%82%D0%BE%D0%BB%D0%B8%D0%BD%D0%B0

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://media-polesye.by/news/
Origin: https://media-polesye.by
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sun, 05 Apr 2020 21:41:12 GMT
Last-Modified: Sun, 05-Apr-2020 21:41:12 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Access-Control-Allow-Origin: https://media-polesye.by
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: Sun, 05-Apr-2020 21:41:12 GMT

GET
H2 200 wy300
avatars.mds.yandex.net/get-direct/400924/oU2bEAJLsgTxw-VKFBCv4A/ 21 KB
21 KB 141ms
46ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/400924/oU2bEAJLsgTxw-VKFBCv4A/wy300
Requested by: Host: media-polesye.by
URL: https://media-polesye.by/news/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: f182956d885d37e0e718fb9353f2257177ccfc434654422cd83d04fd6f88f612

Request headers

Referer: https://media-polesye.by/news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 05 Apr 2020 21:41:12 GMT
last-modified: Tue, 08 May 2018 08:31:34 GMT
server: nginx
access-control-allow-origin: *
content-type: image/webp
status: 200
cache-control: max-age=604800,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 21718
x-request-id: 641da9b5488cccdf

GET
H2 200 y300
avatars.mds.yandex.net/get-direct/168557/FRxZfZp0xXkZWH1GzrKhkw/ 21 KB
21 KB 188ms
93ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/168557/FRxZfZp0xXkZWH1GzrKhkw/y300
Requested by: Host: media-polesye.by
URL: https://media-polesye.by/news/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 787de8492ee6c33bd3128023627617c2ffb441a6516ad787efca0910a849bda5

Request headers

Referer: https://media-polesye.by/news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 05 Apr 2020 21:41:12 GMT
last-modified: Sun, 03 Dec 2017 23:42:18 GMT
server: nginx
access-control-allow-origin: *
content-type: image/webp
status: 200
cache-control: max-age=604800,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 21202
x-request-id: 7f18329c4c27fee

GET
H2 200 wy300
avatars.mds.yandex.net/get-direct/126208/wluEKCO39f_w60Y0CB7WbQ/ 19 KB
19 KB 232ms
137ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/126208/wluEKCO39f_w60Y0CB7WbQ/wy300
Requested by: Host: media-polesye.by
URL: https://media-polesye.by/news/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: a00912aae427fc3d62ae8b2c46b26fcecb7c5734ae471af4540d466f25d41113

Request headers

Referer: https://media-polesye.by/news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 05 Apr 2020 21:41:12 GMT
last-modified: Mon, 04 Dec 2017 01:16:44 GMT
server: nginx
access-control-allow-origin: *
content-type: image/webp
status: 200
cache-control: max-age=604800,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 19648
x-request-id: 2529fe27d3d75aa2

GET
H2 200 y450
avatars.mds.yandex.net/get-direct/2754878/seN6FPEaUOxp7UgluJCNgA/ 39 KB
40 KB 233ms
138ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/2754878/seN6FPEaUOxp7UgluJCNgA/y450
Requested by: Host: media-polesye.by
URL: https://media-polesye.by/news/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 23ad53d8a527db762d2e6f8bed8a810f78ae63e75c58f79750c6b011e2de4e29

Request headers

Referer: https://media-polesye.by/news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 05 Apr 2020 21:41:12 GMT
last-modified: Sat, 18 Jan 2020 22:03:43 GMT
server: nginx
access-control-allow-origin: *
content-type: image/webp
status: 200
cache-control: max-age=604800,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 40342
x-request-id: b75fa9a04b6fd46a

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame C3F3 0
0 6ms
5ms Document
text/html 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://media-polesye.by/news/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://media-polesye.by/news/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Sun, 05 Apr 2020 11:58:17 GMT
expires: Mon, 05 Apr 2021 11:58:17 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 34975
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 274D 74 KB
27 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3647b49a385374990c3b8a8ffcc1e7979ef25a7029b3711ac37e1eebb370e6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://media-polesye.by/news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 05 Apr 2020 21:41:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1585953408266222"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 27981
x-xss-protection: 0
expires: Sun, 05 Apr 2020 21:41:12 GMT

GET
H2 204 event
ads.adfox.ru/330607/ 0
14 B 93ms
93ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/330607/event?hash=ae005337bc07365d&rand=gvgjzuq&pm=bmv&dm-lite=1&ad-session-id=458021586122871368&lts=fdmxrpv&pxo=w-ffoSULpvp6ulCvc17JEPDUWwEV9gBLGqisDguyE2QefQ_TjPGjh_q-LvPO0Pk2yxUBiKG63drYvwJXXdN7wUXvxFAXoW0mRIf1qFv7wwxYpmxxO7fyhRZSt4gHTttGmSnFNmwDPvcGdVfCKKTZX4oUpgsI6WkkhwL1xi9fQ-2iIFuJfWoaKw%3D%3D&ytt=337000314963989&p2=y&rtb-si=b&ylv=0.1638&dl=https%3A%2F%2Fmedia-polesye.by%2Fnews%2F&ybv=0.1637&p5=hvmsw&pr=kyonfuo&p1=cikox&rqs=AAAAAAAAAAB3UIpeTy1b3Jo72e5E3-DT&creative-id=138307210900&google-width=2&google-height=1

Requested by

Host: media-polesye.by
URL: https://media-polesye.by/news/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://media-polesye.by/news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 204
date: Sun, 05 Apr 2020 21:41:12 GMT
x-content-type-options: nosniff
access-control-allow-origin: *
timing-allow-origin: *

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 274D 7 KB
6 KB 31ms
18ms XHR
application/json 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020032401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e2e287a4a80bf39aa6f897126e4eea0f7ccddbdbff059c8a0db6b6171e087f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://media-polesye.by/news/
Origin: https://media-polesye.by
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 05 Apr 2020 21:41:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5162
x-xss-protection: 0

GET
H2 200 render.html
yastatic.net/safeframe-bundles/0.69/1-1-0/ Frame ABD8 0
0 36ms
36ms Document
text/html 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.69/1-1-0/render.html

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.69/host.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.8 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

:method: GET
:authority: yastatic.net
:scheme: https
:path: /safeframe-bundles/0.69/1-1-0/render.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://media-polesye.by/news/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://media-polesye.by/news/

Response headers

status: 200
server: nginx/1.17.8
date: Sun, 05 Apr 2020 21:41:12 GMT
content-type: text/html
content-length: 6026
timing-allow-origin: *
vary: Accept-Encoding
access-control-allow-origin: *
etag: "f883bd7781c332870c9968db60e89349"
expires: Wed, 08 Apr 2020 09:39:41 GMT
last-modified: Tue, 20 Aug 2019 11:55:41 GMT
cache-control: public, max-age=216013
content-encoding: br
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
accept-ranges: bytes

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 274D 14 KB
5 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://media-polesye.by/news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 05 Apr 2020 21:41:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Sun, 05 Apr 2020 21:41:12 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 329A 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://media-polesye.by/news/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://media-polesye.by/news/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Sun, 05 Apr 2020 21:10:18 GMT
expires: Mon, 05 Apr 2021 21:10:18 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1854
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 v2 Show response
ads.adfox.ru/330607/getBulkTest/ 26 KB
10 KB 108ms
108ms XHR
application/json 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adfox.ru/330607/getBulkTest/v2?bids=W10%3D&date=2020-04-05T23%3A41%3A11.366%2B02%3A00&dl=https%3A%2F%2Fmedia-polesye.by%2Fnews%2F&enable-flat-highlight=1&extid_loader=&extid_tag_loader=media-polesye.by&grab=dNCh0YLRgNCw0L3QuNGG0LAg0L3QtSDQvdCw0LnQtNC10L3QsCDigJQg0JzQtdC00LjQsC3Qn9C-0LvQtdGB0YzQtSDigJQg0L3QvtCy0L7RgdGC0Lgg0Lgg0YDQtdC60LvQsNC80LAg0J_QuNC90YHQutCwLCDQm9GD0L3QuNC90YbQsCwg0KHRgtC-0LvQuNC90LAK&is-turbo=0&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22width%22%3A1110%2C%22height%22%3A0%2C%22left%22%3A245%2C%22top%22%3A0%2C%22visible%22%3A1%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&p2=y&pd=5&pdh=1200&pdw=1600&pp=g&pr=3380940850&pr1=3212914318&prr=&ps=dubc&pv=23&pw=0&skip-token=&slotNumber=1&utf8=%E2%9C%93&ybv=0.1637&ylv=0.1638&ytt=337000314963989&lvlfrom=20&rqs=AAAAAAAAAAB3UIpeTy1b3Jo72e5E3-DT&rtb-si=1&dmv=2&csl=&ad-session-id=458021586122871368&rtb-answer-hash=9206657103466284672&usgn=AXmMhnmrC_iIeTVoah3AviWq-UUFn-z3j55TLOOjpHfv

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

466152547bc75c2815e6d68fd4d0f201a6fd75fd73cb4831bc24e6b99e670bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://media-polesye.by/news/
Origin: https://media-polesye.by
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Apr 2020 21:41:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
status: 200
content-type: application/json
access-control-allow-origin: https://media-polesye.by
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 204 event
ads.adfox.ru/330607/ 0
14 B 95ms
94ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/330607/event?hash=7f499e6053b32668&rand=jnspfhi&pm=bmt&dm-lite=1&ad-session-id=458021586122871368&lts=fdmxrpv&pxo=w-ffoSULpvp6ulCvc17JEPDUWwEV9gBLGqisDguyE2QefQ_TjPGjh_q-LvPO0Pk2yxUBiKG63drYvwJXXdN7wUXvxFAXoW0mRIf1qFv7wwxYpmxxO7fyhRZSt4gHTttGmSnFNmwDPvcGdVfCKKTZX4oUpgsI6WkkhwL1xi9fQ-2iIFuJfWoaKw%3D%3D&ytt=337000314963989&p2=y&rtb-si=b&ylv=0.1638&dl=https%3A%2F%2Fmedia-polesye.by%2Fnews%2F&ybv=0.1637&p5=hvmsw&pr=kyonfuo&p1=cikox&rqs=AAAAAAAAAAB3UIpeTy1b3Jo72e5E3-DT

Requested by

Host: media-polesye.by
URL: https://media-polesye.by/news/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://media-polesye.by/news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 204
date: Sun, 05 Apr 2020 21:41:12 GMT
x-content-type-options: nosniff
access-control-allow-origin: *
timing-allow-origin: *

GET
H2 200 wy300
avatars.mds.yandex.net/get-direct/400924/oU2bEAJLsgTxw-VKFBCv4A/ 21 KB
21 KB 127ms
42ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/400924/oU2bEAJLsgTxw-VKFBCv4A/wy300
Requested by: Host: an.yandex.ru
URL: https://an.yandex.ru/partner-code-bundles/10800/context_static.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: f182956d885d37e0e718fb9353f2257177ccfc434654422cd83d04fd6f88f612

Request headers

Referer: https://media-polesye.by/news/
Origin: https://media-polesye.by
Sec-Fetch-Dest: image
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 05 Apr 2020 21:41:12 GMT
last-modified: Tue, 08 May 2018 08:31:34 GMT
server: nginx
access-control-allow-origin: *
content-type: image/webp
status: 200
cache-control: max-age=604800,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 21718
x-request-id: 22edaf79a5496db7

GET
H2 200 y300
avatars.mds.yandex.net/get-direct/168557/FRxZfZp0xXkZWH1GzrKhkw/ 21 KB
21 KB 162ms
83ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/168557/FRxZfZp0xXkZWH1GzrKhkw/y300
Requested by: Host: an.yandex.ru
URL: https://an.yandex.ru/partner-code-bundles/10800/context_static.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 787de8492ee6c33bd3128023627617c2ffb441a6516ad787efca0910a849bda5

Request headers

Referer: https://media-polesye.by/news/
Origin: https://media-polesye.by
Sec-Fetch-Dest: image
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 05 Apr 2020 21:41:12 GMT
last-modified: Sun, 03 Dec 2017 23:42:18 GMT
server: nginx
access-control-allow-origin: *
content-type: image/webp
status: 200
cache-control: max-age=604800,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 21202
x-request-id: 9fa1f282eea466be

GET
H2 200 wy150
avatars.mds.yandex.net/get-direct/400924/oU2bEAJLsgTxw-VKFBCv4A/ 8 KB
9 KB 46ms
46ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/400924/oU2bEAJLsgTxw-VKFBCv4A/wy150
Requested by: Host: media-polesye.by
URL: https://media-polesye.by/news/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: adf6ae9beac11bcbf221e3f2a38467ec3de7621bb05dd3dfd3c265b0a1d79832

Request headers

Referer: https://media-polesye.by/news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 05 Apr 2020 21:41:12 GMT
last-modified: Tue, 08 May 2018 08:31:34 GMT
server: nginx
access-control-allow-origin: *
content-type: image/webp
status: 200
cache-control: max-age=604800,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 8614
x-request-id: 1255a88be8a8c74b

GET
H2 200 wy300
avatars.mds.yandex.net/get-direct/126208/wluEKCO39f_w60Y0CB7WbQ/ 19 KB
19 KB 124ms
124ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/126208/wluEKCO39f_w60Y0CB7WbQ/wy300
Requested by: Host: an.yandex.ru
URL: https://an.yandex.ru/partner-code-bundles/10800/context_static.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: a00912aae427fc3d62ae8b2c46b26fcecb7c5734ae471af4540d466f25d41113

Request headers

Referer: https://media-polesye.by/news/
Origin: https://media-polesye.by
Sec-Fetch-Dest: image
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 05 Apr 2020 21:41:12 GMT
last-modified: Mon, 04 Dec 2017 01:16:44 GMT
server: nginx
access-control-allow-origin: *
content-type: image/webp
status: 200
cache-control: max-age=604800,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 19648
x-request-id: 5b1ee45495c0fcd1

GET
H2 200 y450
avatars.mds.yandex.net/get-direct/2754878/seN6FPEaUOxp7UgluJCNgA/ 39 KB
40 KB 125ms
125ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/2754878/seN6FPEaUOxp7UgluJCNgA/y450
Requested by: Host: an.yandex.ru
URL: https://an.yandex.ru/partner-code-bundles/10800/context_static.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 23ad53d8a527db762d2e6f8bed8a810f78ae63e75c58f79750c6b011e2de4e29

Request headers

Referer: https://media-polesye.by/news/
Origin: https://media-polesye.by
Sec-Fetch-Dest: image
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 05 Apr 2020 21:41:12 GMT
last-modified: Sat, 18 Jan 2020 22:03:43 GMT
server: nginx
access-control-allow-origin: *
content-type: image/webp
status: 200
cache-control: max-age=604800,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 40342
x-request-id: af8703708f5fba8e

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
5 KB 19ms
18ms XHR
application/json 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200401&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200401/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

74d38fdd19ed165c1d8983868e96ff69f0a1548ccd6e7a7b0c2276fa454ab15a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://media-polesye.by/news/
Origin: https://media-polesye.by
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 05 Apr 2020 21:41:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5244
x-xss-protection: 0

POST
H/1.1 200
OK tracker
top-fwz1.mail.ru/ 43 B
1 KB 68ms
68ms Other
image/gif 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=3141509;u=https%3A//media-polesye.by/news/;st=1586122871437;s=1600*1200;vp=1600*1200;touch=0;hds=1;flash=;sid=a90f98f4fe173cfd;ver=60.1.0;tz=-120%2FEurope%2FBerlin;nt=0/0/1586122870829/////0/1/1/1/111/22/112/307/309/314/608/608/613/2134/2134/;ni=10//4g/0/0/;lvid=1586122871648%3A1586122872969%3A2%3A108dceb10f4c6418499532f41216c471;opts=dl;_=0.7903767884120287;e=RT/load;et=1586122872967

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://media-polesye.by/news/
Origin: https://media-polesye.by
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sun, 05 Apr 2020 21:41:13 GMT
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection: keep-alive
Content-Length: 43
Keep-Alive: timeout=60
Pragma: no-cache
AMP-Access-Control-Allow-Source-Origin: https://media-polesye.by
Server: nginx
Access-Control-Allow-Methods: GET, POST, HEAD, PUT, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://media-polesye.by
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Cache-control: private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials: true
Accept-CH-Lifetime: 86400
Accept-CH: DPR, Width, Viewport-Width, Downlink, Device-Memory
Timing-Allow-Origin: https://media-polesye.by
Access-Control-Allow-Headers: *

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
5 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200401/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://media-polesye.by/news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 05 Apr 2020 21:41:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Sun, 05 Apr 2020 21:41:12 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame A285 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://media-polesye.by/news/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://media-polesye.by/news/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Sun, 05 Apr 2020 21:10:18 GMT
expires: Mon, 05 Apr 2021 21:10:18 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1855
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
60 B 15ms
15ms Image
image/gif 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200401&jk=2514341274216289&bg=!j4yljJRYZuKpgSPi3e8CAAAANFIAAAASmQFci2JxgyVII6-e9hs42nbZah-CSzVTTQjVf5mE2tMB_bp9oCKdx349OlKR-9OerofHRFhcVX5ppIPaupWYoIewtdTtYMCFh2uKBYoOPFnGO4_btIkZ0QxHue4hvjocDs7OMNjJnwh0e1T6IqLjqlVyXEGK0RH4IO7nIKuO2E7wWaUZZeO64XU2WR3VTm4bWiHj_tQOfB_23Gi1P0fs8YzzhOA0JMR_xG_CJr7jeRL79UCc6B4f3zonciQoHvBTOfhyIgLDjRSlrLitWlf0rUhihXnT6AK-BjetMhWIjcnekuYEaPLnbc1zJ4fg4beTfYukbO1aG0g46-47vuwmA5Q8WkPFYXpQkBcxgok8Xh1WDGvsmModXHfIwG1o3Ju4WIlj9-qOjFYNe3ot_UUbzkyx6V_cEOkUqVS5nEWMlRYWPQOucbae7hSHQhoiWmtROmfhCK2UGrG2EiRYlg26

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://media-polesye.by/news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sun, 05 Apr 2020 21:41:13 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1T6E3qz10PG100000000U9nJB7UG4bafS3x0S7EYZastgew4PNb0Lnm347Z2H49jVzlwnHx_oiwGoWWKpzoSw1C84Yzb1V9gqu14AoE8d0gKLM2OoNYxa04C5ZAk2uEmLZBgQ49O6q4cJ0W14diPvGu8CXm5ornb10dVPMIGOM3uopYBYO5XBXD8P2dJAMO6XhLCl...
an.yandex.ru/rtbcount/ 43 B
318 B 44ms
44ms Image
image/gif 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/rtbcount/1T6E3qz10PG100000000U9nJB7UG4bafS3x0S7EYZastgew4PNb0Lnm347Z2H49jVzlwnHx_oiwGoWWKpzoSw1C84Yzb1V9gqu14AoE8d0gKLM2OoNYxa04C5ZAk2uEmLZBgQ49O6q4cJ0W14diPvGu8CXm5ornb10dVPMIGOM3uopYBYO5XBXD8P2dJAMO6XhLClq0wcSgl-7U3d7gMwJyGF6Lw0PHxnIHGzFThyUP41ePDkf5CanQnClnb0hchbHb4zZ8BW1p6339iBZCJo2b0KW7Y56QFIG5RJ2oYsQw2vU-2oP_C3axyOFbPB0gESE1a7EfPa9hZ7-gHavgIxUoHPfgQxsAna4MmtGAiU0NBnmMC6rZ-mm3Z3YJs0IJsJHP8G7omVyYI1WRtxD-oW09X0klK2GSQ6Yxu000CedeV?confirmTime=2100000&confirmRatio=1000000&test-tag=307863255777282&format-type=22&actual-format=41&rnd=8031399826444&renderWidth=1120&renderHeight=290

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://media-polesye.by/news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sun, 05 Apr 2020 21:41:14 GMT
last-modified: Sun, 05 Apr 2020 21:41:14 GMT
server: nginx/1.12.2
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif
status: 200
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 05 Apr 2020 21:41:14 GMT

GET
H2 200 WE8ejI_zO2C0nGO0D0jEFVizpGp6JmK08m4GW8200J5tK8fU000003YErp-80WMv0dOKmFXKYqjdy0AKdOxL0_050Q06p0791dT06XIf4CzGqGPtr4-BgH3FK5IpOKnHYoKi680A0OWA2QWAw0U82mgg2n0_nqZxis4001o5MGAIel0B1gWFiyEnuREnYPOOu0y1a...
an.yandex.ru/count/ 0
265 B 61ms
61ms Image
text/plain 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/count/WE8ejI_zO2C0nGO0D0jEFVizpGp6JmK08m4GW8200J5tK8fU000003YErp-80WMv0dOKmFXKYqjdy0AKdOxL0_050Q06p0791dT06XIf4CzGqGPtr4-BgH3FK5IpOKnHYoKi680A0OWA2QWAw0U82mgg2n0_nqZxis4001o5MGAIel0B1gWFiyEnuREnYPOOu0y1a13sgkFKhj_hsye1yzh2jnFW507m5S6AzkoZZxpyOu0MbP30W83GJCaM003mFme0WM0eovnbQoOwFieD5b8vciYOizREoIpyiH4qQJuPs303~1=WP4ejI_zOFu0FGm0H1HG_2dq_W6wvege3O01bzQeciNLpF4PY07OiCJ1Ff01dgd8_Z2O0TBIZC0ne06SgSZ-CAW1njACm36u0UIkazOQs07SdvGMu068khVYnjw-0Q02xFN_4e03eyAXjGc80ztghA49c0FqjWAm0z4gY0MztGoG1Uo83R05XV03k0M5y0F01Qob2eBA0U05FfW6lBhrYW6e1im1u0Ua3_470032zlg_2SaAPZYHjqoJzjaBis5CKOibB1Ze2xtT3AaCq27N7rP2k3_e31kO3TtuYTaFh2qkd5vHz3-04FgXoXBW4P6EuW7e4SQtkl6sfuMjIq0Sr40JFAyiPXozFvWJ0U0JXV03Y1Ir-ghhv_gT--a1e1I5y0Ee5Eo8_FREtmNe51ZG5Vpspjy5s1N1YlRieu-y_6EW5j2acVG5oHRmFz0MuiRUlW4J05jPmslcglxz5aBQxbZSHG0sHD_3ymQKhVh3ui_8zQrSI70IP0p-a3SsOi1Apr70v1hB6BzIEfEYm6JCCTWcYW00~1=WMSejI_zO181xGe0z13z7IbC4WBWivpM3801rx770eW1uTW1jgoO0y24FQ031B03AuW5fuuCa0MIfGom1Sxs4RW5p_OHm0MzemZ81Q-93D05_Rq1u0Ltg0RC0G7W1vm6yGS00C9axsf7BAtlFyaAQEnSax7AzzaBis5CKOibB1Ze2wUE3AaCeDzB9kj8mZ_e31kO3TtuYR0-W13YvOqBCE0HaOxY0UWHnhUwyRQdXQrBG1pKG5m4pXpSMRO_c1C1u1FFzX685BNwgkld-ftxwG6W5C_s4QWKagKCi1I3tOu1k1ImxAS1m1I0v9VG4iWK1DWKuAMhyGNe51ZG5U2bg_45s1N1YlRieu-y_6EW5j2acVG5oHRG5kB6thu15W3XnP1eR23aC1sMr-nTSug12dWL0k0P0W0nhrLrwFiPkKOh5m0W0iPa79SHmm0zXo7Fu9DVhPGcq3SxE0HdHm5EVpR2_OCkAXWiYW00~1=WPSejI_zO1O1RGm0n1FnYWf15WAOaCAI1e01el2G3OW1hzt5xocG0SxQykuec06qvh_s9g01qDhoxYYe0R3cl_Ock07OnfsO5lBZuRwO0y24FQ031h03yno81REM4P05vEaIi0NKv0Iu1TJa1C05dyaKo0MydGNG1O6Z0k05TwW6p041yGS00CBxvY9eFP_gFyaAl5dfavUl_FWAWBKOsGkpOKnHYoKi6EWBivOHY0pou-6-0QaCC7Bm0sMQr3_e31kO3TtuYN0zW13KrCiEcS2m4E0HaOxY0UWHnhUwyRQdXQrBG1pKGAMG-gkDPyW_c1C1u1FKv0I85BNwgkld-ftxwG6W5DJa1AWKvEaIi1I0_AG2k1I0ybV0582ur8uwzA2dz0Ne51ZG5VIWf_G5s1N1YlRieu-y_6EW5j2acVG5oHRG5lBZuRu15m3Z6F8mZLiqiDX0I64wh5sp7oN3A2uvnKxzkxh1xxm1sBXSgvOoh5o0-Lyi1ZAMOZBUl8Xf88YSvp044dnoSPNIkJkFwenKzAYUC1WiYW00~1=WNeejI_zOEO0XGi0T18kWz7uvW7i_UV02hhDpVb8a06qaFJeDvW1_hgIyZ-W0Sgyx-Wtg07UkfBoFxW1t9xOlnxO0PpVgHpW0OIfwmBe0QO1c0BgZeSNe0BiZeSNc0F0X3sW0mYm0vLjY0MZx06G1U2g1B05XOq1k0M5ZG701VZC0yW5c7NG1Vz2u0Ltc0RcvUs81gW6p041yGS008I1WhR7mml92fzPk6QNGVFu2e2r6DaBis5CKOibB1Ze2wFi0QaCW19gOyAxfR_e31kO3TtuYTaFW123gvSN2E0HaOxY0UWHnhUwyRQdXQrBG1pKG0dfgl1Zhge_c1C1u1E5ZG685BNwgkld-ftxwG6W58MD0QWKuAe4w1GOs1N1YlRieu-y_6EW5j2acVG5oHRG5kB6thu15W0z1m9z3OJSfSFIchqRGsG9mqCn0WOGS42dCm2sQWc0FoFVid8XmSaWZnQJRIn638B0ekSvp4OhfRF0y5FpFioC_89j0Wu0~1?stat-id=5&test-tag=307863482292225&format-type=22&actual-format=41&banner-test-tags=eyI2NTc1MTYzOTgzIjoiMzQzNTk3NzExMzciLCI1Mjg5NDQxOTY1IjoiMzQzNTk3NzExMzgiLCI1NDg0OTkyMTY3IjoiMzQzNTk3NzExMzkiLCI3NDkxOTc4MjY2IjoiMzQzNTk3NzExNDAifQ%3D%3D&renderWidth=1120&renderHeight=290&confirmTime=2100000&confirmRatio=1000000&wmode

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://media-polesye.by/news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sun, 05 Apr 2020 21:41:14 GMT
last-modified: Sun, 05 Apr 2020 21:41:14 GMT
server: nginx/1.12.2
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
status: 200
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 0
x-xss-protection: 1; mode=block
expires: Sun, 05 Apr 2020 21:41:14 GMT

GET
H2 200 1PJ8090W0N0100000000U9mplDvHuDQagYDXMHxG5SS019umaT3dYsfgOez_PMT8PGIAPrxliF06YPU2UBLfGAAL4KJEP6nZOW23XOnV626ibOpl80o6lOnB_ZCo70NphpA2fEyoCjWmCFnbd0NKDPS99BAKwGKp0yDQfWeW-opJVo1u2XPvnIGGS6pplEiT30m67...
an.yandex.ru/rtbcount/ 43 B
318 B 44ms
44ms Image
image/gif 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/rtbcount/1PJ8090W0N0100000000U9mplDvHuDQagYDXMHxG5SS019umaT3dYsfgOez_PMT8PGIAPrxliF06YPU2UBLfGAAL4KJEP6nZOW23XOnV626ibOpl80o6lOnB_ZCo70NphpA2fEyoCjWmCFnbd0NKDPS99BAKwGKp0yDQfWeW-opJVo1u2XPvnIGGS6pplEiT30m67yAO9YrYPVZBn0goc1b4zZ8B0Ccfp20ZvZA3tB0II2g0hTt8x34fO8k9HJJRLR3yNJ3vazd1YHyiFuj5mH4Ed8n3FGjIGoeDauozyisDKarTZNLTGXQop6wp02jUmTB6ke7bFmmmxa1Y7q1YtsI1-Fc3_KEMD32uP_-M1UJp2QnJ9nneQBZW0m0Ve79f?confirmTime=2101000&confirmRatio=1000000&test-tag=307863255777282&format-type=54&actual-format=40&rnd=6836352321766&renderWidth=1110&renderHeight=90

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://media-polesye.by/news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sun, 05 Apr 2020 21:41:15 GMT
last-modified: Sun, 05 Apr 2020 21:41:15 GMT
server: nginx/1.12.2
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif
status: 200
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 05 Apr 2020 21:41:15 GMT

GET
H2 200 WCWejI_zO000zGK0z0byVABdmevQD0K0004nTr2ANW00000uZjS_Y081kG9s5C3uL8jBP_02kjk4tmhm1G6W1im1gGVNY3XBWYKi6D070j08We20W0A02W682Wce2kW72IbnpDU8001XG5S2agBm2mQe3zUHmhEai8cM6E0F0P0GzghZrAxVwzlA0VFQmhSJu1G1y...
an.yandex.ru/count/ 0
265 B 47ms
46ms Image
text/plain 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/count/WCWejI_zO000zGK0z0byVABdmevQD0K0004nTr2ANW00000uZjS_Y081kG9s5C3uL8jBP_02kjk4tmhm1G6W1im1gGVNY3XBWYKi6D070j08We20W0A02W682Wce2kW72IbnpDU8001XG5S2agBm2mQe3zUHmhEai8cM6E0F0P0GzghZrAxVwzlA0VFQmhSJu1G1y1N1YlRieu-y_6E05fMGm820q4p95W00y3y8085WuigSDMac2ZpA3OfHELJ8c2jfvwWadW6Q0G00~1=WPGejI_zOFq0LGm0L1IVIMEw_G6wvege3O01bzQeciNLpF4PY07OiCJ1Ff01dgd8_Z2O0TBIZC0ne06SgSZ-CAW1njACm36u0UIkazOQs07SdvGMu068khVYnjw-0Q02xFN_4e03wUYfaWg80ylgu-WEc0FYxGIm0_WKY0NWk0kG1Scd3x05YCK4k0M8nGJ01Qob2jBi0U05FfW6lBhrYW6e1im1u0Ua3_470032zlg_2SaA1Qai7DDn-jaBruWuIu8bB1Ze2-2ugGn0Mm8Cw1RFF-WC0PWD_TX2Fw0Em8GzsG_WTiUEryptFu0G-g7A4k0HcutY0UWH-EkDZVB-okg-C8H0d9Kse2z7n3-O4m7W4uZ518WKYE_WX_xxqyfve1I8nGIe5Ccd_FREtmNe51ZG5Vpspjy5s1N1YlRieu-y_6EW5j2acVG5oHRG5kB6thu1501x6UBn25N_VWioYfPaRoa1r11zcH6he34OXDek_WoYtih50OT0TczCnZ4RCShcqoXhSetbWLyfdKbHO3Bc66mJHG00~1?stat-id=1&test-tag=307863679457281&format-type=54&actual-format=40&banner-test-tags=eyI2NTc1MTYzOTgzIjoiMzQzNTk3NzExMzcifQ%3D%3D&renderWidth=1110&renderHeight=90&confirmTime=2100000&confirmRatio=1000000&wmode

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://media-polesye.by/news/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sun, 05 Apr 2020 21:41:15 GMT
last-modified: Sun, 05 Apr 2020 21:41:15 GMT
server: nginx/1.12.2
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
status: 200
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 0
x-xss-protection: 1; mode=block
expires: Sun, 05 Apr 2020 21:41:15 GMT

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
yastatic.net/safeframe-bundles/0.69/1-1-0	1970-01-19 08:55:32	Name: pcssspb Value: 1
.media-polesye.by/	1970-01-19 16:34:54	Name: tmr_reqNum Value: 2
.media-polesye.by/	1970-01-19 08:35:24	Name: _ym_visorc_53635162 Value: b
yastatic.net/safeframe-bundles/0.69/1-1-0	1970-01-19 08:36:49	Name: afpix Value: 1
.media-polesye.by/	1970-01-19 17:20:58	Name: _ym_uid Value: 1586122872216987043
.media-polesye.by/	1970-01-19 08:36:34	Name: _ym_isad Value: 2
.media-polesye.by/	1970-01-20 02:06:34	Name: __gads Value: ID=2ae1d7cf3d52f338:T=1586122872:S=ALNI_Mb_uoleNK06ycny_oAFKLVfdHZJpA
.media-polesye.by/	1970-01-19 16:34:54	Name: tmr_lvidTS Value: 1586122871648
.media-polesye.by/	1970-01-19 08:35:24	Name: _ym_visorc_521671 Value: w
.doubleclick.net/	1970-01-19 17:56:58	Name: IDE Value: AHWqTUnoQIPMh1G-Afd2H2x5IQdKu3qz_kWUw2Ro90Zx-EsxR3-al8bNn4DCl7vW
.media-polesye.by/	1970-01-19 16:34:54	Name: tmr_lvid Value: 108dceb10f4c6418499532f41216c471
.media-polesye.by/	1970-01-19 17:20:58	Name: _ym_d Value: 1586122872
.media-polesye.by/	1970-01-19 08:35:22	Name: _gat_gtag_UA_30457381_1 Value: 1
.media-polesye.by/	1970-01-19 08:36:49	Name: _gid Value: GA1.2.129974131.1586122871
.media-polesye.by/	1970-01-20 02:06:34	Name: _ga Value: GA1.2.1863524063.1586122871

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://media-polesye.by/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 1) Message: JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.adfox.ru
adservice.google.com
adservice.google.de
an.yandex.ru
avatars.mds.yandex.net
counter.yadro.ru
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
informer.yandex.ru
matchid.adfox.yandex.ru
mc.yandex.ru
media-polesye.by
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
top-fwz1.mail.ru
tpc.googlesyndication.com
web.webpushs.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.nbrb.by
yastatic.net
172.217.22.98
178.172.136.207
195.181.175.55
217.69.133.145
2a00:1450:4001:81a::2001
2a00:1450:4001:81c::200e
2a00:1450:4001:81d::2008
2a00:1450:4001:81f::2002
2a00:1450:4001:820::2003
2a00:1450:4001:821::200a
2a02:6b8:20::215
2a02:6b8::16b
2a02:6b8::184
2a02:6b8::1:119
2a02:6b8::90
77.88.21.179
80.94.224.227
88.212.201.216
01ebeb3fcdc269ef402f29f9fba025d3266fcd5c54ae7bca44aaa7c2cf738d93
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
0290a012deb1b25451f5211d8cb8b40d8fa6f3942d23ecc12d96670e4c0ed7a5
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05d413fadbbb4292a3acd302fd35dd4701b46938dc75d3b2794c5e458947befb
0921a7dc8054b08e4b5dd8e6ca764c72370ef59b7a7bb80be61efdc320d077a8
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
123d4b411f97e36f72e2f44be0b18944489e908ff159f59ab8aba984c69517fe
171716e680cc00175812d003da81cad68fbfa5fbfbc0723c73c7907babf2cb70
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee
1b6863771c330f7b6a857dbfee3959d8e8c61c0e34f1e9ba5f6f38268d05573d
1e2e287a4a80bf39aa6f897126e4eea0f7ccddbdbff059c8a0db6b6171e087f4
1f050d5eb062529ca069291fa74925c84b970f9981ca451591534c555efec468
23ad53d8a527db762d2e6f8bed8a810f78ae63e75c58f79750c6b011e2de4e29
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2b2d86b4155092442bc7f653d52ad1cb2751c41faa6f6bad86d359cf557f31de
4251cb9ad90ac3754f9ee23490b5bc83d2ba1267d7f60445af69f57cbd44ab6f
4512a0f507a7df3a354a3f552a4b34e2e642ce0e4902c002dfd1ce55e33abce4
466152547bc75c2815e6d68fd4d0f201a6fd75fd73cb4831bc24e6b99e670bec
4842ef7436621848a836428439486a2f2e0b346ce5a8b4b9e3c79e46ac9032bf
4879d0d648f0a95018c816976aada4ad3e2f5ffa197e988cdc9b92957a592956
4eada13a5f05e40ac2d74bf00151fced60150f4ce882692ab3fea20181b26262
533e2cd8e98b3c23c5843d6868beae55941d5948be8374094f2e36c6144925de
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57a18ea15e5287a7953f68eee98e59ed3884a7a6d37e2318c457db6c90792893
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5f82734ab93780b4ee45a2fd866281b671827552defa03eda00920f66183cd26
72e758ad1a2cb8de7081057ac0cba524ad911ba81bc42ee24854c09dcc8517e0
74d38fdd19ed165c1d8983868e96ff69f0a1548ccd6e7a7b0c2276fa454ab15a
787de8492ee6c33bd3128023627617c2ffb441a6516ad787efca0910a849bda5
7db85bed172e0fe1768a7850fcbdd8360f0f241fb2d7c4ce02944f95785b3a75
7e117b45ccce9b4c70ffb8901c2dee7ca0db7e7bcae71a0285a0ce85cd857734
811e8960b8f79f14983e30df80a4ccc69d82430ccc0520d2a1a3d1405cfbb2a1
81238b811a07aa89584bd0600b00cb2241c1d168ea5716fde171b67713a41bac
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
91edf9b788c2aaf284f6a880211dff2ac1352d05c007ab91f9b5413b70f04740
943ae64f3cb50e20b1c74879d1ac8707bd0ec467b63f78d929007055099f69d1
9b254cfca4fe5a134b9effc194fe1e884852996a425bb762d03461d0291aea7e
9efb279963e8fa4331bc15854db8c60a3bad6f19035d32e22c8bad5149133846
9fa8c2bb49f0e9e391d87f70459663c0e3898f32d4506c81239151b9c0b870d6
9fd9256100a4d4ff9ece48f584f67f1e116d0747f9282a913dbf3b1b9128d2ad
a001f26da6f35d3db69329d245d12efc884b9ce5e9378737fa31d955858e81b0
a00912aae427fc3d62ae8b2c46b26fcecb7c5734ae471af4540d466f25d41113
a3647b49a385374990c3b8a8ffcc1e7979ef25a7029b3711ac37e1eebb370e6d
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
adf6ae9beac11bcbf221e3f2a38467ec3de7621bb05dd3dfd3c265b0a1d79832
ae092043973b507ff20ba29bef01948bc684efd9d2e1613f7a225a9c347c07cb
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
ba69c5839865614a91121084a0b4f07e5319de7637a6ebc5c30b60c33f151dc8
bef7f0a8213f9685468549895833f5e1a4e26568ab22865ce21793e39b614a03
c48deb07a2e6b4ca58a0099f5f556d7bd90a74e82e13f638e45010cd0d28c21e
c768728f133b19853c539d97dbf9ae20430ee6d7b1e31051777808b7957d0441
cc838f64df4a89f6387e1bcfecf8271ee720484a2b76fa94f24e9462ecd4e228
d18fa7761403604227fd7ad3843cc5e83e9d8df16252d06a4d0ecbd319eb0f3f
d85943f9a3e66ded0349113d8aaac99a3158b3e604f9c8041e82aea681ccdbcd
d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f
daf6c28c5a080458eba26ba64a95b1fcff823944d429ccb84e8a4f3a0baf05ca
e0974fd2c6ebe7ff6f794b625cdff0691a372f84668adc46502cd5dc34dbf753
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8936e10f2022700ffff2f5e75582c0330743e2e8de58b6f6a00ee61a2418df2
ea77330dcedcb5369ed0b2c02b75c4d12aba0e6c39036038d23aa3ac9a4d62ab
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b
f182956d885d37e0e718fb9353f2257177ccfc434654422cd83d04fd6f88f612
f1e572871055c1d0e152936f664d5fb075f505b99b412a4776f65a7abe80b505
f383fac1daa00f952f4e8f303206b76a2e97b3d66d8c002a2a96a292af6e175c
f3e042579e974bd37084618be3a9a65bc88cfc1f887d96bb2ed7aa5d6e7d3cce
f46d96d805c7e9e467422dfe516c43edb4632c0273cea26722fee7ba885f869e
f71089a6451d9363f1a9cf2c3b6e560e392c8337f8b3307ecac16bbc2b7a044a
fb980bbaffe93700d868f695d29c48586fd17e8954d35bc052bd53a599405ac9
fca5e936b1433ebe6824d447e77ab659743fb559db8db88fd7a5b127f4fb7d90

media-polesye.by Open in urlscan Pro 178.172.136.207 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

103 Requests

100 %HTTPS

61 %IPv6

18 Domains

23 Subdomains

19 IPs

4 Countries

1251 kBTransfer

3943 kBSize

15 Cookies

8 Outgoing links

Redirected requests

103 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

media-polesye.by Open in urlscan Pro
178.172.136.207 Public Scan

Screenshot
Live screenshot

Full Image

103
Requests

100 %
HTTPS

61 %
IPv6

18
Domains

23
Subdomains

19
IPs

4
Countries

1251 kB
Transfer

3943 kB
Size

15
Cookies

103 HTTP transactions
3 data transactions