gaigrodno.by Open in urlscan Pro
185.66.68.16 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://gaigrodno.by/
Effective URL:
https://gaigrodno.by/
Submission: On October 25 via api (October 25th 2022, 2:03:31 am UTC) from US — Scanned from DE

Summary HTTP 228 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 52 IPs in 11 countries across 61 domains to perform 228 HTTP transactions. The main IP is 185.66.68.16, located in Rechytsa, Belarus and belongs to BELPAK-AS BELPAK, BY. The main domain is gaigrodno.by.
TLS certificate: Issued by R3 on October 9th 2022. Valid for: 3 months.

This is the only time gaigrodno.by was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 12	185.66.68.16 185.66.68.16	6697 (BELPAK-AS...) (BELPAK-AS BELPAK)
6	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
8	2a02:6b8::274 2a02:6b8::274	208722 (GLOBAL_DC) (GLOBAL_DC)
10	2a02:6b8:20::215 2a02:6b8:20::215	208722 (GLOBAL_DC) (GLOBAL_DC)
4 21	193.3.184.137 193.3.184.137	50214 (QWARTA) (QWARTA)
2 16	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
10 43	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
6 21	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
3	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
3 5	188.42.196.115 188.42.196.115	7979 (SERVERS-COM) (SERVERS-COM)
1 1	193.3.184.211 193.3.184.211	50214 (QWARTA) (QWARTA)
3 3	193.232.150.150 193.232.150.150	48061 (UMA-TECH-AS) (UMA-TECH-AS)
1	2a00:1148:db0... 2a00:1148:db00::17	47764 (VK-AS) (VK-AS)
2 2	195.209.108.47 195.209.108.47	52007 (ADRIVER-AS) (ADRIVER-AS)
2 4	195.209.111.13 195.209.111.13	52007 (ADRIVER-AS) (ADRIVER-AS)
1	2606:4700:303... 2606:4700:3033::ac43:d997	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.88.82.46 23.88.82.46	24940 (HETZNER-AS) (HETZNER-AS)
1	37.18.103.16 37.18.103.16	205675 (HYBRID-AS) (HYBRID-AS)
2	185.15.175.159 185.15.175.159	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
2	88.99.28.61 88.99.28.61	24940 (HETZNER-AS) (HETZNER-AS)
3 3	148.251.237.106 148.251.237.106	24940 (HETZNER-AS) (HETZNER-AS)
2 2	136.243.48.22 136.243.48.22	24940 (HETZNER-AS) (HETZNER-AS)
4	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1 1	109.248.237.36 109.248.237.36	201009 (SUPPORTIT-AS) (SUPPORTIT-AS)
1	95.211.66.35 95.211.66.35	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	185.147.80.35 185.147.80.35	41722 (MIRAN-AS ...) (MIRAN-AS Miran DC)
2 3	95.216.101.186 95.216.101.186	24940 (HETZNER-AS) (HETZNER-AS)
1 1	46.243.172.93 46.243.172.93	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
1 1	176.122.21.226 176.122.21.226	48096 (ITGRAD) (ITGRAD)
1 1	37.9.245.57 37.9.245.57	16345 (BEE-AS Ru...) (BEE-AS Russia)
1 2	89.108.97.2 89.108.97.2	197695 (AS-REG) (AS-REG)
3 3	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
5 5	217.66.147.38 217.66.147.38	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
2 2	213.87.44.187 213.87.44.187	13174 (MTSNET Mo...) (MTSNET Moscow)
4 5	89.108.119.28 89.108.119.28	197695 (AS-REG) (AS-REG)
2 2	168.119.88.34 168.119.88.34	24940 (HETZNER-AS) (HETZNER-AS)
2 2	31.220.27.155 31.220.27.155	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 1	65.109.65.188 65.109.65.188	24940 (HETZNER-AS) (HETZNER-AS)
1	217.65.2.150 217.65.2.150	29076 (CITYTELEC...) (CITYTELECOM-AS Filanco LTD)
1	93.95.102.105 93.95.102.105	48347 (MTW-AS) (MTW-AS)
2 2	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
1 3	31.172.81.158 31.172.81.158	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	46.4.70.80 46.4.70.80	24940 (HETZNER-AS) (HETZNER-AS)
1	139.45.228.111 139.45.228.111	29470 (RETNNET-AS) (RETNNET-AS)
1 1	23.111.107.44 23.111.107.44	39134 (UNITEDNET) (UNITEDNET)
1	77.245.57.72 77.245.57.72	36057 (WEBAIR-IN...) (WEBAIR-INTERNET-MTL)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
24	2a02:6b8::2b8 2a02:6b8::2b8	208722 (GLOBAL_DC) (GLOBAL_DC)
3	2a02:6b8::184 2a02:6b8::184	208722 (GLOBAL_DC) (GLOBAL_DC)
2	2a02:6b8::36 2a02:6b8::36	208722 (GLOBAL_DC) (GLOBAL_DC)
3	2a02:6b8:a::a 2a02:6b8:a::a	208722 (GLOBAL_DC) (GLOBAL_DC)
6 6	185.15.175.130 185.15.175.130	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
2	95.163.52.67 95.163.52.67	47764 (VK-AS) (VK-AS)
1	2a02:6b8::5:114 2a02:6b8::5:114	208722 (GLOBAL_DC) (GLOBAL_DC)
1 1	35.177.4.157 35.177.4.157	16509 (AMAZON-02) (AMAZON-02)
1 2	52.31.4.32 52.31.4.32	16509 (AMAZON-02) (AMAZON-02)
3 5	54.171.45.210 54.171.45.210	16509 (AMAZON-02) (AMAZON-02)
1	52.45.175.185 52.45.175.185	14618 (AMAZON-AES) (AMAZON-AES)
1	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
1 1	2001:6d0:4001... 2001:6d0:4001::226	52016 (TNSMSK-) (TNSMSK-)
2	37.18.16.21 37.18.16.21	205675 (HYBRID-AS) (HYBRID-AS)
1 1	91.192.149.30 91.192.149.30	42481 (BEGUN-AS) (BEGUN-AS)
1	2606:4700:20:... 2606:4700:20::681a:e45	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	95.217.86.150 95.217.86.150	24940 (HETZNER-AS) (HETZNER-AS)
1 1	46.243.142.239 46.243.142.239	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
1 1	178.170.196.9 178.170.196.9	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
3	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
4 8	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
2 3	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
228	52

12 185.66.68.16 (Rechytsa, Belarus) 1 redirects

ASN6697 (BELPAK-AS BELPAK, BY)

gaigrodno.by	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:6b8::274 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

api-maps.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yandex.st	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 193.3.184.137 (Russian Federation) 4 redirects

ASN50214 (QWARTA, RU)
PTR: asrv321.qwarta.ru

www.acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 2a02:6b8::90 (Moscow, Russian Federation) 10 redirects

ASN208722 (GLOBAL_DC, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a02:6b8::1:119 (Moscow, Russian Federation) 6 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.by	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 188.42.196.115 (Luxembourg) 3 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.3.184.211 (Russian Federation) 1 redirects

ASN50214 (QWARTA, RU)

ssp-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.232.150.150 (Russian Federation) 3 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp5.senders.ntvplus.ru

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1148:db00::17 (Russian Federation)

ASN47764 (VK-AS, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.209.108.47 (Russian Federation) 2 redirects

ASN52007 (ADRIVER-AS, RU)

ad.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 195.209.111.13 (Russian Federation) 2 redirects

ASN52007 (ADRIVER-AS, RU)

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:d997 (United States)

ASN13335 (CLOUDFLARENET, US)

a.utraff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.88.82.46 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.46.82.88.23.clients.your-server.de

sync.republer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.18.103.16 (Netherlands)

ASN205675 (HYBRID-AS, DE)

dm-eu.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.159 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)

tag.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.99.28.61 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.61.28.99.88.clients.your-server.de

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 148.251.237.106 (Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-1.community.moscow

sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 136.243.48.22 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-22.community.moscow

633e9e86-c8ef-4786-835a-354a6cadc27e.sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.248.237.36 (Moscow, Russian Federation) 1 redirects

ASN201009 (SUPPORTIT-AS, RU)

stat.adlabs.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.211.66.35 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: hosted-by.leaseweb.com

adlmerge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.147.80.35 (Russian Federation) 1 redirects

ASN41722 (MIRAN-AS Miran DC, RU)
PTR: ssp2.bestssp.com

ssp.bestssp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.216.101.186 (Helsinki, Finland) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.186.101.216.95.clients.your-server.de

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.243.172.93 (Russian Federation) 1 redirects

ASN208677 (SBERCLOUD-AS, RU)
PTR: fr17.segmento.ru

sape-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.122.21.226 (Russian Federation) 1 redirects

ASN48096 (ITGRAD, RU)

ads.adlook.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.9.245.57 (Russian Federation) 1 redirects

ASN16345 (BEE-AS Russia, RU)

0100007fea4357631f00c49f02371fd5-sp.ops.beeline.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.97.2 (Russian Federation) 1 redirects

ASN197695 (AS-REG, RU)
PTR: d50603.reg.regrucolo.ru

ut.rktch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.24.218 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 217.66.147.38 (St Petersburg, Russian Federation) 5 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-38-147-66-217.spbmts.ru

sm.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.87.44.187 (Russian Federation) 2 redirects

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 89.108.119.28 (Russian Federation) 4 redirects

ASN197695 (AS-REG, RU)
PTR: d51802.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 168.119.88.34 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.34.88.119.168.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.220.27.155 (Amsterdam, Netherlands) 2 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.109.65.188 (Helsinki, Finland) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.188.65.109.65.clients.your-server.de

ssp.bidvol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.65.2.150 (Russian Federation)

ASN29076 (CITYTELECOM-AS Filanco LTD, RU)

match.new-programmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.95.102.105 (Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru

fcgi4.gnezdo.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.204 (Russian Federation) 2 redirects

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 31.172.81.158 (Frankfurt am Main, Germany) 1 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.4.70.80 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.80.70.4.46.clients.your-server.de

nr.bidderstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.228.111 (Russian Federation)

ASN29470 (RETNNET-AS, RU)
PTR: serv21.mt.viaprog.eu

mediatoday.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.107.44 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)

cs.agency2.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)

sync.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a02:6b8::2b8 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

core-renderer-tiles.maps.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8::184 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

avatars.mds.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::36 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

favicon.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.15.175.130 (Russian Federation) 6 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.163.52.67 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::5:114 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

ysa-static.passport.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.177.4.157 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-177-4-157.eu-west-2.compute.amazonaws.com

px.arcspire.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.31.4.32 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-4-32.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.171.45.210 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-45-210.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
euw-ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.175.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-175-185.compute-1.amazonaws.com

im.bluevoox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:6d0:4001::226 (Russian Federation) 1 redirects

ASN52016 (TNSMSK-, RU)

cm.tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.18.16.21 (Russian Federation)

ASN205675 (HYBRID-AS, DE)

dm.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.192.149.30 (Russian Federation) 1 redirects

ASN42481 (BEGUN-AS, RU)
PTR: zvezda.ssp.rambler.ru

profile.ssp.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:e45 (United States)

ASN13335 (CLOUDFLARENET, US)

rtb-eu-warsaw.intent.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.217.86.150 (Helsinki, Finland) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.150.86.217.95.clients.your-server.de

sonar.semantiqo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.243.142.239 (Ukraine) 1 redirects

ASN208677 (SBERCLOUD-AS, RU)
PTR: fr07.segmento.ru

yandex-dmp-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.170.196.9 (Russian Federation) 1 redirects

ASN208677 (SBERCLOUD-AS, RU)
PTR: fr14.segmento.ru

yandex-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
59	yandex.ru 12 redirects api-maps.yandex.ru — Cisco Umbrella Rank: 40395 an.yandex.ru — Cisco Umbrella Rank: 2202 mc.yandex.ru — Cisco Umbrella Rank: 3510 yandex.ru — Cisco Umbrella Rank: 1336 ysa-static.passport.yandex.ru — Cisco Umbrella Rank: 21689	321 KB
29	yandex.net core-renderer-tiles.maps.yandex.net — Cisco Umbrella Rank: 48282 avatars.mds.yandex.net — Cisco Umbrella Rank: 7456 favicon.yandex.net — Cisco Umbrella Rank: 9092	361 KB
21	acint.net 4 redirects www.acint.net — Cisco Umbrella Rank: 29740 acint.net — Cisco Umbrella Rank: 23705	17 KB
19	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 cm.g.doubleclick.net — Cisco Umbrella Rank: 215	86 KB
16	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 147	323 KB
15	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 9943	6 KB
12	gaigrodno.by 1 redirects gaigrodno.by	378 KB
10	gstatic.com fonts.gstatic.com www.gstatic.com	134 KB
10	google.com 4 redirects adservice.google.com — Cisco Umbrella Rank: 78 www.google.com — Cisco Umbrella Rank: 2	1 KB
9	yastatic.net yastatic.net — Cisco Umbrella Rank: 6193	899 KB
8	google.de adservice.google.de — Cisco Umbrella Rank: 8724 www.google.de — Cisco Umbrella Rank: 6045	2 KB
8	digitaltarget.ru 6 redirects tag.digitaltarget.ru — Cisco Umbrella Rank: 106519 dmg.digitaltarget.ru — Cisco Umbrella Rank: 21490	23 KB
7	mts.ru 7 redirects sm.rtb.mts.ru — Cisco Umbrella Rank: 31743 tech.rtb.mts.ru — Cisco Umbrella Rank: 31436	4 KB
6	adriver.ru 4 redirects ad.adriver.ru — Cisco Umbrella Rank: 18931 ssp.adriver.ru — Cisco Umbrella Rank: 22467	2 KB
5	360yield.com 3 redirects match.360yield.com — Cisco Umbrella Rank: 2893 euw-ice.360yield.com — Cisco Umbrella Rank: 11713	2 KB
5	aidata.io 4 redirects x01.aidata.io — Cisco Umbrella Rank: 15306	3 KB
5	upravel.com 5 redirects sync.upravel.com — Cisco Umbrella Rank: 30707 633e9e86-c8ef-4786-835a-354a6cadc27e.sync.upravel.com	3 KB
5	betweendigital.com 3 redirects ads.betweendigital.com — Cisco Umbrella Rank: 2142	3 KB
4	googleadservices.com 2 redirects partner.googleadservices.com — Cisco Umbrella Rank: 888 www.googleadservices.com — Cisco Umbrella Rank: 131	16 KB
3	bumlam.com 1 redirects sync.bumlam.com — Cisco Umbrella Rank: 2880	2 KB
3	weborama.fr 3 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 10358	526 B
3	rutarget.ru 3 redirects sape-sync.rutarget.ru — Cisco Umbrella Rank: 164111 yandex-dmp-sync.rutarget.ru — Cisco Umbrella Rank: 58436 yandex-sync.rutarget.ru — Cisco Umbrella Rank: 58388	1 KB
3	1dmp.io 2 redirects sync.1dmp.io — Cisco Umbrella Rank: 13136	1 KB
3	hybrid.ai dm-eu.hybrid.ai — Cisco Umbrella Rank: 13752 dm.hybrid.ai — Cisco Umbrella Rank: 28177	714 B
3	mail.ru ad.mail.ru — Cisco Umbrella Rank: 9746 top-fwz1.mail.ru — Cisco Umbrella Rank: 9135	2 KB
3	adhigh.net 3 redirects px.adhigh.net — Cisco Umbrella Rank: 16047	1 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 44	3 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 193	93 KB
2	semantiqo.com 1 redirects sonar.semantiqo.com — Cisco Umbrella Rank: 51563	977 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 214	2 KB
2	yandex.by 1 redirects mc.yandex.by — Cisco Umbrella Rank: 162947	643 B
2	yadro.ru 2 redirects counter.yadro.ru — Cisco Umbrella Rank: 9029	619 B
2	uuidksinc.net 2 redirects s.uuidksinc.net — Cisco Umbrella Rank: 3981	408 B
2	buzzoola.com 2 redirects exchange.buzzoola.com — Cisco Umbrella Rank: 17874	354 B
2	rktch.com 1 redirects ut.rktch.com — Cisco Umbrella Rank: 62817	679 B
2	otm-r.com sync.dmp.otm-r.com — Cisco Umbrella Rank: 16197	139 B
1	intent.ai rtb-eu-warsaw.intent.ai — Cisco Umbrella Rank: 57353	845 B
1	rambler.ru 1 redirects profile.ssp.rambler.ru — Cisco Umbrella Rank: 36639	244 B
1	tns-counter.ru 1 redirects cm.tns-counter.ru — Cisco Umbrella Rank: 58230	387 B
1	opera.com t.adx.opera.com — Cisco Umbrella Rank: 2347	463 B
1	bluevoox.com im.bluevoox.com — Cisco Umbrella Rank: 12697	241 B
1	arcspire.io 1 redirects px.arcspire.io — Cisco Umbrella Rank: 55229	317 B
1	adkernel.com sync.adkernel.com — Cisco Umbrella Rank: 2765	109 B
1	agency2.ru 1 redirects cs.agency2.ru — Cisco Umbrella Rank: 91031	753 B
1	mediatoday.ru mediatoday.ru — Cisco Umbrella Rank: 98394	368 B
1	bidderstack.com nr.bidderstack.com — Cisco Umbrella Rank: 28410	351 B
1	gnezdo.ru fcgi4.gnezdo.ru — Cisco Umbrella Rank: 45687	190 B
1	new-programmatic.com match.new-programmatic.com — Cisco Umbrella Rank: 37203	215 B
1	bidvol.com 1 redirects ssp.bidvol.com — Cisco Umbrella Rank: 27927	454 B
1	beeline.ru 1 redirects 0100007fea4357631f00c49f02371fd5-sp.ops.beeline.ru	634 B
1	adlook.me 1 redirects ads.adlook.me — Cisco Umbrella Rank: 58586	201 B
1	bestssp.com 1 redirects ssp.bestssp.com — Cisco Umbrella Rank: 61431	304 B
1	adlmerge.com adlmerge.com — Cisco Umbrella Rank: 110894	115 B
1	adlabs.ru 1 redirects stat.adlabs.ru — Cisco Umbrella Rank: 184380	108 B
1	republer.com sync.republer.com — Cisco Umbrella Rank: 57335	68 B
1	utraff.com a.utraff.com — Cisco Umbrella Rank: 51396	790 B
1	sape.ru 1 redirects ssp-rtb.sape.ru — Cisco Umbrella Rank: 29036	633 B
1	yandex.st yandex.st — Cisco Umbrella Rank: 97773	27 KB
0	whiteboxdigital.ru Failed mitdmp.whiteboxdigital.ru Failed
0	advarkads.com Failed s3.advarkads.com Failed
0	gotechnology.io Failed dmp.gotechnology.io Failed
228	61

	Domain	Requested by
43	an.yandex.ru	10 redirects gaigrodno.by www.acint.net an.yandex.ru
24	core-renderer-tiles.maps.yandex.net	gaigrodno.by
15	mc.yandex.com	3 redirects gaigrodno.by mc.yandex.ru
15	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com gaigrodno.by googleads.g.doubleclick.net www.googleadservices.com
15	www.acint.net	2 redirects gaigrodno.by www.acint.net
12	gaigrodno.by	1 redirects gaigrodno.by yandex.st
10	tpc.googlesyndication.com	googleads.g.doubleclick.net
9	yastatic.net	api-maps.yandex.ru an.yandex.ru gaigrodno.by yastatic.net
8	www.google.com	4 redirects gaigrodno.by
8	api-maps.yandex.ru	gaigrodno.by yastatic.net
7	fonts.gstatic.com	fonts.googleapis.com
6	www.google.de	gaigrodno.by
6	dmg.digitaltarget.ru	6 redirects
6	acint.net	2 redirects www.acint.net
6	pagead2.googlesyndication.com	gaigrodno.by pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
5	x01.aidata.io	4 redirects www.acint.net
5	sm.rtb.mts.ru	5 redirects
5	ads.betweendigital.com	3 redirects www.acint.net gaigrodno.by
4	cm.g.doubleclick.net	www.acint.net gaigrodno.by
4	ssp.adriver.ru	2 redirects www.acint.net
4	mc.yandex.ru	2 redirects gaigrodno.by yastatic.net
3	www.googleadservices.com	2 redirects yastatic.net
3	www.gstatic.com	googleads.g.doubleclick.net
3	match.360yield.com	1 redirects gaigrodno.by
3	yandex.ru	yastatic.net
3	avatars.mds.yandex.net	gaigrodno.by
3	sync.bumlam.com	1 redirects www.acint.net gaigrodno.by
3	redirect.frontend.weborama.fr	3 redirects
3	sync.1dmp.io	2 redirects www.acint.net
3	sync.upravel.com	3 redirects
3	px.adhigh.net	3 redirects
3	fonts.googleapis.com	gaigrodno.by googleads.g.doubleclick.net
2	www.googletagservices.com	googleads.g.doubleclick.net
2	sonar.semantiqo.com	1 redirects gaigrodno.by
2	euw-ice.360yield.com	2 redirects
2	dm.hybrid.ai	gaigrodno.by
2	dpm.demdex.net	1 redirects gaigrodno.by
2	top-fwz1.mail.ru	www.acint.net
2	favicon.yandex.net	gaigrodno.by
2	mc.yandex.by	1 redirects gaigrodno.by
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	counter.yadro.ru	2 redirects
2	s.uuidksinc.net	2 redirects
2	exchange.buzzoola.com	2 redirects
2	tech.rtb.mts.ru	2 redirects
2	ut.rktch.com	1 redirects www.acint.net
2	633e9e86-c8ef-4786-835a-354a6cadc27e.sync.upravel.com	2 redirects
2	sync.dmp.otm-r.com	www.acint.net gaigrodno.by
2	tag.digitaltarget.ru	www.acint.net tag.digitaltarget.ru
2	ad.adriver.ru	2 redirects
1	yandex-sync.rutarget.ru	1 redirects
1	yandex-dmp-sync.rutarget.ru	1 redirects
1	rtb-eu-warsaw.intent.ai	gaigrodno.by
1	profile.ssp.rambler.ru	1 redirects
1	cm.tns-counter.ru	1 redirects
1	t.adx.opera.com	gaigrodno.by
1	im.bluevoox.com	gaigrodno.by
1	px.arcspire.io	1 redirects
1	ysa-static.passport.yandex.ru	gaigrodno.by
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	sync.adkernel.com	www.acint.net
1	cs.agency2.ru	1 redirects
1	mediatoday.ru	www.acint.net
1	nr.bidderstack.com	www.acint.net
1	fcgi4.gnezdo.ru	www.acint.net
1	match.new-programmatic.com	www.acint.net
1	ssp.bidvol.com	1 redirects
1	0100007fea4357631f00c49f02371fd5-sp.ops.beeline.ru	1 redirects
1	ads.adlook.me	1 redirects
1	sape-sync.rutarget.ru	1 redirects
1	ssp.bestssp.com	1 redirects
1	adlmerge.com	www.acint.net
1	stat.adlabs.ru	1 redirects
1	dm-eu.hybrid.ai	www.acint.net
1	sync.republer.com	www.acint.net
1	a.utraff.com	www.acint.net
1	ad.mail.ru	www.acint.net
1	ssp-rtb.sape.ru	1 redirects
1	yandex.st	gaigrodno.by
0	mitdmp.whiteboxdigital.ru Failed	gaigrodno.by
0	s3.advarkads.com Failed	www.acint.net
0	dmp.gotechnology.io Failed	www.acint.net
228	83

This site contains links to these domains. Also see Links.

Domain
spartan.by
yandex.ru
tech.yandex.ru
gaiminsk.by
feeds.feedburner.com
socolive2.tv

Subject Issuer	Validity	Valid
gaigrodno.by R3	`2022-10-09` - `2023-01-07`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
api-maps.yandex.ru GlobalSign RSA OV SSL CA 2018	`2022-07-21` - `2023-01-14`	6 months	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2022-08-31` - `2023-02-28`	6 months	crt.sh
*.acint.net R3	`2022-10-16` - `2023-01-14`	3 months	crt.sh
bs.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-10-21` - `2023-04-21`	6 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-03-30`	5 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.mail.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-11-19`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-18` - `2023-05-18`	a year	crt.sh
sync.republer.com R3	`2022-10-01` - `2022-12-30`	3 months	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2022-09-26` - `2023-09-26`	a year	crt.sh
tag.digitaltarget.ru R3	`2022-08-23` - `2022-11-21`	3 months	crt.sh
*.dmp.otm-r.com AlphaSSL CA - SHA256 - G2	`2022-05-27` - `2023-06-28`	a year	crt.sh
*.adriver.ru GlobalSign GCC R3 DV TLS CA 2020	`2022-04-05` - `2023-04-05`	a year	crt.sh
ad.ad-blast.ru R3	`2022-10-16` - `2023-01-14`	3 months	crt.sh
fcgi4.gnezdo.ru R3	`2022-09-08` - `2022-12-07`	3 months	crt.sh
*.bidderstack.com Go Daddy Secure Certificate Authority - G2	`2021-11-18` - `2022-12-20`	a year	crt.sh
mediatoday.ru R3	`2022-09-06` - `2022-12-05`	3 months	crt.sh
*.adkernel.com AlphaSSL CA - SHA256 - G2	`2021-12-30` - `2023-01-31`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.core-renderer-tiles.maps.yandex.net GlobalSign RSA OV SSL CA 2018	`2022-09-14` - `2023-03-14`	6 months	crt.sh
*.avatars.yandex.net GlobalSign RSA OV SSL CA 2018	`2022-03-04` - `2023-04-05`	a year	crt.sh
favicon.yandex.net GlobalSign ECC OV SSL CA 2018	`2022-08-28` - `2023-01-27`	5 months	crt.sh
*.xn--d1acpjx3f.xn--p1ai GlobalSign ECC OV SSL CA 2018	`2022-08-19` - `2023-02-16`	6 months	crt.sh
ysa-static.passport.yandex.net GlobalSign ECC OV SSL CA 2018	`2022-03-04` - `2023-04-05`	a year	crt.sh
*.intent.ai GTS CA 1P5	`2022-10-15` - `2023-01-13`	3 months	crt.sh
*.bumlam.com R3	`2022-08-23` - `2022-11-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://gaigrodno.by/
Frame ID: BE35A5B03610494FF4B2F7B04FA0F243
Requests: 108 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20190131/zrt_lookup.html
Frame ID: 0FFFA60FFAC7F76473AEE460EB8B1A84
Requests: 1 HTTP requests in this frame

Frame: https://www.acint.net/mc/?dp=10&tc=1
Frame ID: CA6434AA4B29CAA301EFC2AF651F5B53
Requests: 39 HTTP requests in this frame

Frame: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007FEA4357631F00C49F02371FD5
Frame ID: F1FCFB37B26950B57C8658440BA64405
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&adk=1812271804&adf=3025194257&lmt=1666663402&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgaigrodno.by%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666663402657&bpp=4&bdt=360&idt=197&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2158227745114&frm=20&pv=2&ga_vid=2026135132.1666663403&ga_sid=1666663403&ga_hid=841718453&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44767166%2C31070424%2C31070437%2C44775017&oid=2&pvsid=1926627249984921&tmod=974565083&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=220
Frame ID: 0485B0D09D9C67BFBFF195F0B07008FF
Requests: 1 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Frame ID: BB71B50F5382A7F0BBE3DE52D6945295
Requests: 62 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1
Frame ID: 32BE1462F253E2F9A1BE1540A16774F2
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1
Frame ID: 4501857EC93437C50B64F6A238A27014
Requests: 10 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 4EB33FB18B98C8D75CB00399CAFA6683
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: F5045E09355AD5AE8E093F995CDEB38F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/568fMfmsPhabDhBQKM56ETVW7wyafyuYtNw47YmmG7Q.js
Frame ID: 054F2819BB79F6D19F33ECDF043C97C2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 62B8AF5FCA82F6E60513F26E4534D3D6
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/568fMfmsPhabDhBQKM56ETVW7wyafyuYtNw47YmmG7Q.js
Frame ID: 481E09ACF8AC46DD53C54CAFC98B5DD7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ГАИ Гродно, РОВД, МЧС, налоговая. Время работы, телефоны, адреса

Page URL History Show full URLs

http://gaigrodno.by/ HTTP 302
https://gaigrodno.by/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

228
Requests

73 %
HTTPS

33 %
IPv6

61
Domains

83
Subdomains

52
IPs

11
Countries

2693 kB
Transfer

8418 kB
Size

112
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://spartan.by/

Search URL Search Domain Scan URL

URL: https://yandex.ru/legal/maps_termsofuse/?lang=ru
Title: Условия использования

Search URL Search Domain Scan URL

URL: https://tech.yandex.ru/maps/mapsapi/?from=api-maps
Title: Создать свою карту

Search URL Search Domain Scan URL

URL: https://gaiminsk.by/
Title: ГАИ Минска

Search URL Search Domain Scan URL

URL: http://feeds.feedburner.com/gaigrodno
Title: FeedBurner

Search URL Search Domain Scan URL

URL: https://socolive2.tv/
Title: cakhia tv

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gaigrodno.by/ HTTP 302
https://gaigrodno.by/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://www.acint.net/mc/?dp=10 HTTP 302
https://www.acint.net/mc/?dp=10&tc=1

Request Chain 21

https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007FEA4357631F00C49F02371FD5 HTTP 302
https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007FEA4357631F00C49F02371FD5&crf=1

Request Chain 22

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP 302
https://acint.net/match?dp=14&euid=A9B803C1EA4357631C002346020F9450

Request Chain 23

https://px.adhigh.net/p/cm/sape?u=0100007FEA4357631F00C49F02371FD5 HTTP 302
https://px.adhigh.net/p/cm/sape?u=0100007FEA4357631F00C49F02371FD5&bounced=1 HTTP 302
https://acint.net/match?dp=17&euid=u5IeMGgf3iGO.AikABlGEDOFOmQ

Request Chain 25

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP 302
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-6352052381 HTTP 302
https://www.acint.net/rmatch?dp=45&euid=AbAvsIE6HAhXym1RBCy3kMw&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP 302
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FEA4357631F00C49F02371FD5

Request Chain 31

https://sync.upravel.com/sape/sync HTTP 302
https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0 HTTP 302
https://633e9e86-c8ef-4786-835a-354a6cadc27e.sync.upravel.com/sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19 HTTP 302
https://www.acint.net/match?dp=71&euid=633e9e86-c8ef-4786-835a-354a6cadc27e

Request Chain 33

https://stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007FEA4357631F00C49F02371FD5 HTTP 302
https://adlmerge.com/merge_gpsid/?sid=50&id=0100007FEA4357631F00C49F02371FD5

Request Chain 35

https://ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D HTTP 302
https://www.acint.net/match?dp=95&euid=DUWHNXSU

Request Chain 36

https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FEA4357631F00C49F02371FD5 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FEA4357631F00C49F02371FD5&cs=1

Request Chain 37

https://sape-sync.rutarget.ru/sync HTTP 302
https://www.acint.net/match?dp=104&euid=wS7b9kBErji4

Request Chain 38

https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP 302
https://acint.net/match?dp=107&euid=8885e063-da3f-522a-8b80-9829e8d7dbc3

Request Chain 39

https://ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D HTTP 302
https://acint.net/match?dp=110&euid=c69c16d6a75645e881d236bf06798369

Request Chain 40

https://0100007fea4357631f00c49f02371fd5-sp.ops.beeline.ru/p?ssp=sp&id=0100007FEA4357631F00C49F02371FD5 HTTP 301
https://www.acint.net/match?dp=111&euid=ba264945-fca7-4c00-96a8-27bad07635d3

Request Chain 41

https://ut.rktch.com/matchspm?pi=1000005&pui=0100007FEA4357631F00C49F02371FD5 HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=82427814 HTTP 302
https://ut.rktch.com/matchspm?pi=1000006&pui=5q/o.zv6WSeZ7WS1W5Fmt.&noredirect

Request Chain 42

https://sm.rtb.mts.ru/p?ssp=sape&id=0100007FEA4357631F00C49F02371FD5 HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=30&exu=0100007FEA4357631F00C49F02371FD5 HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=bc2d8ece-4815-4758-8e14-c5adcdf14b25&return_url=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9503528%26dest%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D30%2526em%253D2%2526ssp%253Daidata%2526id%253D%2524UID HTTP 302
https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D2%26ssp%3Daidata%26id%3D%24UID HTTP 302
https://sm.rtb.mts.ru/em?next=30&em=2&ssp=aidata&id=zA76L8ZPiqjOxuen3HfzYg HTTP 301
https://www.acint.net/match?dp=125&euid=bc2d8ece-4815-4758-8e14-c5adcdf14b25

Request Chain 43

https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP 301
https://www.acint.net/match?dp=126&euid=60fa5f01-6d07-4124-7250-e3310ffe86d6

Request Chain 44

https://s.uuidksinc.net/match/396/?remote_uid=0100007FEA4357631F00C49F02371FD5 HTTP 302
https://www.acint.net/match?dp=127&euid=22cElAP9Gr8QeFpzu6v4

Request Chain 45

https://ssp.bidvol.com/usersync?dspcsid=8&redirect=1 HTTP 302
https://www.acint.net/match?dp=129&euid=jgtg3tm5vr

Request Chain 48

https://x01.aidata.io/0.gif?pid=9401454&id=0100007FEA4357631F00C49F02371FD5 HTTP 302
https://x01.aidata.io/0.gif?pid=9401454&id=0100007FEA4357631F00C49F02371FD5&bounce=1 HTTP 302
https://counter.yadro.ru/id-redir/aidata.gif?back=STOP HTTP 302
https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP

Request Chain 50

https://sync.bumlam.com/?src=sap1&uid=0100007FEA4357631F00C49F02371FD5 HTTP 302
https://sync.bumlam.com/?src=sap1&s_data=CAIQARjrh92aBmIgMDEwMDAwN0ZFQTQzNTc2MzFGMDBDNDlGMDIzNzFGRDWiARA01cWsVAkR7Y8KACWQyCQ3

Request Chain 51

https://an.yandex.ru/mapuid/sapeis/0100007FEA4357631F00C49F02371FD5 HTTP 302
https://an.yandex.ru/mapuid/sapeis/0100007FEA4357631F00C49F02371FD5?redir-setuniq=1

Request Chain 54

https://cs.agency2.ru/p?ssp=sp&uid=0100007FEA4357631F00C49F02371FD5 HTTP 301
https://www.acint.net/match?dp=186&euid=8f2b0885-5225-495b-9d09-be379ccaae22

Request Chain 78

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9801.6KgAIuT_vQIJ_2AjDEB8AO1UdN_oPxwHpAIlX7LivDyEMkUfbkWiw2o49WpXJBh5.EjCcbmBXHF_oJ2Mn2sHIsUjLgk4%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9801.Tz2jy2-9OeUkIb2lxEgvRa4qWhxBta7afG5pwVIPPlWzym2xGVgjAdtQv-ZCMCR9Oj4-LY1SoeS0SaKVu-hCfS0e0T-76zss1lTMiRGsv60%2C.eJUgB6fRXjGY6lVC1LxEo0XVRQs%2C

Request Chain 79

https://mc.yandex.by/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.by&token=9801.GeM45yCZxjF7eE7ijTvU1FtQ6yfFR8d6GoiIJsE5lqZ6qgl_tjP3Ow2KaATSLfQ-.EnCN0M44G_mnKP1gMZNBGLB-s8I%2C HTTP 302
https://mc.yandex.by/sync_cookie_image_decide?token=9801.g4Ib_hU7GTpJUvTix8YPoRi6yHndr_-yvt74Wup4XMzL_m5CPAWSbvUrWhsIsEUwU49xKD7KhBL48t5ZcoLzwPeBbDjxigFvu0mM6jn0jDo%2C.AZ15PwzKGC5a1kxt4z8lodLMoUs%2C

Request Chain 134

https://mc.yandex.com/watch/569838?wmode=7&page-url=https%3A%2F%2Fgaigrodno.by%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Al4cs6ej6vo5gha9qjtx4s%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A2%3Adp%3A1%3Als%3A368730387462%3Ahid%3A783197469%3Az%3A0%3Ai%3A20221025020323%3Aet%3A1666663404%3Ac%3A1%3Arn%3A449104871%3Au%3A1666663403336049582%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Acpf%3A1%3Ans%3A1666663401502%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1666663404%3At%3A%D0%93%D0%90%D0%98%20%D0%93%D1%80%D0%BE%D0%B4%D0%BD%D0%BE%2C%20%D0%A0%D0%9E%D0%92%D0%94%2C%20%D0%9C%D0%A7%D0%A1%2C%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D0%B0%D1%8F.%20%D0%92%D1%80%D0%B5%D0%BC%D1%8F%20%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D1%8B%2C%20%D1%82%D0%B5%D0%BB%D0%B5%D1%84%D0%BE%D0%BD%D1%8B%2C%20%D0%B0%D0%B4%D1%80%D0%B5%D1%81%D0%B0&t=gdpr(14)mc(p-1)clc(0-0-0)lt(48900)aw(1)rqnl(1)ti(2) HTTP 302
https://mc.yandex.com/watch/569838/1?wmode=7&page-url=https%3A%2F%2Fgaigrodno.by%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Al4cs6ej6vo5gha9qjtx4s%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A2%3Adp%3A1%3Als%3A368730387462%3Ahid%3A783197469%3Az%3A0%3Ai%3A20221025020323%3Aet%3A1666663404%3Ac%3A1%3Arn%3A449104871%3Au%3A1666663403336049582%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Acpf%3A1%3Ans%3A1666663401502%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1666663404%3At%3A%D0%93%D0%90%D0%98%20%D0%93%D1%80%D0%BE%D0%B4%D0%BD%D0%BE%2C%20%D0%A0%D0%9E%D0%92%D0%94%2C%20%D0%9C%D0%A7%D0%A1%2C%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D0%B0%D1%8F.%20%D0%92%D1%80%D0%B5%D0%BC%D1%8F%20%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D1%8B%2C%20%D1%82%D0%B5%D0%BB%D0%B5%D1%84%D0%BE%D0%BD%D1%8B%2C%20%D0%B0%D0%B4%D1%80%D0%B5%D1%81%D0%B0&t=gdpr%2814%29mc%28p-1%29clc%280-0-0%29lt%2848900%29aw%281%29rqnl%281%29ti%282%29

Request Chain 135

https://mc.yandex.com/watch/55320232?wmode=7&page-url=https%3A%2F%2Fgaigrodno.by%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Al4cs6ej6vo5gha9qjtx4s%3Afp%3A1001%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A189960786934%3Ahid%3A783197469%3Az%3A0%3Ai%3A20221025020323%3Aet%3A1666663403%3Ac%3A1%3Arn%3A740188044%3Arqn%3A1%3Au%3A1666663403336049582%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C141%2C342%2C38%2C302%2C0%2C%2C375%2C60%2C%2C%2C%2C1212%3Acpf%3A1%3Ans%3A1666663401502%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1666663404%3At%3A%D0%93%D0%90%D0%98%20%D0%93%D1%80%D0%BE%D0%B4%D0%BD%D0%BE%2C%20%D0%A0%D0%9E%D0%92%D0%94%2C%20%D0%9C%D0%A7%D0%A1%2C%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D0%B0%D1%8F.%20%D0%92%D1%80%D0%B5%D0%BC%D1%8F%20%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D1%8B%2C%20%D1%82%D0%B5%D0%BB%D0%B5%D1%84%D0%BE%D0%BD%D1%8B%2C%20%D0%B0%D0%B4%D1%80%D0%B5%D1%81%D0%B0&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2) HTTP 302
https://mc.yandex.com/watch/55320232/1?wmode=7&page-url=https%3A%2F%2Fgaigrodno.by%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Al4cs6ej6vo5gha9qjtx4s%3Afp%3A1001%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A189960786934%3Ahid%3A783197469%3Az%3A0%3Ai%3A20221025020323%3Aet%3A1666663403%3Ac%3A1%3Arn%3A740188044%3Arqn%3A1%3Au%3A1666663403336049582%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C141%2C342%2C38%2C302%2C0%2C%2C375%2C60%2C%2C%2C%2C1212%3Acpf%3A1%3Ans%3A1666663401502%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1666663404%3At%3A%D0%93%D0%90%D0%98%20%D0%93%D1%80%D0%BE%D0%B4%D0%BD%D0%BE%2C%20%D0%A0%D0%9E%D0%92%D0%94%2C%20%D0%9C%D0%A7%D0%A1%2C%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D0%B0%D1%8F.%20%D0%92%D1%80%D0%B5%D0%BC%D1%8F%20%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D1%8B%2C%20%D1%82%D0%B5%D0%BB%D0%B5%D1%84%D0%BE%D0%BD%D1%8B%2C%20%D0%B0%D0%B4%D1%80%D0%B5%D1%81%D0%B0&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Request Chain 136

https://dmg.digitaltarget.ru/1/1093/i/i?i=198659060186957.273809942654129&a=77&e=0100007FEA4357631F00C49F02371FD5&pref=https%3A%2F%2Fgaigrodno.by%2F&c=ss:77.up:0100007FEA4357631F00C49F02371FD5.sync:up.xdua:duER5bK83RUXvgM6Gi0W7xI8.xps:xpsBDfUT7Tuxtph7y7Bluz3WW.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP 307
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1666663404143&i=198659060186957.273809942654129&a=77&e=0100007FEA4357631F00C49F02371FD5&pref=https%3A%2F%2Fgaigrodno.by%2F&c=ss:77.up:0100007FEA4357631F00C49F02371FD5.sync:up.xdua:duER5bK83RUXvgM6Gi0W7xI8.xps:xpsBDfUT7Tuxtph7y7Bluz3WW.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP 307
https://top-fwz1.mail.ru/counter?id=3210372;pid=yn6BF3VWZ8HI3r777FUA

Request Chain 137

https://dmg.digitaltarget.ru/1/1093/i/i?i=198659060186957.258303995787295&a=77&e=0100007FEA4357631F00C49F02371FD5&pref=https%3A%2F%2Fgaigrodno.by%2F&c=ss:77.up:0100007FEA4357631F00C49F02371FD5.sync:up.xdua:duER5bK83RUXvgM6Gi0W7xI8.xps:xpsBDfUT7Tuxtph7y7Bluz3WW.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP 307
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1666663404142&i=198659060186957.258303995787295&a=77&e=0100007FEA4357631F00C49F02371FD5&pref=https%3A%2F%2Fgaigrodno.by%2F&c=ss:77.up:0100007FEA4357631F00C49F02371FD5.sync:up.xdua:duER5bK83RUXvgM6Gi0W7xI8.xps:xpsBDfUT7Tuxtph7y7Bluz3WW.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP 307
https://top-fwz1.mail.ru/counter?id=3210372;pid=yn6BF3VWZ8HI3r777FUA

Request Chain 143

https://px.arcspire.io/yndx?id=9d4cd41a-f59d-4815-8a89-9d30806f5389 HTTP 307
https://an.yandex.ru/mapuid/arcspireis/f676027a86c4535185936f

Request Chain 144

https://acint.net/rmatch/?dp=151&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2FSAPEis%2F%24%7BUSER_ID%7D HTTP 302
https://an.yandex.ru/mapuid/SAPEis/0100007FEA4357631F00C49F02371FD5

Request Chain 145

https://acint.net/rmatch/?dp=151&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F%24%7BUSER_ID%7D HTTP 302
https://an.yandex.ru/mapuid/sapeis/0100007FEA4357631F00C49F02371FD5

Request Chain 146

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D HTTP 302
https://an.yandex.ru/mapuid/betweendigitalis/8885e063-da3f-522a-8b80-9829e8d7dbc3

Request Chain 147

https://an.yandex.ru/mapuid/adobedmp/ HTTP 302
https://dpm.demdex.net/ibs:dpid=423652&dpuuid=9E23FDDA014A3268 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=9E23FDDA014A3268

Request Chain 148

https://an.yandex.ru/mapuid/azerionis/ HTTP 302
https://match.360yield.com/match?external_user_id=14D756A3102901C1&publisher_dsp_id=429&publisher_call_type=redirect HTTP 302
https://match.360yield.com/ul_cb/match?external_user_id=14D756A3102901C1&publisher_dsp_id=429&publisher_call_type=redirect

Request Chain 150

https://an.yandex.ru/mapuid/betweenx/ HTTP 302
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=B0B98AA44E061CEB

Request Chain 151

https://an.yandex.ru/mapuid/blueseaxcom/ HTTP 302
https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=8F349FA4D5BE8F2C

Request Chain 153

https://an.yandex.ru/mapuid/google/?partner-tag=yandex_llc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=21EA48F3CC9B7518&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Request Chain 154

https://an.yandex.ru/mapuid/google/?partner-tag=yandexcom HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=21EA48F3CC9B7518&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Request Chain 155

https://an.yandex.ru/mapuid/google/?partner-tag=yandexru HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=21EA48F3CC9B7518&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Request Chain 157

https://an.yandex.ru/mapuid/operacom/ HTTP 302
https://t.adx.opera.com/sync?vendor=60143&uid=F3F9CB87C39E6FB5

Request Chain 159

https://cm.tns-counter.ru/yacm HTTP 302
https://an.yandex.ru/mapuid/mediascope/c9e9e71840ca5b63d91d83d40000fb4d7ae6e93c727a36de1a85f4805bae79e1

Request Chain 162

https://dmg.digitaltarget.ru/1/119/i/i?i=1666663403 HTTP 307
https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&ts=1666663404185&i=1666663403 HTTP 307
https://an.yandex.ru/mapuid/dmpamberdata/1AkS7HXWeE-ZNSb79D4M

Request Chain 163

https://euw-ice.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F{PUB_USER_ID} HTTP 302
https://euw-ice.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F%7BPUB_USER_ID%7D HTTP 302
https://an.yandex.ru/mapuid/azerionis/87ab9233-327d-44d5-9e55-b47a5e9664b4 HTTP 302
https://match.360yield.com/match?external_user_id=87ab9233-327d-44d5-9e55-b47a5e9664b4&publisher_dsp_id=429&publisher_call_type=redirect

Request Chain 164

https://exchange.buzzoola.com/cookiesync/redirect/yandex?redirect_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbuzzooladspis%2F%24%7BUUID%7D HTTP 301
https://an.yandex.ru/mapuid/buzzooladspis/c8dd471f-117c-4e5b-66f7-f506fae517e3

Request Chain 166

https://profile.ssp.rambler.ru/sync3.302?pid=188 HTTP 302
https://an.yandex.ru/mapuid/ramblerssp/

Request Chain 167

https://px.adhigh.net/p/cm/yandexssp HTTP 302
https://an.yandex.ru/mapuid/getintentis/u5IeMGgf3iGO.AikABlGEDOFOmQ

Request Chain 168

https://redirect.frontend.weborama.fr/redirect/standard?url=https://an.yandex.ru/mapuid/dmpweborama/{WEBO_CID} HTTP 302
https://an.yandex.ru/mapuid/dmpweborama/5q/o.zv6WSeZ7WS1W5Fmt.

Request Chain 170

https://s.uuidksinc.net/match/501 HTTP 302
https://an.yandex.ru/mapuid/kadamis/22cElAP9Gr8QeFpzu6v4

Request Chain 171

https://sm.rtb.mts.ru/p?ssp=yandex&id=map HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=55&exu=map HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=bc2d8ece-4815-4758-8e14-c5adcdf14b25&return_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fmtsdspis%2Fbc2d8ece-4815-4758-8e14-c5adcdf14b25 HTTP 302
https://an.yandex.ru/mapuid/mtsdspis/bc2d8ece-4815-4758-8e14-c5adcdf14b25

Request Chain 172

https://sonar.semantiqo.com/dmp/scr.php HTTP 302
https://counter.yadro.ru/id127/reff-id.gif?sid=714f7ba9da2041a185a6bdef6ce94d58 HTTP 302
https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=714f7ba9da2041a185a6bdef6ce94d58

Request Chain 173

https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=109 HTTP 302
https://an.yandex.ru/mapuid/dmpadriver/bAvsIE6HAhXym1RBCy3kMw?sign=2908983643

Request Chain 174

https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=19 HTTP 302
https://an.yandex.ru/mapuid/adriveris/AbAvsIE6HAhXym1RBCy3kMw

Request Chain 175

https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au HTTP 302
https://an.yandex.ru/mapuid/dmpcleverdata/3489ac30-5409-11ed-8ff0-f832e4719dd9?sign=3975628269

Request Chain 178

https://sync.upravel.com/yandex/sync HTTP 302
https://633e9e86-c8ef-4786-835a-354a6cadc27e.sync.upravel.com/yandex/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ HTTP 302
https://an.yandex.ru/mapuid/upravelis/633e9e86-c8ef-4786-835a-354a6cadc27e

Request Chain 179

https://x01.aidata.io/0.gif?pid=YANDEX HTTP 302
https://an.yandex.ru/mapuid/dmpaidatame/zA76L8ZPiqjOxuen3HfzYg?sign=637352800

Request Chain 180

https://yandex-dmp-sync.rutarget.ru/sync HTTP 302
https://an.yandex.ru/mapuid/dmpsegmento/wS7b9kBErji4?sign=2934862

Request Chain 181

https://yandex-sync.rutarget.ru/sync HTTP 302
https://an.yandex.ru/mapuid/rutargetis/wS7b9kBErji4

Request Chain 208

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 211

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 219

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=7UNXY-O3NsfO1gbg6r3wDw&random=492976103&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=492976103&crd=&is_vtc=1&random=1679759670 HTTP 302
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=492976103&crd=&is_vtc=1&random=1679759670&ipr=y

Request Chain 220

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=7UNXY-e5NorOxgKauqzYDA&random=7860342&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=7860342&crd=&is_vtc=1&random=3542708344 HTTP 302
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=7860342&crd=&is_vtc=1&random=3542708344&ipr=y

228 HTTP transactions
14 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
gaigrodno.by/
Redirect Chain

http://gaigrodno.by/
https://gaigrodno.by/

130 KB
26 KB

484ms
342ms

Document
text/html

185.66.68.16
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://gaigrodno.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.66.68.16 Rechytsa, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: 912db74d9eaac097f13f067d9507b84e4959db7116a460a2000e62ac53ab3e2a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 26069
content-type: text/html; charset=UTF-8
date: Tue, 25 Oct 2022 02:03:22 GMT
server: nginx
vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 205
Content-Type: text/html; charset=iso-8859-1
Date: Tue, 25 Oct 2022 02:03:21 GMT
Keep-Alive: timeout=60
Location: https://gaigrodno.by/
Server: nginx

GET
H2 200 60snz.css
gaigrodno.by/wp-content/cache/wpfc-minified/7w2wk3or/ 87 KB
11 KB 68ms
66ms Stylesheet
text/css 185.66.68.16
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://gaigrodno.by/wp-content/cache/wpfc-minified/7w2wk3or/60snz.css
Requested by: Host: gaigrodno.by
URL: https://gaigrodno.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.66.68.16 Rechytsa, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: d094c4be4c852123ee878348eea524e6ffbbe3dec49543ae301e89d13ddb34bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:22 GMT
content-encoding: gzip
last-modified: Fri, 16 Sep 2022 13:25:27 GMT
server: nginx
etag: W/"63247947-15ce3"
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 60snz.css
gaigrodno.by/wp-content/cache/wpfc-minified/kz6818hs/ 447 KB
69 KB 83ms
82ms Stylesheet
text/css 185.66.68.16
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://gaigrodno.by/wp-content/cache/wpfc-minified/kz6818hs/60snz.css
Requested by: Host: gaigrodno.by
URL: https://gaigrodno.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.66.68.16 Rechytsa, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: fba4145da0c81f5cf1615c2edd9fafb5ad5221b64cad3f09d5c9464d069e1cfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:22 GMT
content-encoding: gzip
last-modified: Fri, 16 Sep 2022 13:25:27 GMT
server: nginx
etag: W/"63247947-6fd24"
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 169 KB
55 KB 147ms
65ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: gaigrodno.by
URL: https://gaigrodno.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36831124ec6624d5d0955f4dfb81265174937283388490d88b812c9bec59fbe0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55487
x-xss-protection: 0
server: cafe
etag: 15009594135977045770
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 25 Oct 2022 02:03:22 GMT

GET
H2 200 logo.svg
gaigrodno.by/ 10 KB
4 KB 65ms
63ms Image
image/svg+xml 185.66.68.16
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gaigrodno.by/logo.svg
Requested by: Host: gaigrodno.by
URL: https://gaigrodno.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.66.68.16 Rechytsa, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: a37c7613f06970453c3482a07f03873f461193228547be1bac92b30f95f7a1b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:22 GMT
content-encoding: gzip
last-modified: Thu, 02 Apr 2020 12:37:24 GMT
server: nginx
etag: W/"5e85dc84-2908"
content-type: image/svg+xml
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 blank.gif
gaigrodno.by/wp-content/plugins/wp-fastest-cache-premium/pro/images/ 43 B
217 B 65ms
64ms Image
image/gif 185.66.68.16
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gaigrodno.by/wp-content/plugins/wp-fastest-cache-premium/pro/images/blank.gif
Requested by: Host: gaigrodno.by
URL: https://gaigrodno.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.66.68.16 Rechytsa, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:22 GMT
last-modified: Mon, 14 Oct 2019 09:26:16 GMT
server: nginx
etag: "5da43f38-2b"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 43
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 60sog.js Show response
gaigrodno.by/wp-content/cache/wpfc-minified/q7xbu011/ 267 KB
75 KB 77ms
77ms Script
application/javascript 185.66.68.16
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://gaigrodno.by/wp-content/cache/wpfc-minified/q7xbu011/60sog.js
Requested by: Host: gaigrodno.by
URL: https://gaigrodno.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.66.68.16 Rechytsa, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: a885f87efe257389b46a8a8bc2a090b09d5cb72f5c4a6d0977ec3a73683b4002

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:22 GMT
content-encoding: gzip
last-modified: Fri, 16 Sep 2022 13:25:34 GMT
server: nginx
etag: W/"6324794e-42be9"
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 / Show response
api-maps.yandex.ru/2.1/ 34 KB
12 KB 192ms
90ms Script
application/javascript 2a02:6b8::274
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://api-maps.yandex.ru/2.1/?lang=ru_RU&apikey=7f59ec6f-533c-4526-a819-b1d1a58daaa8

Requested by

Host: gaigrodno.by
URL: https://gaigrodno.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::274 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

7071e0042eb86b94fc8e3f97ebaaba11549ab84850ed132e17684b5ed66aec1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:22 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
x-lighttpd-locale: ru_RU
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
content-disposition: attachment; filename=json.txt
timing-allow-origin: *
x-xss-protection: 1; mode=block

GET
H2 200 jquery.min.js Show response
yandex.st/jquery/2.2.3/ 84 KB
27 KB 101ms
30ms Script
application/x-javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.st/jquery/2.2.3/jquery.min.js

Requested by

Host: gaigrodno.by
URL: https://gaigrodno.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

6b6de0d4db7876d1183a3edb47ebd3bbbf93f153f5de1ba6645049348628109a

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:22 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 26964
last-modified: Mon, 12 Nov 2018 13:13:59 GMT
server: nginx/1.17.9
etag: "9fdb9bee03ce5ec7552bba4bfac75a96"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952
x-nginx-request-id: 3058e45f58d102bd
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Sep 2023 15:27:55 GMT

GET
H2 200 60sog.js Show response
gaigrodno.by/wp-content/cache/wpfc-minified/fejmsd47/ 402 KB
107 KB 79ms
78ms Script
application/javascript 185.66.68.16
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://gaigrodno.by/wp-content/cache/wpfc-minified/fejmsd47/60sog.js
Requested by: Host: gaigrodno.by
URL: https://gaigrodno.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.66.68.16 Rechytsa, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: 34f54c1f9aac3f134a0dc7e469611619e0d25fb1632805a3820d66ee5281efc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:22 GMT
content-encoding: gzip
last-modified: Fri, 16 Sep 2022 13:25:34 GMT
server: nginx
etag: W/"6324794e-6481f"
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 stripes_3_b.png
gaigrodno.by/wp-content/themes/gaigrodno/images/stripes/ 974 B
1 KB 78ms
78ms Image
image/png 185.66.68.16
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gaigrodno.by/wp-content/themes/gaigrodno/images/stripes/stripes_3_b.png
Requested by: Host: gaigrodno.by
URL: https://gaigrodno.by/wp-content/cache/wpfc-minified/kz6818hs/60snz.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.66.68.16 Rechytsa, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: 30cb91834555c22273bd8f0d521bebaff6020b2e54bae4ccfc199f4a1daaf2eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/wp-content/cache/wpfc-minified/kz6818hs/60snz.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:22 GMT
last-modified: Mon, 14 Oct 2019 09:07:42 GMT
server: nginx
etag: "5da43ade-3ce"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 974
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 aci.js Show response
www.acint.net/ 22 KB
7 KB 195ms
48ms Script
application/x-javascript 193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/aci.js
Requested by: Host: gaigrodno.by
URL: https://gaigrodno.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: a05569a6a6ec13c9bda09ebf2f691f6d5a4f251878c58807472321018428fb33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:22 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 07:14:50 GMT
server: openresty
etag: "6281f9ea-1d25"
content-type: application/x-javascript
cache-control: max-age=43200
content-length: 7461
expires: Tue, 25 Oct 2022 14:03:22 GMT

GET
H2 200 mfn-icons.woff
gaigrodno.by/wp-content/themes/gaigrodno/fonts/ 79 KB
80 KB 66ms
66ms Font
font/woff 185.66.68.16
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://gaigrodno.by/wp-content/themes/gaigrodno/fonts/mfn-icons.woff?23791288
Requested by: Host: gaigrodno.by
URL: https://gaigrodno.by/wp-content/cache/wpfc-minified/kz6818hs/60snz.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.66.68.16 Rechytsa, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: 2a84501edf89d90c0baa41cd95dcc0528f6d63cc996929dabeb3f54a5d6b06e4

Request headers

Referer: https://gaigrodno.by/wp-content/cache/wpfc-minified/kz6818hs/60snz.css
Origin: https://gaigrodno.by
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:22 GMT
last-modified: Mon, 14 Oct 2019 09:07:41 GMT
server: nginx
etag: "5da43add-13d28"
content-type: font/woff
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 81192
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 add.png
gaigrodno.by/wp-content/themes/gaigrodno-child/images/ 3 KB
3 KB 63ms
63ms Image
image/png 185.66.68.16
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gaigrodno.by/wp-content/themes/gaigrodno-child/images/add.png
Requested by: Host: gaigrodno.by
URL: https://gaigrodno.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.66.68.16 Rechytsa, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: 13307d38583c07263f98c886b394ce3c1fae47bef396203ea85875051de38b83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:22 GMT
last-modified: Wed, 02 Dec 2020 06:31:57 GMT
server: nginx
etag: "5fc734dd-ae8"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 2792
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/ 353 KB
116 KB 71ms
70ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8917830189100721&plah=gaigrodno.by&bust=31070437

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8abba85b96a8140c8f29f963d929a3fc5955453fc2fc6993e354b2f7f3788c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118751
x-xss-protection: 0
server: cafe
etag: 14708041484371748364
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 25 Oct 2022 02:03:22 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221020/r20190131/ Frame 0FFF 10 KB
5 KB 131ms
38ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221020/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gaigrodno.by/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 36802
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 24 Oct 2022 15:50:00 GMT
etag: 9671129459699598864
expires: Mon, 07 Nov 2022 15:50:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 full-12d3b6ea37df4ec19ca51b92a0651e126f59c33e.js Show response
yastatic.net/s3/front-maps-static/maps-front-jsapi-v2-1/2.1.79-43/build/release/ 3 MB
676 KB 47ms
40ms Script
application/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/s3/front-maps-static/maps-front-jsapi-v2-1/2.1.79-43/build/release/full-12d3b6ea37df4ec19ca51b92a0651e126f59c33e.js

Requested by

Host: api-maps.yandex.ru
URL: https://api-maps.yandex.ru/2.1/?lang=ru_RU&apikey=7f59ec6f-533c-4526-a819-b1d1a58daaa8

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

147d977bfa3aa2f98091f9ed2cf7ee42a96131c1f742dd1bdad6e46c69b1c1e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:22 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
last-modified: Tue, 04 Oct 2022 10:45:39 GMT
server: nginx/1.17.9
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
etag: W/"96bcd9e39ca569a8c8c0482bcfc0f578"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31556952
x-nginx-request-id: b82820f22987d5c4
timing-allow-origin: *
expires: Wed, 25 Oct 2023 07:52:32 GMT

GET
H2 200 context.js Show response
an.yandex.ru/system/ 392 KB
106 KB 168ms
58ms Script
text/javascript 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/system/context.js

Requested by

Host: gaigrodno.by
URL: https://gaigrodno.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

9352f0ffab0e36612dadbf3f71d6e652d88cf6fe803b51542cd28be4c4d687ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-yandex-req-id: 1666663402823586-107202792088223967800126-production-app-host-vla-pcode-441
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Tue, 25 Oct 2022 03:03:22 GMT

GET
H2

200

/ Show response
www.acint.net/mc/ Frame CA64
Redirect Chain

https://www.acint.net/mc/?dp=10
https://www.acint.net/mc/?dp=10&tc=1

4 KB
5 KB

52ms
52ms

Document
text/html

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/mc/?dp=10&tc=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/aci.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: e8d785fea354e6c26f6f898a333b8e22550121a9c2987d7af122368ce2d0c64a

Request headers

Referer: https://gaigrodno.by/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Tue, 25 Oct 2022 02:03:22 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
server: openresty

Redirect headers

content-length: 154
content-type: text/html
date: Tue, 25 Oct 2022 02:03:22 GMT
location: /mc/?dp=10&tc=1
server: openresty

GET
H2 200 /
www.acint.net/hit/ 43 B
341 B 50ms
49ms Image
image/gif 193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/hit/?v=0.4.0&uid=8e08a020-56b4-42f3-bfbd-a2eb787393f0&dp=10&tz=%2B00%3A00&nc=91328378&u=https%3A%2F%2Fgaigrodno.by%2F&r=&rs=1600x1200&t=%D0%93%D0%90%D0%98%20%D0%93%D1%80%D0%BE%D0%B4%D0%BD%D0%BE%2C%20%D0%A0%D0%9E%D0%92%D0%94%2C%20%D0%9C%D0%A7%D0%A1%2C%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D0%B0%D1%8F.%20%D0%92%D1%80%D0%B5%D0%BC%D1%8F%20%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D1%8B%2C%20%D1%82%D0%B5%D0%BB%D0%B5%D1%84%D0%BE%D0%BD%D1%8B%2C%20%D0%B0%D0%B4%D1%80%D0%B5%D1%81%D0%B0&oE=1&oP=1&dT=2022-10-25T02%3A03%3A22.697&fu=b2b68b8c-0cc2-4b96-bc94-5f556852f2bf
Requested by: Host: gaigrodno.by
URL: https://gaigrodno.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: image/gif
date: Tue, 25 Oct 2022 02:03:22 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 208 KB
72 KB 195ms
93ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: gaigrodno.by
URL: https://gaigrodno.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

5a6f5d09e9a2fe3c649c80d0172bda7faf99040c8f45c175efede441a729ff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Thu, 20 Oct 2022 12:18:36 GMT
etag: "6351126c-11dd4"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 73172
expires: Tue, 25 Oct 2022 03:03:22 GMT

GET
H2 200 css
fonts.googleapis.com/ 21 KB
2 KB 137ms
50ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic%7CMontserrat%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic&ver=6.0.2

Requested by

Host: gaigrodno.by
URL: https://gaigrodno.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a7f673b33a591fe07ed6588352e09cfe130dd0804a3267a1e98bf3fe7fc24172

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 25 Oct 2022 02:03:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 25 Oct 2022 02:03:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 25 Oct 2022 02:03:22 GMT

GET
H2

200

match
ads.betweendigital.com/ Frame CA64
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007FEA4357631F00C49F02371FD5
https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007FEA4357631F00C49F02371FD5&crf=1

68 B
607 B

12ms
12ms

Image
image/png

188.42.196.115
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007FEA4357631F00C49F02371FD5&crf=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

location: /match?bidder_id=73&external_user_id=0100007FEA4357631F00C49F02371FD5&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

match
acint.net/ Frame CA64
Redirect Chain

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
https://acint.net/match?dp=14&euid=A9B803C1EA4357631C002346020F9450

43 B
269 B

57ms
50ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=14&euid=A9B803C1EA4357631C002346020F9450
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:23 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Tue, 25 Oct 2022 02:03:22 GMT
Server: openresty
Access-Control-Allow-Methods: GET
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Location: https://acint.net/match?dp=14&euid=A9B803C1EA4357631C002346020F9450
Content-Type: text/html
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 142
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

match
acint.net/ Frame CA64
Redirect Chain

https://px.adhigh.net/p/cm/sape?u=0100007FEA4357631F00C49F02371FD5
https://px.adhigh.net/p/cm/sape?u=0100007FEA4357631F00C49F02371FD5&bounced=1
https://acint.net/match?dp=17&euid=u5IeMGgf3iGO.AikABlGEDOFOmQ

43 B
269 B

51ms
50ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=17&euid=u5IeMGgf3iGO.AikABlGEDOFOmQ
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:23 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:23 GMT
server: nginx
x-backend-id: f17-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
location: https://acint.net/match?dp=17&euid=u5IeMGgf3iGO.AikABlGEDOFOmQ
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK cm.gif
ad.mail.ru/ Frame CA64 43 B
764 B 160ms
51ms Image
image/gif 2a00:1148:db00::17
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mail.ru/cm.gif?p=48&id=0100007FEA4357631F00C49F02371FD5
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 02:03:22 GMT
Last-Modified: Tue, 25 Oct 2022 02:03:22 GMT
Server: nginx
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Embedder-Policy: require-corp
Content-Type: image/gif
Cache-Control: max-age=21600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
Expires: Tue, 25 Oct 2022 08:03:22 GMT

GET
H/1.1

200
OK

sync.cgi
ssp.adriver.ru/cgi-bin/ Frame CA64
Redirect Chain

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-6352052381
https://www.acint.net/rmatch?dp=45&euid=AbAvsIE6HAhXym1RBCy3kMw&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FEA4357631F00C49F02371FD5

42 B
201 B

60ms
60ms

Image
image/gif

195.209.111.13
ADRIVER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FEA4357631F00C49F02371FD5
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Server: 195.209.111.13 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 02:03:23 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

date: Tue, 25 Oct 2022 02:03:23 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FEA4357631F00C49F02371FD5
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 154
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 204 sync
a.utraff.com/ Frame CA64 0
790 B 70ms
25ms Image
text/plain 2606:4700:3033::ac43:d997
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.utraff.com/sync?ssp=sape
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:d997 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RzNs3BFN6nMnNVZwlh%2B2qJGqWOxIZJr%2FD2PkRzybRsgL56AOYpRhNUufAu%2FUb7MAOLcU0oObzy%2Fwjb9832AMqZEs1q8y4LRP9tCmQmoAL1i3CbXhRpJ3oZQeTeWNk0q2XU7ylP6Jhd9IHcs%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cf-ray: 75f7601c0d1591dd-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 match
sync.republer.com/ Frame CA64 0
68 B 190ms
9ms Image
text/plain 23.88.82.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.republer.com/match?dsp=sape

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.88.82.46 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.46.82.88.23.clients.your-server.de

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:23 GMT
strict-transport-security: max-age=0
server: nginx

GET
H2 204 match
dm-eu.hybrid.ai/ Frame CA64 0
239 B 59ms
15ms Image
text/plain 37.18.103.16
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm-eu.hybrid.ai/match?id=106&vid=0100007FEA4357631F00C49F02371FD5

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.103.16 , Netherlands, ASN205675 (HYBRID-AS, DE),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:22 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 530
x-xss-protection: 1; mode=block
expires: -1

GET
H/1.1 200
OK adcm.js Show response
tag.digitaltarget.ru/ Frame CA64 3 KB
3 KB 210ms
44ms Script
application/javascript 185.15.175.159
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/adcm.js
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.15.175.159 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 02:03:23 GMT
Last-Modified: Tue, 25 Oct 2022 01:34:32 GMT
Server: nginx
ETag: "63573d28-beb"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3051

GET
H2 204 sape
sync.dmp.otm-r.com/match/ Frame CA64 0
70 B 57ms
11ms Image
text/plain 88.99.28.61
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/sape?id=0100007FEA4357631F00C49F02371FD5
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.99.28.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.61.28.99.88.clients.your-server.de
Software: nginx/1.17.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 25 Oct 2022 02:03:22 GMT
server: nginx/1.17.10

GET
H2

200

match
www.acint.net/ Frame CA64
Redirect Chain

https://sync.upravel.com/sape/sync
https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
https://633e9e86-c8ef-4786-835a-354a6cadc27e.sync.upravel.com/sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19
https://www.acint.net/match?dp=71&euid=633e9e86-c8ef-4786-835a-354a6cadc27e

43 B
269 B

49ms
48ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=71&euid=633e9e86-c8ef-4786-835a-354a6cadc27e
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:23 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

date: Tue, 25 Oct 2022 02:03:23 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://www.acint.net/match?dp=71&euid=633e9e86-c8ef-4786-835a-354a6cadc27e
access-control-allow-origin: *
content-type: image/png
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 0

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame CA64 170 B
502 B 142ms
47ms Image
image/png 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAf-pDV2MfAMSfAjcf1Q

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
adlmerge.com/merge_gpsid/ Frame CA64
Redirect Chain

https://stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007FEA4357631F00C49F02371FD5
https://adlmerge.com/merge_gpsid/?sid=50&id=0100007FEA4357631F00C49F02371FD5

43 B
115 B

67ms
16ms

Image
image/gif

95.211.66.35
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adlmerge.com/merge_gpsid/?sid=50&id=0100007FEA4357631F00C49F02371FD5
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 95.211.66.35 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:23 GMT
iseu: eu
server: nginx/1.16.0
content-type: image/gif

Redirect headers

location: //adlmerge.com/merge_gpsid/?sid=50&id=0100007FEA4357631F00C49F02371FD5
date: Tue, 25 Oct 2022 01:50:15 GMT
server: nginx
content-length: 0

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame CA64 42 B
201 B 249ms
59ms Image
image/gif 195.209.111.13
ADRIVER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=0100007FEA4357631F00C49F02371FD5
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.209.111.13 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 02:03:23 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2

200

match
www.acint.net/ Frame CA64
Redirect Chain

https://ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
https://www.acint.net/match?dp=95&euid=DUWHNXSU

43 B
269 B

50ms
49ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=95&euid=DUWHNXSU
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:23 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/match?dp=95&euid=DUWHNXSU
Date: Tue, 25 Oct 2022 02:03:23 GMT
Server: nginx/1.16.1
Connection: keep-alive
Transfer-Encoding: chunked

GET
H2

200

pixel.gif
sync.1dmp.io/ Frame CA64
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FEA4357631F00C49F02371FD5
https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FEA4357631F00C49F02371FD5&cs=1

35 B
378 B

35ms
34ms

Image
image/gif

95.216.101.186
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FEA4357631F00C49F02371FD5&cs=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 95.216.101.186 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.186.101.216.95.clients.your-server.de
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: image/gif
date: Tue, 25 Oct 2022 02:03:23 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 35
expires: 0

Redirect headers

location: /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007FEA4357631F00C49F02371FD5&cs=1
date: Tue, 25 Oct 2022 02:03:23 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0

GET
H2

200

match
www.acint.net/ Frame CA64
Redirect Chain

https://sape-sync.rutarget.ru/sync
https://www.acint.net/match?dp=104&euid=wS7b9kBErji4

43 B
269 B

55ms
54ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=104&euid=wS7b9kBErji4
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:23 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/match?dp=104&euid=wS7b9kBErji4
Date: Tue, 25 Oct 2022 02:03:23 GMT
Server: nginx
Connection: close
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2

200

match
acint.net/ Frame CA64
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
https://acint.net/match?dp=107&euid=8885e063-da3f-522a-8b80-9829e8d7dbc3

43 B
269 B

50ms
50ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=107&euid=8885e063-da3f-522a-8b80-9829e8d7dbc3
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:23 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://acint.net/match?dp=107&euid=8885e063-da3f-522a-8b80-9829e8d7dbc3
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

match
acint.net/ Frame CA64
Redirect Chain

https://ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
https://acint.net/match?dp=110&euid=c69c16d6a75645e881d236bf06798369

43 B
269 B

51ms
51ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=110&euid=c69c16d6a75645e881d236bf06798369
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:23 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://acint.net/match?dp=110&euid=c69c16d6a75645e881d236bf06798369
date: Tue, 25 Oct 2022 02:03:23 GMT
server: Microsoft-IIS/10.0

GET
H2

200

match
www.acint.net/ Frame CA64
Redirect Chain

https://0100007fea4357631f00c49f02371fd5-sp.ops.beeline.ru/p?ssp=sp&id=0100007FEA4357631F00C49F02371FD5
https://www.acint.net/match?dp=111&euid=ba264945-fca7-4c00-96a8-27bad07635d3

43 B
269 B

51ms
50ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=111&euid=ba264945-fca7-4c00-96a8-27bad07635d3
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:23 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

date: Tue, 25 Oct 2022 02:03:23 GMT
x-route: http://upstream_cookiesync
server: nginx
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
location: https://www.acint.net/match?dp=111&euid=ba264945-fca7-4c00-96a8-27bad07635d3
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true, true
x-host: 192.168.152.36
access-control-allow-headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

matchspm
ut.rktch.com/ Frame CA64
Redirect Chain

https://ut.rktch.com/matchspm?pi=1000005&pui=0100007FEA4357631F00C49F02371FD5
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=82427814
https://ut.rktch.com/matchspm?pi=1000006&pui=5q/o.zv6WSeZ7WS1W5Fmt.&noredirect

84 B
84 B

43ms
43ms

Image
image/png

89.108.97.2
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ut.rktch.com/matchspm?pi=1000006&pui=5q/o.zv6WSeZ7WS1W5Fmt.&noredirect
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Server: 89.108.97.2 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d50603.reg.regrucolo.ru
Software: nginx/1.22.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 02:03:23 GMT
Server: nginx/1.22.0
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type: image/png
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, Accept, Authorization
Content-Length: 84

Redirect headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:22 GMT
via: 1.1 google
last-modified: Tue, 25 Oct 2022 02:03:23 GMT
server: Weborama Collect Frontend
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://ut.rktch.com/matchspm?pi=1000006&pui=5q/o.zv6WSeZ7WS1W5Fmt.&noredirect
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2

200

match
www.acint.net/ Frame CA64
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=sape&id=0100007FEA4357631F00C49F02371FD5
https://sm.rtb.mts.ru/match/second?ssp=30&exu=0100007FEA4357631F00C49F02371FD5
https://tech.rtb.mts.ru/?dsp_uid=bc2d8ece-4815-4758-8e14-c5adcdf14b25&return_url=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9503528%26dest%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D3...
https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D2%26ssp%3Daidata%26id%3D%24UID
https://sm.rtb.mts.ru/em?next=30&em=2&ssp=aidata&id=zA76L8ZPiqjOxuen3HfzYg
https://www.acint.net/match?dp=125&euid=bc2d8ece-4815-4758-8e14-c5adcdf14b25

43 B
269 B

55ms
53ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=125&euid=bc2d8ece-4815-4758-8e14-c5adcdf14b25
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:24 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Tue, 25 Oct 2022 02:03:24 GMT
Server: nginx
Vary: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Location: https://www.acint.net/match?dp=125&euid=bc2d8ece-4815-4758-8e14-c5adcdf14b25
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

match
www.acint.net/ Frame CA64
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
https://www.acint.net/match?dp=126&euid=60fa5f01-6d07-4124-7250-e3310ffe86d6

43 B
269 B

50ms
49ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=126&euid=60fa5f01-6d07-4124-7250-e3310ffe86d6
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:23 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=126&euid=60fa5f01-6d07-4124-7250-e3310ffe86d6
date: Tue, 25 Oct 2022 02:03:23 GMT
server: nginx
content-length: 115
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2

200

match
www.acint.net/ Frame CA64
Redirect Chain

https://s.uuidksinc.net/match/396/?remote_uid=0100007FEA4357631F00C49F02371FD5
https://www.acint.net/match?dp=127&euid=22cElAP9Gr8QeFpzu6v4

43 B
269 B

50ms
50ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=127&euid=22cElAP9Gr8QeFpzu6v4
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:23 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=127&euid=22cElAP9Gr8QeFpzu6v4
date: Tue, 25 Oct 2022 02:03:23 GMT
server: nginx/1.19.0
content-length: 0

GET
H2

200

match
www.acint.net/ Frame CA64
Redirect Chain

https://ssp.bidvol.com/usersync?dspcsid=8&redirect=1
https://www.acint.net/match?dp=129&euid=jgtg3tm5vr

43 B
269 B

52ms
52ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=129&euid=jgtg3tm5vr
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:23 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:23 GMT
server: nginx/1.22.0
surrogate-control: no-store
vary: Origin
access-control-allow-origin: *
location: https://www.acint.net/match?dp=129&euid=jgtg3tm5vr
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
x-request-id: e10a1c3a-d410-4e57-bbfa-34a24f27b000
expires: 0

GET
H/1.1 204
No Content userbind
match.new-programmatic.com/ Frame CA64 0
215 B 217ms
47ms Image
text/plain 217.65.2.150
CITYTELECOM-AS Fi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.new-programmatic.com/userbind?src=sape&id=0100007FEA4357631F00C49F02371FD5
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.65.2.150 , Russian Federation, ASN29076 (CITYTELECOM-AS Filanco LTD, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 25 Oct 2022 02:03:23 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 0
Vary: Origin

GET
H2 204 0100007FEA4357631F00C49F02371FD5
fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/ Frame CA64 0
190 B 156ms
43ms Image
text/plain 93.95.102.105
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0100007FEA4357631F00C49F02371FD5
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.95.102.105 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

server: nginx
date: Tue, 25 Oct 2022 02:03:23 GMT
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"

GET
H2

204

0.gif
x01.aidata.io/ Frame CA64
Redirect Chain

https://x01.aidata.io/0.gif?pid=9401454&id=0100007FEA4357631F00C49F02371FD5
https://x01.aidata.io/0.gif?pid=9401454&id=0100007FEA4357631F00C49F02371FD5&bounce=1
https://counter.yadro.ru/id-redir/aidata.gif?back=STOP
https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP

0
433 B

46ms
46ms

Image
text/plain

89.108.119.28
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 89.108.119.28 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51802.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:24 GMT
last-modified: Tue, 25 Oct 2022 02:03:23 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires: Tue, 25 Oct 2022 02:03:23 GMT

Redirect headers

Location: https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP
Date: Tue, 25 Oct 2022 02:03:24 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Connection: keep-alive
Content-Length: 242
Content-Type: text/html; charset=iso-8859-1

GET sape
dmp.gotechnology.io/match/ Frame CA64 0
0

GET
H/1.1

200
OK

/
sync.bumlam.com/ Frame CA64
Redirect Chain

https://sync.bumlam.com/?src=sap1&uid=0100007FEA4357631F00C49F02371FD5
https://sync.bumlam.com/?src=sap1&s_data=CAIQARjrh92aBmIgMDEwMDAwN0ZFQTQzNTc2MzFGMDBDNDlGMDIzNzFGRDWiARA01cWsVAkR7Y8KACWQyCQ3

0
523 B

7ms
7ms

Image
text/html

31.172.81.158
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=sap1&s_data=CAIQARjrh92aBmIgMDEwMDAwN0ZFQTQzNTc2MzFGMDBDNDlGMDIzNzFGRDWiARA01cWsVAkR7Y8KACWQyCQ3
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Server: 31.172.81.158 Frankfurt am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: text/html; charset=utf-8
Date: Tue, 25 Oct 2022 02:03:23 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date: Tue, 25 Oct 2022 02:03:23 GMT
Server: nginx
ETag: 34d5c5ac-5409-11ed-8f0a-002590c82437
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sap1&s_data=CAIQARjrh92aBmIgMDEwMDAwN0ZFQTQzNTc2MzFGMDBDNDlGMDIzNzFGRDWiARA01cWsVAkR7Y8KACWQyCQ3
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0

GET
H2

200

0100007FEA4357631F00C49F02371FD5
an.yandex.ru/mapuid/sapeis/ Frame CA64
Redirect Chain

https://an.yandex.ru/mapuid/sapeis/0100007FEA4357631F00C49F02371FD5
https://an.yandex.ru/mapuid/sapeis/0100007FEA4357631F00C49F02371FD5?redir-setuniq=1

43 B
171 B

50ms
49ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/sapeis/0100007FEA4357631F00C49F02371FD5?redir-setuniq=1

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:23 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Oct 2022 02:03:23 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 25 Oct 2022 02:03:23 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Oct 2022 02:03:22 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/mapuid/sapeis/0100007FEA4357631F00C49F02371FD5?redir-setuniq=1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 25 Oct 2022 02:03:22 GMT

GET
H/1.1 200
OK cm
nr.bidderstack.com/sape/ Frame CA64 44 B
351 B 58ms
22ms Image
image/gif 46.4.70.80
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nr.bidderstack.com/sape/cm?user_id=0100007FEA4357631F00C49F02371FD5
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.4.70.80 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.80.70.4.46.clients.your-server.de
Software: nginx /
Resource Hash: 82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 02:03:23 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 44
Content-Type: image/gif

GET
H2 200 match.gif
mediatoday.ru/core/ Frame CA64 43 B
368 B 160ms
53ms Image
image/gif 139.45.228.111
RETNNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mediatoday.ru/core/match.gif?s=32&id=0100007FEA4357631F00C49F02371FD5
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 139.45.228.111 , Russian Federation, ASN29470 (RETNNET-AS, RU),
Reverse DNS: serv21.mt.viaprog.eu
Software: nginx/1.22.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:23 GMT
server: nginx/1.22.0
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
content-type: image/gif
cache-control: no-cache, max-age=0, must-revalidate, no-store
content-length: 43
expires: Thursday, 01-Jan-1970 00:00:00 GMT

GET
H2

200

match
www.acint.net/ Frame CA64
Redirect Chain

https://cs.agency2.ru/p?ssp=sp&uid=0100007FEA4357631F00C49F02371FD5
https://www.acint.net/match?dp=186&euid=8f2b0885-5225-495b-9d09-be379ccaae22

43 B
269 B

49ms
48ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=186&euid=8f2b0885-5225-495b-9d09-be379ccaae22
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:23 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Tue, 25 Oct 2022 02:03:23 GMT
Server: fasthttp
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Location: https://www.acint.net/match?dp=186&euid=8f2b0885-5225-495b-9d09-be379ccaae22
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
X-Host: 23.111.107.44
Connection: keep-alive
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK user-sync
sync.adkernel.com/ Frame CA64 0
109 B 56ms
15ms Image
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 02:03:23 GMT
Server: nginx
Connection: close
Content-Length: 0

GET frame.html
s3.advarkads.com/modules/match/ Frame F1FC 0
0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
694 B 125ms
44ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=gaigrodno.by&callback=_gfp_s_&client=ca-pub-8917830189100721&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8917830189100721&plah=gaigrodno.by&bust=31070437

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3de63fc0f306613db61a6f9dcef90fe0a20f8565dccd1315a87c5119b62c1b22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 250
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 132ms
47ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=gaigrodno.by

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 129ms
46ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=gaigrodno.by

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0485 255 KB
66 KB 523ms
444ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8917830189100721&output=html&adk=1812271804&adf=3025194257&lmt=1666663402&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgaigrodno.by%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666663402657&bpp=4&bdt=360&idt=197&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2158227745114&frm=20&pv=2&ga_vid=2026135132.1666663403&ga_sid=1666663403&ga_hid=841718453&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44767166%2C31070424%2C31070437%2C44775017&oid=2&pvsid=1926627249984921&tmod=974565083&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=220

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b52f4dd8d8f362f8d986ab8bd53ec6238804d32421b41c4daa4c21ec3a39318d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gaigrodno.by/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 67828
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 02:03:23 GMT
expires: Tue, 25 Oct 2022 02:03:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 120ms
35ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic%7CMontserrat%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic&ver=6.0.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gaigrodno.by
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 13:14:53 GMT
x-content-type-options: nosniff
age: 305310
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Oct 2023 13:14:53 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 173ms
90ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gaigrodno.by
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 05:09:29 GMT
x-content-type-options: nosniff
age: 334434
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Oct 2023 05:09:29 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
10 KB 194ms
112ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gaigrodno.by
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 20:29:43 GMT
x-content-type-options: nosniff
age: 20020
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9644
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 20:29:43 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
30 KB 126ms
44ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gaigrodno.by
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 01:41:22 GMT
x-content-type-options: nosniff
age: 346921
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Oct 2023 01:41:22 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
fonts.gstatic.com/s/montserrat/v25/ 21 KB
21 KB 178ms
99ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8447cdec51e85d9e93971a0d4a53bcf6085d70bf1d201662837d2fb953422c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gaigrodno.by
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 19:04:03 GMT
x-content-type-options: nosniff
age: 111560
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21276
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:01:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 23 Oct 2023 19:04:03 GMT

GET
H2 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
17 KB 193ms
117ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gaigrodno.by
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 11:25:53 GMT
x-content-type-options: nosniff
age: 52650
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17368
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 11:25:53 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
9 KB 196ms
127ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gaigrodno.by
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 21:51:35 GMT
x-content-type-options: nosniff
age: 15108
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9628
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 21:51:35 GMT

GET
H2 200 3521127290410543dbe9.js Show response
yastatic.net/partner-code-bundles/669867/ 13 KB
5 KB 147ms
76ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/669867/3521127290410543dbe9.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

bac87240d43f2059419ce7f7fdc63e99966069af39def1f6bcbc59eed1f69cfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://gaigrodno.by/
Origin: https://gaigrodno.by
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:23 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4579
last-modified: Fri, 21 Oct 2022 10:34:31 GMT
server: nginx/1.17.9
etag: "2608153af020534eac1710bcf8245ae2"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 24 Oct 2052 08:38:13 GMT

GET
H2 200 329e6f52252a69a23815.js Show response
yastatic.net/partner-code-bundles/669867/ 86 KB
19 KB 162ms
92ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/669867/329e6f52252a69a23815.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

ec440fc50e56a83bca07e825b111c7cc5908db7e796a1633ee4fbd0ab2483733

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://gaigrodno.by/
Origin: https://gaigrodno.by
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:23 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 19039
last-modified: Fri, 21 Oct 2022 10:34:31 GMT
server: nginx/1.17.9
etag: "dcb92f2a535b41705f083365d1ab40c3"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 24 Oct 2052 08:38:13 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 183ms
114ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://gaigrodno.by/
Origin: https://gaigrodno.by
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:23 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 24 Oct 2052 08:39:03 GMT

GET
H2 200 text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ 25 KB
26 KB 121ms
62ms Font
font/woff2 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://gaigrodno.by/
Origin: https://gaigrodno.by
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:23 GMT
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 26004
x-amz-meta-owner: {"role":"admin","login":"4eb0da"}
last-modified: Mon, 25 Apr 2022 14:02:39 GMT
server: nginx/1.17.9
etag: "7f0cdaf91230f9789ca4162aedff612e"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31556952
x-nginx-request-id: 70d2a3acd786f428
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 07:49:19 GMT

GET
H2 200 569838 Show response
an.yandex.ru/meta/ 135 KB
42 KB 199ms
195ms XHR
application/json 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/meta/569838?target-ref=https%3A%2F%2Fgaigrodno.by%2F&charset=utf-8&pcode-test-ids=657518%2C0%2C78%3B668182%2C0%2C32%3B668219%2C0%2C74%3B665267%2C0%2C53%3B667332%2C0%2C55%3B670022%2C0%2C5%3B669812%2C0%2C6%3B667894%2C0%2C13%3B661220%2C0%2C16%3B665252%2C0%2C70%3B662616%2C0%2C25%3B669867%2C0%2C25%3B204301%2C0%2C27&pcode-flags-map=eJytV21v2zYQ%2FiuDPhed3khJ%2FUZJlE1EEjWSsuMWBeG2XhYgSYfULdoF%2Fe87SrItKQm9bAP8QRb0HI9399w99%2BCwRc0F1RWTkuY6J4rohghSSV1woVcsp1yzWme8Srnz5t2D821783XnvHF23%2F90Xjn73Zc9%2BwR%2FUeKGCDk%2F379yVkRqQX9rqVR6VZFGF4JXmuRygleipWMD2Iv82O0M0JqkJZ0dDg8Fq5mi4F92IZdc6TVTS94qTcB3JW3eYYRwHLzY%2BP9hmZSlbgTP20zJx8e8zDQFky%2FMy8iIyQvJdSYoUWxFdU4VzRTjtT4UAc0Z0QUr6ZlUoSjE3tEmvWx0TddaXoBDkA%2Bp4ATwk12et4OipLNTcXAInCtJSkutuB4M2692hJuvW0lPbsDPEiOLI8YSJGZ9csbEG6ykpK6psJvBQRBGJzOqrwcqJAR5gsQ4CSN%2Fik1it8e2NSs5yanojibVJAj7%2B6%2B7ESz04yDpWWPuL2Xn6wwzD9wIBLeUlELaUknFana%2F3d32w81uggywn%2FReQnqha9R6SdliqXSt7EeGKEj6ksl4WyuT4sulsELiKPbDDrIhdU4vtWh1zivCamsjciM%2FwEcXU8Ev4H7gnl4IlluRXoRi%2FOSBOmdQ1Sy1wn3Pxb2%2Fb2nt66IF5q9ZDm2EVWRBrdjQC4fm12HhuK52Ui5MHQiSs1b%2B8g8tbIjxu3cY2s%2BabKwdDIVBNKQmLxro3LLhNdSSYhUFNk%2Bgvuu6U2zoBv2dm4znFLgG0Nra1lCIwMxQfQWHKFNT7ofzzrEejoyAOo%2FgrDCUXRveQUH%2FGwsHB1akbCfZCtyn0SUlotaVaZ0rIhiZ3XvCb4Rcd4gyzFdpmi2M2mOwqRDA9ZIvxhbQBB%2B7YR%2B1RjAumNrodANNjq4bLuwBxxEe6G4%2B1zVXLKMwjKqFFRb5gOtgUjY6I9mSGg91Q0U2y7HnTkIUIS%2FpqwI6WDagZhSYNTIUxz7qw3oo%2FpwJmE86k9Y2gRIvike0YxJchWiCLMiMm9J2aBIgz5tgO6rKo7RoSJ6zemE3EqIhM11rA76qTUN1YPca2hsa1WAlMkimZCkrIbX245IIP4vUMM6zkmUXZ04%2F2KjaUrF%2BtmkYPAUDFcjMJQqS2VtWEvtRNPJjMNKPXWjvwKimJJsUlI5pC0rwspwPmNlAd%2F0w6GtgIUjq278FHrqnb7Vkbyf%2BIs93bd8%2F0d489AziUBxL2o1lQXMqQTNZ%2FfOQj3u0ESWCFsD1pWECy%2By4OBimCAStYKIyNBe0PuiBRtDUPscwDCLfm1AJtIGAuoa5CySGfJjZJEEIwmQEbtv9Sbxw4PIJRJrGXGUB1LCDfS9BE0%2BWTHXXGBmDYF4obvciiHx%2FIoWzphr06lHPSnujwEESTBeMrMn%2Bs42Z2s9pQYBRLxT6IXIxnoRJVkQoDTtUS43xc0lCGOM%2BziV5u9HdOOsG8hj14Py%2B23%2F8o9reX13fDdV%2B%2B%2FnD9c1OftzeXN9dOW%2F8nxNJitxB7I3dMXI%2FLQ2rS9AY4wPeObfb65vX91%2FBtx%2Fbu0%2B77%2FD86%2FXt9mr3ZfLqanvbvfn01%2B6u%2F3z77Xr%2FuX%2B8fX388%2F4Zb3JdkUsN01c%2BNYycYKJRMI69uO8qoMYWVNnB%2FhwMJTxan8xWsDGToWPnoltVzI47LLxn9gPoCaf94JBrM5TJ0L1Bd%2Bp8TUE5KgEhBn6Bvpim0Rma6dRyFAQHSSPzi7mSx5Hr%2BtN9o3%2FT9ZklqRe0i8og5ouSm80jP7uBwdLi%2BY9nAKvNtDexeekEwFE8KIenDA6cO2x5E0sf9zfPWDKxVksBO92MrL3oMvtvDZqPwSpUniEqNDTfnfYzWFzFM5Pbud9%2FmOd%2F0DhC6H4sqBYkJCmMaujGdudpu1ieKSQfe%2Fgkux%2BlG%2FIChTbLVFd6P%2F8GsWs%2FjA%3D%3D&pcode-icookie=TRgc0QSw5dx89Hg63%2FD1oc08KLr1CZLVs68G4PohADZa5DKSVjFYiazK0j5SO6TgXQ1uKcpJjpGAX0re9txUZghyNOk%3D&imp-id=2&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=94008244174850&ad-session-id=605061666663403066&target-id=58406451&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fgaigrodno.by&top-ancestor-undetermined=0&pcode-version=669867&pcodever=669867&flash-ver=0&available-width=1038&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.2%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1039%2C%22h%22%3A0%2C%22width%22%3A1039%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A281%2C%22top%22%3A757%2C%22fontFamily%22%3A%22ys%22%2C%22ad_no%22%3A0%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A0%7D&grab-orig-len=2888&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxMzh9ChKmJI0ku-dBGNbpoKhOHEkv9CjozzyUm5u0drqaNtw2sjyq8Vo_S29vaTyztCzp-WeexUexo0TBmnnYp0LuIAAQNWma2PIye-Z5o6dpASICMFgichu8RtiA6w2eQ9Y4DbdxGwd1bzAbrEbQ4B4SdgOywTgAt0kb_8zxDpQ0qUNE2xvBKYsbzyHqh5Y2qI3jkDgIUHeH5B9-EzuIzoa773PhLhuHtEkhpGEvm8VwG7ANFntbWdf_I2xw_oQ3D8IGWD8c7lmC2GA0wg6oqDfoh4BzINBnDWwDfJ74h9gn8HP_dIE79LKH-TuEDaiDANYh1CpdRaTRKpMs1Wjd2I0SDUBQd62hrtEqEjfrYaZIkBnTxFP5sdyNg9DYVUHoJqGLzPjudyfHIf05oWk4nEN8dxPtkB--Cb_0686W9z_CJtzfdIj5djkNcj1P-jviJlgK5mWdCUQ8bASVGuct8L9qxrJUGXUfSCg_yZv7eFvUDyZsAoBbSaNBozXUNKqDlLyroszzkBmVgSLp8owyyd1EIY8yN8nThCqTRe68Km-c5sh1L1QU-LlK5rmBonsueZTkXnzKSVfLXDcI2fSijDyQuTmVLIpyijh1lT2mysEMTvUA6sBPEz9XxmnSwyAvOc3lWZrGIWXfRx4FSJLuZuqv9xNPHoRe_P_OcGozR6zqijiMFVkUe25euT9srEJKnrvqfKbqmbpu9mTqQkkduMpc9YVnokhCWR7FYZKrkyigyJHr5xvkme8HFF4B_3R1nP8Ddfxx90I5X__eTuNFu7a8d8pc4edRVFt38zqlzVFGXpbs25W9etuhzHU0qGiMGm0aIynwSn3A7TQamUG3cNl79k2fSKYIexAmTA83kFOrM586SqjcP5PMp4oR2-uyL6TRaD15FhYYfSusNVg4iocz_catmb6MFtbmYWZqMaeMFhWzRpV9afs2vF-DXTS7_Jshago_k8unmGF2Hllk4arhrXipzhHFFt48vkt3NmTukssf5xniIAwU5NZHoAYrUbm56p5KGfgWbmXm5SplHKV-Em58LbdxqmDX1WpF2S1v31G8I1tZEdomGQuWBGeNe_POGYNI5hA7oK3xXcuIBT2YazDXxN7QrRWVVrvsEDUeFvTwreaJ08SMbAyy62zDlKFmGDuYHQEGlrubg-DuZqfMHDA2U-9pv4L3qCn9QCZn4jwVn9w2usx-SBe-k7BAt23TuOnzQR1lt9NGjQ48Wr2OVqfX6SwTKFFuXRt0B6QrdL6DYHU_zo2K8H9ere6yZi69XR-IWYk_-lw0GngVeJN0B_TV8Nff8PtVO2_yhMABY7QyzyG-Hh6eB90GNXc50XFE4jL2p1tFKRytCLJD0r8Db3XJSvWkB4faxH215OfDq9qnj6KC4hBjfET9R0SF3Yi_IBqNJX3N-dWLd3LYqwk-1E5xvtfqlSUe8KnmeV-xdUP-Z-i3kqsErjN4p8c_V3EidJ4EiJ36HiRdeVrcX0_cEaRXKoePrrsIHstk6ws1Yai3g7X6eCOJSqfIwpWkDxNhNCIglc3NZzVdnCb4BskhQJo4IBlRcnM8gfvqOmBAgOGpUWI9NQjTFneDZHLRJ3zxvmqCF3dEPvj_CzvtJUBYDqKLjmuNIDdub1DHziOauMSb2F3rAfrm7XTHad71o3XVm_CNQG9wAGDGG81goRksNIOFZrDQDBaawQIwGizmP5tsvtCVpKo3EUxpTH-diYyKBUnVCmMg1_YCkA_uL1UQuCY8-sKeLkEU09vqNTbZ0Yz3zoJniz_NhIWeIHYp4pQycXvFcc0Xny2v399XotCsE0GdBIPK0tKDifloXmvC7U89CkuFhjqo2GH6mYrSoI0xFowJ4oya5exuDqQXQcThRyXZkB2E1dXXJK7Xjy4cd197eZ67_Fk-Bou9rO6MM-oLt3rOXOPZhIYDIdOJ4lIDA0YyDnOcm60pCgZVBS84Wa_IJ5Yy5JkOvg5j3WB_N7TF68A03hQjFfyiKKWTf8koB8N6DNchGjUlXrV-479FIFmMF_P9Eo-38eLNuGjDliUlb6hKbrjEYyCle2dbJxvxvWpjacGRYTxDOCFuzdgG-KoknKJyEKBPDqF9RNHg_4pHq610WqNqXPoaaYorLgqsCNYQkzeA3VChDTxrxKey4GJaMmYVzwgaMIMD8OzzR3jcKdbXGU9tLIk-9yffqzvT5hF3RHphd0BhLvQ3L26EZGVcB7QJRf59gJYZ6R990kr41Twm8WViSGJXrlYP4Zr990H2fhlTi_XxmhCcSaFgfgL6bo8_5nlkDSysIDwrmnkxtOI1tSarci-BNfgwcCHlSazE0KAAn5EJMDtQE3WdXo8-eYdR47lWr3iIqSw6PQ34G9-MmkNPAx72D-R0HzYOA-yC_Eo32XVgsio2WpBaMV947OX6qj-oVYGcHKNo7nvfjymVL2JfIXSxC8waqJrkmWHRTBvklUXxhvngtjB3S9vpI7V1y7o4pAp8hVHDsHcsy52BaNTuEs37lnAJqYIt4Vr_kcAq4feW3ybRS7ZutEvgkrKGGjTIcUzSQp4bbX_Ylfe5v5KzATDNsSwij91aJXiXjgupeKNntGW-HBa5bEtcdPWYrx3HNK1dwTmy-wRzfGftQ9jglgs8ixYVMgm7wqmTZA6NkGsN74o1kGnATpIUXJn_yK_RWbAAGES-Grj041MdBSqk1FEcIvUezoNqecBFQTvg6bspfWbUsWowD-pGOV3mFcX-IQlOhlQZZ91FcteXY89mXWKQmVU2m9oxtgxk_snt3QseEjGSREdr37AbcNOFb0elbUPps5S8_AZVApA%3D&uniformat=true&callback=Ya%5B9716808815698%5D

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

cb38385bd5f3e6f769f71e92a9cffee225a9fd934f43aef90eea156b8235b246

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gaigrodno.by/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 25 Oct 2022 02:03:23 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
x-yandex-req-id: 1666663403121921-1393224442355256402500101-production-app-host-sas-pcode-492
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type: Direct
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Tue, 25 Oct 2022 02:03:23 GMT
uniformat: true
content-type: application/json
access-control-allow-origin: https://gaigrodno.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 25 Oct 2022 02:03:23 GMT

GET
H2 200 ca7eb8df2d2c350d6c13.js Show response
yastatic.net/partner-code-bundles/669867/ 468 KB
96 KB 110ms
106ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/669867/ca7eb8df2d2c350d6c13.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

f631727b94c34691ab989c147f47dd2d047c712bbea3000ae08a7405c7865c3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://gaigrodno.by/
Origin: https://gaigrodno.by
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:23 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 97599
last-modified: Fri, 21 Oct 2022 10:34:32 GMT
server: nginx/1.17.9
etag: "e3dd41c78bc5f8e123802f72a1181551"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 24 Oct 2052 08:38:13 GMT

GET
H2 200 grab.cur
api-maps.yandex.ru/2.1.79/build/release/images/cursor/ 326 B
467 B 65ms
64ms Image
application/octet-stream 2a02:6b8::274
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-maps.yandex.ru/2.1.79/build/release/images/cursor/grab.cur
Requested by: Host: gaigrodno.by
URL: https://gaigrodno.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::274 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: 13e327b334d10b2b24101040eecace86aaaa2eed03d282fa75a04aa3bebf69c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:23 GMT
last-modified: Tue, 04 Oct 2022 10:46:13 GMT
etag: "633c0ef5-146"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 326
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 grabbing.cur
api-maps.yandex.ru/2.1.79/build/release/images/cursor/ 326 B
467 B 65ms
64ms Image
application/octet-stream 2a02:6b8::274
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-maps.yandex.ru/2.1.79/build/release/images/cursor/grabbing.cur
Requested by: Host: gaigrodno.by
URL: https://gaigrodno.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::274 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: a0fb89588dc7b711c0ffddb5fa2f6852f670ef1f615985bb65b2ea446cceb79f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:23 GMT
last-modified: Tue, 04 Oct 2022 10:46:13 GMT
etag: "633c0ef5-146"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 326
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 help.cur
api-maps.yandex.ru/2.1.79/build/release/images/cursor/ 326 B
466 B 57ms
56ms Image
application/octet-stream 2a02:6b8::274
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-maps.yandex.ru/2.1.79/build/release/images/cursor/help.cur
Requested by: Host: gaigrodno.by
URL: https://gaigrodno.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::274 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: 128811e08fc761c192794eadb0ca1ece135e0b3a8ea7d897c2f7f9fd5a37281f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:23 GMT
last-modified: Tue, 04 Oct 2022 10:46:13 GMT
etag: "633c0ef5-146"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 326
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 zoom_in.cur
api-maps.yandex.ru/2.1.79/build/release/images/cursor/ 326 B
635 B 56ms
55ms Image
application/octet-stream 2a02:6b8::274
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-maps.yandex.ru/2.1.79/build/release/images/cursor/zoom_in.cur
Requested by: Host: gaigrodno.by
URL: https://gaigrodno.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::274 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: eb69f540be1e416b7346017da48deaf5ba2f2ee0af366c04f1e374351b651872

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:23 GMT
last-modified: Tue, 04 Oct 2022 10:46:13 GMT
etag: "633c0ef5-146"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 326
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9801.6KgAIuT_vQIJ_2AjDEB8AO1UdN_oPxwHpAIlX7LivDyEMkUfbkWiw2o49WpXJBh5.EjCcbmBXHF_oJ2Mn2sHIsUjLgk4%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9801.Tz2jy2-9OeUkIb2lxEgvRa4qWhxBta7afG5pwVIPPlWzym2xGVgjAdtQv-ZCMCR9Oj4-LY1SoeS0SaKVu-hCfS0e0T-76zss1lTMiRGsv60%2C.eJUgB6fRXjGY6lVC1LxEo0XVRQs%2C

43 B
331 B

47ms
47ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9801.Tz2jy2-9OeUkIb2lxEgvRa4qWhxBta7afG5pwVIPPlWzym2xGVgjAdtQv-ZCMCR9Oj4-LY1SoeS0SaKVu-hCfS0e0T-76zss1lTMiRGsv60%2C.eJUgB6fRXjGY6lVC1LxEo0XVRQs%2C

Requested by

Host: gaigrodno.by
URL: https://gaigrodno.by/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:23 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9801.Tz2jy2-9OeUkIb2lxEgvRa4qWhxBta7afG5pwVIPPlWzym2xGVgjAdtQv-ZCMCR9Oj4-LY1SoeS0SaKVu-hCfS0e0T-76zss1lTMiRGsv60%2C.eJUgB6fRXjGY6lVC1LxEo0XVRQs%2C
date: Tue, 25 Oct 2022 02:03:23 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

sync_cookie_image_decide
mc.yandex.by/
Redirect Chain

https://mc.yandex.by/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.by&token=9801.GeM45yCZxjF7eE7ijTvU1FtQ6yfFR8d6GoiIJsE5lqZ6qgl_tjP3Ow2KaATSLfQ-.EnCN0M44G_mnKP1gMZNBGLB-s8I%2C
https://mc.yandex.by/sync_cookie_image_decide?token=9801.g4Ib_hU7GTpJUvTix8YPoRi6yHndr_-yvt74Wup4XMzL_m5CPAWSbvUrWhsIsEUwU49xKD7KhBL48t5ZcoLzwPeBbDjxigFvu0mM6jn0jDo%2C.AZ15PwzKGC5a1kxt4z8lodLMoUs%2C

43 B
330 B

50ms
50ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.by/sync_cookie_image_decide?token=9801.g4Ib_hU7GTpJUvTix8YPoRi6yHndr_-yvt74Wup4XMzL_m5CPAWSbvUrWhsIsEUwU49xKD7KhBL48t5ZcoLzwPeBbDjxigFvu0mM6jn0jDo%2C.AZ15PwzKGC5a1kxt4z8lodLMoUs%2C

Requested by

Host: gaigrodno.by
URL: https://gaigrodno.by/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:23 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.by/sync_cookie_image_decide?token=9801.g4Ib_hU7GTpJUvTix8YPoRi6yHndr_-yvt74Wup4XMzL_m5CPAWSbvUrWhsIsEUwU49xKD7KhBL48t5ZcoLzwPeBbDjxigFvu0mM6jn0jDo%2C.AZ15PwzKGC5a1kxt4z8lodLMoUs%2C
date: Tue, 25 Oct 2022 02:03:23 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 104 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ac301e04134f0a6a5a96b2e9f056107818db1d84226f0cf85d700d196c44ed85

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9cfeddeac6bec7714f140da244af0823eb469e665411fc571451f889a1d7fa94

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 315 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 365e85a31de197b7e074e022301502692aa6f4d56ffca64b505546b986e8ffc0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 data.json Show response
gaigrodno.by/wp-content/themes/gaigrodno-child/ 24 KB
3 KB 90ms
90ms XHR
application/json 185.66.68.16
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://gaigrodno.by/wp-content/themes/gaigrodno-child/data.json
Requested by: Host: yandex.st
URL: https://yandex.st/jquery/2.2.3/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.66.68.16 Rechytsa, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software: nginx /
Resource Hash: de02b6f117fb94584ec242a25fad7f7f49a7b7e1760ee9575a6d31056527d9ee

Request headers

Accept: */*
Referer: https://gaigrodno.by/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:23 GMT
content-encoding: gzip
last-modified: Mon, 14 Oct 2019 09:07:43 GMT
server: nginx
etag: W/"6056-594db334d9793"
content-type: application/json

GET
H2 200 v2 Show response
api-maps.yandex.ru/services/regions/ 32 KB
24 KB 163ms
63ms XHR
application/json 2a02:6b8::274
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://api-maps.yandex.ru/services/regions/v2?lang=ru_BY&quality=3&disputedBorders=RU

Requested by

Host: yastatic.net
URL: https://yastatic.net/s3/front-maps-static/maps-front-jsapi-v2-1/2.1.79-43/build/release/full-12d3b6ea37df4ec19ca51b92a0651e126f59c33e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::274 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

19689736ac997394a478446e2dc2ac08985bde741b634655a96a2158ed8dae18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://gaigrodno.by/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=86400
x-xss-protection: 1; mode=block

GET
H2 200 tiles
core-renderer-tiles.maps.yandex.net/ 12 KB
13 KB 218ms
92ms Image
image/png 2a02:6b8::2b8
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://core-renderer-tiles.maps.yandex.net/tiles?l=map&v=22.10.22-2-b220930144100&x=73&y=41&z=7&scale=1&lang=ru_RU&apikey=7f59ec6f-533c-4526-a819-b1d1a58daaa8&ads=enabled
Requested by: Host: gaigrodno.by
URL: https://gaigrodno.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::2b8 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: 4d1f39f897f063d876a057954557a60c2fcf931ea48aaa5a38b2de2607a9f9bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 25 Oct 2022 02:03:23 GMT
cache-control: max-age=7654321
etag: "cd2df35707477fa574c2145ef90f4533"
content-length: 12526
content-type: image/png

GET
DATA 200
OK truncated
/ 493 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1a5c695d53809f9269b9e90dd3d89ec162acaabddb99d4bb59dcbf69bbf393ea

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 tiles
core-renderer-tiles.maps.yandex.net/ 11 KB
11 KB 248ms
139ms Image
image/png 2a02:6b8::2b8
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://core-renderer-tiles.maps.yandex.net/tiles?l=map&v=22.10.22-2-b220930144100&x=72&y=41&z=7&scale=1&lang=ru_RU&apikey=7f59ec6f-533c-4526-a819-b1d1a58daaa8&ads=enabled
Requested by: Host: gaigrodno.by
URL: https://gaigrodno.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::2b8 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: 767505cc0beaef4a5844d1c05e426e4476b58fa5b250cf98e3aadd521d87f298

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 25 Oct 2022 02:03:23 GMT
cache-control: max-age=7654321
etag: "779c126267bbc35cfd3b664989e6c69d"
content-length: 11241
content-type: image/png

GET
H2 200 tiles
core-renderer-tiles.maps.yandex.net/ 12 KB
13 KB 209ms
101ms Image
image/png 2a02:6b8::2b8
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://core-renderer-tiles.maps.yandex.net/tiles?l=map&v=22.10.22-2-b220930144100&x=74&y=41&z=7&scale=1&lang=ru_RU&apikey=7f59ec6f-533c-4526-a819-b1d1a58daaa8&ads=enabled
Requested by: Host: gaigrodno.by
URL: https://gaigrodno.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::2b8 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: 22d4beb39fdffa90e5a19768afb5538f2d6d2e8378975da0b4c9b980f7ea9f84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 25 Oct 2022 02:03:23 GMT
cache-control: max-age=7654321
etag: "f2bcd9decebc7a3b7c6b448f2c2184e3"
content-length: 12750
content-type: image/png

GET
H2 200 tiles
core-renderer-tiles.maps.yandex.net/ 8 KB
8 KB 246ms
139ms Image
image/png 2a02:6b8::2b8
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://core-renderer-tiles.maps.yandex.net/tiles?l=map&v=22.10.22-2-b220930144100&x=71&y=41&z=7&scale=1&lang=ru_RU&apikey=7f59ec6f-533c-4526-a819-b1d1a58daaa8&ads=enabled
Requested by: Host: gaigrodno.by
URL: https://gaigrodno.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::2b8 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: f3f8e6fea383b4df7fc519e2f0c7bbb2813c649e3864999de2adec67abbf77bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 25 Oct 2022 02:03:23 GMT
cache-control: max-age=7654321
etag: "9c434c02ddddf5c3b566ddee8a99ef63"
content-length: 8123
content-type: image/png

GET
H2 200 tiles
core-renderer-tiles.maps.yandex.net/ 10 KB
10 KB 254ms
147ms Image
image/png 2a02:6b8::2b8
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://core-renderer-tiles.maps.yandex.net/tiles?l=map&v=22.10.22-2-b220930144100&x=75&y=41&z=7&scale=1&lang=ru_RU&apikey=7f59ec6f-533c-4526-a819-b1d1a58daaa8&ads=enabled
Requested by: Host: gaigrodno.by
URL: https://gaigrodno.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::2b8 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: a3de2be3970c42270aac430a10e266d09b31134a130368aff14492915731d705

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 25 Oct 2022 02:03:23 GMT
cache-control: max-age=7654321
etag: "44b928e23de194b0d66c85bec319dac2"
content-length: 10506
content-type: image/png

GET
H2 200 tiles
core-renderer-tiles.maps.yandex.net/ 11 KB
11 KB 255ms
148ms Image
image/png 2a02:6b8::2b8
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://core-renderer-tiles.maps.yandex.net/tiles?l=map&v=22.10.22-2-b220930144100&x=70&y=41&z=7&scale=1&lang=ru_RU&apikey=7f59ec6f-533c-4526-a819-b1d1a58daaa8&ads=enabled
Requested by: Host: gaigrodno.by
URL: https://gaigrodno.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::2b8 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: 5a6220ed956bf8d47d9ec3496d26b4d2020a2e9ed80db68913a0acea64325ac7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 25 Oct 2022 02:03:23 GMT
cache-control: max-age=7654321
etag: "ac2f2aac73d48b0e48fd7ab55dc1e765"
content-length: 10910
content-type: image/png

GET
H2 200 tiles
core-renderer-tiles.maps.yandex.net/ 13 KB
13 KB 111ms
109ms Image
image/png 2a02:6b8::2b8
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://core-renderer-tiles.maps.yandex.net/tiles?l=map&v=22.10.22-2-b220930144100&x=76&y=41&z=7&scale=1&lang=ru_RU&apikey=7f59ec6f-533c-4526-a819-b1d1a58daaa8&ads=enabled
Requested by: Host: gaigrodno.by
URL: https://gaigrodno.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::2b8 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: b2d64db7a856ca75150b1a92bc0d9a8738d7cacac02d126251a7ef1fc9df55c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 25 Oct 2022 02:03:23 GMT
cache-control: max-age=7654321
etag: "6a43344ef3dbd4d833f0d655fc1fd8e4"
content-length: 13344
content-type: image/png

GET
H2 200 tiles
core-renderer-tiles.maps.yandex.net/ 11 KB
11 KB 120ms
119ms Image
image/png 2a02:6b8::2b8
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://core-renderer-tiles.maps.yandex.net/tiles?l=map&v=22.10.22-2-b220930144100&x=77&y=41&z=7&scale=1&lang=ru_RU&apikey=7f59ec6f-533c-4526-a819-b1d1a58daaa8&ads=enabled
Requested by: Host: gaigrodno.by
URL: https://gaigrodno.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::2b8 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: 65368bd028359c02dfae1d8e8602d7086465972d02265ee379bc3a124d9ac8b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 25 Oct 2022 02:03:23 GMT
cache-control: max-age=7654321
etag: "64d1e964470da4226ebb27aa83087880"
content-length: 11057
content-type: image/png

GET
H2 200 tiles
core-renderer-tiles.maps.yandex.net/ 6 KB
7 KB 121ms
119ms Image
image/png 2a02:6b8::2b8
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://core-renderer-tiles.maps.yandex.net/tiles?l=map&v=22.10.22-2-b220930144100&x=70&y=40&z=7&scale=1&lang=ru_RU&apikey=7f59ec6f-533c-4526-a819-b1d1a58daaa8&ads=enabled
Requested by: Host: gaigrodno.by
URL: https://gaigrodno.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::2b8 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: 46f0cf8c36158263950afbc858141864a820ae5a65634e817c520f9da29d7314

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 25 Oct 2022 02:03:23 GMT
cache-control: max-age=7654321
etag: "9d1b8a0f891dbc7efa72745a80a0234f"
content-length: 6419
content-type: image/png

GET
H2 200 tiles
core-renderer-tiles.maps.yandex.net/ 13 KB
13 KB 121ms
119ms Image
image/png 2a02:6b8::2b8
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://core-renderer-tiles.maps.yandex.net/tiles?l=map&v=22.10.22-2-b220930144100&x=70&y=42&z=7&scale=1&lang=ru_RU&apikey=7f59ec6f-533c-4526-a819-b1d1a58daaa8&ads=enabled
Requested by: Host: gaigrodno.by
URL: https://gaigrodno.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::2b8 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: 9a7eeb649a5de02fd4e085428c92300968e661e887e5d97476ae5cd83a1e91cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 25 Oct 2022 02:03:23 GMT
cache-control: max-age=7654321
etag: "a4444afe15964420f32bfa02eed76b0f"
content-length: 13621
content-type: image/png

GET
H2 200 tiles
core-renderer-tiles.maps.yandex.net/ 11 KB
11 KB 115ms
114ms Image
image/png 2a02:6b8::2b8
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://core-renderer-tiles.maps.yandex.net/tiles?l=map&v=22.10.22-2-b220930144100&x=71&y=40&z=7&scale=1&lang=ru_RU&apikey=7f59ec6f-533c-4526-a819-b1d1a58daaa8&ads=enabled
Requested by: Host: gaigrodno.by
URL: https://gaigrodno.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::2b8 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: d63e9565d67a33fa2f55fa660c702498ab20201b204e1b874a497116564e107e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 25 Oct 2022 02:03:23 GMT
cache-control: max-age=7654321
etag: "993b03d72ba08ca01bc555bd29668afd"
content-length: 10915
content-type: image/png

GET
H2 200 tiles
core-renderer-tiles.maps.yandex.net/ 13 KB
14 KB 121ms
120ms Image
image/png 2a02:6b8::2b8
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://core-renderer-tiles.maps.yandex.net/tiles?l=map&v=22.10.22-2-b220930144100&x=71&y=42&z=7&scale=1&lang=ru_RU&apikey=7f59ec6f-533c-4526-a819-b1d1a58daaa8&ads=enabled
Requested by: Host: gaigrodno.by
URL: https://gaigrodno.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::2b8 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: 119e688e56a28dd3d07eb7fc866b1f154ed2d1107e34c3e64d062697dc6f404d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 25 Oct 2022 02:03:23 GMT
cache-control: max-age=7654321
etag: "564986c980c7a0905c79d9bc9016d0e8"
content-length: 13789
content-type: image/png

GET
H2 200 tiles
core-renderer-tiles.maps.yandex.net/ 12 KB
12 KB 116ms
115ms Image
image/png 2a02:6b8::2b8
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://core-renderer-tiles.maps.yandex.net/tiles?l=map&v=22.10.22-2-b220930144100&x=72&y=40&z=7&scale=1&lang=ru_RU&apikey=7f59ec6f-533c-4526-a819-b1d1a58daaa8&ads=enabled
Requested by: Host: gaigrodno.by
URL: https://gaigrodno.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::2b8 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: 3f7548bd78249a1708f83a7009efde1aa3b33ac74cce32ae03a31da40d4da8f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 25 Oct 2022 02:03:23 GMT
cache-control: max-age=7654321
etag: "19e7d70248e964e63a383dc45d97ea98"
content-length: 12600
content-type: image/png

GET
H2 200 tiles
core-renderer-tiles.maps.yandex.net/ 11 KB
11 KB 122ms
121ms Image
image/png 2a02:6b8::2b8
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://core-renderer-tiles.maps.yandex.net/tiles?l=map&v=22.10.22-2-b220930144100&x=72&y=42&z=7&scale=1&lang=ru_RU&apikey=7f59ec6f-533c-4526-a819-b1d1a58daaa8&ads=enabled
Requested by: Host: gaigrodno.by
URL: https://gaigrodno.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::2b8 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: fe57b9b59bed21124eb5a1fbd938734e9002e5faffdc3e1e575148621af64c55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 25 Oct 2022 02:03:23 GMT
cache-control: max-age=7654321
etag: "e028b6523dfdc56bcdd821840718ef04"
content-length: 11260
content-type: image/png

GET
H2 200 tiles
core-renderer-tiles.maps.yandex.net/ 12 KB
13 KB 114ms
113ms Image
image/png 2a02:6b8::2b8
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://core-renderer-tiles.maps.yandex.net/tiles?l=map&v=22.10.22-2-b220930144100&x=73&y=40&z=7&scale=1&lang=ru_RU&apikey=7f59ec6f-533c-4526-a819-b1d1a58daaa8&ads=enabled
Requested by: Host: gaigrodno.by
URL: https://gaigrodno.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::2b8 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: 2a8467acd44641d56e5aa98938c3474cf08ecbc308c38551722882346b0d8e6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 25 Oct 2022 02:03:23 GMT
cache-control: max-age=7654321
etag: "7e2a7e2a2f837fc0d7952e2cbadf1c2d"
content-length: 12781
content-type: image/png

GET
H2 200 tiles
core-renderer-tiles.maps.yandex.net/ 10 KB
10 KB 116ms
115ms Image
image/png 2a02:6b8::2b8
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://core-renderer-tiles.maps.yandex.net/tiles?l=map&v=22.10.22-2-b220930144100&x=73&y=42&z=7&scale=1&lang=ru_RU&apikey=7f59ec6f-533c-4526-a819-b1d1a58daaa8&ads=enabled
Requested by: Host: gaigrodno.by
URL: https://gaigrodno.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::2b8 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: 10bd2e0f815113f7fe2720517739607ad7b449eb4b1c6993b88d6bbd27e7c76c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 25 Oct 2022 02:03:23 GMT
cache-control: max-age=7654321
etag: "87ab03d66f723a580b97a7c1ac0be473"
content-length: 10454
content-type: image/png

GET
DATA 200
OK truncated
/ 162 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7c412e4643ec4d23beadfdc2ffaadab0de8e3ffbb5e42403d6a08cd9992435bd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 141 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8c99901dce19d2082c7b4164f08f8e6e2f7cf405e745163757a7c0bd06894b3d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
136 B 52ms
50ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: gaigrodno.by
URL: https://gaigrodno.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:23 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 20 Oct 2022 12:18:36 GMT
etag: "6351126c-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Oct 2022 03:03:23 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d6cf08f1ea6c290f0ed4788dbe812a742943e2f43c1d09e52bbd1fee2a9f99a0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK processor.js Show response
tag.digitaltarget.ru/ Frame CA64 16 KB
16 KB 103ms
102ms Script
application/javascript 185.15.175.159
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/processor.js?i=981904992459074
Requested by: Host: tag.digitaltarget.ru
URL: https://tag.digitaltarget.ru/adcm.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.15.175.159 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 0935447866da8ca59df7d65710e0b68377a6dbc62c761e83ebfc83998f905788

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 02:03:23 GMT
Last-Modified: Tue, 25 Oct 2022 01:34:33 GMT
Server: nginx
ETag: "63573d29-3e14"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15892

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 181ms
53ms Preflight 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://gaigrodno.by
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://gaigrodno.by
access-control-max-age: 1728000
content-encoding: gzip
date: Tue, 25 Oct 2022 02:03:23 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-xss-protection: 1; mode=block

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
95 B 49ms
49ms XHR
text/plain 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gaigrodno.by/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:23 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Oct 2022 02:03:23 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://gaigrodno.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 25 Oct 2022 02:03:23 GMT

GET
DATA 200
OK truncated
/ 405 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: acfe9ab6a161b72c6ce50b59d4e556443f93e9dbedd24788dd6854f40d454e85

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 406 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 77b0f201de806e1a0cacffa5e76022b46e21186746f54d8335f2d74861caf3a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 406 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f11bc7b0074c5e4bc6a09df3c21c57b05ee51bf7147e45ee89f9d495b16ae54a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 406 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 91c8f4568f04c46ff1449e41e2b3b5c38c77a97ef6d585a6b5733ed4bfbaa37b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 406 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e5185ea7312f9666db8546eb3131ca9907ec7ad389a18e850a7659cebbf57fa3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 x450
avatars.mds.yandex.net/get-direct/5221463/Q8UuC1M2XbZpGFSGzC1gUw/ 29 KB
29 KB 207ms
92ms Image
image/webp 2a02:6b8::184
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/5221463/Q8UuC1M2XbZpGFSGzC1gUw/x450
Requested by: Host: gaigrodno.by
URL: https://gaigrodno.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: a2599d1626f03ed260b8356f3684be5a401044be84817ba05e654d11b9623ce1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:23 GMT
last-modified: Sun, 02 Oct 2022 11:54:24 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 29310
x-request-id: f823d8f71233325b

GET
H2 200 icon-192.png
yastatic.net/s3/games-static/favicons/ 24 KB
24 KB 48ms
45ms Image
image/png 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yastatic.net/s3/games-static/favicons/icon-192.png

Requested by

Host: gaigrodno.by
URL: https://gaigrodno.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

ca78c114bba40b141a59c55a9d3fb6db7672bc3effd4337f2b1ce512b4d06c9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:23 GMT
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 24134
last-modified: Thu, 14 Apr 2022 12:22:42 GMT
server: nginx/1.17.9
etag: "7819c957eaa80af5bf14f760d49b64a7"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=216013
x-nginx-request-id: 5057b20fd8b232f1
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Oct 2022 14:01:47 GMT

GET
H2 200 x450
avatars.mds.yandex.net/get-direct/5332452/Z6sZ_FAuUUZDz-sSQ4hdlw/ 37 KB
37 KB 207ms
93ms Image
image/webp 2a02:6b8::184
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/5332452/Z6sZ_FAuUUZDz-sSQ4hdlw/x450
Requested by: Host: gaigrodno.by
URL: https://gaigrodno.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: 617141bd39fa6bbd8de3efb0c2628db3c55f21b7bcaca752303fa6ce0f353a0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:23 GMT
last-modified: Sat, 27 Nov 2021 05:48:24 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 37502
x-request-id: 1cb070e527d915e9

GET
H/1.1 200
Ok act-contract.com
favicon.yandex.net/favicon/ 843 B
1 KB 174ms
53ms Image
image/png 2a02:6b8::36
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/act-contract.com?size=32&stub=2

Requested by

Host: gaigrodno.by
URL: https://gaigrodno.by/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

0ae81b747729cc0b64f3e6f9d3fdfd1a552e08d0bdda217ce9677b6fecee6d94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2 200 huge
avatars.mds.yandex.net/get-yabs_performance/787371/2a000001806c96eb7f6167441095c2d5a82f/ 11 KB
11 KB 270ms
156ms Image
image/webp 2a02:6b8::184
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-yabs_performance/787371/2a000001806c96eb7f6167441095c2d5a82f/huge
Requested by: Host: gaigrodno.by
URL: https://gaigrodno.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: 611fe1f50411169abb286a03de5379b1b3392a9477449b0879e95bc391ae648c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:23 GMT
last-modified: Thu, 28 Apr 2022 20:59:55 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 11138
x-request-id: da55135002fe22bf

GET
H/1.1 200
Ok www.vipkeys.net
favicon.yandex.net/favicon/ 2 KB
2 KB 178ms
59ms Image
image/png 2a02:6b8::36
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/www.vipkeys.net?size=32&stub=2

Requested by

Host: gaigrodno.by
URL: https://gaigrodno.by/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

dcdc4dc784b86d6498e65f437938164fe523a83f55ae9480eecf1da7f729166b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2 200 / Show response
api-maps.yandex.ru/services/coverage/v2/ 205 B
425 B 59ms
58ms Script
text/javascript 2a02:6b8::274
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://api-maps.yandex.ru/services/coverage/v2/?l=map&ll=25.08150200,53.49099600&z=7&lang=ru_RU&callback=jsonp_yandex_coverage__l_map_ll_25_08150200_53_49099600_z_7_lang_ru_RU

Requested by

Host: yastatic.net
URL: https://yastatic.net/s3/front-maps-static/maps-front-jsapi-v2-1/2.1.79-43/build/release/full-12d3b6ea37df4ec19ca51b92a0651e126f59c33e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::274 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

f70d36fe9f9a764a339a3ed72a69eb7d5144ef8beba8b4e4ca37b392b2fc3e1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires: Wed, 26 Oct 2022 02:03:23 GMT
date: Tue, 25 Oct 2022 02:03:23 GMT
x-content-type-options: nosniff, nosniff
etag: W/"cd-0Eak+RDh4dQuJVEe/X6kgZ/0Jv0"
content-length: 205
x-xss-protection: 1; mode=block
content-type: text/javascript; charset=utf-8

GET
H2 200 / Show response
api-maps.yandex.ru/services/coverage/v2/ 205 B
374 B 65ms
64ms Script
text/javascript 2a02:6b8::274
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://api-maps.yandex.ru/services/coverage/v2/?l=map&ll=27.07570950,53.49099600&z=7&lang=ru_RU&callback=jsonp_yandex_coverage__l_map_ll_27_07570950_53_49099600_z_7_lang_ru_RU

Requested by

Host: yastatic.net
URL: https://yastatic.net/s3/front-maps-static/maps-front-jsapi-v2-1/2.1.79-43/build/release/full-12d3b6ea37df4ec19ca51b92a0651e126f59c33e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::274 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

b569bd98113f66528743a6f7eee2b23ff3ace6a28a2be65f6f8ffb48c5b5def5

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires: Wed, 26 Oct 2022 02:03:23 GMT
date: Tue, 25 Oct 2022 02:03:23 GMT
x-content-type-options: nosniff, nosniff
etag: W/"cd-ePpCBqtw3E9uS4ssFyM0n01DHoM"
content-length: 205
x-xss-protection: 1; mode=block
content-type: text/javascript; charset=utf-8

GET
DATA 200
OK truncated
/ 929 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a112b4d58a4d4b6714841e40113dda7ff39353c667d537242aa938b683853900

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 render.html Show response
yastatic.net/safeframe-bundles/0.83/1-1-0/ Frame BB71 24 KB
7 KB 31ms
30ms Document
text/html 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/host.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://gaigrodno.by/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
content-length: 6262
content-type: text/html
date: Tue, 25 Oct 2022 02:03:23 GMT
etag: "eb77de48712912aadc9aa8171ac75ede"
expires: Thu, 24 Oct 2052 08:37:26 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
server: nginx/1.17.9
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/ 151 KB
51 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/reactive_library_fy2021.js?bust=31070437

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf92ed595c7ac49c45746c1eb3b8dee96d5903c51b39a272c1bcf73b679c809e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52374
x-xss-protection: 0
server: cafe
etag: 11749701960818261668
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Oct 2022 02:03:23 GMT

GET
H2 200 tiles
core-renderer-tiles.maps.yandex.net/ 12 KB
12 KB 52ms
49ms Image
image/png 2a02:6b8::2b8
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://core-renderer-tiles.maps.yandex.net/tiles?l=map&v=22.10.22-2-b220930144100&x=74&y=40&z=7&scale=1&lang=ru_RU&apikey=7f59ec6f-533c-4526-a819-b1d1a58daaa8&ads=enabled
Requested by: Host: gaigrodno.by
URL: https://gaigrodno.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::2b8 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: 3962779cb0e84909258ec6343cd54fddbf1b20b743c468cb95ce31cd86219c60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 25 Oct 2022 02:03:23 GMT
cache-control: max-age=7654321
etag: "71fb46d9dbf6a87654bf6e171578c36a"
content-length: 11998
content-type: image/png

GET
H2 200 tiles
core-renderer-tiles.maps.yandex.net/ 12 KB
12 KB 59ms
58ms Image
image/png 2a02:6b8::2b8
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://core-renderer-tiles.maps.yandex.net/tiles?l=map&v=22.10.22-2-b220930144100&x=74&y=42&z=7&scale=1&lang=ru_RU&apikey=7f59ec6f-533c-4526-a819-b1d1a58daaa8&ads=enabled
Requested by: Host: gaigrodno.by
URL: https://gaigrodno.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::2b8 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: 5459c5031de38fb66790f0d5670a651e28d905e7fb940b04ddb6ba497791c104

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 25 Oct 2022 02:03:23 GMT
cache-control: max-age=7654321
etag: "cc525a5a4a64e1bfebd1cbec2fb20f35"
content-length: 12289
content-type: image/png

GET
H2 200 tiles
core-renderer-tiles.maps.yandex.net/ 11 KB
11 KB 58ms
58ms Image
image/png 2a02:6b8::2b8
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://core-renderer-tiles.maps.yandex.net/tiles?l=map&v=22.10.22-2-b220930144100&x=75&y=40&z=7&scale=1&lang=ru_RU&apikey=7f59ec6f-533c-4526-a819-b1d1a58daaa8&ads=enabled
Requested by: Host: gaigrodno.by
URL: https://gaigrodno.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::2b8 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: ca38dd04251cd8e46afbeca4def128277688677c95a2f9320a4a31520403528e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 25 Oct 2022 02:03:23 GMT
cache-control: max-age=7654321
etag: "b28aed466b3b45417d3dd01bf51c7cb3"
content-length: 10838
content-type: image/png

GET
H2 200 tiles
core-renderer-tiles.maps.yandex.net/ 12 KB
12 KB 54ms
53ms Image
image/png 2a02:6b8::2b8
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://core-renderer-tiles.maps.yandex.net/tiles?l=map&v=22.10.22-2-b220930144100&x=75&y=42&z=7&scale=1&lang=ru_RU&apikey=7f59ec6f-533c-4526-a819-b1d1a58daaa8&ads=enabled
Requested by: Host: gaigrodno.by
URL: https://gaigrodno.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::2b8 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: 7439842cd97e8553f55a62390891579e2bad9e8001b7846ee5c7cfbe4528655b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 25 Oct 2022 02:03:23 GMT
cache-control: max-age=7654321
etag: "fa5969326e49c6f65eb9a39f9f791ee5"
content-length: 11907
content-type: image/png

GET
H2 200 tiles
core-renderer-tiles.maps.yandex.net/ 12 KB
13 KB 56ms
55ms Image
image/png 2a02:6b8::2b8
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://core-renderer-tiles.maps.yandex.net/tiles?l=map&v=22.10.22-2-b220930144100&x=76&y=40&z=7&scale=1&lang=ru_RU&apikey=7f59ec6f-533c-4526-a819-b1d1a58daaa8&ads=enabled
Requested by: Host: gaigrodno.by
URL: https://gaigrodno.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::2b8 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: c27f32006695b3dad1996067c51173e2096a71b46a3a5a38ca25b350d2b3d63c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 25 Oct 2022 02:03:23 GMT
cache-control: max-age=7654321
etag: "07c2c44a28765716b3461694d252004e"
content-length: 12780
content-type: image/png

GET
H2 200 tiles
core-renderer-tiles.maps.yandex.net/ 10 KB
10 KB 56ms
55ms Image
image/png 2a02:6b8::2b8
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://core-renderer-tiles.maps.yandex.net/tiles?l=map&v=22.10.22-2-b220930144100&x=76&y=42&z=7&scale=1&lang=ru_RU&apikey=7f59ec6f-533c-4526-a819-b1d1a58daaa8&ads=enabled
Requested by: Host: gaigrodno.by
URL: https://gaigrodno.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::2b8 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: ff714a879b325b1779bd1cbc5866d49da506fb8976091c960517901b9eb16c12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 25 Oct 2022 02:03:23 GMT
cache-control: max-age=7654321
etag: "7eb82e9475f3355dad6fa0965a14dabd"
content-length: 9932
content-type: image/png

GET
H2 200 tiles
core-renderer-tiles.maps.yandex.net/ 19 KB
19 KB 59ms
59ms Image
image/png 2a02:6b8::2b8
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://core-renderer-tiles.maps.yandex.net/tiles?l=map&v=22.10.22-2-b220930144100&x=77&y=40&z=7&scale=1&lang=ru_RU&apikey=7f59ec6f-533c-4526-a819-b1d1a58daaa8&ads=enabled
Requested by: Host: gaigrodno.by
URL: https://gaigrodno.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::2b8 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: 3327732669b0012eb0668eac673ce57920f7f34497690e05a1d8f5df7fc763c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 25 Oct 2022 02:03:23 GMT
cache-control: max-age=7654321
etag: "bd95809099b029cbe18ca05ecb50b39b"
content-length: 19419
content-type: image/png

GET
H2 200 tiles
core-renderer-tiles.maps.yandex.net/ 11 KB
11 KB 59ms
58ms Image
image/png 2a02:6b8::2b8
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://core-renderer-tiles.maps.yandex.net/tiles?l=map&v=22.10.22-2-b220930144100&x=77&y=42&z=7&scale=1&lang=ru_RU&apikey=7f59ec6f-533c-4526-a819-b1d1a58daaa8&ads=enabled
Requested by: Host: gaigrodno.by
URL: https://gaigrodno.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::2b8 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: cd28b0235eae7fec3a10348a1674edfc6e9ea20a710af41096e695ba7bc09912

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 25 Oct 2022 02:03:23 GMT
cache-control: max-age=7654321
etag: "5ce10c29b0406d276075014035d9e050"
content-length: 11338
content-type: image/png

POST
H2 200 click
yandex.ru/clck/ 43 B
643 B 263ms
154ms Ping
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/clck/click

Requested by

Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/669867/3521127290410543dbe9.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

7e928161cd626935d39ff08188caa3f3a918811ca87194082dedf28b697ce6fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gaigrodno.by/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

cache-control: no-cache
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
content-length: 43
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: image/gif

GET
H2

200

1 Show response
mc.yandex.com/watch/569838/
Redirect Chain

https://mc.yandex.com/watch/569838?wmode=7&page-url=https%3A%2F%2Fgaigrodno.by%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Al4cs6ej6vo5gha9qjtx4s%3Afu%3A0%3Aen%3Autf-...
https://mc.yandex.com/watch/569838/1?wmode=7&page-url=https%3A%2F%2Fgaigrodno.by%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Al4cs6ej6vo5gha9qjtx4s%3Afu%3A0%3Aen%3Aut...

391 B
774 B

54ms
54ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/569838/1?wmode=7&page-url=https%3A%2F%2Fgaigrodno.by%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Al4cs6ej6vo5gha9qjtx4s%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A2%3Adp%3A1%3Als%3A368730387462%3Ahid%3A783197469%3Az%3A0%3Ai%3A20221025020323%3Aet%3A1666663404%3Ac%3A1%3Arn%3A449104871%3Au%3A1666663403336049582%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Acpf%3A1%3Ans%3A1666663401502%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1666663404%3At%3A%D0%93%D0%90%D0%98%20%D0%93%D1%80%D0%BE%D0%B4%D0%BD%D0%BE%2C%20%D0%A0%D0%9E%D0%92%D0%94%2C%20%D0%9C%D0%A7%D0%A1%2C%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D0%B0%D1%8F.%20%D0%92%D1%80%D0%B5%D0%BC%D1%8F%20%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D1%8B%2C%20%D1%82%D0%B5%D0%BB%D0%B5%D1%84%D0%BE%D0%BD%D1%8B%2C%20%D0%B0%D0%B4%D1%80%D0%B5%D1%81%D0%B0&t=gdpr%2814%29mc%28p-1%29clc%280-0-0%29lt%2848900%29aw%281%29rqnl%281%29ti%282%29

Requested by

Host: gaigrodno.by
URL: https://gaigrodno.by/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

f14bd898d73d37aa67ebdca86b1dd433087eb74f98b6618ebd067df99425495b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:24 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Tue, 25-Oct-2022 02:03:24 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gaigrodno.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 391
x-xss-protection: 1; mode=block
expires: Tue, 25-Oct-2022 02:03:24 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:24 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 25-Oct-2022 02:03:24 GMT
location: /watch/569838/1?wmode=7&page-url=https%3A%2F%2Fgaigrodno.by%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Al4cs6ej6vo5gha9qjtx4s%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A2%3Adp%3A1%3Als%3A368730387462%3Ahid%3A783197469%3Az%3A0%3Ai%3A20221025020323%3Aet%3A1666663404%3Ac%3A1%3Arn%3A449104871%3Au%3A1666663403336049582%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Acpf%3A1%3Ans%3A1666663401502%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1666663404%3At%3A%D0%93%D0%90%D0%98%20%D0%93%D1%80%D0%BE%D0%B4%D0%BD%D0%BE%2C%20%D0%A0%D0%9E%D0%92%D0%94%2C%20%D0%9C%D0%A7%D0%A1%2C%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D0%B0%D1%8F.%20%D0%92%D1%80%D0%B5%D0%BC%D1%8F%20%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D1%8B%2C%20%D1%82%D0%B5%D0%BB%D0%B5%D1%84%D0%BE%D0%BD%D1%8B%2C%20%D0%B0%D0%B4%D1%80%D0%B5%D1%81%D0%B0&t=gdpr%2814%29mc%28p-1%29clc%280-0-0%29lt%2848900%29aw%281%29rqnl%281%29ti%282%29
access-control-allow-origin: https://gaigrodno.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 25-Oct-2022 02:03:24 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/55320232/
Redirect Chain

https://mc.yandex.com/watch/55320232?wmode=7&page-url=https%3A%2F%2Fgaigrodno.by%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Al4cs6ej6vo5gha9qjtx4s%3Afp%3A1001%3Afu%3A0%3Aen%3Autf-8%3Ala...
https://mc.yandex.com/watch/55320232/1?wmode=7&page-url=https%3A%2F%2Fgaigrodno.by%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Al4cs6ej6vo5gha9qjtx4s%3Afp%3A1001%3Afu%3A0%3Aen%3Autf-8%3A...

446 B
484 B

48ms
47ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/55320232/1?wmode=7&page-url=https%3A%2F%2Fgaigrodno.by%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Al4cs6ej6vo5gha9qjtx4s%3Afp%3A1001%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A189960786934%3Ahid%3A783197469%3Az%3A0%3Ai%3A20221025020323%3Aet%3A1666663403%3Ac%3A1%3Arn%3A740188044%3Arqn%3A1%3Au%3A1666663403336049582%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C141%2C342%2C38%2C302%2C0%2C%2C375%2C60%2C%2C%2C%2C1212%3Acpf%3A1%3Ans%3A1666663401502%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1666663404%3At%3A%D0%93%D0%90%D0%98%20%D0%93%D1%80%D0%BE%D0%B4%D0%BD%D0%BE%2C%20%D0%A0%D0%9E%D0%92%D0%94%2C%20%D0%9C%D0%A7%D0%A1%2C%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D0%B0%D1%8F.%20%D0%92%D1%80%D0%B5%D0%BC%D1%8F%20%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D1%8B%2C%20%D1%82%D0%B5%D0%BB%D0%B5%D1%84%D0%BE%D0%BD%D1%8B%2C%20%D0%B0%D0%B4%D1%80%D0%B5%D1%81%D0%B0&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Requested by

Host: gaigrodno.by
URL: https://gaigrodno.by/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

ce80450bcc6dd683cc7e12dadfd114e4f9276d50b89e9ae417063bdfc89cbb39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:24 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Tue, 25-Oct-2022 02:03:24 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gaigrodno.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 446
x-xss-protection: 1; mode=block
expires: Tue, 25-Oct-2022 02:03:24 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:24 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 25-Oct-2022 02:03:24 GMT
location: /watch/55320232/1?wmode=7&page-url=https%3A%2F%2Fgaigrodno.by%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Al4cs6ej6vo5gha9qjtx4s%3Afp%3A1001%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A189960786934%3Ahid%3A783197469%3Az%3A0%3Ai%3A20221025020323%3Aet%3A1666663403%3Ac%3A1%3Arn%3A740188044%3Arqn%3A1%3Au%3A1666663403336049582%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C141%2C342%2C38%2C302%2C0%2C%2C375%2C60%2C%2C%2C%2C1212%3Acpf%3A1%3Ans%3A1666663401502%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1666663404%3At%3A%D0%93%D0%90%D0%98%20%D0%93%D1%80%D0%BE%D0%B4%D0%BD%D0%BE%2C%20%D0%A0%D0%9E%D0%92%D0%94%2C%20%D0%9C%D0%A7%D0%A1%2C%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D0%B0%D1%8F.%20%D0%92%D1%80%D0%B5%D0%BC%D1%8F%20%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D1%8B%2C%20%D1%82%D0%B5%D0%BB%D0%B5%D1%84%D0%BE%D0%BD%D1%8B%2C%20%D0%B0%D0%B4%D1%80%D0%B5%D1%81%D0%B0&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
access-control-allow-origin: https://gaigrodno.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 25-Oct-2022 02:03:24 GMT

GET
H2

200

counter
top-fwz1.mail.ru/ Frame CA64
Redirect Chain

https://dmg.digitaltarget.ru/1/1093/i/i?i=198659060186957.273809942654129&a=77&e=0100007FEA4357631F00C49F02371FD5&pref=https%3A%2F%2Fgaigrodno.by%2F&c=ss:77.up:0100007FEA4357631F00C49F02371FD5.sync...
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1666663404143&i=198659060186957.273809942654129&a=77&e=0100007FEA4357631F00C49F02371FD5&pref=https%3A%2F%2Fgaigrodno.by%2F&c=ss:7...
https://top-fwz1.mail.ru/counter?id=3210372;pid=yn6BF3VWZ8HI3r777FUA

43 B
875 B

208ms
47ms

Image
image/gif

95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter?id=3210372;pid=yn6BF3VWZ8HI3r777FUA

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:24 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

Redirect headers

Date: Tue, 25 Oct 2022 02:03:24 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: nginx
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 7
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://top-fwz1.mail.ru/counter?id=3210372;pid=yn6BF3VWZ8HI3r777FUA
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H2

200

counter
top-fwz1.mail.ru/ Frame CA64
Redirect Chain

https://dmg.digitaltarget.ru/1/1093/i/i?i=198659060186957.258303995787295&a=77&e=0100007FEA4357631F00C49F02371FD5&pref=https%3A%2F%2Fgaigrodno.by%2F&c=ss:77.up:0100007FEA4357631F00C49F02371FD5.sync...
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1666663404142&i=198659060186957.258303995787295&a=77&e=0100007FEA4357631F00C49F02371FD5&pref=https%3A%2F%2Fgaigrodno.by%2F&c=ss:7...
https://top-fwz1.mail.ru/counter?id=3210372;pid=yn6BF3VWZ8HI3r777FUA

43 B
874 B

208ms
48ms

Image
image/gif

95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter?id=3210372;pid=yn6BF3VWZ8HI3r777FUA

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=10&tc=1

Protocol

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:24 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

Redirect headers

Date: Tue, 25 Oct 2022 02:03:24 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: nginx
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 9
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://top-fwz1.mail.ru/counter?id=3210372;pid=yn6BF3VWZ8HI3r777FUA
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 127ms
48ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=gaigrodno.by

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 122ms
45ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=gaigrodno.by

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/ Frame 32BE 10 KB
4 KB 39ms
38ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gaigrodno.by/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 30484
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 24 Oct 2022 17:35:20 GMT
etag: 9671129459699598864
expires: Mon, 07 Nov 2022 17:35:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/ Frame 4501 10 KB
4 KB 39ms
39ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gaigrodno.by/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 30484
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 24 Oct 2022 17:35:20 GMT
etag: 9671129459699598864
expires: Mon, 07 Nov 2022 17:35:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
Ok d.png
ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/ Frame BB71 95 B
400 B 184ms
51ms Image
image/png 2a02:6b8::5:114
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes

Requested by

Host: gaigrodno.by
URL: https://gaigrodno.by/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::5:114 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 02:03:24 GMT
Strict-Transport-Security: max-age=315360000; includeSubDomains
Server: nginx/1.14.2
X-RT-IH: 0.0002
Content-Type: image/png
Cache-Control: private
Connection: close
X-RT-IQ: 0.0002
Content-Length: 95
Expires: Wed, 26 Oct 2022 02:03:24 GMT

GET
H2

200

f676027a86c4535185936f
an.yandex.ru/mapuid/arcspireis/ Frame BB71
Redirect Chain

https://px.arcspire.io/yndx?id=9d4cd41a-f59d-4815-8a89-9d30806f5389
https://an.yandex.ru/mapuid/arcspireis/f676027a86c4535185936f

43 B
80 B

50ms
50ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/arcspireis/f676027a86c4535185936f

Requested by

Host: gaigrodno.by
URL: https://gaigrodno.by/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Oct 2022 02:03:24 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 25 Oct 2022 02:03:24 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/arcspireis/f676027a86c4535185936f
date: Tue, 25 Oct 2022 02:03:23 GMT
x-envoy-upstream-service-time: 0
server: envoy
content-length: 0

GET
H2

404

0100007FEA4357631F00C49F02371FD5
an.yandex.ru/mapuid/SAPEis/ Frame BB71
Redirect Chain

https://acint.net/rmatch/?dp=151&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2FSAPEis%2F%24%7BUSER_ID%7D
https://an.yandex.ru/mapuid/SAPEis/0100007FEA4357631F00C49F02371FD5

43 B
80 B

49ms
48ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/SAPEis/0100007FEA4357631F00C49F02371FD5

Requested by

Host: gaigrodno.by
URL: https://gaigrodno.by/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Oct 2022 02:03:24 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 25 Oct 2022 02:03:24 GMT

Redirect headers

date: Tue, 25 Oct 2022 02:03:24 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location: https://an.yandex.ru/mapuid/SAPEis/0100007FEA4357631F00C49F02371FD5
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 154
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

0100007FEA4357631F00C49F02371FD5
an.yandex.ru/mapuid/sapeis/ Frame BB71
Redirect Chain

https://acint.net/rmatch/?dp=151&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F%24%7BUSER_ID%7D
https://an.yandex.ru/mapuid/sapeis/0100007FEA4357631F00C49F02371FD5

43 B
80 B

49ms
49ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/sapeis/0100007FEA4357631F00C49F02371FD5

Requested by

Host: gaigrodno.by
URL: https://gaigrodno.by/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Oct 2022 02:03:24 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 25 Oct 2022 02:03:24 GMT

Redirect headers

date: Tue, 25 Oct 2022 02:03:24 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location: https://an.yandex.ru/mapuid/sapeis/0100007FEA4357631F00C49F02371FD5
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 154
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

8885e063-da3f-522a-8b80-9829e8d7dbc3
an.yandex.ru/mapuid/betweendigitalis/ Frame BB71
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D
https://an.yandex.ru/mapuid/betweendigitalis/8885e063-da3f-522a-8b80-9829e8d7dbc3

43 B
80 B

56ms
56ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/betweendigitalis/8885e063-da3f-522a-8b80-9829e8d7dbc3

Requested by

Host: gaigrodno.by
URL: https://gaigrodno.by/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Oct 2022 02:03:24 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 25 Oct 2022 02:03:24 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/betweendigitalis/8885e063-da3f-522a-8b80-9829e8d7dbc3
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame BB71
Redirect Chain

https://an.yandex.ru/mapuid/adobedmp/
https://dpm.demdex.net/ibs:dpid=423652&dpuuid=9E23FDDA014A3268
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=9E23FDDA014A3268

42 B
948 B

31ms
30ms

Image
image/gif

52.31.4.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=9E23FDDA014A3268

Requested by

Host: gaigrodno.by
URL: https://gaigrodno.by/

Protocol

HTTP/1.1

Server

52.31.4.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-4-32.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS: dcscanary-prod-irl1-1-v051-0d443fb62.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 48rCTgSySeQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v044-041e262a1.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: Oi6S4imCR9Q=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=9E23FDDA014A3268
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

match
match.360yield.com/ul_cb/ Frame BB71
Redirect Chain

https://an.yandex.ru/mapuid/azerionis/
https://match.360yield.com/match?external_user_id=14D756A3102901C1&publisher_dsp_id=429&publisher_call_type=redirect
https://match.360yield.com/ul_cb/match?external_user_id=14D756A3102901C1&publisher_dsp_id=429&publisher_call_type=redirect

43 B
422 B

34ms
34ms

Image
image/gif

54.171.45.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/ul_cb/match?external_user_id=14D756A3102901C1&publisher_dsp_id=429&publisher_call_type=redirect
Requested by: Host: gaigrodno.by
URL: https://gaigrodno.by/
Protocol: H2
Server: 54.171.45.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-45-210.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 25 Oct 2022 02:03:24 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://match.360yield.com/ul_cb/match?external_user_id=14D756A3102901C1&publisher_dsp_id=429&publisher_call_type=redirect
date: Tue, 25 Oct 2022 02:03:24 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 /
an.yandex.ru/mapuid/behaviorx/ Frame BB71 0
0 62ms
51ms Image
text/html 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://an.yandex.ru/mapuid/behaviorx/
Requested by: Host: gaigrodno.by
URL: https://gaigrodno.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H2

200

match
ads.betweendigital.com/ Frame BB71
Redirect Chain

https://an.yandex.ru/mapuid/betweenx/
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=B0B98AA44E061CEB

68 B
607 B

22ms
20ms

Image
image/png

188.42.196.115
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=161&external_user_id=B0B98AA44E061CEB
Requested by: Host: gaigrodno.by
URL: https://gaigrodno.by/
Protocol: H2
Server: 188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Oct 2022 02:03:24 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://ads.betweendigital.com/match?bidder_id=161&external_user_id=B0B98AA44E061CEB
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 25 Oct 2022 02:03:24 GMT

GET
H/1.1

204
No Content

pixel
im.bluevoox.com/ Frame BB71
Redirect Chain

https://an.yandex.ru/mapuid/blueseaxcom/
https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=8F349FA4D5BE8F2C

0
241 B

338ms
103ms

Image
text/plain

52.45.175.185
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=8F349FA4D5BE8F2C
Requested by: Host: gaigrodno.by
URL: https://gaigrodno.by/
Protocol: HTTP/1.1
Server: 52.45.175.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-175-185.compute-1.amazonaws.com
Software: openresty /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Connection: close
Date: Tue, 25 Oct 2022 02:03:24 GMT
Server: openresty

Redirect headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Oct 2022 02:03:24 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=8F349FA4D5BE8F2C
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 25 Oct 2022 02:03:24 GMT

GET
H2 200 /
an.yandex.ru/mapuid/eplanningrtb/ Frame BB71 0
0 62ms
52ms Image
text/html 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://an.yandex.ru/mapuid/eplanningrtb/
Requested by: Host: gaigrodno.by
URL: https://gaigrodno.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BB71
Redirect Chain

https://an.yandex.ru/mapuid/google/?partner-tag=yandex_llc
https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=21EA48F3CC9B7518&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

170 B
188 B

135ms
50ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=21EA48F3CC9B7518&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Requested by

Host: gaigrodno.by
URL: https://gaigrodno.by/

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Oct 2022 02:03:24 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=21EA48F3CC9B7518&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 25 Oct 2022 02:03:24 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BB71
Redirect Chain

https://an.yandex.ru/mapuid/google/?partner-tag=yandexcom
https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=21EA48F3CC9B7518&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

170 B
188 B

134ms
50ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=21EA48F3CC9B7518&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Requested by

Host: gaigrodno.by
URL: https://gaigrodno.by/

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Oct 2022 02:03:24 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=21EA48F3CC9B7518&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 25 Oct 2022 02:03:24 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BB71
Redirect Chain

https://an.yandex.ru/mapuid/google/?partner-tag=yandexru
https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=21EA48F3CC9B7518&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

170 B
188 B

133ms
48ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=21EA48F3CC9B7518&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Requested by

Host: gaigrodno.by
URL: https://gaigrodno.by/

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Oct 2022 02:03:24 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=21EA48F3CC9B7518&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 25 Oct 2022 02:03:24 GMT

GET
H2 200 %7Buser_id%7D
an.yandex.ru/mapuid/intentaidspis/ Frame BB71 43 B
80 B 63ms
53ms Image
image/gif 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/intentaidspis/%7Buser_id%7D

Requested by

Host: gaigrodno.by
URL: https://gaigrodno.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Oct 2022 02:03:24 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 25 Oct 2022 02:03:24 GMT

GET
H2

200

sync
t.adx.opera.com/ Frame BB71
Redirect Chain

https://an.yandex.ru/mapuid/operacom/
https://t.adx.opera.com/sync?vendor=60143&uid=F3F9CB87C39E6FB5

35 B
463 B

86ms
19ms

Image
image/gif

82.145.213.8
NO-OPERA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.adx.opera.com/sync?vendor=60143&uid=F3F9CB87C39E6FB5
Requested by: Host: gaigrodno.by
URL: https://gaigrodno.by/
Protocol: H2
Server: 82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS: n-sysadmin-jumpbox-03.feednews.opera.technology
Software: Tengine /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:24 GMT
server: Tengine
access-control-allow-methods: POST, GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Oct 2022 02:03:24 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://t.adx.opera.com/sync?vendor=60143&uid=F3F9CB87C39E6FB5
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 25 Oct 2022 02:03:24 GMT

GET
H2 200 /
an.yandex.ru/mapuid/xapadsssp/ Frame BB71 0
0 104ms
94ms Image
text/html 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://an.yandex.ru/mapuid/xapadsssp/
Requested by: Host: gaigrodno.by
URL: https://gaigrodno.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H2

200

c9e9e71840ca5b63d91d83d40000fb4d7ae6e93c727a36de1a85f4805bae79e1
an.yandex.ru/mapuid/mediascope/ Frame BB71
Redirect Chain

https://cm.tns-counter.ru/yacm
https://an.yandex.ru/mapuid/mediascope/c9e9e71840ca5b63d91d83d40000fb4d7ae6e93c727a36de1a85f4805bae79e1

43 B
80 B

49ms
49ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/mediascope/c9e9e71840ca5b63d91d83d40000fb4d7ae6e93c727a36de1a85f4805bae79e1

Requested by

Host: gaigrodno.by
URL: https://gaigrodno.by/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Oct 2022 02:03:24 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 25 Oct 2022 02:03:24 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:24 GMT
server: ms-counter-3.3.5/1.20.2
content-type: text/html
location: https://an.yandex.ru/mapuid/mediascope/c9e9e71840ca5b63d91d83d40000fb4d7ae6e93c727a36de1a85f4805bae79e1
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 204 match
dm.hybrid.ai/ Frame BB71 0
238 B 186ms
57ms Image
text/plain 37.18.16.21
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm.hybrid.ai/match?id=182

Requested by

Host: gaigrodno.by
URL: https://gaigrodno.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.21 , Russian Federation, ASN205675 (HYBRID-AS, DE),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:24 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 113
x-xss-protection: 1; mode=block
expires: -1

GET
H2 204 yandexdmp-match
dm.hybrid.ai/ Frame BB71 0
237 B 186ms
58ms Image
text/plain 37.18.16.21
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm.hybrid.ai/yandexdmp-match

Requested by

Host: gaigrodno.by
URL: https://gaigrodno.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.21 , Russian Federation, ASN205675 (HYBRID-AS, DE),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:24 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 114
x-xss-protection: 1; mode=block
expires: -1

GET
H2

200

1AkS7HXWeE-ZNSb79D4M
an.yandex.ru/mapuid/dmpamberdata/ Frame BB71
Redirect Chain

https://dmg.digitaltarget.ru/1/119/i/i?i=1666663403
https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&ts=1666663404185&i=1666663403
https://an.yandex.ru/mapuid/dmpamberdata/1AkS7HXWeE-ZNSb79D4M

43 B
80 B

49ms
48ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpamberdata/1AkS7HXWeE-ZNSb79D4M

Requested by

Host: gaigrodno.by
URL: https://gaigrodno.by/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Oct 2022 02:03:24 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 25 Oct 2022 02:03:24 GMT

Redirect headers

Date: Tue, 25 Oct 2022 02:03:24 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: nginx
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 7
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://an.yandex.ru/mapuid/dmpamberdata/1AkS7HXWeE-ZNSb79D4M
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H2

200

match
match.360yield.com/ Frame BB71
Redirect Chain

https://euw-ice.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F{PUB_USER_ID}
https://euw-ice.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F%7BPUB_USER_ID%7D
https://an.yandex.ru/mapuid/azerionis/87ab9233-327d-44d5-9e55-b47a5e9664b4
https://match.360yield.com/match?external_user_id=87ab9233-327d-44d5-9e55-b47a5e9664b4&publisher_dsp_id=429&publisher_call_type=redirect

43 B
444 B

31ms
30ms

Image
image/gif

54.171.45.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match?external_user_id=87ab9233-327d-44d5-9e55-b47a5e9664b4&publisher_dsp_id=429&publisher_call_type=redirect
Requested by: Host: gaigrodno.by
URL: https://gaigrodno.by/
Protocol: H2
Server: 54.171.45.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-45-210.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 25 Oct 2022 02:03:24 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Oct 2022 02:03:24 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://match.360yield.com/match?external_user_id=87ab9233-327d-44d5-9e55-b47a5e9664b4&publisher_dsp_id=429&publisher_call_type=redirect
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 25 Oct 2022 02:03:24 GMT

GET
H2

200

c8dd471f-117c-4e5b-66f7-f506fae517e3
an.yandex.ru/mapuid/buzzooladspis/ Frame BB71
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect/yandex?redirect_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbuzzooladspis%2F%24%7BUUID%7D
https://an.yandex.ru/mapuid/buzzooladspis/c8dd471f-117c-4e5b-66f7-f506fae517e3

43 B
80 B

56ms
55ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/buzzooladspis/c8dd471f-117c-4e5b-66f7-f506fae517e3

Requested by

Host: gaigrodno.by
URL: https://gaigrodno.by/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Oct 2022 02:03:24 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 25 Oct 2022 02:03:24 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/buzzooladspis/c8dd471f-117c-4e5b-66f7-f506fae517e3
date: Tue, 25 Oct 2022 02:03:24 GMT
server: nginx
content-length: 113
serverid: TODO
content-type: text/html; charset=utf-8

GET pixel
mitdmp.whiteboxdigital.ru/ Frame BB71 0
0

GET
H2

200

/
an.yandex.ru/mapuid/ramblerssp/ Frame BB71
Redirect Chain

https://profile.ssp.rambler.ru/sync3.302?pid=188
https://an.yandex.ru/mapuid/ramblerssp/

43 B
80 B

48ms
48ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/ramblerssp/

Requested by

Host: gaigrodno.by
URL: https://gaigrodno.by/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Oct 2022 02:03:24 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 25 Oct 2022 02:03:24 GMT

Redirect headers

date: Tue, 25 Oct 2022 02:03:24 GMT
strict-transport-security: max-age=0
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
location: //an.yandex.ru/mapuid/ramblerssp/
content-type: application/x-javascript; charset=Windows-1251
x-passed: 1bal2
content-length: 0

GET
H2

200

u5IeMGgf3iGO.AikABlGEDOFOmQ
an.yandex.ru/mapuid/getintentis/ Frame BB71
Redirect Chain

https://px.adhigh.net/p/cm/yandexssp
https://an.yandex.ru/mapuid/getintentis/u5IeMGgf3iGO.AikABlGEDOFOmQ

43 B
80 B

50ms
49ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/getintentis/u5IeMGgf3iGO.AikABlGEDOFOmQ

Requested by

Host: gaigrodno.by
URL: https://gaigrodno.by/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Oct 2022 02:03:24 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 25 Oct 2022 02:03:24 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:24 GMT
server: nginx
x-backend-id: f17-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
location: https://an.yandex.ru/mapuid/getintentis/u5IeMGgf3iGO.AikABlGEDOFOmQ
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

o.zv6WSeZ7WS1W5Fmt.
an.yandex.ru/mapuid/dmpweborama/5q/ Frame BB71
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https://an.yandex.ru/mapuid/dmpweborama/{WEBO_CID}
https://an.yandex.ru/mapuid/dmpweborama/5q/o.zv6WSeZ7WS1W5Fmt.

43 B
80 B

49ms
49ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpweborama/5q/o.zv6WSeZ7WS1W5Fmt.

Requested by

Host: gaigrodno.by
URL: https://gaigrodno.by/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Oct 2022 02:03:24 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 25 Oct 2022 02:03:24 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:23 GMT
via: 1.1 google
last-modified: Tue, 25 Oct 2022 02:03:24 GMT
server: Weborama Collect Frontend
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://an.yandex.ru/mapuid/dmpweborama/5q/o.zv6WSeZ7WS1W5Fmt.
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 y
rtb-eu-warsaw.intent.ai/um/ Frame BB71 68 B
845 B 90ms
45ms Image
image/png 2606:4700:20::681a:e45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb-eu-warsaw.intent.ai/um/y

Requested by

Host: gaigrodno.by
URL: https://gaigrodno.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e45 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:24 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 68
pragma: no-cache
last-modified: Tue, 25 Oct 2022 02:03:24 GMT
server: cloudflare
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j6%2BhqTozEkOIZTA84jdLE9hcqeVFjGM61bnmfy1D4%2BSQH6hHQoz1uFeP%2FuLu5CvB%2F3NtkQR%2BNJhCsH5O8LWeVitIpWUqN7c1NXMXqfo%2FhmmWooUWRSqsq%2Bx2ouujRjBWhE6V%2FYUCwRqneF%2FN4V6RgP8Va1kE"}],"group":"cf-nel","max_age":604800}
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
cf-ray: 75f76024ca4c9034-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Wed, 11 Nov 1998 11:11:11 GMT

GET
H2

200

22cElAP9Gr8QeFpzu6v4
an.yandex.ru/mapuid/kadamis/ Frame BB71
Redirect Chain

https://s.uuidksinc.net/match/501
https://an.yandex.ru/mapuid/kadamis/22cElAP9Gr8QeFpzu6v4

43 B
80 B

57ms
56ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/kadamis/22cElAP9Gr8QeFpzu6v4

Requested by

Host: gaigrodno.by
URL: https://gaigrodno.by/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Oct 2022 02:03:24 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 25 Oct 2022 02:03:24 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/kadamis/22cElAP9Gr8QeFpzu6v4
date: Tue, 25 Oct 2022 02:03:24 GMT
server: nginx/1.19.0
content-length: 0

GET
H2

200

bc2d8ece-4815-4758-8e14-c5adcdf14b25
an.yandex.ru/mapuid/mtsdspis/ Frame BB71
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=yandex&id=map
https://sm.rtb.mts.ru/match/second?ssp=55&exu=map
https://tech.rtb.mts.ru/?dsp_uid=bc2d8ece-4815-4758-8e14-c5adcdf14b25&return_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fmtsdspis%2Fbc2d8ece-4815-4758-8e14-c5adcdf14b25
https://an.yandex.ru/mapuid/mtsdspis/bc2d8ece-4815-4758-8e14-c5adcdf14b25

43 B
80 B

52ms
52ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/mtsdspis/bc2d8ece-4815-4758-8e14-c5adcdf14b25

Requested by

Host: gaigrodno.by
URL: https://gaigrodno.by/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Oct 2022 02:03:24 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 25 Oct 2022 02:03:24 GMT

Redirect headers

Date: Tue, 25 Oct 2022 02:03:24 GMT
Server: nginx/1.20.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Location: https://an.yandex.ru/mapuid/mtsdspis/bc2d8ece-4815-4758-8e14-c5adcdf14b25
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2

200

data_sess_sync.php
sonar.semantiqo.com/fbfli/ Frame BB71
Redirect Chain

https://sonar.semantiqo.com/dmp/scr.php
https://counter.yadro.ru/id127/reff-id.gif?sid=714f7ba9da2041a185a6bdef6ce94d58
https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=714f7ba9da2041a185a6bdef6ce94d58

0
355 B

34ms
34ms

Image
text/html

95.217.86.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=714f7ba9da2041a185a6bdef6ce94d58
Requested by: Host: gaigrodno.by
URL: https://gaigrodno.by/
Protocol: H2
Server: 95.217.86.150 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.86.217.95.clients.your-server.de
Software: nginx/1.20.2 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:24 GMT
content-encoding: gzip
mode: no-cors
server: nginx/1.20.2
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers

Redirect headers

Location: https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=714f7ba9da2041a185a6bdef6ce94d58
Date: Tue, 25 Oct 2022 02:03:24 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Connection: keep-alive
Content-Length: 364
Content-Type: text/html; charset=iso-8859-1

GET
H2

200

bAvsIE6HAhXym1RBCy3kMw
an.yandex.ru/mapuid/dmpadriver/ Frame BB71
Redirect Chain

https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=109
https://an.yandex.ru/mapuid/dmpadriver/bAvsIE6HAhXym1RBCy3kMw?sign=2908983643

43 B
80 B

49ms
49ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpadriver/bAvsIE6HAhXym1RBCy3kMw?sign=2908983643

Requested by

Host: gaigrodno.by
URL: https://gaigrodno.by/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Oct 2022 02:03:24 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 25 Oct 2022 02:03:24 GMT

Redirect headers

Location: //an.yandex.ru/mapuid/dmpadriver/bAvsIE6HAhXym1RBCy3kMw?sign=2908983643
Date: Tue, 25 Oct 2022 02:03:24 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked

GET
H2

200

AbAvsIE6HAhXym1RBCy3kMw
an.yandex.ru/mapuid/adriveris/ Frame BB71
Redirect Chain

https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=19
https://an.yandex.ru/mapuid/adriveris/AbAvsIE6HAhXym1RBCy3kMw

43 B
80 B

49ms
49ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/adriveris/AbAvsIE6HAhXym1RBCy3kMw

Requested by

Host: gaigrodno.by
URL: https://gaigrodno.by/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Oct 2022 02:03:24 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 25 Oct 2022 02:03:24 GMT

Redirect headers

Location: //an.yandex.ru/mapuid/adriveris/AbAvsIE6HAhXym1RBCy3kMw
Date: Tue, 25 Oct 2022 02:03:24 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked

GET
H2

200

3489ac30-5409-11ed-8ff0-f832e4719dd9
an.yandex.ru/mapuid/dmpcleverdata/ Frame BB71
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au
https://an.yandex.ru/mapuid/dmpcleverdata/3489ac30-5409-11ed-8ff0-f832e4719dd9?sign=3975628269

43 B
80 B

49ms
48ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpcleverdata/3489ac30-5409-11ed-8ff0-f832e4719dd9?sign=3975628269

Requested by

Host: gaigrodno.by
URL: https://gaigrodno.by/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Oct 2022 02:03:24 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 25 Oct 2022 02:03:24 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/dmpcleverdata/3489ac30-5409-11ed-8ff0-f832e4719dd9?sign=3975628269
date: Tue, 25 Oct 2022 02:03:24 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate, private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0, 0

GET
H/1.1 200
OK /
sync.bumlam.com/ Frame BB71 43 B
552 B 7ms
7ms Image
image/gif 31.172.81.158
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=yandex
Requested by: Host: gaigrodno.by
URL: https://gaigrodno.by/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 31.172.81.158 Frankfurt am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/gif
Date: Tue, 25 Oct 2022 02:03:24 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Length: 43
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 204 yandexortb
sync.dmp.otm-r.com/match/ Frame BB71 0
69 B 18ms
13ms Image
text/plain 88.99.28.61
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/yandexortb
Requested by: Host: gaigrodno.by
URL: https://gaigrodno.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.99.28.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.61.28.99.88.clients.your-server.de
Software: nginx/1.17.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 25 Oct 2022 02:03:24 GMT
server: nginx/1.17.10

GET
H2

200

633e9e86-c8ef-4786-835a-354a6cadc27e
an.yandex.ru/mapuid/upravelis/ Frame BB71
Redirect Chain

https://sync.upravel.com/yandex/sync
https://633e9e86-c8ef-4786-835a-354a6cadc27e.sync.upravel.com/yandex/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ
https://an.yandex.ru/mapuid/upravelis/633e9e86-c8ef-4786-835a-354a6cadc27e

43 B
80 B

51ms
50ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/upravelis/633e9e86-c8ef-4786-835a-354a6cadc27e

Requested by

Host: gaigrodno.by
URL: https://gaigrodno.by/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Oct 2022 02:03:24 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 25 Oct 2022 02:03:24 GMT

Redirect headers

date: Tue, 25 Oct 2022 02:03:24 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://an.yandex.ru/mapuid/upravelis/633e9e86-c8ef-4786-835a-354a6cadc27e
access-control-allow-origin: *
content-type: image/png
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 0

GET
H2

200

zA76L8ZPiqjOxuen3HfzYg
an.yandex.ru/mapuid/dmpaidatame/ Frame BB71
Redirect Chain

https://x01.aidata.io/0.gif?pid=YANDEX
https://an.yandex.ru/mapuid/dmpaidatame/zA76L8ZPiqjOxuen3HfzYg?sign=637352800

43 B
80 B

49ms
48ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpaidatame/zA76L8ZPiqjOxuen3HfzYg?sign=637352800

Requested by

Host: gaigrodno.by
URL: https://gaigrodno.by/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Oct 2022 02:03:24 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 25 Oct 2022 02:03:24 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:24 GMT
last-modified: Tue, 25 Oct 2022 02:03:23 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
location: https://an.yandex.ru/mapuid/dmpaidatame/zA76L8ZPiqjOxuen3HfzYg?sign=637352800
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Tue, 25 Oct 2022 02:03:23 GMT

GET
H2

200

wS7b9kBErji4
an.yandex.ru/mapuid/dmpsegmento/ Frame BB71
Redirect Chain

https://yandex-dmp-sync.rutarget.ru/sync
https://an.yandex.ru/mapuid/dmpsegmento/wS7b9kBErji4?sign=2934862

43 B
80 B

53ms
46ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpsegmento/wS7b9kBErji4?sign=2934862

Requested by

Host: gaigrodno.by
URL: https://gaigrodno.by/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Oct 2022 02:03:24 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 25 Oct 2022 02:03:24 GMT

Redirect headers

Location: https://an.yandex.ru/mapuid/dmpsegmento/wS7b9kBErji4?sign=2934862
Date: Tue, 25 Oct 2022 02:03:24 GMT
Server: nginx
Connection: close
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2

200

wS7b9kBErji4
an.yandex.ru/mapuid/rutargetis/ Frame BB71
Redirect Chain

https://yandex-sync.rutarget.ru/sync
https://an.yandex.ru/mapuid/rutargetis/wS7b9kBErji4

43 B
80 B

56ms
49ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/rutargetis/wS7b9kBErji4

Requested by

Host: gaigrodno.by
URL: https://gaigrodno.by/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Oct 2022 02:03:24 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 25 Oct 2022 02:03:24 GMT

Redirect headers

Location: https://an.yandex.ru/mapuid/rutargetis/wS7b9kBErji4
Date: Tue, 25 Oct 2022 02:03:24 GMT
Server: nginx
Connection: close
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2 200 1HKOvJwQ0Tm100000000U9nJVAMVUNojcdw6eGhtty-JMpB2BLyxXoSp084dJ2Iqq4_TDVRTHWw6L4QWUAOAj-mBa7Wf4v1Ncm8aMXb1P2T85WYO66OoQZD3s0iPzq4O32iPNQ6ilOppqdaOZeBvPnb12gyoWhJUPMIGOM3uopWBQEvS9f38KgPJGEcrJBz0Afd-0... Show response
an.yandex.ru/rtbcount/ 43 B
91 B 61ms
59ms XHR
image/gif 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/rtbcount/1HKOvJwQ0Tm100000000U9nJVAMVUNojcdw6eGhtty-JMpB2BLyxXoSp084dJ2Iqq4_TDVRTHWw6L4QWUAOAj-mBa7Wf4v1Ncm8aMXb1P2T85WYO66OoQZD3s0iPzq4O32iPNQ6ilOppqdaOZeBvPnb12gyoWhJUPMIGOM3uopWBQEvS9f38KgPJGEcrJBz0Afd-0y4h9W7kPPVVg70pCl1KIWLSUitAy9U91UG4PbOWsSki22IdCeCqpsK6kMybCvEZ0iXMbetCLdrhVHBdf7ASP7wbldQotJhngAjWbNV1v4zc1oT-i0DNiAncsy32k8E5-G0BuqqMYAi_s3zasNEb_Tp-bElsRrb0Rb_0odcITGyN5rZw0cj3GmFBJLQOoLzPGSxjO6jWcS3swlwItNUkdfoUCOFjok7W1MnFddTsx_Yoza7UIZQOYGVOF4wmCJzYumrsThNATo-9o8nmJp5_oGQp-oUSDP7zrKdDG-zjtzhFOcSpCxEqC3FVmCwqWvtd1Bl80_Q71wwUx7pnRcBM3tOU0D7Aaaq0

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gaigrodno.by/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Oct 2022 02:03:24 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://gaigrodno.by
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 25 Oct 2022 02:03:24 GMT

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
51 B 48ms
48ms XHR
text/plain 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gaigrodno.by/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Oct 2022 02:03:24 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://gaigrodno.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 25 Oct 2022 02:03:24 GMT

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 56ms
54ms Preflight 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://gaigrodno.by
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://gaigrodno.by
access-control-max-age: 1728000
content-encoding: gzip
date: Tue, 25 Oct 2022 02:03:24 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-xss-protection: 1; mode=block

POST
H2 200 1 Show response
mc.yandex.com/watch/569838/ 43 B
85 B 51ms
51ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/569838/1?page-url=https%3A%2F%2Fgaigrodno.by%2F&charset=utf-8&cnt-class=1&hittoken=1666663404_d94d81074c52d69d04da172e42a5d184b88290b070d8051dcf4fd1acd6a814c3&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Al4cs6ej6vo5gha9qjtx4s%3Afp%3A1001%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A2%3Adp%3A1%3Als%3A368730387462%3Ahid%3A783197469%3Az%3A0%3Ai%3A20221025020324%3Aet%3A1666663404%3Ac%3A1%3Arn%3A669251538%3Arqn%3A1%3Au%3A1666663403336049582%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C141%2C342%2C38%2C302%2C0%2C%2C375%2C60%2C%2C%2C%2C1212%3Acpf%3A1%3Ans%3A1666663401502%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1666663404&t=gdpr(14)mc(p-2-h-1)clc(0-0-0)lt(78400)aw(1)rqnt(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gaigrodno.by/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:24 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 25-Oct-2022 02:03:24 GMT
content-type: image/gif
access-control-allow-origin: https://gaigrodno.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 25-Oct-2022 02:03:24 GMT

GET
H2 200 569838 Show response
mc.yandex.com/watch/ 43 B
73 B 58ms
57ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/569838?page-url=https%3A%2F%2Fgaigrodno.by%2F&charset=utf-8&cnt-class=1&hittoken=1666663404_d94d81074c52d69d04da172e42a5d184b88290b070d8051dcf4fd1acd6a814c3&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Al4cs6ej6vo5gha9qjtx4s%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A2%3Adp%3A1%3Als%3A368730387462%3Ahid%3A783197469%3Az%3A0%3Ai%3A20221025020324%3Aet%3A1666663404%3Ac%3A1%3Arn%3A729295919%3Arqn%3A2%3Au%3A1666663403336049582%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Acpf%3A1%3Ans%3A1666663401502%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1666663404%3At%3A%D0%93%D0%90%D0%98%20%D0%93%D1%80%D0%BE%D0%B4%D0%BD%D0%BE%2C%20%D0%A0%D0%9E%D0%92%D0%94%2C%20%D0%9C%D0%A7%D0%A1%2C%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D0%B0%D1%8F.%20%D0%92%D1%80%D0%B5%D0%BC%D1%8F%20%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D1%8B%2C%20%D1%82%D0%B5%D0%BB%D0%B5%D1%84%D0%BE%D0%BD%D1%8B%2C%20%D0%B0%D0%B4%D1%80%D0%B5%D1%81%D0%B0&t=gdpr(14)mc(p-2-h-1)clc(0-0-0)lt(78400)aw(1)rqnt(2)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:24 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 25-Oct-2022 02:03:24 GMT
content-type: image/gif
access-control-allow-origin: https://gaigrodno.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 25-Oct-2022 02:03:24 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/55320232/ 43 B
73 B 57ms
56ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/55320232/1?page-url=https%3A%2F%2Fgaigrodno.by%2F&charset=utf-8&hittoken=1666663404_c84b18fd69476269d36132dfe06634e42de9780f744d7746519cd5c1f8aa3669&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Al4cs6ej6vo5gha9qjtx4s%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A1%3Als%3A189960786934%3Ahid%3A783197469%3Az%3A0%3Ai%3A20221025020324%3Aet%3A1666663404%3Ac%3A1%3Arn%3A692767613%3Arqn%3A2%3Au%3A1666663403336049582%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Acpf%3A1%3Aeu%3A1%3Ans%3A1666663401502%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1666663404&t=gdpr(14)mc(p-2-h-1)clc(0-0-0)lt(78400)aw(1)rqnt(2)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gaigrodno.by/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:24 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 25-Oct-2022 02:03:24 GMT
content-type: image/gif
access-control-allow-origin: https://gaigrodno.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 25-Oct-2022 02:03:24 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 32BE 4 KB
636 B 132ms
52ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 25 Oct 2022 02:03:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 25 Oct 2022 01:38:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 25 Oct 2022 02:03:24 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 32BE 205 B
743 B 121ms
35ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 22:33:32 GMT
x-content-type-options: nosniff
age: 12592
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 24 Oct 2023 22:33:32 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 32BE 604 B
695 B 122ms
37ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 22:18:44 GMT
x-content-type-options: nosniff
age: 13480
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 24 Oct 2023 22:18:44 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/elements/html/ Frame 32BE 19 KB
9 KB 123ms
38ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a091a670b6bf03510fc7a1b3c74a417c4a8c8937f7fb0c9a1517a95bdd7ab18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 15:04:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39561
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8235
x-xss-protection: 0
server: cafe
etag: 7715946797152839796
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Nov 2022 15:04:03 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4501 0
0 82ms
82ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CpxGt6kNXY42GPOXmx_AP1IuW6ArBjPKMbdK_wP-BEMCNtwEQASCL2vscYJXikIKgB6ABmd3OvijIAQKoAwHIA8kEqgTNAU_QFrvhdBbueSJFhGKTo0w-CuhFgxO3GQmxsNHchKkUL6fYgS_2oXHRC6Ge8b4BbK0De1vpcNC5dKL516Gq2R1iCon0_DSzvNzXX_Y9H5B3qF5UTJH7hUVETrnHQNFaYnmHVp_0AGcUxXUw1QzwP3kjXwsGa43PuxUHVR2KSHKPPT5G1M7y6eqsjWNJJ5k1xyGWPMpO9eZHkG52rE5aBM5GTEfBF_IzGySjMrzEutfreokH9LQDlwLrFVkt2pcNQIop1aFd0lObEtV0oTPABJGAp6-eBKAGAoAHmZWfngOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCM4wXSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTA9AVAZgWAYAXAbIXHAoaCAASFHB1Yi04OTE3ODMwMTg5MTAwNzIxGAA&sigh=WnZaO6CXXwU&uach_m=[UACH]&cid=CAQSGwDq26N9d25a6rXeIVfSVz1U4uy8rbuivm4ghxgBIA4

Requested by

Host: gaigrodno.by
URL: https://gaigrodno.by/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 25 Oct 2022 02:03:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 25 Oct 2022 02:03:24 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/ Frame 4501 23 KB
9 KB 116ms
44ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 14:25:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41862
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9571
x-xss-protection: 0
server: cafe
etag: 15799940544776262544
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Nov 2022 14:25:42 GMT

GET
H2 200 4519520051465970100
tpc.googlesyndication.com/simgad/ Frame 4501 9 KB
10 KB 145ms
74ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4519520051465970100?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkKcQ82qo6-66QAINda2Pl9S5k0dQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

edb22961feb416b8955a0ac16cebf0a71fc51d433dd52884493611ed5cc7a4b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 15:11:16 GMT
x-content-type-options: nosniff
age: 39128
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9706
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 13:13:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 24 Oct 2023 15:11:16 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 4501 3 KB
1 KB 144ms
73ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 14:20:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42157
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Nov 2022 14:20:47 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 4501 17 KB
7 KB 119ms
48ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 14:22:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42043
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Nov 2022 14:22:41 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4501 152 KB
47 KB 148ms
46ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666611803224388"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 25 Oct 2022 02:03:24 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 4501 33 KB
14 KB 154ms
83ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f99c3b46e3e9c4a0b83bff85ab15facf6d8fa7cb43632934195ffbe59c34bb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 17:28:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30915
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13742
x-xss-protection: 0
server: cafe
etag: 7228540032719881800
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Nov 2022 17:28:09 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 4EB3 8 KB
895 B 48ms
48ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 25 Oct 2022 02:03:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 25 Oct 2022 01:42:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 25 Oct 2022 02:03:24 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 4EB3 2 KB
902 B 141ms
53ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 14:25:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41862
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Nov 2022 14:25:42 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/ Frame 4EB3 23 KB
9 KB 127ms
41ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 14:25:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41862
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9571
x-xss-protection: 0
server: cafe
etag: 15799940544776262544
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Nov 2022 14:25:42 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 4EB3 3 KB
1 KB 138ms
52ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 14:20:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42157
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Nov 2022 14:20:47 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 4EB3 17 KB
7 KB 121ms
37ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 14:22:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42043
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7569
x-xss-protection: 0
server: cafe
etag: 4237063375490391177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Nov 2022 14:22:41 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4EB3 152 KB
46 KB 134ms
47ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47514
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666611803224388"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 25 Oct 2022 02:03:24 GMT

GET
H3 200 6d06f43d9219529f87f676616f1c0e3b.js Show response
www.gstatic.com/mysidia/ Frame 4EB3 33 KB
14 KB 128ms
42ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d06f43d9219529f87f676616f1c0e3b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 17:48:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 375271
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13940
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 17:30:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 18 Jan 2023 17:48:53 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F504 143 B
166 B 40ms
38ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1002
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 01:46:42 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4501 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 607bdeec564251796bd6504c1862336933e006bd4a7e8110bb0dcbfd051d123b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F504
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

56ms
55ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 02:03:24 GMT
expires: Tue, 25 Oct 2022 02:03:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 02:03:24 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 568fMfmsPhabDhBQKM56ETVW7wyafyuYtNw47YmmG7Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 054F 36 KB
16 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/568fMfmsPhabDhBQKM56ETVW7wyafyuYtNw47YmmG7Q.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7af1f31f9ac3e169b0e105028ce7a113556ef0c9a7f2b98b4dc38ed89a61bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 10:36:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 142030
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16117
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 15:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 23 Oct 2023 10:36:14 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 62B8 143 B
166 B 41ms
38ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1002
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 01:46:42 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 62B8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

60ms
59ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 02:03:24 GMT
expires: Tue, 25 Oct 2022 02:03:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 02:03:24 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 568fMfmsPhabDhBQKM56ETVW7wyafyuYtNw47YmmG7Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 481E 36 KB
16 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/568fMfmsPhabDhBQKM56ETVW7wyafyuYtNw47YmmG7Q.js

Requested by

Host: gaigrodno.by
URL: https://gaigrodno.by/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7af1f31f9ac3e169b0e105028ce7a113556ef0c9a7f2b98b4dc38ed89a61bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 10:36:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 142030
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16117
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 15:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 23 Oct 2023 10:36:14 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4501 42 B
64 B 156ms
78ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvZ7ILJjZJ9lr7d_v0sHhcXCvL13Vpq2dE7ta70JsZSRJJfusXaIPZ27A_WWpFrxi9zkpCUl7uS2-39h0ZY9Y1O3vsKSbebEuoL0f0NVwWMpQUB6AKMpHj8I8IqfK1qCiIBeAxPQ-4tM2ieKUltS3V69YBNtuqnwCAiwTn_e_m4TaKElL3Dx-RiRoHlz0h64wnMSol5NA6fiXC1xy3LsORFHYm5S9lUTJ9m8wjpKK573OF6Xa_TeV1tjYLmyI1pQqu_GQY_b1f85FxK_itlzPB0JxI0gUeYOCEiy0tLorF6gBsR_eORR4Pkk6pn6MU1HM5Up6aWStp3vpVAFXj8NrNtEyWRl6yz3m1u7JMPjqNTECnZg26TzEF9UMhEy6-_KadTDpJZv8Zg0ITF7d8U-qcfRGYU46iP7N8hjxc4nhiD9dToKqqJEl5yWuizxXsRi48oOL3c696N-3Od_c21DEcaum8FNVi0Wg2VV0yDJyTK68gp5Dq6QdDZtIgWduyJRJSmZQhmYiYFBFxqxmoM-X71TmHE7Ok4T-d7vae95bJ4BRoRfkZ6zlX8UyjyX2Zv8PR5_-jJ5H4tpubap8rgxbS7N8SJpx24BPm_zZgOFQcS0KZchrYDXsycfPYyzYGI3LLyc28y9EGd0u4WCgJbKmY-TcBMUoK1X0PyTQa_o-YOHHs-fBDD6rb_bKJHYbwNFMAIlR63uwVMIDmZDqVqJNhkZDZymscPG3xm_fgHDuoNjGPt8Do93ibu961vuKCy63K7tkbKQtSaSEeDa7lI_2qzdnCm72TAu-HJAc5HVhllEhVdzUgoX9IK8vHkPbO8jPgRqz70KXH8r9Mqc4GZSrlAyZD-Jy4zl-qr4er4qYSU2cVgoJG7mFjH-vgqwPnhXcQkHZnsHkqe7TrqRB-fDP2i5pnCfaCBNXxzjkcy2do&sai=AMfl-YRCelhRFJEnjQYIJspDyG68VbkdLLxc2E8c-9E7jzD3LPRo7R3MP6yXTUpsSbueYYxcEXvSDbRByXowYdh4nBUaIYlS9diDxXFh&sig=Cg0ArKJSzOTR_EIUWo_TEAE&cid=CAQSGwDq26N9d25a6rXeIVfSVz1U4uy8rbuivm4ghxgBIA4&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=108,789,1000,1015,1015&tos=108,681,211,15,0&v=20221024&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666663404077&rpt=375&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bundle.js Show response
yastatic.net/q/set/s/rsya-tag-users/ Frame BB71 105 KB
37 KB 30ms
30ms Script
application/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Requested by

Host: gaigrodno.by
URL: https://gaigrodno.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:25 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
last-modified: Fri, 29 Oct 2021 11:19:01 GMT
server: nginx/1.17.9
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
etag: W/"82bdc8db563d3e71c35534315f8a9fd5"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952
x-nginx-request-id: 9a1bfb64a1fd7d8e
timing-allow-origin: *
expires: Thu, 27 Oct 2022 14:02:15 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ Frame BB71 160 KB
56 KB 49ms
47ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

6d0f9faf185c1f43001f2508f80abf686cfb1c00f58c6bf0fa807791b5fc65e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Thu, 20 Oct 2022 12:18:36 GMT
etag: "6351126c-e0cd"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 57549
expires: Tue, 25 Oct 2022 03:03:25 GMT

GET
H2 200 data Show response
yandex.ru/set/s/rsya-tag-users/ Frame BB71 403 B
736 B 73ms
72ms Fetch
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/set/s/rsya-tag-users/data?referrer=https%3A%2F%2Fgaigrodno.by%2F

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

9482a84c8bce68a68e4ccfb307cf4e4861e3433f37d8a22a686ae12c152cc461

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: public,max-age=300
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

GET
H2 200 /
www.acint.net/ping/ 43 B
224 B 50ms
48ms Image
image/gif 193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/ping/?v=0.4.0&uid=8e08a020-56b4-42f3-bfbd-a2eb787393f0&dp=10&tz=%2B00%3A00&nc=51110598&dT=2022-10-25T02%3A03%3A25.700
Requested by: Host: gaigrodno.by
URL: https://gaigrodno.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaigrodno.by/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: image/gif
date: Tue, 25 Oct 2022 02:03:25 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame BB71 41 KB
15 KB 161ms
41ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

8c1f103985ca72fdbd172c878fef875d9e50327c2baac26ce1b80d4a4fbf15e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15176
x-xss-protection: 0
server: cafe
etag: 444338200384796413
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 25 Oct 2022 02:03:25 GMT

GET
H2

200

/
www.google.de/pagead/1p-user-list/1014923426/ Frame BB71
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=7UNXY-O3NsfO1gbg6r3wDw...
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=492976103&crd=&is_vtc=1&random=1679759670
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=492976103&crd=&is_vtc=1&random=1679759670&ipr=y

42 B
108 B

142ms
56ms

Image
image/gif

2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=492976103&crd=&is_vtc=1&random=1679759670&ipr=y

Requested by

Host: gaigrodno.by
URL: https://gaigrodno.by/

Protocol

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:26 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:26 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=492976103&crd=&is_vtc=1&random=1679759670&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-user-list/1014923426/ Frame BB71
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=7UNXY-e5NorOxgKauqzYDA...
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=7860342&crd=&is_vtc=1&random=3542708344
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=7860342&crd=&is_vtc=1&random=3542708344&ipr=y

42 B
108 B

79ms
51ms

Image
image/gif

2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=7860342&crd=&is_vtc=1&random=3542708344&ipr=y

Requested by

Host: gaigrodno.by
URL: https://gaigrodno.by/

Protocol

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:26 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:26 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=7860342&crd=&is_vtc=1&random=3542708344&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3 Show response
mc.yandex.com/watch/ Frame BB71 256 B
355 B 61ms
55ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fgaigrodno.by%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A%3Avf%3A8zdfc3pjszirvo7fx08h8%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A810656187177%3Ahid%3A82798680%3Az%3A0%3Ai%3A20221025020325%3Aet%3A1666663406%3Ac%3A1%3Arn%3A1010547151%3Arqn%3A1%3Au%3A1666663406126221695%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C30%2C1%2C0%2C0%2C%2C92%2C0%2C125%2C125%2C0%2C125%3Acpf%3A1%3Ans%3A1666663403913%3Ast%3A1666663406&t=clc(0-0-0)aw(1)rqnt(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

3e988bc6ea686db8c5a3bb298bc1da410a7297cf74604b241d9d7f8a204c15b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:25 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Tue, 25-Oct-2022 02:03:25 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 256
x-xss-protection: 1; mode=block
expires: Tue, 25-Oct-2022 02:03:25 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ Frame BB71 43 B
100 B 58ms
53ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: gaigrodno.by
URL: https://gaigrodno.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 02:03:25 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 20 Oct 2022 12:18:36 GMT
etag: "6351126c-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Oct 2022 03:03:25 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame BB71 3 KB
1 KB 106ms
89ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1666663405938&cv=9&fst=1666663405938&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgaigrodno.by%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d45bc140787fdb7464f2d2f081f568c06326f7c77a728d23f50d2c9badbdcf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1114
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame BB71 3 KB
1 KB 109ms
95ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1666663405949&cv=9&fst=1666663405949&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgaigrodno.by%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

97145d88b6476735b07f4d48ea58f15bda06c208a86c6747334e2eecc93e47ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1112
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame BB71 3 KB
1 KB 105ms
94ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1666663405959&cv=9&fst=1666663405959&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgaigrodno.by%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f45a03607fbc3ce9eefb271261c16675f8ec709040f1fea4855b2cf9ad7a9342

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1113
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame BB71 3 KB
1 KB 107ms
99ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1666663405961&cv=9&fst=1666663405961&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgaigrodno.by%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b08b42a6dc5b2e7a717e95f95cf75f98afc23f12373281c0d3e89f175ebe6fe6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1113
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame BB71 42 B
64 B 51ms
50ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1666663405938&cv=9&fst=1666663200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgaigrodno.by%2F&async=1&fmt=3&is_vtc=1&random=3276519528&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: gaigrodno.by
URL: https://gaigrodno.by/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:26 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/947884341/ Frame BB71 42 B
108 B 169ms
72ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/947884341/?random=1666663405938&cv=9&fst=1666663200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgaigrodno.by%2F&async=1&fmt=3&is_vtc=1&random=3276519528&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: gaigrodno.by
URL: https://gaigrodno.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:26 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame BB71 42 B
64 B 55ms
52ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1666663405949&cv=9&fst=1666663200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgaigrodno.by%2F&async=1&fmt=3&is_vtc=1&random=1228687643&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: gaigrodno.by
URL: https://gaigrodno.by/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:26 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/693627671/ Frame BB71 42 B
548 B 140ms
50ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/693627671/?random=1666663405949&cv=9&fst=1666663200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgaigrodno.by%2F&async=1&fmt=3&is_vtc=1&random=1228687643&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: gaigrodno.by
URL: https://gaigrodno.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:26 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame BB71 42 B
64 B 61ms
57ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1666663405959&cv=9&fst=1666663200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgaigrodno.by%2F&async=1&fmt=3&is_vtc=1&random=2493396554&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: gaigrodno.by
URL: https://gaigrodno.by/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:26 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/947884341/ Frame BB71 42 B
108 B 143ms
54ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/947884341/?random=1666663405959&cv=9&fst=1666663200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgaigrodno.by%2F&async=1&fmt=3&is_vtc=1&random=2493396554&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: gaigrodno.by
URL: https://gaigrodno.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:26 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame BB71 42 B
64 B 59ms
57ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1666663405961&cv=9&fst=1666663200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgaigrodno.by%2F&async=1&fmt=3&is_vtc=1&random=3077713013&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: gaigrodno.by
URL: https://gaigrodno.by/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:26 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/693627671/ Frame BB71 42 B
108 B 139ms
53ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/693627671/?random=1666663405961&cv=9&fst=1666663200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgaigrodno.by%2F&async=1&fmt=3&is_vtc=1&random=3077713013&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: gaigrodno.by
URL: https://gaigrodno.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:26 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 37412095 Show response
mc.yandex.com/watch/ Frame BB71 439 B
546 B 52ms
51ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fgaigrodno.by%2F&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%220%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22chrome%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Agdpr%3A6%3Avf%3A8zdfc3pjszirvo7fx08h8%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A2%3Adp%3A1%3Als%3A757600307177%3Ahid%3A82798680%3Az%3A0%3Ai%3A20221025020326%3Aet%3A1666663406%3Ac%3A1%3Arn%3A816052371%3Arqn%3A1%3Au%3A1666663406126221695%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C30%2C1%2C0%2C0%2C%2C92%2C0%2C125%2C125%2C0%2C125%3Acpf%3A1%3Ans%3A1666663403913%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1666663406%3At%3A&t=gdpr(6)clc(0-0-0)lt(13200)aw(1)rqnt(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

3ac19978ccff7210923779937b7fa16ab3bf1506de6e67774f0ff3ba68130e63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Tue, 25-Oct-2022 02:03:26 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 439
x-xss-protection: 1; mode=block
expires: Tue, 25-Oct-2022 02:03:26 GMT

GET
H2 200 1MTWqm6P0Tm100000000U9nJVAMVUNojcdw6eGhtty-JMpB2BLyxXoSp084dJ2Iqq4_TDVRTHWw6L4QWUAOAj-mBa7Wf4v1Ncm8aMXb1P2T85WYO66OoQZD3s0iPzq4O32iPNQ6ilOppqdaOZeBvPnb1cgw2oRkC338C37yPPm7DdSi44bdAT0fepbgcNo2LJF-1u... Show response
an.yandex.ru/rtbcount/ 43 B
154 B 51ms
49ms XHR
image/gif 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/rtbcount/1MTWqm6P0Tm100000000U9nJVAMVUNojcdw6eGhtty-JMpB2BLyxXoSp084dJ2Iqq4_TDVRTHWw6L4QWUAOAj-mBa7Wf4v1Ncm8aMXb1P2T85WYO66OoQZD3s0iPzq4O32iPNQ6ilOppqdaOZeBvPnb1cgw2oRkC338C37yPPm7DdSi44bdAT0fepbgcNo2LJF-1u1MJ0FUooszKk1aPU2gb0YwzPcNuoyG2SW8pAv3iPLO4abEPGPhdCeFSjvAPoL41P2lBHcQhlhK-YNDIEKuolr9VEzbkdNZKLR3Aks3o9xE34p_OWIjOLhDjO67SmS9yW8Nn9Wl4rH_i7xBikT9-Rd_ATVktB22tBs3bFCcwXuiBB7s1jQ6XWUKcAypahwmWvtQmDR1CO7jrVydkErTFJi-OmNRbSF02jYVFExjtV5dx86yb6yp40smU9zYO7x7n1ZkxMkMxbqHaHhYdcBzaWzdz4ywQoFxgfEQXzxPlxMUnivcPMLgOcMzWPzh1pdE2NUG1-yC3LqzsldWtCUi7Emy0pnQIIm00?confirmTime=2101000&confirmRatio=1000000&test-tag=94008244174850&format-type=118&actual-format=13&rnd=1815986277266&banner-sizes=eyI3MjA1NzYwNjczMjI1MDEzNSI6IjM0M3gzMDAiLCI3MjA1NzYwNjQzNDUxMjQ4NCI6IjM0M3gzMDAiLCIxODk0NjUwNDIwNjE2MzkxNDEiOiIzNDN4MzAwIn0%3D&width=1039&height=300

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gaigrodno.by/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Oct 2022 02:03:26 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://gaigrodno.by
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 25 Oct 2022 02:03:26 GMT

GET
H2 200 WOeejI_zODW01Gm091H59qvnXQVuH0K0s04GW8200J7hGrTZ000003ZSnqM80WAv0gXkJlfg28b3y0BUpE3m5V050Q06o0791kelQSUj9YzegGSa2nteauHeL_W4gWiG2wRJx2GB0G0CUHfGqklm2mRW3OA2WO60W82819WEwi-qdUd7wujQg0-ablIVlvAXj5UG4... Show response
an.yandex.ru/count/ 43 B
119 B 60ms
59ms XHR
image/gif 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/count/WOeejI_zODW01Gm091H59qvnXQVuH0K0s04GW8200J7hGrTZ000003ZSnqM80WAv0gXkJlfg28b3y0BUpE3m5V050Q06o0791kelQSUj9YzegGSa2nteauHeL_W4gWiG2wRJx2GB0G0CUHfGqklm2mRW3OA2WO60W82819WEwi-qdUd7wujQg0-ablIVlvAXj5UG49cygREe_igJ0lWG3WFXmPcT5V0I3eWJ0v0JCfWJu1G1y1N1YlRieu-y_6EO5f24cfe6e1QmfQgQ1iaMy3_O5e4Ng1S9q1WX-1Zaqlk1YDd4uIM06OaPl0gm6UhVfBlSrScNQBWP____0S0PqXaIUM5YSrzpPN9sPN8lSZSpEIqnw1cF2F0PWC83c1hKmrEm6qYu6mE270rJGqKwRqTqM6bOHsGtwHo07Vz_W202Y20Cq27___y1rIB__t__4W0o0ssOyJgUGAQLedt7Zzj1Cg447D98NBAqnE1ubi-UZvglRFm60RtQET4agecfy4TXg3j7oN4e5MmF~1=WI8ejI_zO4q0nGW0H0ySwd4VJG6dkVhvai7Yy0600Qkps8kfmgwwYW680Q7uXx-O0P01hl2Vojw0W802c06ky9_ANhW1dA3Xi2NO0PZ5cAW1u06MbQ-P0UW1wW6W0exwXG6m0vG2Y0NLt06G1PkM3B05b8m3k0MKZBkU0QW6o06f1oGB7UYJX6XNk0U01U07XWhG2Bg8W872W806u0Y7_KBe2GU02W7u2e2r6EWCcmR840oO4VB8A80KW820w1IC0fWMa8IQcWQW5h2bgfe6oHQO5vUrj2p05xNM0Q0Pm06u6V___m616l__hvw4uFX0g1u1i1y1o1_CeenKrIB__t__2G1lrrY-8jZHdwCEXaFu3xC75oB7OQjIEZC2VX_v13C47000~1=WMuejI_zO7e09Gi0T1JcYfSxUW68wvlJuP27huy1W06e_upf-x_Puky1Y07uqOccb06G0SZvfgxSW8200fW1aFcchbou0P3fgluas06UzFkd0U01hf-O8EW17FW1wfNUlW6W0e3donUW0mIm0xa2Y0Mnu06G1VQS0h05k4Yu1RX8m0MkxGN81SA-0T05_1oe1iW1gGSa2nteauHeLxW7W0NW1uOAq0YwYe21me201k08mFFb2-W91u0A0VWAWBKOw0oR1iWGmR8Gc17oo2YXkO0KW8201D0K-FI76UWKZ0AO5f24cfe6e1QmfQgQ1iaMy3-O5zR1vYd05xNM0Q0Pm06u6V___m616l__iz-UPGkCg1u1i1y2o1-F-lrJgI3XTSIUs0NOFv0Ypguea2BIhYYG8jIkA90YrQuea2Bno2YG8lB8A90Y-DOea2BvrYZL8l__V_y706NN280b1ZqO3WCn5oPwvicHiKhfV89j0Wu0~1=WNaejI_zO8W0VGi0v1H31m9uY074aEItp9A1WVm1W07NyeG1Y07NyeG1a07Azu6NzjoEeGMW0TZocChWW8200gW1sFAOoc2m0PgA_0Yu0VR2mDebs06ujCUh0U01cgpe2UW1b0IO0lQIrGMW0lYIrGMW0mQm0wC5Y0M8Qv05xcsm1VSRk0Nt6y05bVe1o0NDFz05bWke1iW1gGSa2nteauHeLxW7mWlW1uOAq0YQYf29me200k08lCdg0kW91u0A0VWAWBKOw0oR1iWGmR2IYW6O4VB8AA6vW1I0W808q1ImhRLmw1IC0fWMa8IQcWQW5h2bgfe6oHRmFvWNozbem1UrrW6W6S01k1d___y1WHh__xyh996SVAWU0R0V0yWVdDhZLQaWKmCCTMU6tJ-G8iwkA90Yqguea2BKhYYG8jMkA90YySWea2Boo2YG8lZMA90Y-TOerIB__t__2020rmZu9GPv60vxCHSMjkR9CQ-KpXlvK-jiWcq23W00~1?stat-id=2&test-tag=94008244230705&banner-sizes=eyI3MjA1NzYwNjczMjI1MDEzNSI6IjM0M3gzMDAiLCI3MjA1NzYwNjQzNDUxMjQ4NCI6IjM0M3gzMDAiLCIxODk0NjUwNDIwNjE2MzkxNDEiOiIzNDN4MzAwIn0%3D&format-type=118&actual-format=13&pcodever=669867&banner-test-tags=eyI3MjA1NzYwNjczMjI1MDEzNSI6IjU3MzkzIiwiNzIwNTc2MDY0MzQ1MTI0ODQiOiI1NzM2MiIsIjE4OTQ2NTA0MjA2MTYzOTE0MSI6IjQyNDM1MDcifQ%3D%3D&width=1039&height=300&confirmTime=2112000&confirmRatio=1000000&wmode=0

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gaigrodno.by/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Oct 2022 02:03:26 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://gaigrodno.by
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 25 Oct 2022 02:03:26 GMT

POST
H2 200 55320232 Show response
mc.yandex.com/webvisor/ 43 B
137 B 1914ms
104ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/55320232?wmode=0&wv-part=1&wv-hit=783197469&page-url=https%3A%2F%2Fgaigrodno.by%2F&rn=1000599136&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1666663407%3Aw%3A1600x1200%3Av%3A912%3Az%3A0%3Ai%3A20221025020327%3Au%3A1666663403336049582%3Avf%3Al4cs6ej6vo5gha9qjtx4s%3Awe%3A1%3Ast%3A1666663407&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gaigrodno.by/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:28 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 25-Oct-2022 02:03:28 GMT
content-type: image/gif
access-control-allow-origin: https://gaigrodno.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 25-Oct-2022 02:03:28 GMT

POST
H2 200 55320232 Show response
mc.yandex.com/webvisor/ 43 B
162 B 969ms
547ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/55320232?wmode=0&wv-part=1&wv-hit=783197469&page-url=https%3A%2F%2Fgaigrodno.by%2F&rn=108717785&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1666663407%3Aw%3A1600x1200%3Av%3A912%3Az%3A0%3Ai%3A20221025020327%3Au%3A1666663403336049582%3Avf%3Al4cs6ej6vo5gha9qjtx4s%3Awe%3A1%3Ast%3A1666663407&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gaigrodno.by/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 02:03:28 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 25-Oct-2022 02:03:28 GMT
content-type: image/gif
access-control-allow-origin: https://gaigrodno.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 25-Oct-2022 02:03:28 GMT

POST
H2 200 click
yandex.ru/clck/ 43 B
184 B 69ms
65ms Ping
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/clck/click

Requested by

Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/669867/3521127290410543dbe9.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

7e928161cd626935d39ff08188caa3f3a918811ca87194082dedf28b697ce6fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gaigrodno.by/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

cache-control: no-cache
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
content-length: 43
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dmp.gotechnology.io
URL: https://dmp.gotechnology.io/match/sape?id=0100007FEA4357631F00C49F02371FD5

Domain: s3.advarkads.com
URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007FEA4357631F00C49F02371FD5

Domain: mitdmp.whiteboxdigital.ru
URL: https://mitdmp.whiteboxdigital.ru/pixel?id=a&source=yandex&redirect=false&href=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fqbitis%2F%7Bmiid%7D

Verdicts & Comments Add Verdict or Comment

125 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

112 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 06:59:09	Name: afpix Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 07:06:21	Name: pcssspb Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 06:59:09	Name: pcs3 Value: 1
.mediatoday.ru/core	1970-01-20 16:33:43	Name: idntfy Value: VUY70jHC7JsQNyr
gaigrodno.by/	1970-01-20 16:33:43	Name: fid Value: b2b68b8c-0cc2-4b96-bc94-5f556852f2bf
.acint.net/	1970-01-20 06:57:44	Name: test_cookie Value: CheckForPermission
.acint.net/	1970-01-20 16:33:43	Name: aid Value: fwAAAWNXQ+qfxAAf1R83AsNAuS/qFcFZa2uK1ETkwdDxLjc6
.acint.net/	1970-01-20 07:40:55	Name: cSyncDp7v2 Value: 1666663402
.acint.net/	1970-01-20 07:40:55	Name: cSyncDp14v3 Value: 1666663402
.acint.net/	1970-01-20 07:40:55	Name: cSyncDp17 Value: 1666663402
.acint.net/	1970-01-20 07:40:55	Name: cSyncDp32 Value: 1666663402
.acint.net/	1970-01-20 06:59:09	Name: cSyncDp45v3 Value: 1666663402
.acint.net/	1970-01-20 07:40:55	Name: cSyncDp53 Value: 1666663402
.acint.net/	1970-01-20 07:40:55	Name: cSyncDp54v2 Value: 1666663402
.acint.net/	1970-01-20 07:40:55	Name: cSyncDp62 Value: 1666663402
.acint.net/	1970-01-20 07:40:55	Name: cSyncDp67v2 Value: 1666663402
.acint.net/	1970-01-20 07:40:55	Name: cSyncDp68 Value: 1666663402
.acint.net/	1970-01-20 07:40:55	Name: cSyncDp71 Value: 1666663402
.acint.net/	1970-01-20 07:17:53	Name: cSyncDp77 Value: 1666663402
.acint.net/	1970-01-20 07:40:55	Name: cSyncDp84 Value: 1666663402
.acint.net/	1970-01-20 07:40:55	Name: cSyncDp85 Value: 1666663402
.acint.net/	1970-01-20 07:40:55	Name: cSyncDp95v3 Value: 1666663402
.acint.net/	1970-01-20 07:40:55	Name: cSyncDp101 Value: 1666663402
.acint.net/	1970-01-20 07:17:53	Name: cSyncDp104v2 Value: 1666663402
.acint.net/	1970-01-20 07:40:55	Name: cSyncDp107 Value: 1666663402
.acint.net/	1970-01-20 07:40:55	Name: cSyncDp110 Value: 1666663402
.acint.net/	1970-01-20 07:17:53	Name: cSyncDp111v2 Value: 1666663402
.acint.net/	1970-01-20 07:40:55	Name: cSyncDp112v2 Value: 1666663402
.acint.net/	1970-01-20 07:19:19	Name: cSyncDp125v2 Value: 1666663402
.acint.net/	1970-01-20 07:40:55	Name: cSyncDp126 Value: 1666663402
.acint.net/	1970-01-20 07:40:55	Name: cSyncDp127 Value: 1666663402
.acint.net/	1970-01-20 07:40:55	Name: cSyncDp129 Value: 1666663402
.acint.net/	1970-01-20 07:40:55	Name: cSyncDp136v2 Value: 1666663402
.acint.net/	1970-01-20 07:40:55	Name: cSyncDp138 Value: 1666663402
.acint.net/	1970-01-20 07:40:55	Name: cSyncDp144 Value: 1666663402
.acint.net/	1970-01-20 07:40:55	Name: cSyncDp146 Value: 1666663402
.acint.net/	1970-01-20 07:40:55	Name: cSyncDp148 Value: 1666663402
.acint.net/	1970-01-20 07:40:55	Name: cSyncDp149 Value: 1666663402
.acint.net/	1970-01-20 07:40:55	Name: cSyncDp151 Value: 1666663402
.acint.net/	1970-01-20 07:40:55	Name: cSyncDp178 Value: 1666663402
.acint.net/	1970-01-20 07:40:55	Name: cSyncDp179 Value: 1666663402
.acint.net/	1970-01-20 07:40:55	Name: cSyncDp186 Value: 1666663402
.acint.net/	1970-01-20 07:40:55	Name: cSyncDp221 Value: 1666663402
.betweendigital.com/	1970-01-20 15:43:19	Name: dc Value: lux1
.betweendigital.com/	1970-01-20 15:43:19	Name: tuuid Value: 8885e063-da3f-522a-8b80-9829e8d7dbc3
.betweendigital.com/	1970-01-20 15:43:19	Name: ss Value: 1
.utraff.com/	1970-01-20 07:41:06	Name: preutid Value: 1
.upravel.com/	1970-01-20 06:57:43	Name: session_tptc Value: 1666663402957
.ssp-rtb.sape.ru/	1970-01-20 16:33:43	Name: sspuid Value: wQO4qWNXQ+pGIwAcUJQPAmjsA5dWqtanT9kEM670blMAsqV1
.yandex.ru/	1970-01-20 16:33:43	Name: yuidss Value: 7507261631666663402
.yandex.ru/	1970-01-20 16:33:43	Name: yandexuid Value: 7507261631666663402
.upravel.com/	1970-01-20 16:33:43	Name: user_id Value: 633e9e86-c8ef-4786-835a-354a6cadc27e
.gaigrodno.by/	1970-01-20 16:19:19	Name: __gads Value: ID=f747d01d18ba9224-2298752454ce0004:T=1666663402:RT=1666663402:S=ALNI_MbQgtv1RWJTRLsRy_1VWIHZBM6DmA
.gaigrodno.by/	1970-01-20 16:19:19	Name: __gpi Value: UID=00000b7836cd18b3:T=1666663402:RT=1666663402:S=ALNI_MaUecPP6n1NNfSn2SeFtPmNdTfI8Q
.1dmp.io/	1970-01-20 15:43:19	Name: uid Value: 3489ac30-5409-11ed-8ff0-f832e4719dd9
.adhigh.net/	1970-01-20 15:43:19	Name: gi_u Value: u5IeMGgf3iGO.AikABlGEDOFOmQ
.rutarget.ru/	1970-01-20 11:16:55	Name: userId Value: wS7b9kBErji4
.an.yandex.ru/	1970-01-20 07:07:48	Name: yabs-vdrf Value: A0
.gaigrodno.by/	1970-01-20 15:43:19	Name: _ym_uid Value: 1666663403336049582
.gaigrodno.by/	1970-01-20 15:43:19	Name: _ym_d Value: 1666663403
.adriver.ru/	1970-01-20 16:33:43	Name: cid Value: AbAvsIE6HAhXym1RBCy3kMw
.rktch.com/	1970-01-20 07:40:55	Name: b_uid Value: 28efc29ad71422b161668c0b4c69bc57ea52
.adhigh.net/	1970-01-20 15:43:19	Name: sape_sync Value: jAd
.mc.yandex.by/	1970-01-20 06:57:44	Name: sync_cookie_csrf Value: 1527945540fake
.mc.yandex.com/	1970-01-20 06:57:44	Name: sync_cookie_csrf Value: 2720012559fake
.ops.beeline.ru/	1970-01-20 15:30:21	Name: BeeAID Value: ba264945-fca7-4c00-96a8-27bad07635d3
.uuidksinc.net/	1970-01-20 15:43:19	Name: jcsuuid Value: 22cElAP9Gr8QeFpzu6v4
ssp.bidvol.com/	1970-01-20 16:33:43	Name: bvuid Value: jgtg3tm5vr
.mts.ru/	1970-01-20 15:30:21	Name: dspid Value: bc2d8ece-4815-4758-8e14-c5adcdf14b25
.gnezdo.ru/	1970-01-20 16:33:43	Name: uid Value: XV9maWNXQ+szJbklVMdMAg==
.mc.yandex.ru/	1970-01-20 06:57:44	Name: sync_cookie_csrf Value: 2919367775fake
.weborama.fr/	1970-01-20 16:23:38	Name: AFFICHE_W Value: GbOMgbSv17kZ92
.bumlam.com/	1970-01-20 16:33:43	Name: suuid3 Value: IiQzNGQ1YzVhYy01NDA5LTExZWQtOGYwYS0wMDI1OTBjODI0Mzc*
.aidata.io/	1970-01-20 16:33:43	Name: __upin Value: zA76L8ZPiqjOxuen3HfzYg
.aidata.io/	1970-01-20 16:33:43	Name: __upints Value: 1666663403
.agency2.ru/	1970-01-20 15:30:21	Name: uuid Value: 8f2b0885-5225-495b-9d09-be379ccaae22
.yandex.com/	1970-01-20 15:43:19	Name: yandexuid Value: 7507261631666663402
.yandex.com/	1970-01-20 15:43:19	Name: yuidss Value: 7507261631666663402
.mc.yandex.com/	1970-01-20 06:59:09	Name: sync_cookie_ok Value: synced
.yandex.by/	1970-01-20 16:33:43	Name: yandexuid Value: 7507261631666663402
.yandex.by/	1970-01-20 16:33:43	Name: yuidss Value: 7507261631666663402
.mc.yandex.by/	1970-01-20 06:59:09	Name: sync_cookie_ok Value: synced
.gaigrodno.by/	1970-01-20 06:58:55	Name: _ym_isad Value: 2
x01.aidata.io/	1970-01-20 07:02:02	Name: livin Value: 1
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 2244806851666663404
.yandex.com/	1970-01-20 16:33:43	Name: i Value: sE8+YZww6WDAaQ4dw0u/jWL8/eCV/T6v8NX97Tfa6UkkxRPgmIT6Pa20RY1bvsA9Bf1faN8pVXLucEV3xgA1NHNlF9o=
.yandex.com/	1970-01-20 15:43:19	Name: ymex Value: 1698199404.yrts.1666663404#1698199404.yrtsi.1666663404
.mts.ru/	1970-01-20 16:33:43	Name: mts_id Value: fc7a58bb-df4f-466c-87e5-21ee08da4000
.mts.ru/	1970-01-20 16:33:43	Name: mts_id_last_sync Value: 1666663404
.1dmp.io/	1970-01-20 06:57:43	Name: ru-seq Value: null
x01.aidata.io/	1970-01-20 07:07:48	Name: yaya Value: 1
.adhigh.net/	1970-01-20 15:43:19	Name: yandexssp_sync Value: jAd
.gaigrodno.by/	1970-01-20 06:57:45	Name: _ym_visorc Value: w
px.arcspire.io/	1970-01-20 07:40:55	Name: arcid Value: f676027a86c4535185936f
.360yield.com/	1970-01-20 09:07:19	Name: tuuid_lu Value: 1666663404
.dmg.digitaltarget.ru/	1970-01-20 16:33:43	Name: viuserid Value: 1AkS7HXWeE-ZNSb79D4M
.betweendigital.com/	1970-01-20 15:43:19	Name: ut Value: Y1dD7AADIMhCz5wAcQcMcrvU92jgZL4uxj4LZg==
.yandex.ru/	1970-01-20 16:33:43	Name: i Value: zc6WWHPfewoEYUl1+aipfmO4Uz5noZ5q+MkNkpfXk0teVcZBhpdOBigAUNlSA3UFIzPG+zcxGjReoT/MlB8kU4e3tuk=
.360yield.com/	1970-01-20 09:07:19	Name: tuuid Value: b74e17ae-6452-4144-887b-b298a21189f3
.doubleclick.net/	1970-01-20 16:19:19	Name: IDE Value: AHWqTUmcrBlx7r_3RfgIBCjddTTiiQuC_4a5yTfVI7jKREftcgkhobnP8YvP-posqa4
.tns-counter.ru/	1970-01-20 15:43:19	Name: guid Value: 04DD6A05635743ECX1666663404
.adx.opera.com/	1970-01-20 07:40:55	Name: UID Value: 0fce2203ba9f4cc1afade2e3636eec1c
.360yield.com/	1970-01-20 09:07:19	Name: umeh Value: !429,0,1728871404,-1
.demdex.net/	1970-01-20 11:16:55	Name: demdex Value: 38979890182779244083028337757001167549
.360yield.com/	1970-01-20 09:07:19	Name: um Value: !429,rE40p1lQkGr6uXOu.ufoBFwArOZZhQtYpgMt-8DmPrHDpVy8TwQ1w1.ed73vFBz8uzQ,1674439404
.dpm.demdex.net/	1970-01-20 11:16:55	Name: dpm Value: 38979890182779244083028337757001167549
.sonar.semantiqo.com/	1970-01-20 16:33:43	Name: semantiqo_a Value: 714f7ba9da2041a185a6bdef6ce94d58
.sonar.semantiqo.com/	1970-01-20 15:53:24	Name: check Value: 206af894f00d4ca49c683ddd60da6b3a
.mail.ru/	1970-01-20 15:44:45	Name: VID Value: 3AKGxV2_VYoD0026UG0dKJ2D:::0-0-0-8719caa:CAASEAV776Kce2-y3Td_m0UXVx8aYKiJEKUjhVNi5b4Lo94PhrNseZ3Bru_SDFDC7ZQ0MdPzZ3l52Q2PywwNBjOIe43iF0k1MC0zK4jbepS2UYT-O5WZR4ejh6BLrawP1CAQ-e9I0EjopyNDQEzaOwZbjdTMFg
.doubleclick.net/	1970-01-20 06:57:47	Name: DSID Value: NO_DATA
.yandex.ru/	1970-01-20 16:33:43	Name: is_gdpr Value: 1
.yandex.ru/	1970-01-20 16:33:43	Name: is_gdpr_b Value: CO+2UBDFkQEYAQ==

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://an.yandex.ru/mapuid/SAPEis/0100007FEA4357631F00C49F02371FD5 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0100007fea4357631f00c49f02371fd5-sp.ops.beeline.ru
633e9e86-c8ef-4786-835a-354a6cadc27e.sync.upravel.com
a.utraff.com
acint.net
ad.adriver.ru
ad.mail.ru
adlmerge.com
ads.adlook.me
ads.betweendigital.com
adservice.google.com
adservice.google.de
an.yandex.ru
api-maps.yandex.ru
avatars.mds.yandex.net
cm.g.doubleclick.net
cm.tns-counter.ru
core-renderer-tiles.maps.yandex.net
counter.yadro.ru
cs.agency2.ru
dm-eu.hybrid.ai
dm.hybrid.ai
dmg.digitaltarget.ru
dmp.gotechnology.io
dpm.demdex.net
euw-ice.360yield.com
exchange.buzzoola.com
favicon.yandex.net
fcgi4.gnezdo.ru
fonts.googleapis.com
fonts.gstatic.com
gaigrodno.by
googleads.g.doubleclick.net
im.bluevoox.com
match.360yield.com
match.new-programmatic.com
mc.yandex.by
mc.yandex.com
mc.yandex.ru
mediatoday.ru
mitdmp.whiteboxdigital.ru
nr.bidderstack.com
pagead2.googlesyndication.com
partner.googleadservices.com
profile.ssp.rambler.ru
px.adhigh.net
px.arcspire.io
redirect.frontend.weborama.fr
rtb-eu-warsaw.intent.ai
s.uuidksinc.net
s3.advarkads.com
sape-sync.rutarget.ru
sm.rtb.mts.ru
sonar.semantiqo.com
ssp-rtb.sape.ru
ssp.adriver.ru
ssp.bestssp.com
ssp.bidvol.com
stat.adlabs.ru
sync.1dmp.io
sync.adkernel.com
sync.bumlam.com
sync.dmp.otm-r.com
sync.republer.com
sync.upravel.com
t.adx.opera.com
tag.digitaltarget.ru
tech.rtb.mts.ru
top-fwz1.mail.ru
tpc.googlesyndication.com
ut.rktch.com
www.acint.net
www.google.com
www.google.de
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
x01.aidata.io
yandex-dmp-sync.rutarget.ru
yandex-sync.rutarget.ru
yandex.ru
yandex.st
yastatic.net
ysa-static.passport.yandex.ru
dmp.gotechnology.io
mitdmp.whiteboxdigital.ru
s3.advarkads.com
109.248.237.36
136.243.48.22
139.45.228.111
142.250.186.162
148.251.237.106
168.119.88.34
172.217.18.2
176.122.21.226
178.170.196.9
185.147.80.35
185.15.175.130
185.15.175.159
185.66.68.16
188.42.196.115
193.232.150.150
193.3.184.137
193.3.184.211
195.209.108.47
195.209.111.13
2001:6d0:4001::226
213.87.44.187
217.65.2.150
217.66.147.38
23.111.107.44
23.88.82.46
2606:4700:20::681a:e45
2606:4700:3033::ac43:d997
2a00:1148:db00::17
2a00:1450:4001:800::2003
2a00:1450:4001:803::2002
2a00:1450:4001:808::2002
2a00:1450:4001:808::2003
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:830::2002
2a00:1450:4001:831::2004
2a02:6b8:20::215
2a02:6b8::184
2a02:6b8::1:119
2a02:6b8::274
2a02:6b8::2b8
2a02:6b8::36
2a02:6b8::5:114
2a02:6b8::90
2a02:6b8:a::a
31.172.81.158
31.220.27.155
35.177.4.157
35.190.24.218
37.18.103.16
37.18.16.21
37.9.245.57
46.243.142.239
46.243.172.93
46.4.70.80
52.31.4.32
52.45.175.185
54.171.45.210
65.109.65.188
77.245.57.72
82.145.213.8
88.212.201.204
88.99.28.61
89.108.119.28
89.108.97.2
91.192.149.30
93.95.102.105
95.163.52.67
95.211.66.35
95.216.101.186
95.217.86.150
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
0935447866da8ca59df7d65710e0b68377a6dbc62c761e83ebfc83998f905788
0ae81b747729cc0b64f3e6f9d3fdfd1a552e08d0bdda217ce9677b6fecee6d94
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
10bd2e0f815113f7fe2720517739607ad7b449eb4b1c6993b88d6bbd27e7c76c
119e688e56a28dd3d07eb7fc866b1f154ed2d1107e34c3e64d062697dc6f404d
128811e08fc761c192794eadb0ca1ece135e0b3a8ea7d897c2f7f9fd5a37281f
13307d38583c07263f98c886b394ce3c1fae47bef396203ea85875051de38b83
13e327b334d10b2b24101040eecace86aaaa2eed03d282fa75a04aa3bebf69c1
147d977bfa3aa2f98091f9ed2cf7ee42a96131c1f742dd1bdad6e46c69b1c1e0
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
19689736ac997394a478446e2dc2ac08985bde741b634655a96a2158ed8dae18
19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc
1a5c695d53809f9269b9e90dd3d89ec162acaabddb99d4bb59dcbf69bbf393ea
22d4beb39fdffa90e5a19768afb5538f2d6d2e8378975da0b4c9b980f7ea9f84
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2a84501edf89d90c0baa41cd95dcc0528f6d63cc996929dabeb3f54a5d6b06e4
2a8467acd44641d56e5aa98938c3474cf08ecbc308c38551722882346b0d8e6c
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
30cb91834555c22273bd8f0d521bebaff6020b2e54bae4ccfc199f4a1daaf2eb
3327732669b0012eb0668eac673ce57920f7f34497690e05a1d8f5df7fc763c5
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
34f54c1f9aac3f134a0dc7e469611619e0d25fb1632805a3820d66ee5281efc2
365e85a31de197b7e074e022301502692aa6f4d56ffca64b505546b986e8ffc0
36831124ec6624d5d0955f4dfb81265174937283388490d88b812c9bec59fbe0
3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45
3962779cb0e84909258ec6343cd54fddbf1b20b743c468cb95ce31cd86219c60
3ac19978ccff7210923779937b7fa16ab3bf1506de6e67774f0ff3ba68130e63
3de63fc0f306613db61a6f9dcef90fe0a20f8565dccd1315a87c5119b62c1b22
3e988bc6ea686db8c5a3bb298bc1da410a7297cf74604b241d9d7f8a204c15b7
3f7548bd78249a1708f83a7009efde1aa3b33ac74cce32ae03a31da40d4da8f5
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80
46f0cf8c36158263950afbc858141864a820ae5a65634e817c520f9da29d7314
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
4d1f39f897f063d876a057954557a60c2fcf931ea48aaa5a38b2de2607a9f9bb
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5459c5031de38fb66790f0d5670a651e28d905e7fb940b04ddb6ba497791c104
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01
5a6220ed956bf8d47d9ec3496d26b4d2020a2e9ed80db68913a0acea64325ac7
5a6f5d09e9a2fe3c649c80d0172bda7faf99040c8f45c175efede441a729ff8a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
607bdeec564251796bd6504c1862336933e006bd4a7e8110bb0dcbfd051d123b
611fe1f50411169abb286a03de5379b1b3392a9477449b0879e95bc391ae648c
617141bd39fa6bbd8de3efb0c2628db3c55f21b7bcaca752303fa6ce0f353a0d
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
65368bd028359c02dfae1d8e8602d7086465972d02265ee379bc3a124d9ac8b8
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6b6de0d4db7876d1183a3edb47ebd3bbbf93f153f5de1ba6645049348628109a
6d0f9faf185c1f43001f2508f80abf686cfb1c00f58c6bf0fa807791b5fc65e2
6f99c3b46e3e9c4a0b83bff85ab15facf6d8fa7cb43632934195ffbe59c34bb6
7071e0042eb86b94fc8e3f97ebaaba11549ab84850ed132e17684b5ed66aec1e
7439842cd97e8553f55a62390891579e2bad9e8001b7846ee5c7cfbe4528655b
767505cc0beaef4a5844d1c05e426e4476b58fa5b250cf98e3aadd521d87f298
77b0f201de806e1a0cacffa5e76022b46e21186746f54d8335f2d74861caf3a6
7c412e4643ec4d23beadfdc2ffaadab0de8e3ffbb5e42403d6a08cd9992435bd
7d45bc140787fdb7464f2d2f081f568c06326f7c77a728d23f50d2c9badbdcf3
7e928161cd626935d39ff08188caa3f3a918811ca87194082dedf28b697ce6fd
82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a091a670b6bf03510fc7a1b3c74a417c4a8c8937f7fb0c9a1517a95bdd7ab18
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8c1f103985ca72fdbd172c878fef875d9e50327c2baac26ce1b80d4a4fbf15e5
8c99901dce19d2082c7b4164f08f8e6e2f7cf405e745163757a7c0bd06894b3d
912db74d9eaac097f13f067d9507b84e4959db7116a460a2000e62ac53ab3e2a
91c8f4568f04c46ff1449e41e2b3b5c38c77a97ef6d585a6b5733ed4bfbaa37b
9352f0ffab0e36612dadbf3f71d6e652d88cf6fe803b51542cd28be4c4d687ec
9482a84c8bce68a68e4ccfb307cf4e4861e3433f37d8a22a686ae12c152cc461
97145d88b6476735b07f4d48ea58f15bda06c208a86c6747334e2eecc93e47ab
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a7eeb649a5de02fd4e085428c92300968e661e887e5d97476ae5cd83a1e91cb
9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a
9cfeddeac6bec7714f140da244af0823eb469e665411fc571451f889a1d7fa94
a05569a6a6ec13c9bda09ebf2f691f6d5a4f251878c58807472321018428fb33
a0fb89588dc7b711c0ffddb5fa2f6852f670ef1f615985bb65b2ea446cceb79f
a112b4d58a4d4b6714841e40113dda7ff39353c667d537242aa938b683853900
a2599d1626f03ed260b8356f3684be5a401044be84817ba05e654d11b9623ce1
a37c7613f06970453c3482a07f03873f461193228547be1bac92b30f95f7a1b3
a3de2be3970c42270aac430a10e266d09b31134a130368aff14492915731d705
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7f673b33a591fe07ed6588352e09cfe130dd0804a3267a1e98bf3fe7fc24172
a8447cdec51e85d9e93971a0d4a53bcf6085d70bf1d201662837d2fb953422c7
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a885f87efe257389b46a8a8bc2a090b09d5cb72f5c4a6d0977ec3a73683b4002
ac301e04134f0a6a5a96b2e9f056107818db1d84226f0cf85d700d196c44ed85
acfe9ab6a161b72c6ce50b59d4e556443f93e9dbedd24788dd6854f40d454e85
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b08b42a6dc5b2e7a717e95f95cf75f98afc23f12373281c0d3e89f175ebe6fe6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2d64db7a856ca75150b1a92bc0d9a8738d7cacac02d126251a7ef1fc9df55c2
b52f4dd8d8f362f8d986ab8bd53ec6238804d32421b41c4daa4c21ec3a39318d
b569bd98113f66528743a6f7eee2b23ff3ace6a28a2be65f6f8ffb48c5b5def5
bac87240d43f2059419ce7f7fdc63e99966069af39def1f6bcbc59eed1f69cfc
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c27f32006695b3dad1996067c51173e2096a71b46a3a5a38ca25b350d2b3d63c
ca38dd04251cd8e46afbeca4def128277688677c95a2f9320a4a31520403528e
ca78c114bba40b141a59c55a9d3fb6db7672bc3effd4337f2b1ce512b4d06c9e
cb38385bd5f3e6f769f71e92a9cffee225a9fd934f43aef90eea156b8235b246
cd28b0235eae7fec3a10348a1674edfc6e9ea20a710af41096e695ba7bc09912
ce80450bcc6dd683cc7e12dadfd114e4f9276d50b89e9ae417063bdfc89cbb39
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf92ed595c7ac49c45746c1eb3b8dee96d5903c51b39a272c1bcf73b679c809e
d094c4be4c852123ee878348eea524e6ffbbe3dec49543ae301e89d13ddb34bf
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744
d63e9565d67a33fa2f55fa660c702498ab20201b204e1b874a497116564e107e
d6cf08f1ea6c290f0ed4788dbe812a742943e2f43c1d09e52bbd1fee2a9f99a0
d8abba85b96a8140c8f29f963d929a3fc5955453fc2fc6993e354b2f7f3788c4
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
dcdc4dc784b86d6498e65f437938164fe523a83f55ae9480eecf1da7f729166b
de02b6f117fb94584ec242a25fad7f7f49a7b7e1760ee9575a6d31056527d9ee
e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5185ea7312f9666db8546eb3131ca9907ec7ad389a18e850a7659cebbf57fa3
e7af1f31f9ac3e169b0e105028ce7a113556ef0c9a7f2b98b4dc38ed89a61bb4
e8d785fea354e6c26f6f898a333b8e22550121a9c2987d7af122368ce2d0c64a
eb69f540be1e416b7346017da48deaf5ba2f2ee0af366c04f1e374351b651872
ec440fc50e56a83bca07e825b111c7cc5908db7e796a1633ee4fbd0ab2483733
edb22961feb416b8955a0ac16cebf0a71fc51d433dd52884493611ed5cc7a4b3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f11bc7b0074c5e4bc6a09df3c21c57b05ee51bf7147e45ee89f9d495b16ae54a
f14bd898d73d37aa67ebdca86b1dd433087eb74f98b6618ebd067df99425495b
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
f3f8e6fea383b4df7fc519e2f0c7bbb2813c649e3864999de2adec67abbf77bb
f45a03607fbc3ce9eefb271261c16675f8ec709040f1fea4855b2cf9ad7a9342
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f631727b94c34691ab989c147f47dd2d047c712bbea3000ae08a7405c7865c3d
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f70d36fe9f9a764a339a3ed72a69eb7d5144ef8beba8b4e4ca37b392b2fc3e1f
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
fba4145da0c81f5cf1615c2edd9fafb5ad5221b64cad3f09d5c9464d069e1cfa
fe57b9b59bed21124eb5a1fbd938734e9002e5faffdc3e1e575148621af64c55
ff714a879b325b1779bd1cbc5866d49da506fb8976091c960517901b9eb16c12

gaigrodno.by Open in urlscan Pro 185.66.68.16 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

228 Requests

73 %HTTPS

33 %IPv6

61 Domains

83 Subdomains

52 IPs

11 Countries

2693 kBTransfer

8418 kBSize

112 Cookies

6 Outgoing links

Page URL History

Redirected requests

228 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 14 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

gaigrodno.by Open in urlscan Pro
185.66.68.16 Public Scan

Screenshot
Live screenshot

Full Image

228
Requests

73 %
HTTPS

33 %
IPv6

61
Domains

83
Subdomains

52
IPs

11
Countries

2693 kB
Transfer

8418 kB
Size

112
Cookies

228 HTTP transactions
14 data transactions