afn.by Open in urlscan Pro
62.173.140.157 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://afn.by/
Submission Tags: falconsandbox
Submission: On February 04 via api (February 4th 2021, 11:11:57 am UTC) from US

Summary HTTP 109 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 36 IPs in 10 countries across 35 domains to perform 109 HTTP transactions. The main IP is 62.173.140.157, located in Russian Federation and belongs to SPACENET-AS Internet Service Provider, RU. The main domain is afn.by.

This is the only time afn.by was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	62.173.140.157 62.173.140.157	34300 (SPACENET-...) (SPACENET-AS Internet Service Provider)
4 18	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	79.171.117.17 79.171.117.17	64494 (VARITI-AS) (VARITI-AS)
1	62.76.25.27 62.76.25.27	61400 (NETRACK-AS) (NETRACK-AS)
2	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE)
2 3	149.202.199.193 149.202.199.193	16276 (OVH) (OVH)
9	2a03:90c0:41:... 2a03:90c0:41:2801::254	199524 (GCORE) (GCORE)
5 9	195.201.243.71 195.201.243.71	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1 9	2a02:6b8::90 2a02:6b8::90	13238 (YANDEX) (YANDEX)
2 10	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
2	216.58.207.66 216.58.207.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
4 14	146.0.227.110 146.0.227.110	29066 (VELIANET-...) (VELIANET-AS velia.net Internetdienste GmbH)
6	2a02:6b8:20::215 2a02:6b8:20::215	13238 (YANDEX) (YANDEX)
3	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
1	47.252.78.131 47.252.78.131	45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co.)
1	2a0c:5c81:513... 2a0c:5c81:5139::2	55081 (24SHELLS) (24SHELLS)
2 2	217.65.2.150 217.65.2.150	3175 (CITYTELEC...) (CITYTELECOM-MSK)
1 2	88.198.31.232 88.198.31.232	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700:303... 2606:4700:3037::ac43:a070	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	83.222.114.187 83.222.114.187	42632 (MNOGOBYTE...) (MNOGOBYTE-AS Moscow)
2 2	23.111.200.118 23.111.200.118	7979 (SERVERS-COM) (SERVERS-COM)
2 2	195.209.108.35 195.209.108.35	52007 (ADRIVER-AS) (ADRIVER-AS)
1 2	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
7 7	35.157.221.90 35.157.221.90	16509 (AMAZON-02) (AMAZON-02)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
1	193.200.65.6 193.200.65.6	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
1	88.214.193.83 88.214.193.83	46636 (NATCOWEB) (NATCOWEB)
1 1	188.165.137.78 188.165.137.78	16276 (OVH) (OVH)
1	52.210.129.60 52.210.129.60	16509 (AMAZON-02) (AMAZON-02)
2 2	18.185.0.221 18.185.0.221	16509 (AMAZON-02) (AMAZON-02)
4	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:6b8::184 2a02:6b8::184	13238 (YANDEX) (YANDEX)
1	2a00:1450:400... 2a00:1450:4001:824::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
109	36

13 62.173.140.157 (Russian Federation)

ASN34300 (SPACENET-AS Internet Service Provider, RU)
PTR: afn.today

afn.by	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 79.171.117.17 (Russian Federation)

ASN64494 (VARITI-AS, RU)

sdfgdgf.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.76.25.27 (Russian Federation)

ASN61400 (NETRACK-AS, RU)

dwbogv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 149.202.199.193 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ua1.host.hit.gemius.pl

gaby.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)

cdn.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 195.201.243.71 (Germany) 5 redirects

ASN24940 (HETZNER-AS, DE)
PTR: ingolstadt.aucourant.info

www.acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:6b8::90 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8::1:119 (Moscow, Russian Federation) 2 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.207.66 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s25-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 146.0.227.110 (Germany) 4 redirects

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
inv-nets-eu.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6b8:20::215 (Russian Federation)

ASN13238 (YANDEX, RU)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.251 (Germany)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.252.78.131 (San Mateo, United States)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN)

event.clientgear.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5139::2 (United Kingdom)

ASN55081 (24SHELLS, US)

s.console.adtarget.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.65.2.150 (Moscow, Russian Federation) 2 redirects

ASN3175 (CITYTELECOM-MSK, RU)

match.new-programmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.198.31.232 (Nuremberg, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.88.198.31.232.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:a070 (United States)

ASN13335 (CLOUDFLARENET, US)

ads.adsinspidsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 83.222.114.187 (Russian Federation)

ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU)

rtb.com.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.111.200.118 (Russian Federation) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.209.108.35 (Russian Federation) 2 redirects

ASN52007 (ADRIVER-AS, RU)

ad.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.30 (Poland) 1 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-30.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.157.221.90 (Frankfurt am Main, Germany) 7 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-221-90.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.200.65.6 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: adforce.team

m.trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.214.193.83 (United Kingdom)

ASN46636 (NATCOWEB, US)

us.ck-ie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.165.137.78 (Finland) 1 redirects

ASN16276 (OVH, FR)

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.129.60 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-129-60.eu-west-1.compute.amazonaws.com

ismatlab.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.185.0.221 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::184 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

avatars.mds.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	admixer.net 4 redirects cdn.admixer.net inv-nets.admixer.net inv-nets-eu.admixer.net	203 KB
19	yandex.ru 3 redirects an.yandex.ru mc.yandex.ru	123 KB
13	afn.by afn.by	138 KB
12	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	291 KB
9	acint.net 5 redirects www.acint.net	10 KB
8	doubleclick.net 4 redirects stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	902 B
7	bidswitch.net 7 redirects x.bidswitch.net	3 KB
6	yastatic.net yastatic.net	193 KB
5	criteo.com bidder.criteo.com gum.criteo.com	540 B
3	criteo.net static.criteo.net	38 KB
3	google.de www.google.de adservice.google.de	2 KB
3	google.com www.google.com adservice.google.com	1 KB
3	gemius.pl 2 redirects gaby.hit.gemius.pl	1 KB
2	creative-serving.com 2 redirects ads.creative-serving.com	1 KB
2	creativecdn.com 1 redirects creativecdn.com ams.creativecdn.com	691 B
2	adriver.ru 2 redirects ad.adriver.ru	1 KB
2	betweendigital.com 2 redirects ads.betweendigital.com	1017 B
2	buzzoola.com 1 redirects exchange.buzzoola.com	543 B
2	new-programmatic.com 2 redirects match.new-programmatic.com	563 B
2	googletagservices.com www.googletagservices.com	56 KB
2	googleadservices.com partner.googleadservices.com	1 KB
2	google-analytics.com www.google-analytics.com	19 KB
1	yandex.net avatars.mds.yandex.net	17 KB
1	ismatlab.com ismatlab.com	149 B
1	erne.co 1 redirects green.erne.co	297 B
1	ck-ie.com us.ck-ie.com	129 B
1	trafmag.com m.trafmag.com	351 B
1	mookie1.com odr.mookie1.com	324 B
1	com.ru rtb.com.ru	240 B
1	adsinspidsp.com ads.adsinspidsp.com	797 B
1	adtarget.com.tr s.console.adtarget.com.tr
1	clientgear.com event.clientgear.com	133 B
1	onetag-sys.com onetag-sys.com
1	dwbogv.com dwbogv.com	19 KB
1	sdfgdgf.info sdfgdgf.info	16 KB
109	35

	Domain	Requested by
13	afn.by	afn.by
10	inv-nets.admixer.net	4 redirects cdn.admixer.net afn.by
10	mc.yandex.ru	2 redirects afn.by mc.yandex.ru
9	an.yandex.ru	1 redirects afn.by an.yandex.ru
9	www.acint.net	5 redirects afn.by www.acint.net
9	cdn.admixer.net	afn.by cdn.admixer.net
8	pagead2.googlesyndication.com	afn.by pagead2.googlesyndication.com cdn.admixer.net
7	x.bidswitch.net	7 redirects
6	yastatic.net	an.yandex.ru yastatic.net
4	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
4	inv-nets-eu.admixer.net	afn.by
4	bidder.criteo.com	static.criteo.net
4	cm.g.doubleclick.net	4 redirects
3	static.criteo.net	cdn.admixer.net afn.by
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
3	gaby.hit.gemius.pl	2 redirects afn.by
2	ads.creative-serving.com	2 redirects
2	ad.adriver.ru	2 redirects
2	ads.betweendigital.com	2 redirects
2	exchange.buzzoola.com	1 redirects afn.by
2	match.new-programmatic.com	2 redirects
2	www.googletagservices.com	pagead2.googlesyndication.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	partner.googleadservices.com	pagead2.googlesyndication.com
2	www.google-analytics.com	afn.by www.google-analytics.com
1	gum.criteo.com	static.criteo.net
1	avatars.mds.yandex.net	afn.by
1	ismatlab.com	afn.by
1	green.erne.co	1 redirects
1	us.ck-ie.com	afn.by
1	m.trafmag.com	afn.by
1	odr.mookie1.com	afn.by
1	ams.creativecdn.com	afn.by
1	creativecdn.com	1 redirects
1	rtb.com.ru	afn.by
1	ads.adsinspidsp.com	afn.by
1	s.console.adtarget.com.tr	afn.by
1	event.clientgear.com	afn.by
1	onetag-sys.com	inv-nets.admixer.net
1	www.google.de	afn.by
1	www.google.com	afn.by
1	stats.g.doubleclick.net	www.google-analytics.com
1	dwbogv.com	afn.by
1	sdfgdgf.info	afn.by
109	45

This site contains links to these domains. Also see Links.

Domain
an.yandex.ru
direct.yandex.ru
t.me
zen.yandex.ru
www.facebook.com
twitter.com
interfax.ru

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2019-09-11` - `2021-09-24`	2 years	crt.sh
*.acint.net R3	`2020-12-17` - `2021-03-17`	3 months	crt.sh
*.admixer.net Sectigo RSA Domain Validation Secure Server CA	`2020-03-12` - `2021-06-21`	a year	crt.sh
www.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2020-09-29` - `2021-03-11`	5 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
an.yandex.by Yandex CA	`2020-10-01` - `2021-04-01`	6 months	crt.sh
*.yastatic.net Yandex CA	`2020-09-29` - `2021-03-30`	6 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-01-30` - `2021-04-28`	3 months	crt.sh
onetag-sys.com R3	`2021-01-27` - `2021-04-27`	3 months	crt.sh
*.clientgear.com Go Daddy Secure Certificate Authority - G2	`2019-12-24` - `2021-02-22`	a year	crt.sh
s.console.adtarget.com.tr R3	`2021-02-02` - `2021-05-03`	3 months	crt.sh
*.buzzoola.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-30` - `2022-09-28`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-17` - `2021-08-17`	a year	crt.sh
rtb.com.ru Sectigo RSA Domain Validation Secure Server CA	`2020-02-27` - `2021-03-06`	a year	crt.sh
*.creativecdn.com RapidSSL RSA CA 2018	`2019-01-11` - `2021-04-11`	2 years	crt.sh
*.mookie1.com DigiCert SHA2 Secure Server CA	`2020-02-21` - `2021-03-22`	a year	crt.sh
*.trafmag.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-15` - `2021-06-21`	a year	crt.sh
ck-ie.com Go Daddy Secure Certificate Authority - G2	`2020-11-12` - `2021-12-14`	a year	crt.sh
ismatlab.com RapidSSL RSA CA 2018	`2020-05-19` - `2021-05-20`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-01-30` - `2021-04-28`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh

This page contains 12 frames:

Primary Page: http://afn.by/
Frame ID: D77ADE2B023852C93E378794AFA8476A
Requests: 91 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/c.html
Frame ID: 42EF9E208936F4FD7F198EDCCE887D3D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210202/r20190131/zrt_lookup.html
Frame ID: FDEF8D5063E9398F410C8812D46C3755
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5271363197717881&output=html&adk=1812271804&adf=3025194257&lmt=1612437093&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fafn.by%2F&ea=0&flash=0&pra=5&wgl=1&dt=1612437093620&bpp=19&bdt=2029&idt=271&shv=r20210202&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7320475425926&frm=20&pv=2&ga_vid=1111664216.1612437094&ga_sid=1612437094&ga_hid=645535754&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21068769%2C21068893&oid=3&pvsid=798405694624151&pem=829&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=0&uci=a!0&fsb=1&dtd=317
Frame ID: 9B71DE01AD451C359336ECCE95CF516D
Requests: 1 HTTP requests in this frame

Frame: https://www.acint.net/mc/?dp=10&tc=1
Frame ID: 89A095566F956A8F3A39B225646F6F51
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59d216e971852f2
Frame ID: 9B7A6952A97B2A588006B7861509772D
Requests: 1 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.80/1-1-0/render.html
Frame ID: 8896D919470DD6F9BEBDE6FE4E712205
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: B16ABFCBE90EA0AB951B5E9F14B11821
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1191230850516122&output=html&h=90&slotname=2820635487&adk=804009641&adf=3279755405&pi=t.ma~as.2820635487&w=970&lmt=1612437094&psa=0&format=970x90&url=http%3A%2F%2Fafn.by%2F&ea=0&flash=0&wgl=1&dt=1612437094784&bpp=4&bdt=63&idt=80&shv=r20210202&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D7a5342968b39fc40-228912ce5eba000f%3AT%3D1612437094%3ART%3D1612437094%3AS%3DALNI_Mb1Xh8mml9Q_jsI9TasJQqOb42aww&correlator=7320475425926&frm=23&ife=5&pv=2&ga_vid=1111664216.1612437094&ga_sid=1612437095&ga_hid=527539513&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=10&biw=1600&bih=1200&isw=970&ish=90&ifk=2344694012&scr_x=0&scr_y=0&eid=21068769%2C21068893&oid=3&pvsid=355787423069882&pem=829&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8196&bc=23&ifi=1&uci=1.120lnm2efj52&fsb=1&dtd=88
Frame ID: 032EB76DDE06A5622AADEF2DE52B7BAE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 10CAA1D27E8F32FD59A00D462E1EA652
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=afn.by
Frame ID: C5C41FCABE28286CE43023401081887B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 911C337CBFA3CBD7DE1BC6E9B6018612
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

109
Requests

76 %
HTTPS

44 %
IPv6

35
Domains

45
Subdomains

36
IPs

10
Countries

1120 kB
Transfer

3302 kB
Size

4
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://an.yandex.ru/count/WlSejI_zOBe2RHS0D2P1zzVkjH9u9mK0kWCGW8200J5crXjW000003YWwShtwf2B5e01-zUZiedoveqtY066_vwqLv01uAI3hCc0W802c07Wf8EiIQ01tgW1thW1Xho6lo300GBO0PwZj9K1u064cxIL0UW1i07u0PpAbAqOkGBHaT1HB0ZAS_02d--VBS0sc0F0X3sR2FW4uRbEY0NWh2wG1U6vJg05eEGLg0MWv1Mm1Q3a5RW5eEGLm0M-Xge1o0Ndco_G1TMy2TJ_ayWAe0RY0gW6uWAu1i01oGPcfeW7thE8eAG0002f1xUgsF9VXTm4k0U01QGFmgNAbWoi-omM4A_JFyaAbt_jtp8dv3y1ICMKjwe00CTeEiI0kkWBuAmky0i6Y0oSYDw-0QaCI2iFvYC9jx_e39i6c0s0-2S_e0x0X3strUAL_wkXxWI04C_FWXkG4D7UkCgYeyQy79eG6ma00FW_6OQ9hry2PuMgpwiHu16Ddky1w17XyCVFzvJJvOAEeK1Khri7MqBG0W7W4w3a5OWKr8ckiiI8wlgy0Q0KeEGLg1JXkKwkylK_s1IOZS201k0K0UWKZ0BG5PYDm806s1N1YlRieu-y_6Fme1RGa9s01h0MlGF95j0Md8ZUlW615vWNXFJ9AwWN2RWN0S0NjGBO5y24FUWN0PaOe1WLi1ZEX--01hWO0T0O4FWOiiwuq8ZBgCcp0O0PYHd6BP0P0Q0Pm06m6URCehpW-wp4URWP____0S0PvSoYdOELXx5JqXaIUM5YSrzpPN9sPN8lSZKmC2qpu1a1w1ch2V0PWC83WHh__sCJ_WOxhYiWmOI68IGm3ZcaXZmKsC4i3s8lYxEO37f4lfZarxczGLIT6wC_sp5fGh8ciQayoI3ffDdGefVdnXZHbzZXoeNg6p5s82mBRg4Fswb7rZK-PT1MQUtukGa0zN9N0AfRwEOpwyjBo-M6PBVFZQekny3Lru7igygorQCpcnOzvHH6wv6Ic2cZoWC0~1?stat-id=1&test-tag=239693652321793&format-type=89&actual-format=73&banner-test-tags=eyI3MjA1NzYwMzg4MTk4NjM1MiI6IjU3MzYxIn0%3D

Search URL Search Domain Scan URL

URL: https://direct.yandex.ru/?partner
Title: Яндекс.Директ

Search URL Search Domain Scan URL

URL: https://t.me/afn_by

Search URL Search Domain Scan URL

URL: https://zen.yandex.ru/afn.by

Search URL Search Domain Scan URL

URL: https://www.facebook.com/afn.by

Search URL Search Domain Scan URL

URL: https://twitter.com/_afnby

Search URL Search Domain Scan URL

URL: https://interfax.ru/
Title: Интерфакс

Search URL Search Domain Scan URL

URL: https://an.yandex.ru/count/WlyejI_zODC2hHS0j2O3ae_1ClvM3GK0qmCGW8200J5crXjW000003YWwQoyjl2C6u01yC3Z68W1dSkwg62G0PYgy8xCW8200fW1cAhmZaoW0Ooe0Oou0QJxv90Xm042s07OviMN0U01dApU7xoHthu1Y082e0BqhgOOkGBHaT1HB0ZAS_02elgwcy0sW0EI_zcJ3uW3iD-KYGoO0wRM1ia7-0J-q1M81T3O4v05_j0Le0NjW0Qe1Us01h05xO06k0NjW0R01QFa4x7E0hRsp9eAe0RY0gW6uWAu1i01oGPc0aTgm9ZrRQSvNMXDQuNS1BW7j0RG1mBW1wGFmhgNamp92XSALh2DSFC_1AeB453FadmvNG00ZcKzn82ww0lGsAJsthu1gGnWgXy-ga2pF-WCcmQO3U22AZ_cX9pIXfZc-csW3i24FRcweUgqhQ7k1DaFcmEwu-L-yJ-04AonYnoG4D7UkCgYeyQy78o00W65gi-h4U0Hwh3E0UWHdDBMbuksbitIxAL0KJEF06lhpW810gWJYuU1rEZVeR0Mu1FjW0Q858AWrhNZhxpReW6W5Es01gWK_j0LdE7fW0RW507e58m2q1MSuUc01jWLmOhsxAEFlFnZyA0Mq92TW0Qm5hq3oHRG5gJsthu1WHUO5ztFbIce5mcu5m705xK2s1V0X3tW5-JZfe06w1S1-1Uqyj201faOe1WJi1Y-_-w01hWO0T0O4FWOiiwuq8ZBgCcp0O0PYHddBP0P0Q0Pm06m6RWPm1dbpAATWvM7iLFI6H9vOM9pNtDbSdPbSYzoDJ0mBJFW6G7e6Qe1y1c0mWE16l__VnahX4j8AY31X0OXOn1Y31aP3_tR-BRBiN0G5x8uJ2E5bCWaa_oTcnlpSHurdobDJjp9cXx6yaA6FoUz6xBP2TYvsDnf74KCjgFoWp2kc--LKG9nROpVBcea78a0zhe7XAfPxz3bMnWMB_pai5qsOK4F78Q8E07p9TFtaVEhJ5aazux621SSgaGdPif8ym00~1?stat-id=2&test-tag=239693543268353&format-type=24&actual-format=40&banner-test-tags=eyI3MjA1NzYwNDI1NDA3NTUzMiI6IjQyNTE2NjUifQ%3D%3D
Title: Гражданство Словении – Безвиз с США!

Search URL Search Domain Scan URL

URL: https://an.yandex.ru/count/Wm4ejI_zODC2lHS0j2O3ae_1K-5-NGK0qmCGW8200J5crXjW000003YWwQoyjl2C6u01yC3Z68W1dSkwg62G0PYgy8xCW8200fW1cAhmZaoW0Ooe0Oou0QJxv90Xm04-s07OviMN0U01dApU7xoHthu1Y082e0BqhgOOkGBHaT1HB0ZAS_02elgwcy0sW0EI_zcJ3uW3iD-KYGoO0wRM1ia7-0J-q1M81T3O4v05_j0Le0NjW0Qe1Us01h05xO06k0NjW0R01QFa4x7E0hRsp9eAe0RY0gW6uWAu1i01oGPc0aTgm9ZrRQSvNMXDQuNS1BW7j0RG1mBW1wGFmhgNamp92XSALh2DSFC_1AeB453FadmvNG00ZcKzn82ww0lGsAJsthu1gGnWgXy-ga2pF-WCcmQO3U22AZ_cX9pIXfZc-csW3i24FRcweUgqhQ7k1DaFcmEwu-L-yJ-04AonYnoG4D7UkCgYeyQy78o00WA5gi-h4U0Hwh3E0UWHdDBMbuksbitIxAL0KJEF06lhpW810gWJYuU1rEZVeR0Mu1FjW0Q858AWrhNZhxpReW6W5Es01gWK_j0LdE7fW0RW507e58m2q1MSuUc01jWLmOhsxAEFlFnZyA0Mq92TW0Qm5hq3oHRG5gJsthu1WHUO5ztFbIce5mcu5m705xK2s1V0X3tW5-JZfe06w1S1-1Uqyj201faOe1WJi1Y-_-w01hWO0T0O4FWOiiwuq8ZBgCcp0O0PYHddBP0P0Q0Pm06m6RWPm1dbpAATWvM7iLFI6H9vOM9pNtDbSdPbSYzoDJ0mBJFW6G7e6Qe1y1c0mWE16l__VnahX4j8Ao31X0OXOn1Y39aH3_tR-BRBiN0G5x8uJ2E5bCWaa_oTcnlpSHurdobDJjp9cXx6yaA6FoUz6xBP17pFlSa8qpWyCTWkvGUXkIBVAwq4uleOlrt-I3WI0Uor1uHgMVUGvrkOKBpmq-5ssOG5Ct0OSk84pBzCtqVdLvboIUuThH4kE5I9JioKaUO1~1?stat-id=2&test-tag=239693543268353&format-type=24&actual-format=40&banner-test-tags=eyI3MjA1NzYwNDI1NDA3NTUzMiI6IjQyNTE2NjUifQ%3D%3D
Title: Гражданство Словакии

Search URL Search Domain Scan URL

URL: https://an.yandex.ru/count/Wm4ejI_zODC2lHS0j2O3ae_1zlJN60K0qmCGW8200J5crXjW000003YWwQoyjl2C6u01yC3Z68W1dSkwg62G0PYgy8xCW8200fW1cAhmZaoW0Ooe0Oou0QJxv90Xm052s07OviMN0U01dApU7xoHthu1Y082e0BqhgOOkGBHaT1HB0ZAS_02elgwcy0sW0EI_zcJ3uW3iD-KYGoO0wRM1ia7-0J-q1M81T3O4v05_j0Le0NjW0Qe1Us01h05xO06k0NjW0R01QFa4x7E0hRsp9eAe0RY0gW6uWAu1i01oGPc0aTgm9ZrRQSvNMXDQuNS1BW7j0RG1mBW1wGFmhgNamp92XSALh2DSFC_1AeB453FadmvNG00ZcKzn82ww0lGsAJsthu1gGnWgXy-ga2pF-WCcmQO3U22AZ_cX9pIXfZc-csW3i24FRcweUgqhQ7k1DaFcmEwu-L-yJ-04AonYnoG4D7UkCgYeyQy78o00WA5gi-h4U0Hwh3E0UWHdDBMbuksbitIxAL0KJEF06lhpW810gWJYuU1rEZVeR0Mu1FjW0Q858AWrhNZhxpReW6W5Es01gWK_j0LdE7fW0RW507e58m2q1MSuUc01jWLmOhsxAEFlFnZyA0Mq92TW0Qm5hq3oHRG5gJsthu1WHUO5ztFbIce5mcu5m705xK2s1V0X3tW5-JZfe06w1S1-1Uqyj201faOe1WJi1Y-_-w01hWO0T0O4FWOiiwuq8ZBgCcp0O0PYHddBP0P0Q0Pm06m6RWPm1dbpAATWvM7iLFI6H9vOM9pNtDbSdPbSYzoDJ0mBJFW6G7e6Qe1y1c0mWE16l__VnahX4j8Ao31X0OXOn1Y39aH3_tR-BRBiN0G5x8uJ2E5bCWaa_oTcnlpSHurdobDJjp9cXx6yaA6FoUz6xBP17pFlSa8qpWyCTWkvGUXkIBVAwq4uleOlrt-I3WI0Uor1uHgMVUGvrkOKBpmq-5ssOG5Ct0OSk84pBzCtqVdLvboIUuThH4kE5I9JioKaUO1~1?stat-id=2&test-tag=239693543268353&format-type=24&actual-format=40&banner-test-tags=eyI3MjA1NzYwNDI1NDA3NTUzMiI6IjQyNTE2NjUifQ%3D%3D
Title: Гражданство Румынии

Search URL Search Domain Scan URL

URL: https://an.yandex.ru/count/Wm4ejI_zODC2lHS0j2O3ae_1aTyk_GK0qmCGW8200J5crXjW000003YWwQoyjl2C6u01yC3Z68W1dSkwg62G0PYgy8xCW8200fW1cAhmZaoW0Ooe0Oou0QJxv90Xm056s07OviMN0U01dApU7xoHthu1Y082e0BqhgOOkGBHaT1HB0ZAS_02elgwcy0sW0EI_zcJ3uW3iD-KYGoO0wRM1ia7-0J-q1M81T3O4v05_j0Le0NjW0Qe1Us01h05xO06k0NjW0R01QFa4x7E0hRsp9eAe0RY0gW6uWAu1i01oGPc0aTgm9ZrRQSvNMXDQuNS1BW7j0RG1mBW1wGFmhgNamp92XSALh2DSFC_1AeB453FadmvNG00ZcKzn82ww0lGsAJsthu1gGnWgXy-ga2pF-WCcmQO3U22AZ_cX9pIXfZc-csW3i24FRcweUgqhQ7k1DaFcmEwu-L-yJ-04AonYnoG4D7UkCgYeyQy78o00WA5gi-h4U0Hwh3E0UWHdDBMbuksbitIxAL0KJEF06lhpW810gWJYuU1rEZVeR0Mu1FjW0Q858AWrhNZhxpReW6W5Es01gWK_j0LdE7fW0RW507e58m2q1MSuUc01jWLmOhsxAEFlFnZyA0Mq92TW0Qm5hq3oHRG5gJsthu1WHUO5ztFbIce5mcu5m705xK2s1V0X3tW5-JZfe06w1S1-1Uqyj201faOe1WJi1Y-_-w01hWO0T0O4FWOiiwuq8ZBgCcp0O0PYHddBP0P0Q0Pm06m6RWPm1dbpAATWvM7iLFI6H9vOM9pNtDbSdPbSYzoDJ0mBJFW6G7e6Qe1y1c0mWE16l__VnahX4j8Ao31X0OXOn1Y39aH3_tR-BRBiN0G5x8uJ2E5bCWaa_oTcnlpSHurdobDJjp9cXx6yaA6FoUz6xBP17pFlSa8qpWyCTWkvGUXkIBVAwq4uleOlrt-I3WI0Uor1uHgMVUGvrkOKBpmq-5ssOG5Ct0OSk84pBzCtqVdLvboIUuThH4kE5I9JioKaUO1~1?stat-id=2&test-tag=239693543268353&format-type=24&actual-format=40&banner-test-tags=eyI3MjA1NzYwNDI1NDA3NTUzMiI6IjQyNTE2NjUifQ%3D%3D
Title: Гражданство Венгрии

Search URL Search Domain Scan URL

URL: https://an.yandex.ru/count/Wm4ejI_zODC2lHS0j2O3ae_1rW7FA0K0qmCGW8200J5crXjW000003YWwQoyjl2C6u01yC3Z68W1dSkwg62G0PYgy8xCW8200fW1cAhmZaoW0Ooe0Oou0QJxv90Xm05Ms07OviMN0U01dApU7xoHthu1Y082e0BqhgOOkGBHaT1HB0ZAS_02elgwcy0sW0EI_zcJ3uW3iD-KYGoO0wRM1ia7-0J-q1M81T3O4v05_j0Le0NjW0Qe1Us01h05xO06k0NjW0R01QFa4x7E0hRsp9eAe0RY0gW6uWAu1i01oGPc0aTgm9ZrRQSvNMXDQuNS1BW7j0RG1mBW1wGFmhgNamp92XSALh2DSFC_1AeB453FadmvNG00ZcKzn82ww0lGsAJsthu1gGnWgXy-ga2pF-WCcmQO3U22AZ_cX9pIXfZc-csW3i24FRcweUgqhQ7k1DaFcmEwu-L-yJ-04AonYnoG4D7UkCgYeyQy78o00WA5gi-h4U0Hwh3E0UWHdDBMbuksbitIxAL0KJEF06lhpW810gWJYuU1rEZVeR0Mu1FjW0Q858AWrhNZhxpReW6W5Es01gWK_j0LdE7fW0RW507e58m2q1MSuUc01jWLmOhsxAEFlFnZyA0Mq92TW0Qm5hq3oHRG5gJsthu1WHUO5ztFbIce5mcu5m705xK2s1V0X3tW5-JZfe06w1S1-1Uqyj201faOe1WJi1Y-_-w01hWO0T0O4FWOiiwuq8ZBgCcp0O0PYHddBP0P0Q0Pm06m6RWPm1dbpAATWvM7iLFI6H9vOM9pNtDbSdPbSYzoDJ0mBJFW6G7e6Qe1y1c0mWE16l__VnahX4j8Ao31X0OXOn1Y39aH3_tR-BRBiN0G5x8uJ2E5bCWaa_oTcnlpSHurdobDJjp9cXx6yaA6FoUz6xBP17pFlSa8qpWyCTWkvGUXkIBVAwq4uleOlrt-I3WI0Uor1uHgMVUGvrkOKBpmq-5ssOG5Ct0OSk84pBzCtqVdLvboIUuThH4kE5I9JioKaUO1~1?stat-id=2&test-tag=239693543268353&format-type=24&actual-format=40&banner-test-tags=eyI3MjA1NzYwNDI1NDA3NTUzMiI6IjQyNTE2NjUifQ%3D%3D
Title: Контакты

Search URL Search Domain Scan URL

URL: https://an.yandex.ru/count/WmeejI_zOD021HW0b2S3ae_1WoUjsmK0q0CGW8200J5crXjW000003YWwJZAsAEvxH-00UFM9uW1pk6yqboG0RwXcx_BW8200fW1lg6RlqkW0UQWg07ce9k_IxW1pDFx-o300GBO0Tg0_9O1u07Ed_6M0Pwy0fW2m8F66A02meF66Ba2qP7GKIm8odFm0gBwkfl0De03blNBEOW3g-oZ__i3-0I6h2I81TME8f05Xgmae0NAaWoe1SgI3B05of8Ck0NAaWp01Vc-8SW5oPWBq0NbiGIowO3N2A06uWAe1k82k0R00Sa6PW97Qi2OzMsdELreJMk5t0Iu1u05mk61emnH23qVkKhpFyaAnfDVbbHQvpy4gWiGKC-IV3bT002EPJt4WBhe2zME8l0B1eWCy9pZlW6f352kuDVxmA0_w0oR1fWDu88gi3xcX9pIXfZc-csW3i24FRcweUgqhQ7k180GhRxc6v0GqTwuogAZnhmSmB2G0W9dXQhFgn7W4UgmpW7e4PpIrfUBjfRDqkobGF8ELyAgfSy20GAe4uk7WTJetw6m5k0Jof8CY1I2eDQruw-ysw81e1JAaWoe58Qi9B0KplNP69Jht0F8507G5ExsbadO5C3hdu06u1G1w1IC0j0LmEkVW0RO5S6AzkoZZxpyO_2W5j2GdO06i1Qz0yaMq1RmdEE-0O4Nc1VIxV4hg1S9k1S1m1Ur0jWNm8Gzw1S1cHYW612m6Cw7xu06k1W2q1WG-1YophZGYCkeoRC1W1c96USja1a1e1d00R0Pk1d06UNCefs3bOUnKz8P4dbXOdDVSsLoTcLoBt8rC30jC-0P0kWPgW7m6O320u4Q__z7-NthB2Gg8D641Y5a44J8c1aFVDmuriknSH3xAywoP10ayaKYtwPTSXjB5MHccDQaYHjPGyDG7iaGITAuWKMVbyOMqPl3arotJ-5ZeLnXXdN9bG-V5vWzzu1RAUqjpJ5YKDjtoMLI_7nuNVPX0GrCp3uXwpt1NkbF62gS4dBhuZCJrN0eoCLicv87~1?stat-id=2&test-tag=239693543268353&format-type=24&actual-format=40&banner-test-tags=eyI3MjA1NzYwNDE3MDU0MTE1MSI6IjU3MzYyIn0%3D
Title: Помогите спасти жизнь Анджелине!

Search URL Search Domain Scan URL

URL: https://an.yandex.ru/count/WmuejI_zOD029HW0X2S3ae_1TOYFxWK0q0CGW8200J5crXjW000003YWwShOexdj7u01uzOdY07EuRpIN901lg6Rlyk0W802c06-ePk_Iw01vg2e0UQWcxzBk07Cq_lx8C013DW1se3ybW7W0SwVyPO1dhm2c0B0WyOOe0B2WyOOkGBHaT1HB0ZAS_02elgwcy0sW0EMzSivY0EhxAF_-mFu18Qi98W5rOuYa0M6h2IW1SgI3AW5of8Ci0NAaWou1SgI3C05-RuXo0N9c0lG1UMn1BBfWDS8e0RY0gW6uWAu1i01oGPc0aTgm9ZrRQSvNMXDQuNS1BW7W0N2uO6Z3548FH-vIlC_oGh6ar-ML5hdFmIg2n1Gpv9yELq008vbFSI0kkWBrOuYy0i6Y0pmdEE-0QaCKAxWr_l0e3_e39i6c0tWWYg93kQ4dDA6cERwRQ0Em8GzkRgXwhIjeUu4W12jlkORa13HthZAegF6l1p0i9020cU5gi-h4U0Hwh3E0UWHdDBMbuksbitIxAL0yWvNmggbpm810gWJYuU1rEZVeR0Mu1FAaWo858AWrhNZhxpReW6W5CgI3AWKXgmai1JEzTaObElS0yWK0T0KxlQMITWKmEkVW0RW507e58m2q1N0wv-01jWLmOhsxAEFlFnZyA0Mq92TW0Qm5hq3oHRG5l2Suxu1WHUO5zBjyIke5mcu5m705xK2s1V0X3te5m6P6A0O4B0OpeVlW0Qu60BG613u6BBEkD28owZ9im606OaPvosG6G6W6S01i1cu6S0PvSoYdOELXx5JqXaIUM5YSrzpPN9sPN8lSZKmC2qpu1a2w1cg0V0PWC83WHh__qVvVUii92iWuOG68MGGH8YgYWTyt3ZMox5n4Fihpi9a42JoHIBVrbro6wiAClEPrcJ4ZQn9mr2-P8WqQTx0eijpOulipU6fNBVlyB7mkV9I5l1M1nPTOZny131xr0DkLLgt1CU86MtV9PX9yHF3SDc71JamCVkGhFUqUwK_UQXmIfAJYyzCHCEX89V4J1b_7W00~1?stat-id=2&test-tag=239693543268353&format-type=24&actual-format=40&banner-test-tags=eyI3MjA1NzYwNDE3MDU0MTE1MSI6IjU3MzYyIn0%3D
Title: Об Анджелине

Search URL Search Domain Scan URL

URL: https://an.yandex.ru/count/WmqejI_zOD027HW0X2S3ae_1GwVDnGK0q0CGW8200J5crXjW000003YWwShOexdj7u01uzOdY07EuRpIN901lg6Rlyk0W802c06-ePk_Iw01vg2e0UQWcxzBk07Cq_lx8C014DW1se3ybW7W0SwVyPO1dhm2c0B0WyOOe0B2WyOOkGBHaT1HB0ZAS_02elgwcy0sW0EMzSivY0EhxAF_-mFu18Qi98W5rOuYa0M6h2IW1SgI3AW5of8Ci0NAaWou1SgI3C05-RuXo0N9c0lG1UMn1BBfWDS8e0RY0gW6uWAu1i01oGPc0aTgm9ZrRQSvNMXDQuNS1BW7W0N2uO6Z3548FH-vIlC_oGh6ar-ML5hdFmIg2n1Gpv9yELq008vbFSI0kkWBrOuYy0i6Y0pmdEE-0QaCKAxWr_l0e3_e39i6c0tWWYgmFkQ4dDA6cERwRQ0Em8GzkRgXwhIjeUu4W12jlkORa13HthZAegF6l1p0i9020cU5gi-h4U0Hwh3E0UWHdDBMbuksbitIxAL0yWvNmggbpm810gWJYuU1rEZVeR0Mu1FAaWo858AWrhNZhxpReW6W5CgI3AWKXgmai1JEzTaObElS0yWK0T0KxlQMITWKmEkVW0RW507e58m2q1N0wv-01jWLmOhsxAEFlFnZyA0Mq92TW0Qm5hq3oHRG5l2Suxu1WHUO5zBjyIke5mcu5m705xK2s1V0X3te5m6P6A0O4B0OpeVlW0Qu60BG613u6BBEkD28owZ9im606OaPvosG6G6W6S01i1cu6S0PvSoYdOELXx5JqXaIUM5YSrzpPN9sPN8lSZKmC2qpu1a2w1cg0V0PWC83WHh__qVvVUii92iWyOG68MIGGyfK5GzytpYMbcDl4FikpXB982FonIVVhbro6uiAClEPqaJ4ZQp9OIW_P8WaQTh0eizpOulgpU6jNBVlyB4mhZYZB0S9eel7mvq0PezwmArAMyjtZ9ZHzbs2cHG_6NQNVLWm0nEpxyXwJxjN-fE72gSakRZup4Gq70foISoKyUS1~1?stat-id=2&test-tag=239693543268353&format-type=24&actual-format=40&banner-test-tags=eyI3MjA1NzYwNDE3MDU0MTE1MSI6IjU3MzYyIn0%3D
Title: Перевод онлайн

Search URL Search Domain Scan URL

URL: https://an.yandex.ru/count/WmqejI_zOD027HW0X2S3ae_1IQWD40K0q0CGW8200J5crXjW000003YWwShOexdj7u01uzOdY07EuRpIN901lg6Rlyk0W802c06-ePk_Iw01vg2e0UQWcxzBk07Cq_lx8C015DW1se3ybW7W0SwVyPO1dhm2c0B0WyOOe0B2WyOOkGBHaT1HB0ZAS_02elgwcy0sW0EMzSivY0EhxAF_-mFu18Qi98W5rOuYa0M6h2IW1SgI3AW5of8Ci0NAaWou1SgI3C05-RuXo0N9c0lG1UMn1BBfWDS8e0RY0gW6uWAu1i01oGPc0aTgm9ZrRQSvNMXDQuNS1BW7W0N2uO6Z3548FH-vIlC_oGh6ar-ML5hdFmIg2n1Gpv9yELq008vbFSI0kkWBrOuYy0i6Y0pmdEE-0QaCKAxWr_l0e3_e39i6c0tWWYgmFkQ4dDA6cERwRQ0Em8GzkRgXwhIjeUu4W12jlkORa13HthZAegF6l1p0i9020cU5gi-h4U0Hwh3E0UWHdDBMbuksbitIxAL0yWvNmggbpm810gWJYuU1rEZVeR0Mu1FAaWo858AWrhNZhxpReW6W5CgI3AWKXgmai1JEzTaObElS0yWK0T0KxlQMITWKmEkVW0RW507e58m2q1N0wv-01jWLmOhsxAEFlFnZyA0Mq92TW0Qm5hq3oHRG5l2Suxu1WHUO5zBjyIke5mcu5m705xK2s1V0X3te5m6P6A0O4B0OpeVlW0Qu60BG613u6BBEkD28owZ9im606OaPvosG6G6W6S01i1cu6S0PvSoYdOELXx5JqXaIUM5YSrzpPN9sPN8lSZKmC2qpu1a2w1cg0V0PWC83WHh__qVvVUii92iWyOG68MIGGyfK5GzytpYMbcDl4FikpXB982FonIVVhbro6uiAClEPqaJ4ZQp9OIW_P8WaQTh0eizpOulgpU6jNBVlyB4mhZYZB0S9eel7mvq0PezwmArAMyjtZ9ZHzbs2cHG_6NQNVLWm0nEpxyXwJxjN-fE72gSakRZup4Gq70foISoKyUS1~1?stat-id=2&test-tag=239693543268353&format-type=24&actual-format=40&banner-test-tags=eyI3MjA1NzYwNDE3MDU0MTE1MSI6IjU3MzYyIn0%3D
Title: Видео об Анджелине

Search URL Search Domain Scan URL

URL: https://an.yandex.ru/count/WmqejI_zOD027HW0X2S3ae_1jGZly0K0q0CGW8200J5crXjW000003YWwShOexdj7u01uzOdY07EuRpIN901lg6Rlyk0W802c06-ePk_Iw01vg2e0UQWcxzBk07Cq_lx8C017jW1se3ybW7W0SwVyPO1dhm2c0B0WyOOe0B2WyOOkGBHaT1HB0ZAS_02elgwcy0sW0EMzSivY0EhxAF_-mFu18Qi98W5rOuYa0M6h2IW1SgI3AW5of8Ci0NAaWou1SgI3C05-RuXo0N9c0lG1UMn1BBfWDS8e0RY0gW6uWAu1i01oGPc0aTgm9ZrRQSvNMXDQuNS1BW7W0N2uO6Z3548FH-vIlC_oGh6ar-ML5hdFmIg2n1Gpv9yELq008vbFSI0kkWBrOuYy0i6Y0pmdEE-0QaCKAxWr_l0e3_e39i6c0tWWYgmFkQ4dDA6cERwRQ0Em8GzkRgXwhIjeUu4W12jlkORa13HthZAegF6l1p0i9020cU5gi-h4U0Hwh3E0UWHdDBMbuksbitIxAL0yWvNmggbpm810gWJYuU1rEZVeR0Mu1FAaWo858AWrhNZhxpReW6W5CgI3AWKXgmai1JEzTaObElS0yWK0T0KxlQMITWKmEkVW0RW507e58m2q1N0wv-01jWLmOhsxAEFlFnZyA0Mq92TW0Qm5hq3oHRG5l2Suxu1WHUO5zBjyIke5mcu5m705xK2s1V0X3te5m6P6A0O4B0OpeVlW0Qu60BG613u6BBEkD28owZ9im606OaPvosG6G6W6S01i1cu6S0PvSoYdOELXx5JqXaIUM5YSrzpPN9sPN8lSZKmC2qpu1a2w1cg0V0PWC83WHh__qVvVUii92iWyOG68MIGGyfK5GzytpYMbcDl4FikpXB982FonIVVhbro6uiAClEPqaJ4ZQp9OIW_P8WaQTh0eizpOulgpU6jNBVlyB4mhZYZB0S9eel7mvq0PezwmArAMyjtZ9ZHzbs2cHG_6NQNVLWm0nEpxyXwJxjN-fE72gSakRZup4Gq70foISoKyUS1~1?stat-id=2&test-tag=239693543268353&format-type=24&actual-format=40&banner-test-tags=eyI3MjA1NzYwNDE3MDU0MTE1MSI6IjU3MzYyIn0%3D
Title: О фонде

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 15

http://gaby.hit.gemius.pl/_1612437093547/rexdot.gif?l=30&id=chuaoc_Qf5oBaF0jf1u_J5PaDqti6EO9B3Q0cN4cczz.H7&fr=1&fv=-&tz=-60&href=http%3A//afn.by/&ref=&screen=1600x1200&col=24 HTTP 301
https://gaby.hit.gemius.pl/_sslredir/_1612437093547/rexdot.gif?l=30&id=chuaoc_Qf5oBaF0jf1u_J5PaDqti6EO9B3Q0cN4cczz.H7&fr=1&fv=-&tz=-60&href=http%3A//afn.by/&ref=&screen=1600x1200&col=24 HTTP 301
https://gaby.hit.gemius.pl/__/_sslredir/_1612437093547/rexdot.gif?l=30&id=chuaoc_Qf5oBaF0jf1u_J5PaDqti6EO9B3Q0cN4cczz.H7&fr=1&fv=-&tz=-60&href=http%3A//afn.by/&ref=&screen=1600x1200&col=24

Request Chain 17

http://www.acint.net/aci.js HTTP 302
https://www.acint.net/aci.js

Request Chain 36

http://www.acint.net/mc/?dp=10 HTTP 302
https://www.acint.net/mc/?dp=10 HTTP 302
https://www.acint.net/mc/?dp=10&tc=1

Request Chain 37

http://www.acint.net/hit/?v=0.3.0&uid=3179346b-9e60-4d29-b39c-36bb0c56b32e&dp=10&tz=%2B01%3A00&nc=92634502&u=http%3A%2F%2Fafn.by%2F&r=&rs=1600x1200&t=AFN.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%D0%9F%D0%BE%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D1%8D%D0%BA%D0%BE%D0%BD%D0%BE%D0%BC%D0%B8%D0%BA%D0%B0%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D1%8B%20%D1%8D%D0%BD%D0%B5%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BE%D0%B1%D1%89%D0%B5%D1%81%D1%82%D0%B2%D0%BE&oE=1&oP=1&dT=2021-02-04T12%3A11%3A33.967&fu=98970533-ff12-4da1-abbe-9ec018d3127d HTTP 302
https://www.acint.net/hit/?v=0.3.0&uid=3179346b-9e60-4d29-b39c-36bb0c56b32e&dp=10&tz=%2B01%3A00&nc=92634502&u=http%3A%2F%2Fafn.by%2F&r=&rs=1600x1200&t=AFN.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%D0%9F%D0%BE%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D1%8D%D0%BA%D0%BE%D0%BD%D0%BE%D0%BC%D0%B8%D0%BA%D0%B0%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D1%8B%20%D1%8D%D0%BD%D0%B5%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BE%D0%B1%D1%89%D0%B5%D1%81%D1%82%D0%B2%D0%BE&oE=1&oP=1&dT=2021-02-04T12%3A11%3A33.967&fu=98970533-ff12-4da1-abbe-9ec018d3127d

Request Chain 38

https://an.yandex.ru/meta/465488?grab=dEFGTi5CWSAtINCd0L7QstC-0YHRgtC4INCR0LXQu9Cw0YDRg9GB0Lgg0J_QvtC70LjRgtC40LrQsCDRjdC60L7QvdC-0LzQuNC60LAg0YTQuNC90LDQvdGB0Ysg0Y3QvdC10YDQs9C10YLQuNC60LAg0L7QsdGJ0LXRgdGC0LLQvgoy0J_QvtC70LjRgtC40LrQsCAKMtCt0LrQvtC90L7QvNC40LrQsCAKMtCt0L3QtdGA0LPQtdGC0LjQutCwIAoy0J7QsdGJ0LXRgdGC0LLQviAKM9CS0LvQsNGB0YLQuCDQkdC10LvQsNGA0YPRgdC4INC-0LHRitGP0LLRj9GCINGN0LrRgdGC0YDQtdC80LjRgdGC0YHQutC40Lwg0LHQtdC70L4t0LrRgNCw0YHQvdC-LdCx0LXQu9GL0Lkg0YTQu9Cw0LMgCjPQldCQ0JHQoCDRg9GF0YPQtNGI0LjQuyDQv9GA0L7Qs9C90L7QtyDQv9C-INCS0JLQnyDQkdC10LvQsNGA0YPRgdC4INC40Lct0LfQsCDQv9C-0LvQuNGC0LjRh9C10YHQutC-0Lkg0L3QsNC_0YDRj9C20LXQvdC90L7RgdGC0LggCjPQm9GD0LrQsNGI0LXQvdC60L46INCR0LXQu9Cw0YDRg9GB0Ywg0LHRg9C00LXRgiDQv9C-0LrRg9C_0LDRgtGMINGA0L7RgdGB0LjQudGB0LrQuNC5INCz0LDQtyDQsiAyMDIxINCz0L7QtNGDINC_0L4gJDEyOCw1INC30LAg0YLRi9GB0Y_Rh9GDINC60YPQsdC-0LIgCjPQktC70LDRgdGC0Lgg0JHQtdC70LDRgNGD0YHQuCDQvdC1INC90LDQvNC10YDQtdC90Ysg0LfQsNC60YPQv9Cw0YLRjCDQstCw0LrRhtC40L3RgyDQvtGCINC60L7RgNC-0L3QsNCy0LjRgNGD0YHQsCDQtNC70Y8g0L7QsdGL0YfQvdGL0YUg0LPRgNCw0LbQtNCw0L0gCg%3D%3D&target-ref=http%3A%2F%2Fafn.by%2F&charset=utf-8&imp-id=1&enable-flat-highlight=1&test-tag=239693534855170&ad-session-id=3402101612437093988&target-id=60545764&tga-with-creatives=1&pcode-test-ids=289774%2C0%2C97%3B323480%2C0%2C24%3B314351%2C0%2C79%3B317922%2C0%2C80%3B325391%2C0%2C77&pcode-flags=%7B%22RMP_SENDBEACON%22%3A%220%22%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%5D%2C%22DEFAULT_BLACKLIST_PAGES%22%3A%5B%22419507%22%2C%22419506%22%2C%22106253%22%2C%22188382%22%2C%22189903%22%2C%22265882%22%2C%22553163%22%2C%22348677%22%2C%22267060%22%2C%22104220%22%5D%2C%22SSR_BLOCKS%22%3A%5B%22oldPosterVertical%22%2C%22oldPosterHorizontal%22%2C%22posterHorizontal2%22%2C%22posterVertical2%22%5D%2C%22USE_SMART_SSR%22%3A%221%22%2C%22PCODEVER%22%3A%2213748%22%7D&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0AoldPosterVertical%0AoldPosterHorizontal%0AposterHorizontal2%0AposterVertical2&pcode-version=13748&flash-ver=0&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1&pcode-icookie=6008396361612437093&available-width=1195&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.1%2C%22w%22%3A1195%2C%22h%22%3A0%2C%22width%22%3A1195%2C%22height%22%3A0%2C%22left%22%3A195%2C%22top%22%3A115%2C%22visible%22%3A1%2C%22ad_no%22%3A0%2C%22req_no%22%3A0%7D&callback=Ya%5B3568316263281%5D HTTP 302
https://an.yandex.ru/meta/465488?redir-setuniq=1&grab=dEFGTi5CWSAtINCd0L7QstC-0YHRgtC4INCR0LXQu9Cw0YDRg9GB0Lgg0J_QvtC70LjRgtC40LrQsCDRjdC60L7QvdC-0LzQuNC60LAg0YTQuNC90LDQvdGB0Ysg0Y3QvdC10YDQs9C10YLQuNC60LAg0L7QsdGJ0LXRgdGC0LLQvgoy0J_QvtC70LjRgtC40LrQsCAKMtCt0LrQvtC90L7QvNC40LrQsCAKMtCt0L3QtdGA0LPQtdGC0LjQutCwIAoy0J7QsdGJ0LXRgdGC0LLQviAKM9CS0LvQsNGB0YLQuCDQkdC10LvQsNGA0YPRgdC4INC-0LHRitGP0LLRj9GCINGN0LrRgdGC0YDQtdC80LjRgdGC0YHQutC40Lwg0LHQtdC70L4t0LrRgNCw0YHQvdC-LdCx0LXQu9GL0Lkg0YTQu9Cw0LMgCjPQldCQ0JHQoCDRg9GF0YPQtNGI0LjQuyDQv9GA0L7Qs9C90L7QtyDQv9C-INCS0JLQnyDQkdC10LvQsNGA0YPRgdC4INC40Lct0LfQsCDQv9C-0LvQuNGC0LjRh9C10YHQutC-0Lkg0L3QsNC_0YDRj9C20LXQvdC90L7RgdGC0LggCjPQm9GD0LrQsNGI0LXQvdC60L46INCR0LXQu9Cw0YDRg9GB0Ywg0LHRg9C00LXRgiDQv9C-0LrRg9C_0LDRgtGMINGA0L7RgdGB0LjQudGB0LrQuNC5INCz0LDQtyDQsiAyMDIxINCz0L7QtNGDINC_0L4gJDEyOCw1INC30LAg0YLRi9GB0Y_Rh9GDINC60YPQsdC-0LIgCjPQktC70LDRgdGC0Lgg0JHQtdC70LDRgNGD0YHQuCDQvdC1INC90LDQvNC10YDQtdC90Ysg0LfQsNC60YPQv9Cw0YLRjCDQstCw0LrRhtC40L3RgyDQvtGCINC60L7RgNC-0L3QsNCy0LjRgNGD0YHQsCDQtNC70Y8g0L7QsdGL0YfQvdGL0YUg0LPRgNCw0LbQtNCw0L0gCg%3D%3D&target-ref=http%3A%2F%2Fafn.by%2F&charset=utf-8&imp-id=1&enable-flat-highlight=1&test-tag=239693534855170&ad-session-id=3402101612437093988&target-id=60545764&tga-with-creatives=1&pcode-test-ids=289774%2C0%2C97%3B323480%2C0%2C24%3B314351%2C0%2C79%3B317922%2C0%2C80%3B325391%2C0%2C77&pcode-flags=%7B%22RMP_SENDBEACON%22%3A%220%22%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%5D%2C%22DEFAULT_BLACKLIST_PAGES%22%3A%5B%22419507%22%2C%22419506%22%2C%22106253%22%2C%22188382%22%2C%22189903%22%2C%22265882%22%2C%22553163%22%2C%22348677%22%2C%22267060%22%2C%22104220%22%5D%2C%22SSR_BLOCKS%22%3A%5B%22oldPosterVertical%22%2C%22oldPosterHorizontal%22%2C%22posterHorizontal2%22%2C%22posterVertical2%22%5D%2C%22USE_SMART_SSR%22%3A%221%22%2C%22PCODEVER%22%3A%2213748%22%7D&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0AoldPosterVertical%0AoldPosterHorizontal%0AposterHorizontal2%0AposterVertical2&pcode-version=13748&flash-ver=0&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1&pcode-icookie=6008396361612437093&available-width=1195&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.1%2C%22w%22%3A1195%2C%22h%22%3A0%2C%22width%22%3A1195%2C%22height%22%3A0%2C%22left%22%3A195%2C%22top%22%3A115%2C%22visible%22%3A1%2C%22ad_no%22%3A0%2C%22req_no%22%3A0%7D&callback=Ya%5B3568316263281%5D

Request Chain 42

https://mc.yandex.ru/watch/421539?wmode=7&page-url=http%3A%2F%2Fafn.by%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A65gwaazdbuxw99j%3Afp%3A4337%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A400%3Acn%3A1%3Adp%3A0%3Als%3A662721191061%3Ahid%3A944767382%3Az%3A60%3Ai%3A20210204121134%3Aet%3A1612437094%3Ac%3A1%3Arn%3A717768722%3Arqn%3A1%3Au%3A1612437094402114443%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1612437089562%3Awv%3A2%3Ads%3A1%2C25%2C1999%2C86%2C0%2C0%2C%2C2359%2C3%2C%2C%2C%2C4388%3Adsn%3A1%2C24%2C1998%2C86%2C0%2C0%2C%2C2276%2C3%2C%2C%2C%2C4388%3Arqnl%3A1%3Ati%3A2%3Ast%3A1612437094%3At%3AAFN.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%D0%9F%D0%BE%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D1%8D%D0%BA%D0%BE%D0%BD%D0%BE%D0%BC%D0%B8%D0%BA%D0%B0%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D1%8B%20%D1%8D%D0%BD%D0%B5%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BE%D0%B1%D1%89%D0%B5%D1%81%D1%82%D0%B2%D0%BE HTTP 302
https://mc.yandex.ru/watch/421539/1?wmode=7&page-url=http%3A%2F%2Fafn.by%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A65gwaazdbuxw99j%3Afp%3A4337%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A400%3Acn%3A1%3Adp%3A0%3Als%3A662721191061%3Ahid%3A944767382%3Az%3A60%3Ai%3A20210204121134%3Aet%3A1612437094%3Ac%3A1%3Arn%3A717768722%3Arqn%3A1%3Au%3A1612437094402114443%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1612437089562%3Awv%3A2%3Ads%3A1%2C25%2C1999%2C86%2C0%2C0%2C%2C2359%2C3%2C%2C%2C%2C4388%3Adsn%3A1%2C24%2C1998%2C86%2C0%2C0%2C%2C2276%2C3%2C%2C%2C%2C4388%3Arqnl%3A1%3Ati%3A2%3Ast%3A1612437094%3At%3AAFN.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%D0%9F%D0%BE%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D1%8D%D0%BA%D0%BE%D0%BD%D0%BE%D0%BC%D0%B8%D0%BA%D0%B0%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D1%8B%20%D1%8D%D0%BD%D0%B5%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BE%D0%B1%D1%89%D0%B5%D1%81%D1%82%D0%B2%D0%BE

Request Chain 48

https://match.new-programmatic.com/userbind?src=admixer&id=4df650fdfeef49b4b280a7adfa229d50 HTTP 302
https://match.new-programmatic.com/userbind?src=yandex&pbf=1&gi=1 HTTP 302
https://an.yandex.ru/setud/target_rtb/?sign=1494831407

Request Chain 49

https://exchange.buzzoola.com/cookiesync/ssp/admixer?uid=4df650fdfeef49b4b280a7adfa229d50 HTTP 307
https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=4df650fdfeef49b4b280a7adfa229d50

Request Chain 52

https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID} HTTP 302
https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}&crf=1 HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=6e75b72d-c1f6-5123-b474-0473d46fd215

Request Chain 53

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6845806 HTTP 302
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6845806&tuid=-5547936360 HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=AA391812-3D60-4352-AC90-6449D7D09A7A&id=ArvosuB3KgfA8wfhQZLlB7w

Request Chain 54

https://creativecdn.com/cm-notify?pi=admixer HTTP 302
https://ams.creativecdn.com/cm-notify?pi=admixer&tc=1

Request Chain 55

https://x.bidswitch.net/sync?ssp=admixer&user_id=4df650fdfeef49b4b280a7adfa229d50&gdpr=[gdpr]&gdpr_consent=[consent]&us_privacy=[usPrivacy] HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=4df650fdfeef49b4b280a7adfa229d50&gdpr=[gdpr]&gdpr_consent=[consent]&us_privacy=[usPrivacy] HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=a159f273-c0b3-4b95-9428-86735f51e6fd&ssp=admixer&gdpr=[gdpr]&gdpr_consent=[consent]

Request Chain 58

https://cm.g.doubleclick.net/pixel?google_nid=admixer_dmp&google_cm HTTP 302
https://inv-nets.admixer.net/gadx/cm.aspx?google_gid=CAESEO2MglDCfYyp1j_2W8ariCM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=NGRmNjUwZmRmZWVmNDliNGIyODBhN2FkZmEyMjlkNTA&google_cm HTTP 302
https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESEGqpHxNjhOCD7a2N1PkNpsw&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=NGRmNjUwZmRmZWVmNDliNGIyODBhN2FkZmEyMjlkNTA&google_cm HTTP 302
https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESEGqpHxNjhOCD7a2N1PkNpsw&google_cver=1 HTTP 302
https://x.bidswitch.net/sync?ssp=admixer&user_id=4df650fdfeef49b4b280a7adfa229d50&gdpr=0&gdpr_consent=null&us_privacy=null HTTP 302
https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=admixer&gdpr=0&gdpr_consent=null HTTP 302
https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=r20qYLCMaJjksr4UbhTcWQsf&ssp=admixer HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=270&expires=10&user_id=r20qYLCMaJjksr4UbhTcWQsf&ssp=admixer HTTP 302
https://inv-nets.admixer.net/bs/cm.aspx?id=d1c53ddf-67e2-48cb-9730-bb64fc73556e&gdpr=&consent=&gdpr_pd=

Request Chain 60

https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=NGRmNjUwZmRmZWVmNDliNGIyODBhN2FkZmEyMjlkNTA&google_cm HTTP 302
https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESEGqpHxNjhOCD7a2N1PkNpsw&google_cver=1 HTTP 302
https://x.bidswitch.net/sync?ssp=admixer&user_id=4df650fdfeef49b4b280a7adfa229d50&gdpr=0&gdpr_consent=null&us_privacy=null HTTP 302
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=admixer&bsw_custom_parameter=a159f273-c0b3-4b95-9428-86735f51e6fd HTTP 302
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=admixer&bsw_custom_parameter=a159f273-c0b3-4b95-9428-86735f51e6fd HTTP 302
https://x.bidswitch.net/sync?dsp_id=4&user_id=bf557c14-5d47-4e7f-b7ab-2ff21edaf57c&ssp=admixer&expires=30&user_group=5&bsw_param=a159f273-c0b3-4b95-9428-86735f51e6fd HTTP 302
https://inv-nets.admixer.net/bs/cm.aspx?id=a159f273-c0b3-4b95-9428-86735f51e6fd&gdpr=&consent=&gdpr_pd=

Request Chain 100

http://www.acint.net/ping/?v=0.3.0&uid=3179346b-9e60-4d29-b39c-36bb0c56b32e&dp=10&tz=%2B01%3A00&nc=74205019&dT=2021-02-04T12%3A11%3A36.971 HTTP 302
https://www.acint.net/ping/?v=0.3.0&uid=3179346b-9e60-4d29-b39c-36bb0c56b32e&dp=10&tz=%2B01%3A00&nc=74205019&dT=2021-02-04T12%3A11%3A36.971

Request Chain 108

https://mc.yandex.ru/watch/421539?page-url=http%3A%2F%2Fafn.by%2F&charset=utf-8&browser-info=nb%3A1%3Acl%3A116%3Aar%3A1%3Agdpr%3A14%3Avf%3A65gwaazdbuxw99j%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A400%3Acn%3A1%3Adp%3A1%3Als%3A662721191061%3Ahid%3A944767382%3Az%3A60%3Ai%3A20210204121149%3Aet%3A1612437109%3Ac%3A1%3Arn%3A673119975%3Arqn%3A3%3Au%3A1612437094402114443%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1612437089562%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C12211%2C12211%2C3%2C%3Adsn%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C12210%2C12210%2C4%2C%3Arqnl%3A1%3Ati%3A0%3Ast%3A1612437109&force-urlencoded=1 HTTP 302
https://mc.yandex.ru/watch/421539/1?page-url=http%3A%2F%2Fafn.by%2F&charset=utf-8&browser-info=nb%3A1%3Acl%3A116%3Aar%3A1%3Agdpr%3A14%3Avf%3A65gwaazdbuxw99j%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A400%3Acn%3A1%3Adp%3A1%3Als%3A662721191061%3Ahid%3A944767382%3Az%3A60%3Ai%3A20210204121149%3Aet%3A1612437109%3Ac%3A1%3Arn%3A673119975%3Arqn%3A3%3Au%3A1612437094402114443%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1612437089562%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C12211%2C12211%2C3%2C%3Adsn%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C12210%2C12210%2C4%2C%3Arqnl%3A1%3Ati%3A0%3Ast%3A1612437109&force-urlencoded=1

109 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
afn.by/ 42 KB
42 KB 2025ms
1999ms Document
text/html 62.173.140.157
SPACENET-AS Inter...

General

Check archive.org

Show headers Download Go to

Full URL: http://afn.by/
Protocol: HTTP/1.1
Server: 62.173.140.157 , Russian Federation, ASN34300 (SPACENET-AS Internet Service Provider, RU),
Reverse DNS: afn.today
Software: Microsoft-IIS/10.0 /
Resource Hash: c09a842f4d8d70b93a89d95eaccb5e9bcc0504d7ca3b6141f0eac16bb924f31f

Request headers

Host: afn.by
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Date: Thu, 04 Feb 2021 11:11:30 GMT
Content-Length: 43233

GET
H/1.1 200
OK cocss.css
afn.by/styles/ 12 KB
12 KB 99ms
97ms Stylesheet
text/css 62.173.140.157
SPACENET-AS Inter...

General

Check archive.org

Show headers Download Go to

Full URL: http://afn.by/styles/cocss.css?v=2020-09-16T2305
Requested by: Host: afn.by
URL: http://afn.by/
Protocol: HTTP/1.1
Server: 62.173.140.157 , Russian Federation, ASN34300 (SPACENET-AS Internet Service Provider, RU),
Reverse DNS: afn.today
Software: Microsoft-IIS/10.0 /
Resource Hash: 21805f6753661b417e371bc6d07627765a0bdb09ff769049bd4fa36a22cac022

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 11:11:32 GMT
Last-Modified: Tue, 29 Sep 2020 16:21:39 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "7792f69b7c96d61:0"
Content-Length: 12192
Content-Type: text/css

GET
H/1.1 200
OK xgemius.js Show response
afn.by/scripts/ 4 KB
5 KB 1202ms
1174ms Script
application/javascript 62.173.140.157
SPACENET-AS Inter...

General

Check archive.org

Show headers Download Go to

Full URL: http://afn.by/scripts/xgemius.js
Requested by: Host: afn.by
URL: http://afn.by/
Protocol: HTTP/1.1
Server: 62.173.140.157 , Russian Federation, ASN34300 (SPACENET-AS Internet Service Provider, RU),
Reverse DNS: afn.today
Software: Microsoft-IIS/10.0 /
Resource Hash: addbd0082697a941e7ae5798c7985b54c785fa90aa5f398dd35447b60eb7965d

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 11:11:33 GMT
Last-Modified: Mon, 10 Aug 1744 03:14:09 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "77f8420480a10:0"
Content-Length: 4497
Content-Type: application/javascript

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 134 KB
47 KB 39ms
35ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: afn.by
URL: http://afn.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

146cf3b10f120064f10d9b96ec8bd9e30d9d4266c38f842a7e95e4e4f85bbc4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 11:11:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 47984
x-xss-protection: 0
server: cafe
etag: 12508479964826215085
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 04 Feb 2021 11:11:33 GMT

GET
H/1.1 200
OK WebResource.axd Show response
afn.by/ 23 KB
23 KB 1222ms
1194ms Script
application/x-javascript 62.173.140.157
SPACENET-AS Inter...

General

Check archive.org

Show headers Download Go to

Full URL: http://afn.by/WebResource.axd?d=x6kZHarUxIlCmdP8tralfm9j9vlV5v7RssAAB3w2g1T9BlvwLfiegLOUvTlfrsYWRDzRJEVHlbcw8maAjeTX3DGnW1Pk_CIDzs0KtPkZUFU1&t=637322061357241717
Requested by: Host: afn.by
URL: http://afn.by/
Protocol: HTTP/1.1
Server: 62.173.140.157 , Russian Federation, ASN34300 (SPACENET-AS Internet Service Provider, RU),
Reverse DNS: afn.today
Software: Microsoft-IIS/10.0 /
Resource Hash: 40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 11:11:33 GMT
Last-Modified: Wed, 05 Aug 2020 03:35:35 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Content-Type: application/x-javascript
Cache-Control: public
Content-Length: 23063
Expires: Fri, 04 Feb 2022 11:06:29 GMT

GET
H/1.1 200
OK WebResource.axd Show response
afn.by/ 26 KB
27 KB 194ms
166ms Script
application/x-javascript 62.173.140.157
SPACENET-AS Inter...

General

Check archive.org

Show headers Download Go to

Full URL: http://afn.by/WebResource.axd?d=j8vvoyaifjvlN4hVlEnJWHWSDZdBC8U54gvtudvF_ovCrNW5jwpwiBjilFnX2S6vEwCPO1trGoJrcB5e-KZDOBr9RWBMrO0aFyWu_oksMzM1&t=637322061357241717
Requested by: Host: afn.by
URL: http://afn.by/
Protocol: HTTP/1.1
Server: 62.173.140.157 , Russian Federation, ASN34300 (SPACENET-AS Internet Service Provider, RU),
Reverse DNS: afn.today
Software: Microsoft-IIS/10.0 /
Resource Hash: ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 11:11:32 GMT
Last-Modified: Wed, 05 Aug 2020 03:35:35 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Content-Type: application/x-javascript
Cache-Control: public
Content-Length: 26951
Expires: Fri, 04 Feb 2022 11:11:32 GMT

GET
H/1.1 200
OK logo.gif
afn.by/images/ 2 KB
2 KB 112ms
109ms Image
image/gif 62.173.140.157
SPACENET-AS Inter...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://afn.by/images/logo.gif
Requested by: Host: afn.by
URL: http://afn.by/
Protocol: HTTP/1.1
Server: 62.173.140.157 , Russian Federation, ASN34300 (SPACENET-AS Internet Service Provider, RU),
Reverse DNS: afn.today
Software: Microsoft-IIS/10.0 /
Resource Hash: 3d8799c171813adffb4105be1ee07dfd2e7716ba4a5fdd8b785736285a3bf677

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 11:11:33 GMT
Last-Modified: Sat, 22 Apr 2006 08:31:52 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "0cc8a34e765c61:0"
Content-Length: 2072
Content-Type: image/gif

GET
H/1.1 200
OK telegram-icon.png
afn.by/images/ 9 KB
9 KB 113ms
110ms Image
image/png 62.173.140.157
SPACENET-AS Inter...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://afn.by/images/telegram-icon.png
Requested by: Host: afn.by
URL: http://afn.by/
Protocol: HTTP/1.1
Server: 62.173.140.157 , Russian Federation, ASN34300 (SPACENET-AS Internet Service Provider, RU),
Reverse DNS: afn.today
Software: Microsoft-IIS/10.0 /
Resource Hash: 3b9bfffdd25b235582aed4cf08b709719aa5af611d5ca3f3f4a5cb5a17d9b6ee

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 11:11:33 GMT
Last-Modified: Mon, 31 Aug 2020 16:19:55 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "ea511590b27fd61:0"
Content-Length: 8970
Content-Type: image/png

GET
H/1.1 200
OK zen-128x128.png
afn.by/images/ 8 KB
9 KB 118ms
116ms Image
image/png 62.173.140.157
SPACENET-AS Inter...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://afn.by/images/zen-128x128.png
Requested by: Host: afn.by
URL: http://afn.by/
Protocol: HTTP/1.1
Server: 62.173.140.157 , Russian Federation, ASN34300 (SPACENET-AS Internet Service Provider, RU),
Reverse DNS: afn.today
Software: Microsoft-IIS/10.0 /
Resource Hash: c5c553ada8936a3a89d422bb7b789c1f2aeec71612f1731311b39aae2bbf3243

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 11:11:33 GMT
Last-Modified: Sun, 26 Jan 2020 04:01:56 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "5753ba59fdd3d51:0"
Content-Length: 8671
Content-Type: image/png

GET
H/1.1 200
OK facebook-icon-28x28.png
afn.by/images/ 1 KB
2 KB 209ms
182ms Image
image/png 62.173.140.157
SPACENET-AS Inter...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://afn.by/images/facebook-icon-28x28.png
Requested by: Host: afn.by
URL: http://afn.by/
Protocol: HTTP/1.1
Server: 62.173.140.157 , Russian Federation, ASN34300 (SPACENET-AS Internet Service Provider, RU),
Reverse DNS: afn.today
Software: Microsoft-IIS/10.0 /
Resource Hash: a2108bb3f86caf930d09e8a85ae0eccf3a11a5d51296a620201e8a76a9b030c7

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 11:11:33 GMT
Last-Modified: Wed, 20 Nov 2019 20:28:42 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "91d37219e19fd51:0"
Content-Length: 1482
Content-Type: image/png

GET
H/1.1 200
OK twitter-icon-28x28.png
afn.by/images/ 1 KB
1 KB 210ms
183ms Image
image/png 62.173.140.157
SPACENET-AS Inter...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://afn.by/images/twitter-icon-28x28.png
Requested by: Host: afn.by
URL: http://afn.by/
Protocol: HTTP/1.1
Server: 62.173.140.157 , Russian Federation, ASN34300 (SPACENET-AS Internet Service Provider, RU),
Reverse DNS: afn.today
Software: Microsoft-IIS/10.0 /
Resource Hash: 75bb660f0c38697ed9be3b33be8e5a24365708ee94922da9dd44875efc3776e0

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 11:11:33 GMT
Last-Modified: Wed, 20 Nov 2019 20:34:16 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "c7dd92e0e19fd51:0"
Content-Length: 1157
Content-Type: image/png

GET
H/1.1 200
OK feed-icon-28x28.png
afn.by/images/ 2 KB
2 KB 97ms
92ms Image
image/png 62.173.140.157
SPACENET-AS Inter...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://afn.by/images/feed-icon-28x28.png
Requested by: Host: afn.by
URL: http://afn.by/
Protocol: HTTP/1.1
Server: 62.173.140.157 , Russian Federation, ASN34300 (SPACENET-AS Internet Service Provider, RU),
Reverse DNS: afn.today
Software: Microsoft-IIS/10.0 /
Resource Hash: 473feba11f89b4d197a2263ebb6567e53b75a969cff0679ccf50f6634fa3a4f5

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 11:11:33 GMT
Last-Modified: Thu, 27 Jul 2006 11:33:24 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "01a567870b1c61:0"
Content-Length: 1737
Content-Type: image/png

GET
H/1.1 200
OK mail-icon-28x28.png
afn.by/images/ 1 KB
1 KB 95ms
91ms Image
image/png 62.173.140.157
SPACENET-AS Inter...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://afn.by/images/mail-icon-28x28.png
Requested by: Host: afn.by
URL: http://afn.by/
Protocol: HTTP/1.1
Server: 62.173.140.157 , Russian Federation, ASN34300 (SPACENET-AS Internet Service Provider, RU),
Reverse DNS: afn.today
Software: Microsoft-IIS/10.0 /
Resource Hash: 1ddb0b820dec7b14a548cd751c4a24db01dec9d0716daa5724ee5c65d3c347ec

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 11:11:33 GMT
Last-Modified: Tue, 27 May 2014 16:44:49 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "18b1c1f9ca79cf1:0"
Content-Length: 1262
Content-Type: image/png

GET
H/1.1 200
OK CHxq.js Show response
sdfgdgf.info/ux/ 46 KB
16 KB 156ms
102ms Script
application/javascript 79.171.117.17
VARITI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://sdfgdgf.info/ux/CHxq.js
Requested by: Host: afn.by
URL: http://afn.by/
Protocol: HTTP/1.1
Server: 79.171.117.17 , Russian Federation, ASN64494 (VARITI-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 92b0aa59219ffef505536118efa8a7423ba6cfe6d11c920fdaab0c5715997b77

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 11:11:33 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Jun 2020 16:02:23 GMT
Server: nginx
ETag: W/"5ed91b0f-b677"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Cache-Control: max-age=60
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript
Keep-Alive: timeout=15
X-VARITI-CCR: 176418310:1
Expires: Thu, 04 Feb 2021 11:12:33 GMT

GET
H/1.1 200
OK 8snl17291ivlm0p3y0hq8786uqv678kypxu1lk8.php Show response
dwbogv.com/ 57 KB
19 KB 211ms
154ms Script
application/javascript 62.76.25.27
NETRACK-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://dwbogv.com/8snl17291ivlm0p3y0hq8786uqv678kypxu1lk8.php
Requested by: Host: afn.by
URL: http://afn.by/
Protocol: HTTP/1.1
Server: 62.76.25.27 , Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 52928c2ab25ea721e1a0403f0b0ba93d09f51989fd9503e8a65cd13bb2fa033e

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 11:11:33 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Dec 2020 11:08:26 GMT
Server: nginx/1.14.2
ETag: "5fe476aa-4952"
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Length: 18770

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

46 KB
18 KB

6ms
5ms

Script
text/javascript

2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: afn.by
URL: http://afn.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 6330
date: Thu, 04 Feb 2021 09:26:03 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Thu, 04 Feb 2021 11:26:03 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H2

200

rexdot.gif
gaby.hit.gemius.pl/__/_sslredir/_1612437093547/
Redirect Chain

http://gaby.hit.gemius.pl/_1612437093547/rexdot.gif?l=30&id=chuaoc_Qf5oBaF0jf1u_J5PaDqti6EO9B3Q0cN4cczz.H7&fr=1&fv=-&tz=-60&href=http%3A//afn.by/&ref=&screen=1600x1200&col=24
https://gaby.hit.gemius.pl/_sslredir/_1612437093547/rexdot.gif?l=30&id=chuaoc_Qf5oBaF0jf1u_J5PaDqti6EO9B3Q0cN4cczz.H7&fr=1&fv=-&tz=-60&href=http%3A//afn.by/&ref=&screen=1600x1200&col=24
https://gaby.hit.gemius.pl/__/_sslredir/_1612437093547/rexdot.gif?l=30&id=chuaoc_Qf5oBaF0jf1u_J5PaDqti6EO9B3Q0cN4cczz.H7&fr=1&fv=-&tz=-60&href=http%3A//afn.by/&ref=&screen=1600x1200&col=24

43 B
214 B

48ms
47ms

Image
image/gif

149.202.199.193
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gaby.hit.gemius.pl/__/_sslredir/_1612437093547/rexdot.gif?l=30&id=chuaoc_Qf5oBaF0jf1u_J5PaDqti6EO9B3Q0cN4cczz.H7&fr=1&fv=-&tz=-60&href=http%3A//afn.by/&ref=&screen=1600x1200&col=24
Requested by: Host: afn.by
URL: http://afn.by/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 149.202.199.193 , France, ASN16276 (OVH, FR),
Reverse DNS: ua1.host.hit.gemius.pl
Software: GHC /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 11:11:33 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-type: image/gif
content-length: 43
expires: Wed, 03 Feb 2021 11:11:33 GMT

Redirect headers

pragma: no-cache
date: Thu, 04 Feb 2021 11:11:33 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_sslredir/_1612437093547/rexdot.gif?l=30&id=chuaoc_Qf5oBaF0jf1u_J5PaDqti6EO9B3Q0cN4cczz.H7&fr=1&fv=-&tz=-60&href=http%3A//afn.by/&ref=&screen=1600x1200&col=24
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-length: 0
expires: Wed, 03 Feb 2021 11:11:33 GMT

GET
H/1.1 200
OK loader2.js Show response
cdn.admixer.net/scripts3/ 86 KB
30 KB 14ms
7ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.admixer.net/scripts3/loader2.js
Requested by: Host: afn.by
URL: http://afn.by/
Protocol: HTTP/1.1
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 567a91bf0a24b83a65dba133e4e143dbe8608f8cd82b7e5e69be6403074d2fd3

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-ID: fr5-up-gc35
Date: Thu, 04 Feb 2021 11:11:33 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Feb 2021 09:41:43 GMT
Server: nginx
ETag: W/"601a6fd7-1567e"
Transfer-Encoding: chunked
X-Cached-Since: 2021-02-04T11:09:27+00:00
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=600
Cache: HIT
Connection: keep-alive
Expires: Wed, 03 Feb 2021 09:55:28 GMT

GET
H2

200

aci.js Show response
www.acint.net/
Redirect Chain

http://www.acint.net/aci.js
https://www.acint.net/aci.js

21 KB
7 KB

149ms
51ms

Script
application/x-javascript

195.201.243.71
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/aci.js
Requested by: Host: afn.by
URL: http://afn.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ingolstadt.aucourant.info
Software: openresty /
Resource Hash: 8efda3f0b5d984306920023fe9e82a919bfac7109db64ed89f752720408c888b

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 11:11:33 GMT
content-encoding: gzip
last-modified: Sat, 02 Jan 2021 18:29:13 GMT
server: openresty
etag: "5ff0bb79-1baf"
content-type: application/x-javascript
cache-control: max-age=43200
content-length: 7087
expires: Thu, 04 Feb 2021 23:11:33 GMT

Redirect headers

Location: https://www.acint.net/aci.js
Date: Thu, 04 Feb 2021 11:11:33 GMT
Server: openresty
Connection: keep-alive
Content-Length: 142
Content-Type: text/html

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
121 B 13ms
12ms XHR
text/plain 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=645535754&t=pageview&_s=1&dl=http%3A%2F%2Fafn.by%2F&ul=en-us&de=UTF-8&dt=AFN.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%D0%9F%D0%BE%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D1%8D%D0%BA%D0%BE%D0%BD%D0%BE%D0%BC%D0%B8%D0%BA%D0%B0%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D1%8B%20%D1%8D%D0%BD%D0%B5%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BE%D0%B1%D1%89%D0%B5%D1%81%D1%82%D0%B2%D0%BE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1965332600&gjid=1718524010&cid=1111664216.1612437094&tid=UA-261460-1&_gid=1633966191.1612437094&_r=1&_slc=1&z=54954086

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 11:11:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://afn.by
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 c.html
cdn.admixer.net/scripts3/ Frame 42EF 0
0 19ms
6ms Document
text/html 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/c.html
Requested by: Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: cdn.admixer.net
:scheme: https
:path: /scripts3/c.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://afn.by/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://afn.by/

Response headers

server: nginx
date: Thu, 04 Feb 2021 11:11:33 GMT
content-type: text/html
last-modified: Wed, 03 Feb 2021 09:41:38 GMT
vary: Accept-Encoding
etag: W/"601a6fd2-27d"
expires: Fri, 04 Feb 2022 09:44:58 GMT
cache-control: max-age=31622400
access-control-allow-origin: *
cache: HIT
x-cached-since: 2021-02-03T09:45:56+00:00
x-id: fr5-up-gc30
content-encoding: gzip

GET
H/1.1 200
OK 5cfa8ce10af451dcf997.b.js Show response
cdn.admixer.net/scripts3/ 82 KB
22 KB 6ms
6ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.admixer.net/scripts3/5cfa8ce10af451dcf997.b.js
Requested by: Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/loader2.js
Protocol: HTTP/1.1
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: d40a08aee575b4a76a0910980272e1097de9d7ac24b8b080fa4c86d300753674

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-ID: fr5-up-gc35
Date: Thu, 04 Feb 2021 11:11:33 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Feb 2021 09:41:32 GMT
Server: nginx
ETag: W/"601a6fcc-14660"
Vary: Accept-Encoding
X-Cached-Since: 2021-02-03T09:46:28+00:00
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31622400
Transfer-Encoding: chunked
Connection: keep-alive
Cache: HIT
Expires: Fri, 04 Feb 2022 09:45:30 GMT

GET
H/1.1 200
OK 1db304b067e7ca7675bc.b.js Show response
cdn.admixer.net/scripts3/ 91 KB
26 KB 8ms
6ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.admixer.net/scripts3/1db304b067e7ca7675bc.b.js
Requested by: Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/loader2.js
Protocol: HTTP/1.1
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 1afa1aa3b0762ba63e927a6c35edd8c73db322887250d2ac7863ad760c742589

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-ID: fr5-up-gc35
Date: Thu, 04 Feb 2021 11:11:33 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Feb 2021 09:41:28 GMT
Server: nginx
ETag: W/"601a6fc8-16c9f"
Vary: Accept-Encoding
X-Cached-Since: 2021-02-03T09:46:10+00:00
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31622400
Transfer-Encoding: chunked
Connection: keep-alive
Cache: HIT
Expires: Fri, 04 Feb 2022 09:45:12 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
81 B 16ms
15ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-261460-1&cid=1111664216.1612437094&jid=1965332600&gjid=1718524010&_gid=1633966191.1612437094&_u=IEBAAEAAAAAAAC~&z=1418855823

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 04 Feb 2021 11:11:33 GMT
content-type: text/plain
access-control-allow-origin: http://afn.by
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210202/r20190131/ 225 KB
85 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210202/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

72e395213d052d79eb852149c9cbe3124903a7f34168c935d7fadabbafbd2ddb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 11:11:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 86331
x-xss-protection: 0
server: cafe
etag: 657319051054643926
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Feb 2021 11:11:33 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210202/r20190131/ Frame FDEF 0
0 38ms
5ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210202/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210202/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://afn.by/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://afn.by/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 04 Feb 2021 01:22:31 GMT
expires: Thu, 18 Feb 2021 01:22:31 GMT
content-type: text/html; charset=UTF-8
etag: 6440208225989294717
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4777
x-xss-protection: 0
age: 35342
cache-control: public, max-age=1209600
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 27ms
23ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-261460-1&cid=1111664216.1612437094&jid=1965332600&_u=IEBAAEAAAAAAAC~&z=1045355033

Requested by

Host: afn.by
URL: http://afn.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 11:11:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 32ms
29ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-261460-1&cid=1111664216.1612437094&jid=1965332600&_u=IEBAAEAAAAAAAC~&z=1045355033

Requested by

Host: afn.by
URL: http://afn.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 11:11:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
Ok context.js Show response
an.yandex.ru/system/ 128 KB
37 KB 107ms
51ms Script
text/javascript 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL: http://an.yandex.ru/system/context.js
Requested by: Host: afn.by
URL: http://afn.by/
Protocol: HTTP/1.1
Server: 2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 25c8984f38856595401fa33726227a9d26afafe0a4f761b26d076241cabf5333

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Thu, 04 Feb 2021 11:11:33 GMT
Content-Encoding: gzip
Server: nginx/1.12.2
ETag: 829533102
X-Yandex-Req-Id: 1612437093783712-304780471815343500400103-production-app-host-vla-pcode-15
Transfer-Encoding: chunked
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, noarchive, nofollow
Expires: Thu, 04 Feb 2021 12:11:33 GMT

GET
H/1.1 200
OK icons.png
afn.by/images/ 3 KB
3 KB 89ms
88ms Image
image/png 62.173.140.157
SPACENET-AS Inter...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://afn.by/images/icons.png
Requested by: Host: afn.by
URL: http://afn.by/styles/cocss.css?v=2020-09-16T2305
Protocol: HTTP/1.1
Server: 62.173.140.157 , Russian Federation, ASN34300 (SPACENET-AS Internet Service Provider, RU),
Reverse DNS: afn.today
Software: Microsoft-IIS/10.0 /
Resource Hash: ebb3597f3a327fe00b7b1b766dd19e454e3f8b34ad5d45505439b42bf1c24d42

Request headers

Referer: http://afn.by/styles/cocss.css?v=2020-09-16T2305
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 11:11:33 GMT
Last-Modified: Sat, 02 Aug 2008 10:28:49 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "10b0818d8af4c81:0"
Content-Length: 2939
Content-Type: image/png

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 204 KB
64 KB 146ms
48ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: afn.by
URL: http://afn.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

6a83f8baa9d1ed00994bae27f6a6d2990283f253536e11d46320fef8faaf40dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 11:11:34 GMT
content-encoding: br
last-modified: Tue, 02 Feb 2021 17:16:20 GMT
etag: "60196cb4-ffaa"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 65450
expires: Thu, 04 Feb 2021 12:11:34 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 196 B
636 B 168ms
76ms Script
text/javascript 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=afn.by&callback=_gfp_s_&client=ca-pub-5271363197717881

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210202/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

cafe /

Resource Hash

07798248e32dbd9e331d3639622c8a208c92d46465d9a382e9f00a89054dab6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 11:11:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 187
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
803 B 48ms
28ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=afn.by

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210202/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Feb 2021 11:11:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
247 B 28ms
28ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=afn.by

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210202/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Feb 2021 11:11:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 9B71 0
0 72ms
72ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5271363197717881&output=html&adk=1812271804&adf=3025194257&lmt=1612437093&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fafn.by%2F&ea=0&flash=0&pra=5&wgl=1&dt=1612437093620&bpp=19&bdt=2029&idt=271&shv=r20210202&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7320475425926&frm=20&pv=2&ga_vid=1111664216.1612437094&ga_sid=1612437094&ga_hid=645535754&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21068769%2C21068893&oid=3&pvsid=798405694624151&pem=829&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=0&uci=a!0&fsb=1&dtd=317

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210202/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5271363197717881&output=html&adk=1812271804&adf=3025194257&lmt=1612437093&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fafn.by%2F&ea=0&flash=0&pra=5&wgl=1&dt=1612437093620&bpp=19&bdt=2029&idt=271&shv=r20210202&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7320475425926&frm=20&pv=2&ga_vid=1111664216.1612437094&ga_sid=1612437094&ga_hid=645535754&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21068769%2C21068893&oid=3&pvsid=798405694624151&pem=829&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=0&uci=a!0&fsb=1&dtd=317
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://afn.by/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://afn.by/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 04 Feb 2021 11:11:33 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 04-Feb-2021 11:26:33 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Thu, 04 Feb 2021 11:11:33 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 36ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210202/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

208dfab1fdcf1f4e57f80d6fd873265f0ff90c42c36cb25e38dff42695e383a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 11:11:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1612182870646033"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28348
x-xss-protection: 0
expires: Thu, 04 Feb 2021 11:11:33 GMT

GET
H/1.1 200
OK dsp.aspx Show response
inv-nets.admixer.net/ 7 KB
7 KB 171ms
69ms Script
text/javascript 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=1768766924785347.8&cpv=e8d31ecf-637b-474d-76ea-0ffaccc539b2&uids=%7B%7D&data=%7B%22id%22%3A%223bf7e512-81ee-03b5-0a82-0561cd44748c%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fafn.by%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22b51d9ae5-714a-0412-b393-52efa21bcac1%22%2C%22tagid%22%3A%222febba63-69cc-42a7-8be2-e10bcbe63cd5%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_2febba6369cc42a78be2e10bcbe63cd5_zone_16334_sect_4740_site_4170%22%2C%22pos%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rd=true

Requested by

Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/1db304b067e7ca7675bc.b.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

bb4b42364e1b4ca428a44910af2d37ca494598cf252e86a9c4ce6e37678b761d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 11:11:34 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Keep-Alive: timeout=25
X-XSS-Protection: 0

GET
H2

200

/
www.acint.net/mc/ Frame 89A0
Redirect Chain

http://www.acint.net/mc/?dp=10
https://www.acint.net/mc/?dp=10
https://www.acint.net/mc/?dp=10&tc=1

0
0

48ms
47ms

Document
text/html

195.201.243.71
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/mc/?dp=10&tc=1
Requested by: Host: www.acint.net
URL: http://www.acint.net/aci.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ingolstadt.aucourant.info
Software: openresty /
Resource Hash

Request headers

:method: GET
:authority: www.acint.net
:scheme: https
:path: /mc/?dp=10&tc=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://afn.by/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission; aid=fwAAAWAb1mZGnAGNNUL7AhiRAfWwrH+641Z0PTfWSX0WMIxu
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://afn.by/

Response headers

server: openresty
date: Thu, 04 Feb 2021 11:11:34 GMT
content-type: text/html
set-cookie: cSyncDp7v2=1612437094; expires=Sat, 06-Mar-21 11:11:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp14v3=1612437094; expires=Sat, 06-Mar-21 11:11:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp17=1612437094; expires=Sat, 06-Mar-21 11:11:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp32=1612437094; expires=Sat, 06-Mar-21 11:11:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp45v3=1612437094; expires=Fri, 05-Feb-21 11:11:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp54v2=1612437094; expires=Sat, 06-Mar-21 11:11:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp62=1612437094; expires=Sat, 06-Mar-21 11:11:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp67v2=1612437094; expires=Sat, 06-Mar-21 11:11:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp68=1612437094; expires=Sat, 06-Mar-21 11:11:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp77=1612437094; expires=Thu, 18-Feb-21 11:11:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp84=1612437094; expires=Sat, 06-Mar-21 11:11:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp85=1612437094; expires=Sat, 06-Mar-21 11:11:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp88=1612437094; expires=Sat, 06-Mar-21 11:11:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp95v2=1612437094; expires=Sat, 06-Mar-21 11:11:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp101=1612437094; expires=Sat, 06-Mar-21 11:11:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp104v2=1612437094; expires=Thu, 18-Feb-21 11:11:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp107=1612437094; expires=Sat, 06-Mar-21 11:11:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp111v2=1612437094; expires=Thu, 18-Feb-21 11:11:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp112v2=1612437094; expires=Sat, 06-Mar-21 11:11:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp125=1612437094; expires=Sat, 06-Mar-21 11:11:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp126=1612437094; expires=Sat, 06-Mar-21 11:11:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp127=1612437094; expires=Sat, 06-Mar-21 11:11:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp136=1612437094; expires=Sat, 06-Mar-21 11:11:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp138=1612437094; expires=Sat, 06-Mar-21 11:11:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp144=1612437094; expires=Sat, 06-Mar-21 11:11:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net cSyncDp146=1612437094; expires=Sat, 06-Mar-21 11:11:34 GMT; path=/; Secure; SameSite=None; domain=.acint.net
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-encoding: gzip

Redirect headers

server: openresty
date: Thu, 04 Feb 2021 11:11:34 GMT
content-type: text/html
content-length: 154
set-cookie: test_cookie=CheckForPermission; path=/; Secure; SameSite=None; domain=.acint.net; expires=Thu, 04-Feb-21 11:21:34 GMT aid=fwAAAWAb1mZGnAGNNUL7AhiRAfWwrH+641Z0PTfWSX0WMIxu; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
location: /mc/?dp=10&tc=1

GET
H2

200

/
www.acint.net/hit/
Redirect Chain

http://www.acint.net/hit/?v=0.3.0&uid=3179346b-9e60-4d29-b39c-36bb0c56b32e&dp=10&tz=%2B01%3A00&nc=92634502&u=http%3A%2F%2Fafn.by%2F&r=&rs=1600x1200&t=AFN.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%...
https://www.acint.net/hit/?v=0.3.0&uid=3179346b-9e60-4d29-b39c-36bb0c56b32e&dp=10&tz=%2B01%3A00&nc=92634502&u=http%3A%2F%2Fafn.by%2F&r=&rs=1600x1200&t=AFN.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1...

43 B
340 B

46ms
45ms

Image
image/gif

195.201.243.71
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/hit/?v=0.3.0&uid=3179346b-9e60-4d29-b39c-36bb0c56b32e&dp=10&tz=%2B01%3A00&nc=92634502&u=http%3A%2F%2Fafn.by%2F&r=&rs=1600x1200&t=AFN.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%D0%9F%D0%BE%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D1%8D%D0%BA%D0%BE%D0%BD%D0%BE%D0%BC%D0%B8%D0%BA%D0%B0%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D1%8B%20%D1%8D%D0%BD%D0%B5%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BE%D0%B1%D1%89%D0%B5%D1%81%D1%82%D0%B2%D0%BE&oE=1&oP=1&dT=2021-02-04T12%3A11%3A33.967&fu=98970533-ff12-4da1-abbe-9ec018d3127d
Requested by: Host: afn.by
URL: http://afn.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ingolstadt.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 11:11:34 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/hit/?v=0.3.0&uid=3179346b-9e60-4d29-b39c-36bb0c56b32e&dp=10&tz=%2B01%3A00&nc=92634502&u=http%3A%2F%2Fafn.by%2F&r=&rs=1600x1200&t=AFN.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%D0%9F%D0%BE%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D1%8D%D0%BA%D0%BE%D0%BD%D0%BE%D0%BC%D0%B8%D0%BA%D0%B0%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D1%8B%20%D1%8D%D0%BD%D0%B5%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BE%D0%B1%D1%89%D0%B5%D1%81%D1%82%D0%B2%D0%BE&oE=1&oP=1&dT=2021-02-04T12%3A11%3A33.967&fu=98970533-ff12-4da1-abbe-9ec018d3127d
Date: Thu, 04 Feb 2021 11:11:33 GMT
Server: openresty
Connection: keep-alive
Content-Length: 142
Content-Type: text/html

GET
H2

200

465488 Show response
an.yandex.ru/meta/
Redirect Chain

https://an.yandex.ru/meta/465488?grab=dEFGTi5CWSAtINCd0L7QstC-0YHRgtC4INCR0LXQu9Cw0YDRg9GB0Lgg0J_QvtC70LjRgtC40LrQsCDRjdC60L7QvdC-0LzQuNC60LAg0YTQuNC90LDQvdGB0Ysg0Y3QvdC10YDQs9C10YLQuNC60LAg0L7QsdG...
https://an.yandex.ru/meta/465488?redir-setuniq=1&grab=dEFGTi5CWSAtINCd0L7QstC-0YHRgtC4INCR0LXQu9Cw0YDRg9GB0Lgg0J_QvtC70LjRgtC40LrQsCDRjdC60L7QvdC-0LzQuNC60LAg0YTQuNC90LDQvdGB0Ysg0Y3QvdC10YDQs9C10YL...

12 KB
5 KB

160ms
157ms

XHR
application/x-javascript

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/meta/465488?redir-setuniq=1&grab=dEFGTi5CWSAtINCd0L7QstC-0YHRgtC4INCR0LXQu9Cw0YDRg9GB0Lgg0J_QvtC70LjRgtC40LrQsCDRjdC60L7QvdC-0LzQuNC60LAg0YTQuNC90LDQvdGB0Ysg0Y3QvdC10YDQs9C10YLQuNC60LAg0L7QsdGJ0LXRgdGC0LLQvgoy0J_QvtC70LjRgtC40LrQsCAKMtCt0LrQvtC90L7QvNC40LrQsCAKMtCt0L3QtdGA0LPQtdGC0LjQutCwIAoy0J7QsdGJ0LXRgdGC0LLQviAKM9CS0LvQsNGB0YLQuCDQkdC10LvQsNGA0YPRgdC4INC-0LHRitGP0LLRj9GCINGN0LrRgdGC0YDQtdC80LjRgdGC0YHQutC40Lwg0LHQtdC70L4t0LrRgNCw0YHQvdC-LdCx0LXQu9GL0Lkg0YTQu9Cw0LMgCjPQldCQ0JHQoCDRg9GF0YPQtNGI0LjQuyDQv9GA0L7Qs9C90L7QtyDQv9C-INCS0JLQnyDQkdC10LvQsNGA0YPRgdC4INC40Lct0LfQsCDQv9C-0LvQuNGC0LjRh9C10YHQutC-0Lkg0L3QsNC_0YDRj9C20LXQvdC90L7RgdGC0LggCjPQm9GD0LrQsNGI0LXQvdC60L46INCR0LXQu9Cw0YDRg9GB0Ywg0LHRg9C00LXRgiDQv9C-0LrRg9C_0LDRgtGMINGA0L7RgdGB0LjQudGB0LrQuNC5INCz0LDQtyDQsiAyMDIxINCz0L7QtNGDINC_0L4gJDEyOCw1INC30LAg0YLRi9GB0Y_Rh9GDINC60YPQsdC-0LIgCjPQktC70LDRgdGC0Lgg0JHQtdC70LDRgNGD0YHQuCDQvdC1INC90LDQvNC10YDQtdC90Ysg0LfQsNC60YPQv9Cw0YLRjCDQstCw0LrRhtC40L3RgyDQvtGCINC60L7RgNC-0L3QsNCy0LjRgNGD0YHQsCDQtNC70Y8g0L7QsdGL0YfQvdGL0YUg0LPRgNCw0LbQtNCw0L0gCg%3D%3D&target-ref=http%3A%2F%2Fafn.by%2F&charset=utf-8&imp-id=1&enable-flat-highlight=1&test-tag=239693534855170&ad-session-id=3402101612437093988&target-id=60545764&tga-with-creatives=1&pcode-test-ids=289774%2C0%2C97%3B323480%2C0%2C24%3B314351%2C0%2C79%3B317922%2C0%2C80%3B325391%2C0%2C77&pcode-flags=%7B%22RMP_SENDBEACON%22%3A%220%22%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%5D%2C%22DEFAULT_BLACKLIST_PAGES%22%3A%5B%22419507%22%2C%22419506%22%2C%22106253%22%2C%22188382%22%2C%22189903%22%2C%22265882%22%2C%22553163%22%2C%22348677%22%2C%22267060%22%2C%22104220%22%5D%2C%22SSR_BLOCKS%22%3A%5B%22oldPosterVertical%22%2C%22oldPosterHorizontal%22%2C%22posterHorizontal2%22%2C%22posterVertical2%22%5D%2C%22USE_SMART_SSR%22%3A%221%22%2C%22PCODEVER%22%3A%2213748%22%7D&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0AoldPosterVertical%0AoldPosterHorizontal%0AposterHorizontal2%0AposterVertical2&pcode-version=13748&flash-ver=0&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1&pcode-icookie=6008396361612437093&available-width=1195&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.1%2C%22w%22%3A1195%2C%22h%22%3A0%2C%22width%22%3A1195%2C%22height%22%3A0%2C%22left%22%3A195%2C%22top%22%3A115%2C%22visible%22%3A1%2C%22ad_no%22%3A0%2C%22req_no%22%3A0%7D&callback=Ya%5B3568316263281%5D

Requested by

Host: afn.by
URL: http://afn.by/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

604d0b3a64e507541fc995bbaf18cf55c712b657b26104f94a086cfa96547a1f

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 11:11:34 GMT
content-encoding: gzip
last-modified: Thu, 04 Feb 2021 11:11:34 GMT
server: nginx/1.12.2
timing-allow-origin: *
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: http://afn.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-type: application/x-javascript; charset=utf-8
x-xss-protection: 1; mode=block
expires: Thu, 04 Feb 2021 11:11:34 GMT

Redirect headers

pragma: no-cache
date: Thu, 04 Feb 2021 11:11:34 GMT
last-modified: Thu, 04 Feb 2021 11:11:34 GMT
server: nginx/1.12.2
access-control-allow-origin: http://afn.by
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/meta/465488?redir-setuniq=1&grab=dEFGTi5CWSAtINCd0L7QstC-0YHRgtC4INCR0LXQu9Cw0YDRg9GB0Lgg0J_QvtC70LjRgtC40LrQsCDRjdC60L7QvdC-0LzQuNC60LAg0YTQuNC90LDQvdGB0Ysg0Y3QvdC10YDQs9C10YLQuNC60LAg0L7QsdGJ0LXRgdGC0LLQvgoy0J_QvtC70LjRgtC40LrQsCAKMtCt0LrQvtC90L7QvNC40LrQsCAKMtCt0L3QtdGA0LPQtdGC0LjQutCwIAoy0J7QsdGJ0LXRgdGC0LLQviAKM9CS0LvQsNGB0YLQuCDQkdC10LvQsNGA0YPRgdC4INC-0LHRitGP0LLRj9GCINGN0LrRgdGC0YDQtdC80LjRgdGC0YHQutC40Lwg0LHQtdC70L4t0LrRgNCw0YHQvdC-LdCx0LXQu9GL0Lkg0YTQu9Cw0LMgCjPQldCQ0JHQoCDRg9GF0YPQtNGI0LjQuyDQv9GA0L7Qs9C90L7QtyDQv9C-INCS0JLQnyDQkdC10LvQsNGA0YPRgdC4INC40Lct0LfQsCDQv9C-0LvQuNGC0LjRh9C10YHQutC-0Lkg0L3QsNC_0YDRj9C20LXQvdC90L7RgdGC0LggCjPQm9GD0LrQsNGI0LXQvdC60L46INCR0LXQu9Cw0YDRg9GB0Ywg0LHRg9C00LXRgiDQv9C-0LrRg9C_0LDRgtGMINGA0L7RgdGB0LjQudGB0LrQuNC5INCz0LDQtyDQsiAyMDIxINCz0L7QtNGDINC_0L4gJDEyOCw1INC30LAg0YLRi9GB0Y_Rh9GDINC60YPQsdC-0LIgCjPQktC70LDRgdGC0Lgg0JHQtdC70LDRgNGD0YHQuCDQvdC1INC90LDQvNC10YDQtdC90Ysg0LfQsNC60YPQv9Cw0YLRjCDQstCw0LrRhtC40L3RgyDQvtGCINC60L7RgNC-0L3QsNCy0LjRgNGD0YHQsCDQtNC70Y8g0L7QsdGL0YfQvdGL0YUg0LPRgNCw0LbQtNCw0L0gCg%3D%3D&target-ref=http%3A%2F%2Fafn.by%2F&charset=utf-8&imp-id=1&enable-flat-highlight=1&test-tag=239693534855170&ad-session-id=3402101612437093988&target-id=60545764&tga-with-creatives=1&pcode-test-ids=289774%2C0%2C97%3B323480%2C0%2C24%3B314351%2C0%2C79%3B317922%2C0%2C80%3B325391%2C0%2C77&pcode-flags=%7B%22RMP_SENDBEACON%22%3A%220%22%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%5D%2C%22DEFAULT_BLACKLIST_PAGES%22%3A%5B%22419507%22%2C%22419506%22%2C%22106253%22%2C%22188382%22%2C%22189903%22%2C%22265882%22%2C%22553163%22%2C%22348677%22%2C%22267060%22%2C%22104220%22%5D%2C%22SSR_BLOCKS%22%3A%5B%22oldPosterVertical%22%2C%22oldPosterHorizontal%22%2C%22posterHorizontal2%22%2C%22posterVertical2%22%5D%2C%22USE_SMART_SSR%22%3A%221%22%2C%22PCODEVER%22%3A%2213748%22%7D&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0AoldPosterVertical%0AoldPosterHorizontal%0AposterHorizontal2%0AposterVertical2&pcode-version=13748&flash-ver=0&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1&pcode-icookie=6008396361612437093&available-width=1195&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.1%2C%22w%22%3A1195%2C%22h%22%3A0%2C%22width%22%3A1195%2C%22height%22%3A0%2C%22left%22%3A195%2C%22top%22%3A115%2C%22visible%22%3A1%2C%22ad_no%22%3A0%2C%22req_no%22%3A0%7D&callback=Ya%5B3568316263281%5D
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 0
x-xss-protection: 1; mode=block
expires: Thu, 04 Feb 2021 11:11:34 GMT

GET
H2 200 31c9f923d79f64dc9c47.js Show response
yastatic.net/partner-code-bundles/13748/ 12 KB
5 KB 102ms
34ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/13748/31c9f923d79f64dc9c47.js

Requested by

Host: an.yandex.ru
URL: http://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

74c91ca534e06ebadf7699554c7a8f0eec0246427a06a8f5e0fd10bd6b97dd5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: http://afn.by
Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 11:11:34 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4197
last-modified: Mon, 01 Feb 2021 20:44:41 GMT
server: nginx/1.17.9
etag: "9f703079a858fa58da5cca79318bc656"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Feb 2051 17:43:57 GMT

GET
H2 200 c215acf4bee056be5ea9.js Show response
yastatic.net/partner-code-bundles/13748/ 399 KB
86 KB 136ms
68ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/13748/c215acf4bee056be5ea9.js

Requested by

Host: an.yandex.ru
URL: http://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

fecdb167aa5328fdd5c9339c1ca85e91bc0efdcc6a7415da8da865081403deec

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: http://afn.by
Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 11:11:34 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 87318
last-modified: Mon, 01 Feb 2021 20:44:42 GMT
server: nginx/1.17.9
etag: "f937998e20f59891c67d85b2a39117e2"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Feb 2051 17:43:53 GMT

GET
H2 200 c153df689e2980167e75.js Show response
yastatic.net/partner-code-bundles/13748/ 278 KB
49 KB 203ms
136ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/13748/c153df689e2980167e75.js

Requested by

Host: an.yandex.ru
URL: http://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

6e9220e0d1ddcd9b28a4ad9ea450381a4edcf4318e1286837739ea0a5871f4b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: http://afn.by
Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 11:11:34 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 49141
last-modified: Mon, 01 Feb 2021 20:44:42 GMT
server: nginx/1.17.9
etag: "7f5327680a7134c74c6f34a7da7e7018"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Feb 2051 17:44:19 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/421539/
Redirect Chain

https://mc.yandex.ru/watch/421539?wmode=7&page-url=http%3A%2F%2Fafn.by%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A65gwaazdbuxw99j%3Afp%3A4337%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A4...
https://mc.yandex.ru/watch/421539/1?wmode=7&page-url=http%3A%2F%2Fafn.by%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A65gwaazdbuxw99j%3Afp%3A4337%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3...

221 B
302 B

50ms
48ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/421539/1?wmode=7&page-url=http%3A%2F%2Fafn.by%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A65gwaazdbuxw99j%3Afp%3A4337%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A400%3Acn%3A1%3Adp%3A0%3Als%3A662721191061%3Ahid%3A944767382%3Az%3A60%3Ai%3A20210204121134%3Aet%3A1612437094%3Ac%3A1%3Arn%3A717768722%3Arqn%3A1%3Au%3A1612437094402114443%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1612437089562%3Awv%3A2%3Ads%3A1%2C25%2C1999%2C86%2C0%2C0%2C%2C2359%2C3%2C%2C%2C%2C4388%3Adsn%3A1%2C24%2C1998%2C86%2C0%2C0%2C%2C2276%2C3%2C%2C%2C%2C4388%3Arqnl%3A1%3Ati%3A2%3Ast%3A1612437094%3At%3AAFN.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%D0%9F%D0%BE%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D1%8D%D0%BA%D0%BE%D0%BD%D0%BE%D0%BC%D0%B8%D0%BA%D0%B0%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D1%8B%20%D1%8D%D0%BD%D0%B5%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BE%D0%B1%D1%89%D0%B5%D1%81%D1%82%D0%B2%D0%BE

Requested by

Host: afn.by
URL: http://afn.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

ec48ff0e0a73ce2fd7600925f81b720a40cd8c08c447c66976da9de746c83309

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 11:11:34 GMT
x-content-type-options: nosniff
last-modified: Thu, 04-Feb-2021 11:11:34 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: http://afn.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 221
x-xss-protection: 1; mode=block
expires: Thu, 04-Feb-2021 11:11:34 GMT

Redirect headers

pragma: no-cache
date: Thu, 04 Feb 2021 11:11:34 GMT
last-modified: Thu, 04-Feb-2021 11:11:34 GMT
location: /watch/421539/1?wmode=7&page-url=http%3A%2F%2Fafn.by%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A65gwaazdbuxw99j%3Afp%3A4337%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A400%3Acn%3A1%3Adp%3A0%3Als%3A662721191061%3Ahid%3A944767382%3Az%3A60%3Ai%3A20210204121134%3Aet%3A1612437094%3Ac%3A1%3Arn%3A717768722%3Arqn%3A1%3Au%3A1612437094402114443%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1612437089562%3Awv%3A2%3Ads%3A1%2C25%2C1999%2C86%2C0%2C0%2C%2C2359%2C3%2C%2C%2C%2C4388%3Adsn%3A1%2C24%2C1998%2C86%2C0%2C0%2C%2C2276%2C3%2C%2C%2C%2C4388%3Arqnl%3A1%3Ati%3A2%3Ast%3A1612437094%3At%3AAFN.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%D0%9F%D0%BE%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D1%8D%D0%BA%D0%BE%D0%BD%D0%BE%D0%BC%D0%B8%D0%BA%D0%B0%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D1%8B%20%D1%8D%D0%BD%D0%B5%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BE%D0%B1%D1%89%D0%B5%D1%81%D1%82%D0%B2%D0%BE
strict-transport-security: max-age=31536000
access-control-allow-origin: http://afn.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: Thu, 04-Feb-2021 11:11:34 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
112 B 58ms
47ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: afn.by
URL: http://afn.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 11:11:34 GMT
last-modified: Tue, 02 Feb 2021 17:16:20 GMT
etag: "601967ea-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Thu, 04 Feb 2021 12:11:34 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 115 KB
37 KB 66ms
14ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/1db304b067e7ca7675bc.b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: ca5302f20a69cb2fe08a2429cf7268a2d5152d49608b0a954646553c70fd8afd

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 11:11:34 GMT
content-encoding: gzip
last-modified: Thu, 07 Jan 2021 11:16:39 GMT
server: nginx
etag: W/"5ff6ed97-1cb87"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Fri, 05 Feb 2021 11:11:34 GMT

GET
H2 200 /
onetag-sys.com/usync/ Frame 9B7A 0
0 184ms
50ms Document
text/html 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=59d216e971852f2

Requested by

Host: inv-nets.admixer.net
URL: https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=1768766924785347.8&cpv=e8d31ecf-637b-474d-76ea-0ffaccc539b2&uids=%7B%7D&data=%7B%22id%22%3A%223bf7e512-81ee-03b5-0a82-0561cd44748c%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fafn.by%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22b51d9ae5-714a-0412-b393-52efa21bcac1%22%2C%22tagid%22%3A%222febba63-69cc-42a7-8be2-e10bcbe63cd5%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_2febba6369cc42a78be2e10bcbe63cd5_zone_16334_sect_4740_site_4170%22%2C%22pos%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rd=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.9.251 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=59d216e971852f2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://afn.by/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://afn.by/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET
H2 200 admixer
event.clientgear.com/cookie/ 0
133 B 567ms
137ms Image
text/plain 47.252.78.131
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://event.clientgear.com/cookie/admixer?partner=admixer&cookieid=4df650fdfeef49b4b280a7adfa229d50
Requested by: Host: afn.by
URL: http://afn.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.252.78.131 San Mateo, United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 11:11:34 GMT
content-length: 0

GET
H/1.1 200
OK sync.html
s.console.adtarget.com.tr/ 0
0 107ms
23ms Image
text/html 2a0c:5c81:5139::2
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.console.adtarget.com.tr/sync.html?aid=517350
Requested by: Host: afn.by
URL: http://afn.by/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5139::2 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: http://afn.by
Access-Control-Allow-Credentials: true

GET
H2

404

/
an.yandex.ru/setud/target_rtb/
Redirect Chain

https://match.new-programmatic.com/userbind?src=admixer&id=4df650fdfeef49b4b280a7adfa229d50
https://match.new-programmatic.com/userbind?src=yandex&pbf=1&gi=1
https://an.yandex.ru/setud/target_rtb/?sign=1494831407

43 B
290 B

50ms
49ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://an.yandex.ru/setud/target_rtb/?sign=1494831407
Requested by: Host: afn.by
URL: http://afn.by/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 11:11:34 GMT
last-modified: Thu, 04 Feb 2021 11:11:34 GMT
server: nginx/1.12.2
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif; charset=windows-1251
content-length: 43
expires: Thu, 04 Feb 2021 11:11:34 GMT

Redirect headers

Date: Thu, 04 Feb 2021 11:10:06 GMT
Server: nginx/1.18.0
Access-Control-Allow-Origin: *
Vary: Origin
Location: https://an.yandex.ru/setud/target_rtb/?sign=1494831407
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

admixer
exchange.buzzoola.com/cookiesync/ssp/
Redirect Chain

https://exchange.buzzoola.com/cookiesync/ssp/admixer?uid=4df650fdfeef49b4b280a7adfa229d50
https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=4df650fdfeef49b4b280a7adfa229d50

43 B
130 B

48ms
47ms

Image
image/gif

88.198.31.232
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=4df650fdfeef49b4b280a7adfa229d50
Requested by: Host: afn.by
URL: http://afn.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 88.198.31.232 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.198.31.232.clients.your-server.de
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 11:11:34 GMT
server: nginx
content-length: 43
serverid: TODO
content-type: image/gif

Redirect headers

location: /cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=4df650fdfeef49b4b280a7adfa229d50
date: Thu, 04 Feb 2021 11:11:34 GMT
server: nginx
etag: W/"02f489ef162e1d52a3438deddc0fd0fdda087d0d80b65654cf4cf09d23bd0b25"
content-length: 122
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2 200 /
ads.adsinspidsp.com/ 0
797 B 79ms
21ms Image
text/html 2606:4700:3037::ac43:a070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.adsinspidsp.com/?cmid=18&sid=136&user_id=4df650fdfeef49b4b280a7adfa229d50
Requested by: Host: afn.by
URL: http://afn.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a070 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-request-id: 080e5697630000dfadd4993000000001
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
date: Thu, 04 Feb 2021 11:11:34 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qxSZ4zY9N1BZZNuQdRlsKSZs%2FzGEy3f6%2BAXnVoJS3nFKt%2BYKeQlS46anQ%2BFwPAlRWRCd1F4rzBjgTOy1f6CHdXmejEaDj5%2FJZP69W2I69RSF5ypJ3DI4MzacdZzRSIAS"}]}
content-type: text/html; charset=UTF-8
cf-ray: 61c3f39f0ad0dfad-FRA

GET
H/1.1 204
No Content admixer-sync
rtb.com.ru/ 0
240 B 314ms
93ms Image
text/plain 83.222.114.187
MNOGOBYTE-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.com.ru/admixer-sync?uid=4df650fdfeef49b4b280a7adfa229d50
Requested by: Host: afn.by
URL: http://afn.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 83.222.114.187 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 11:11:34 GMT
Cache-Control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
Server: nginx/1.18.0
Connection: keep-alive
P3p: CP="rtb.com.ru does not have a P3P policy"

GET
H/1.1

200
OK

adxcm.aspx
inv-nets.admixer.net/
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}
https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}&crf=1
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=6e75b72d-c1f6-5123-b474-0473d46fd215

43 B
448 B

52ms
51ms

Image
image/gif

146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=6e75b72d-c1f6-5123-b474-0473d46fd215

Requested by

Host: afn.by
URL: http://afn.by/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 11:11:34 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

Redirect headers

location: https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=6e75b72d-c1f6-5123-b474-0473d46fd215
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H/1.1

200
OK

adxcm.aspx
inv-nets.admixer.net/
Redirect Chain

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6845806
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6845806&tuid=-5547936360
https://inv-nets.admixer.net/adxcm.aspx?ssp=AA391812-3D60-4352-AC90-6449D7D09A7A&id=ArvosuB3KgfA8wfhQZLlB7w

43 B
448 B

51ms
51ms

Image
image/gif

146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/adxcm.aspx?ssp=AA391812-3D60-4352-AC90-6449D7D09A7A&id=ArvosuB3KgfA8wfhQZLlB7w

Requested by

Host: afn.by
URL: http://afn.by/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 11:11:34 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

Redirect headers

Pragma: no-cache
Date: Thu, 04 Feb 2021 11:11:34 GMT
Transfer-Encoding: chunked
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Location: https://inv-nets.admixer.net/adxcm.aspx?ssp=AA391812-3D60-4352-AC90-6449D7D09A7A&id=ArvosuB3KgfA8wfhQZLlB7w
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection: keep-alive
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

cm-notify
ams.creativecdn.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=admixer
https://ams.creativecdn.com/cm-notify?pi=admixer&tc=1

42 B
252 B

96ms
93ms

Image
image/gif

185.184.8.30
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ams.creativecdn.com/cm-notify?pi=admixer&tc=1
Requested by: Host: afn.by
URL: http://afn.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.30 , Poland, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-30.rtbhouse.net
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 11:11:34 GMT, Thu, 04 Feb 2021 11:11:34 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-type: image/gif
content-length: 42
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://ams.creativecdn.com/cm-notify?pi=admixer&tc=1
date: Thu, 04 Feb 2021 11:11:34 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sync
odr.mookie1.com/t/v2/
Redirect Chain

https://x.bidswitch.net/sync?ssp=admixer&user_id=4df650fdfeef49b4b280a7adfa229d50&gdpr=[gdpr]&gdpr_consent=[consent]&us_privacy=[usPrivacy]
https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=4df650fdfeef49b4b280a7adfa229d50&gdpr=[gdpr]&gdpr_consent=[consent]&us_privacy=[usPrivacy]
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=a159f273-c0b3-4b95-9428-86735f51e6fd&ssp=admixer&gdpr=[gdpr]&gdpr_consent=[consent]

43 B
324 B

138ms
51ms

Image
image/gif

34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=a159f273-c0b3-4b95-9428-86735f51e6fd&ssp=admixer&gdpr=[gdpr]&gdpr_consent=[consent]
Requested by: Host: afn.by
URL: http://afn.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 11:11:34 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: //odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=a159f273-c0b3-4b95-9428-86735f51e6fd&ssp=admixer&gdpr=[gdpr]&gdpr_consent=[consent]
date: Thu, 04 Feb 2021 11:11:34 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1 200
OK 1px-matching-admixer.gif
m.trafmag.com/images/ 35 B
351 B 175ms
65ms Image
image/gif 193.200.65.6
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.trafmag.com/images/1px-matching-admixer.gif?id=4df650fdfeef49b4b280a7adfa229d50
Requested by: Host: afn.by
URL: http://afn.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: adforce.team
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 11:11:34 GMT
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

GET
H/1.1 204
No Content sfaf25.gif
us.ck-ie.com/ 0
129 B 371ms
124ms Image
text/plain 88.214.193.83
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us.ck-ie.com/sfaf25.gif?puid=4df650fdfeef49b4b280a7adfa229d50
Requested by: Host: afn.by
URL: http://afn.by/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 88.214.193.83 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 11:11:34 GMT
Server: nginx
Connection: keep-alive
Content-Type: text/plain

GET
H/1.1

200
OK

cm.aspx
inv-nets.admixer.net/bs/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=admixer_dmp&google_cm
https://inv-nets.admixer.net/gadx/cm.aspx?google_gid=CAESEO2MglDCfYyp1j_2W8ariCM&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=NGRmNjUwZmRmZWVmNDliNGIyODBhN2FkZmEyMjlkNTA&google_cm
https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESEGqpHxNjhOCD7a2N1PkNpsw&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=NGRmNjUwZmRmZWVmNDliNGIyODBhN2FkZmEyMjlkNTA&google_cm
https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESEGqpHxNjhOCD7a2N1PkNpsw&google_cver=1
https://x.bidswitch.net/sync?ssp=admixer&user_id=4df650fdfeef49b4b280a7adfa229d50&gdpr=0&gdpr_consent=null&us_privacy=null
https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=admixer&gdpr=0&gdpr_consent=null
https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=r20qYLCMaJjksr4UbhTcWQsf&ssp=admixer
https://x.bidswitch.net/ul_cb/sync?dsp_id=270&expires=10&user_id=r20qYLCMaJjksr4UbhTcWQsf&ssp=admixer
https://inv-nets.admixer.net/bs/cm.aspx?id=d1c53ddf-67e2-48cb-9730-bb64fc73556e&gdpr=&consent=&gdpr_pd=

43 B
448 B

53ms
53ms

Image
image/gif

146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/bs/cm.aspx?id=d1c53ddf-67e2-48cb-9730-bb64fc73556e&gdpr=&consent=&gdpr_pd=

Requested by

Host: afn.by
URL: http://afn.by/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 11:11:36 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

Redirect headers

location: //inv-nets.admixer.net/bs/cm.aspx?id=d1c53ddf-67e2-48cb-9730-bb64fc73556e&gdpr=&consent=&gdpr_pd=
date: Thu, 04 Feb 2021 11:11:36 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 cm.php
ismatlab.com/cp/api/ 43 B
149 B 207ms
64ms Image
image/gif 52.210.129.60
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ismatlab.com/cp/api/cm.php?t=4df650fdfeef49b4b280a7adfa229d50&rurl=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DE74212A8-B685-43DE-96BE-5625F08BF373%26id%3D%5Baclid%5D45

Requested by

Host: afn.by
URL: http://afn.by/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.210.129.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-129-60.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 11:11:34 GMT
server: nginx
strict-transport-security: max-age=31536000
content-type: image/gif

GET
H/1.1

200
OK

cm.aspx
inv-nets.admixer.net/bs/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=NGRmNjUwZmRmZWVmNDliNGIyODBhN2FkZmEyMjlkNTA&google_cm
https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESEGqpHxNjhOCD7a2N1PkNpsw&google_cver=1
https://x.bidswitch.net/sync?ssp=admixer&user_id=4df650fdfeef49b4b280a7adfa229d50&gdpr=0&gdpr_consent=null&us_privacy=null
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=admixer&bsw_custom_parameter=a159f273-c0b3-4b95-9428-86735f51e6fd
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=admixer&bsw_custom_parameter=a159f273-c0b3-4b95-9428-86735f51e6fd
https://x.bidswitch.net/sync?dsp_id=4&user_id=bf557c14-5d47-4e7f-b7ab-2ff21edaf57c&ssp=admixer&expires=30&user_group=5&bsw_param=a159f273-c0b3-4b95-9428-86735f51e6fd
https://inv-nets.admixer.net/bs/cm.aspx?id=a159f273-c0b3-4b95-9428-86735f51e6fd&gdpr=&consent=&gdpr_pd=

43 B
448 B

53ms
52ms

Image
image/gif

146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/bs/cm.aspx?id=a159f273-c0b3-4b95-9428-86735f51e6fd&gdpr=&consent=&gdpr_pd=

Requested by

Host: afn.by
URL: http://afn.by/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 11:11:35 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

Redirect headers

location: //inv-nets.admixer.net/bs/cm.aspx?id=a159f273-c0b3-4b95-9428-86735f51e6fd&gdpr=&consent=&gdpr_pd=
date: Thu, 04 Feb 2021 11:11:34 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
135 B 170ms
56ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=103&profileId=184&cb=76835245989
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: http://afn.by
date: Thu, 04 Feb 2021 11:11:34 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
135 B 168ms
57ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=103&profileId=184&cb=5221042313
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: http://afn.by
date: Thu, 04 Feb 2021 11:11:33 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 200 1 Show response
mc.yandex.ru/watch/421539/ 43 B
73 B 68ms
68ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/421539/1?page-url=http%3A%2F%2Fafn.by%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A65gwaazdbuxw99j%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A400%3Acn%3A1%3Adp%3A1%3Als%3A662721191061%3Ahid%3A944767382%3Az%3A60%3Ai%3A20210204121134%3Aet%3A1612437094%3Ac%3A1%3Arn%3A874477082%3Arqn%3A2%3Au%3A1612437094402114443%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1612437089562%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1612437094

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 11:11:34 GMT
last-modified: Thu, 04-Feb-2021 11:11:34 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://afn.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 04-Feb-2021 11:11:34 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.80/ 29 KB
8 KB 33ms
32ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.80/host.js

Requested by

Host: an.yandex.ru
URL: http://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

9a10b1418ae87e1667a44c85f39b5e1af9b8a24279d9a2743c0859d478f3f925

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: http://afn.by
Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 11:11:34 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8120
last-modified: Wed, 13 Jan 2021 14:53:48 GMT
server: nginx/1.17.9
etag: "7fa61ab429a981f415ba1c49d1babdbb"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Feb 2051 17:47:07 GMT

GET
H2 200 8e8b7ac5119a498d93c3.js Show response
yastatic.net/partner-code-bundles/13748/ 280 KB
46 KB 34ms
34ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/13748/8e8b7ac5119a498d93c3.js

Requested by

Host: an.yandex.ru
URL: http://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

959aa45c75f1e339a3d6a91d798c6464ad0b8a7570060d38173f9db2cfa662d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: http://afn.by
Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 11:11:34 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 46075
last-modified: Mon, 01 Feb 2021 20:44:41 GMT
server: nginx/1.17.9
etag: "d010f4b4566c02b5b8551f9035fe8f8e"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Feb 2051 17:42:40 GMT

GET
H2 200 465488 Show response
an.yandex.ru/meta/ 31 KB
10 KB 176ms
174ms XHR
application/x-javascript 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/meta/465488?grab=dEFGTi5CWSAtINCd0L7QstC-0YHRgtC4INCR0LXQu9Cw0YDRg9GB0Lgg0J_QvtC70LjRgtC40LrQsCDRjdC60L7QvdC-0LzQuNC60LAg0YTQuNC90LDQvdGB0Ysg0Y3QvdC10YDQs9C10YLQuNC60LAg0L7QsdGJ0LXRgdGC0LLQvgoy0J_QvtC70LjRgtC40LrQsCAKMtCt0LrQvtC90L7QvNC40LrQsCAKMtCt0L3QtdGA0LPQtdGC0LjQutCwIAoy0J7QsdGJ0LXRgdGC0LLQviAKM9CS0LvQsNGB0YLQuCDQkdC10LvQsNGA0YPRgdC4INC-0LHRitGP0LLRj9GCINGN0LrRgdGC0YDQtdC80LjRgdGC0YHQutC40Lwg0LHQtdC70L4t0LrRgNCw0YHQvdC-LdCx0LXQu9GL0Lkg0YTQu9Cw0LMgCjPQldCQ0JHQoCDRg9GF0YPQtNGI0LjQuyDQv9GA0L7Qs9C90L7QtyDQv9C-INCS0JLQnyDQkdC10LvQsNGA0YPRgdC4INC40Lct0LfQsCDQv9C-0LvQuNGC0LjRh9C10YHQutC-0Lkg0L3QsNC_0YDRj9C20LXQvdC90L7RgdGC0LggCjPQm9GD0LrQsNGI0LXQvdC60L46INCR0LXQu9Cw0YDRg9GB0Ywg0LHRg9C00LXRgiDQv9C-0LrRg9C_0LDRgtGMINGA0L7RgdGB0LjQudGB0LrQuNC5INCz0LDQtyDQsiAyMDIxINCz0L7QtNGDINC_0L4gJDEyOCw1INC30LAg0YLRi9GB0Y_Rh9GDINC60YPQsdC-0LIgCjPQktC70LDRgdGC0Lgg0JHQtdC70LDRgNGD0YHQuCDQvdC1INC90LDQvNC10YDQtdC90Ysg0LfQsNC60YPQv9Cw0YLRjCDQstCw0LrRhtC40L3RgyDQvtGCINC60L7RgNC-0L3QsNCy0LjRgNGD0YHQsCDQtNC70Y8g0L7QsdGL0YfQvdGL0YUg0LPRgNCw0LbQtNCw0L0gCg%3D%3D&target-ref=http%3A%2F%2Fafn.by%2F&charset=utf-8&duid=MTYxMjQzNzA5NDQwMjExNDQ0Mw%3D%3D&imp-id=2&enable-flat-highlight=1&test-tag=239693534855170&ad-session-id=3402101612437093988&target-id=13180597&tga-with-creatives=1&pcode-test-ids=289774%2C0%2C97%3B323480%2C0%2C24%3B314351%2C0%2C79%3B317922%2C0%2C80%3B325391%2C0%2C77&pcode-flags=%7B%22RMP_SENDBEACON%22%3A%220%22%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%5D%2C%22DEFAULT_BLACKLIST_PAGES%22%3A%5B%22419507%22%2C%22419506%22%2C%22106253%22%2C%22188382%22%2C%22189903%22%2C%22265882%22%2C%22553163%22%2C%22348677%22%2C%22267060%22%2C%22104220%22%5D%2C%22SSR_BLOCKS%22%3A%5B%22oldPosterVertical%22%2C%22oldPosterHorizontal%22%2C%22posterHorizontal2%22%2C%22posterVertical2%22%5D%2C%22USE_SMART_SSR%22%3A%221%22%2C%22PCODEVER%22%3A%2213748%22%7D&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0AoldPosterVertical%0AoldPosterHorizontal%0AposterHorizontal2%0AposterVertical2&pcode-version=13748&flash-ver=0&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1&pcode-icookie=6008396361612437093&available-width=170&skip-token=yabs.NzIwNTc2MDM4ODE5ODYzNTI%3D&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.1%2C%22w%22%3A170%2C%22h%22%3A0%2C%22width%22%3A170%2C%22height%22%3A0%2C%22left%22%3A1410%2C%22top%22%3A483%2C%22visible%22%3A1%2C%22ad_no%22%3A1%2C%22req_no%22%3A1%7D&callback=Ya%5B5598985086942%5D

Requested by

Host: an.yandex.ru
URL: http://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

9fbf67b834344996137fa02ca817edd98348c7a609ba86e8a6a41fd2e508e053

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 11:11:34 GMT
content-encoding: gzip
last-modified: Thu, 04 Feb 2021 11:11:34 GMT
server: nginx/1.12.2
timing-allow-origin: *
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: http://afn.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-type: application/x-javascript; charset=utf-8
x-xss-protection: 1; mode=block
expires: Thu, 04 Feb 2021 11:11:34 GMT

GET
H2 200 465488 Show response
mc.yandex.ru/watch/ 35 B
69 B 55ms
54ms XHR
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/465488?wmode=7&page-url=http%3A%2F%2Fafn.by%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A65gwaazdbuxw99j%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A400%3Acn%3A2%3Adp%3A1%3Als%3A289015529446%3Ahid%3A944767382%3Az%3A60%3Ai%3A20210204121134%3Aet%3A1612437094%3Ac%3A1%3Arn%3A111556198%3Au%3A1612437094402114443%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1612437089562%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1612437094%3At%3AAFN.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%D0%9F%D0%BE%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D1%8D%D0%BA%D0%BE%D0%BD%D0%BE%D0%BC%D0%B8%D0%BA%D0%B0%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D1%8B%20%D1%8D%D0%BD%D0%B5%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BE%D0%B1%D1%89%D0%B5%D1%81%D1%82%D0%B2%D0%BE

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 11:11:34 GMT
x-content-type-options: nosniff
last-modified: Thu, 04-Feb-2021 11:11:34 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: http://afn.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 35
x-xss-protection: 1; mode=block
expires: Thu, 04-Feb-2021 11:11:34 GMT

GET
H2 200 render.html
yastatic.net/safeframe-bundles/0.80/1-1-0/ Frame 8896 0
0 97ms
32ms Document
text/html 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.80/1-1-0/render.html

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.80/host.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

:method: GET
:authority: yastatic.net
:scheme: https
:path: /safeframe-bundles/0.80/1-1-0/render.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://afn.by/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://afn.by/

Response headers

server: nginx/1.17.9
date: Thu, 04 Feb 2021 11:11:34 GMT
content-type: text/html
content-length: 6026
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "f883bd7781c332870c9968db60e89349"
expires: Sat, 04 Feb 2051 17:46:33 GMT
last-modified: Wed, 13 Jan 2021 14:53:48 GMT
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes

GET
H/1.1 200
OK x450
avatars.mds.yandex.net/get-direct/1520687/Yq5m0FCKwBySKwVEKtfSNQ/ 17 KB
17 KB 84ms
42ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://avatars.mds.yandex.net/get-direct/1520687/Yq5m0FCKwBySKwVEKtfSNQ/x450
Requested by: Host: afn.by
URL: http://afn.by/
Protocol: HTTP/1.1
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: b092dbd71773cb73a23485e05d4aad7938fb17bdd4a2b121e4902c3c22e15895

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 11:11:34 GMT
Last-Modified: Wed, 16 Sep 2020 06:07:29 GMT
Server: nginx
NEL: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
Report-To: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800,immutable
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=60
Content-Length: 17024
X-Request-Id: 88161058bf22b028

POST
H2 204 events
bidder.criteo.com/csm/ 0
135 B 57ms
56ms Other
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm/events
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: http://afn.by
date: Thu, 04 Feb 2021 11:11:34 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
260 B 15ms
13ms Image
image/gif 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=1
Requested by: Host: afn.by
URL: http://afn.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 11:11:34 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sun, 30 Jan 2022 11:11:34 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
260 B 19ms
18ms Image
image/gif 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=2
Requested by: Host: afn.by
URL: http://afn.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 11:11:34 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sun, 30 Jan 2022 11:11:34 GMT

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets-eu.admixer.net/ 0
220 B 132ms
46ms Image
text/plain 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets-eu.admixer.net/ev_prebid.aspx?item=c2ff041e-df23-4d0e-b9e7-a0b3cab25f4a&cc=PL%2F14%2F756135&am-uid=4df650fdfeef49b4b280a7adfa229d50&cet=18&profile=45e1c560-b605-4ab3-8c1a-822d47b1c6b0&zone=2febba63-69cc-42a7-8be2-e10bcbe63cd5&device=24&rule=fa8b3d11-7dbe-4fab-afba-b9cda138f284&requestId=e2e0947f-7a6c-4a52-83f2-e9e7ff307db8&page=afn.by%2F&hp=1592079849&size=728x90&adv=Criteo+RU&dsp=Criteo+RU&ts=637480338940927987&sync=57%2C3%2C45&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Apple&mod=Apple+Chrome+-+OS+X&os=OS+X&osv=10_14_5&adtype=0&crid=c2ff041e-df23-4d0e-b9e7-a0b3cab25f4a&pvid=f2678a62-1d78-441d-8da5-7a05b7be400f&extpubid=2febba63-69cc-42a7-8be2-e10bcbe63cd5&inst=ADS-EU-2&pxl=0&dmp_pr=MC4wMDAw

Requested by

Host: afn.by
URL: http://afn.by/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 04 Feb 2021 11:11:34 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 200
OK 220a3ab992256d1ee152.b.js Show response
cdn.admixer.net/scripts3/ 28 KB
12 KB 8ms
6ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.admixer.net/scripts3/220a3ab992256d1ee152.b.js
Requested by: Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/loader2.js
Protocol: HTTP/1.1
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 63b18b5635fc1818da6712734fc0d500652a85fecf6dfe1b4cb3cee139e52899

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-ID: fr5-up-gc35
Date: Thu, 04 Feb 2021 11:11:34 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Feb 2021 09:41:28 GMT
Server: nginx
ETag: W/"601a6fc8-7029"
Vary: Accept-Encoding
X-Cached-Since: 2021-02-03T09:46:14+00:00
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31622400
Transfer-Encoding: chunked
Connection: keep-alive
Cache: HIT
Expires: Fri, 04 Feb 2022 09:45:17 GMT

GET
H/1.1 200
OK ede2c96e6a0d474ef44e.b.js Show response
cdn.admixer.net/scripts3/ 42 KB
19 KB 15ms
9ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.admixer.net/scripts3/ede2c96e6a0d474ef44e.b.js
Requested by: Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/loader2.js
Protocol: HTTP/1.1
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: b3883229115068714ffc63c82db6f810e84201317cb0385cc3b7c94b0c305554

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-ID: fr5-up-gc14
Date: Thu, 04 Feb 2021 11:11:34 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Feb 2021 09:41:41 GMT
Server: nginx
ETag: W/"601a6fd5-a7af"
Vary: Accept-Encoding
X-Cached-Since: 2021-02-03T09:46:53+00:00
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31622400
Transfer-Encoding: chunked
Connection: keep-alive
Cache: HIT
Expires: Fri, 04 Feb 2022 09:45:55 GMT

GET
H/1.1 200
OK ef30fd68f07ce65f2dec.b.js Show response
cdn.admixer.net/scripts3/ 13 KB
5 KB 10ms
7ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.admixer.net/scripts3/ef30fd68f07ce65f2dec.b.js
Requested by: Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/loader2.js
Protocol: HTTP/1.1
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 606fb015f87ba5bbcf783cd6fecf1ac351ede8dafa4767a43be8cf80f1634eb6

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-ID: fr5-up-gc14
Date: Thu, 04 Feb 2021 11:11:34 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Feb 2021 09:41:42 GMT
Server: nginx
ETag: W/"601a6fd6-326c"
Vary: Accept-Encoding
X-Cached-Since: 2021-02-03T09:46:15+00:00
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31622400
Transfer-Encoding: chunked
Connection: keep-alive
Cache: HIT
Expires: Fri, 04 Feb 2022 09:45:17 GMT

GET
H/1.1 200
OK c9b3c2772742a8f4dab8.b.js Show response
cdn.admixer.net/scripts3/ 11 KB
4 KB 7ms
5ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.admixer.net/scripts3/c9b3c2772742a8f4dab8.b.js
Requested by: Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/loader2.js
Protocol: HTTP/1.1
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: b5f1343b46d0b18e78ae7bfb6ec5cfd0195a35a07f74da58d0612e06b1c429c2

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-ID: fr5-up-gc35
Date: Thu, 04 Feb 2021 11:11:34 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Feb 2021 09:41:39 GMT
Server: nginx
ETag: W/"601a6fd3-2a79"
Vary: Accept-Encoding
X-Cached-Since: 2021-02-03T09:46:32+00:00
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31622400
Transfer-Encoding: chunked
Connection: keep-alive
Cache: HIT
Expires: Fri, 04 Feb 2022 09:45:34 GMT

GET
H/1.1 200
OK 8bdf9178159ac1b3672d.b.js Show response
cdn.admixer.net/scripts3/ 213 KB
74 KB 14ms
13ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.admixer.net/scripts3/8bdf9178159ac1b3672d.b.js
Requested by: Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/loader2.js
Protocol: HTTP/1.1
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 41f2c9e7292d189086bd05f8641572b9a673c603621e2040afa6f18f09b0e297

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-ID: fr5-up-gc14
Date: Thu, 04 Feb 2021 11:11:34 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Feb 2021 09:41:34 GMT
Server: nginx
ETag: W/"601a6fce-3544b"
Vary: Accept-Encoding
X-Cached-Since: 2021-02-03T09:46:08+00:00
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31622400
Transfer-Encoding: chunked
Connection: keep-alive
Cache: HIT
Expires: Fri, 04 Feb 2022 09:45:10 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
135 B 59ms
58ms Other
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm/events
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: http://afn.by
date: Thu, 04 Feb 2021 11:11:34 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets-eu.admixer.net/ 0
220 B 148ms
43ms Image
text/plain 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets-eu.admixer.net/ev_prebid.aspx?item=f742cb4d-d761-4791-8285-5efe7567c557&cc=PL%2F14%2F756135&am-uid=4df650fdfeef49b4b280a7adfa229d50&cet=18&profile=8df08fbb-d83b-40e6-a788-390159bb4be9&zone=2febba63-69cc-42a7-8be2-e10bcbe63cd5&device=24&rule=fa8b3d11-7dbe-4fab-afba-b9cda138f284&requestId=e2e0947f-7a6c-4a52-83f2-e9e7ff307db8&page=afn.by%2F&hp=1592079849&size=970x90&adv=Criteo+RU&dsp=Criteo+RU&ts=637480338940927987&sync=57%2C3%2C45&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Apple&mod=Apple+Chrome+-+OS+X&os=OS+X&osv=10_14_5&adtype=0&crid=f742cb4d-d761-4791-8285-5efe7567c557&pvid=f2678a62-1d78-441d-8da5-7a05b7be400f&extpubid=2febba63-69cc-42a7-8be2-e10bcbe63cd5&inst=ADS-EU-2&pxl=0&dmp_pr=MC4wMDAw

Requested by

Host: afn.by
URL: http://afn.by/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 04 Feb 2021 11:11:34 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

POST
H2 200 1 Show response
mc.yandex.ru/watch/465488/ 43 B
73 B 55ms
54ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/465488/1?page-url=http%3A%2F%2Fafn.by%2F&charset=utf-8&cnt-class=1&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A65gwaazdbuxw99j%3Afp%3A4337%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A400%3Acn%3A2%3Adp%3A1%3Als%3A289015529446%3Ahid%3A944767382%3Az%3A60%3Ai%3A20210204121134%3Aet%3A1612437095%3Ac%3A1%3Arn%3A894580414%3Arqn%3A1%3Au%3A1612437094402114443%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1612437089562%3Awv%3A2%3Ads%3A1%2C25%2C1999%2C86%2C0%2C0%2C%2C2359%2C3%2C%2C%2C%2C4388%3Adsn%3A1%2C24%2C1998%2C86%2C0%2C0%2C%2C2276%2C3%2C%2C%2C%2C4388%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1612437095

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 11:11:34 GMT
last-modified: Thu, 04-Feb-2021 11:11:34 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://afn.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 04-Feb-2021 11:11:34 GMT

GET
H2 200 465488 Show response
mc.yandex.ru/watch/ 43 B
73 B 49ms
48ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/465488?page-url=http%3A%2F%2Fafn.by%2F&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A65gwaazdbuxw99j%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A400%3Acn%3A2%3Adp%3A1%3Als%3A289015529446%3Ahid%3A944767382%3Az%3A60%3Ai%3A20210204121134%3Aet%3A1612437095%3Ac%3A1%3Arn%3A850413412%3Arqn%3A2%3Au%3A1612437094402114443%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1612437089562%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1612437095%3At%3AAFN.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%D0%9F%D0%BE%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D1%8D%D0%BA%D0%BE%D0%BD%D0%BE%D0%BC%D0%B8%D0%BA%D0%B0%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D1%8B%20%D1%8D%D0%BD%D0%B5%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BE%D0%B1%D1%89%D0%B5%D1%81%D1%82%D0%B2%D0%BE

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 11:11:34 GMT
last-modified: Thu, 04-Feb-2021 11:11:34 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: http://afn.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 04-Feb-2021 11:11:34 GMT

GET
DATA 200
OK truncated
/ 333 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f1e572871055c1d0e152936f664d5fb075f505b99b412a4776f65a7abe80b505

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame B16A 134 KB
47 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/1db304b067e7ca7675bc.b.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

146cf3b10f120064f10d9b96ec8bd9e30d9d4266c38f842a7e95e4e4f85bbc4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Thu, 04 Feb 2021 11:11:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 12508479964826215085
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 47984
X-XSS-Protection: 0
Expires: Thu, 04 Feb 2021 11:11:34 GMT

GET
H/1.1 200
OK ev_view.aspx
inv-nets-eu.admixer.net/ 43 B
300 B 62ms
44ms Image
image/gif 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets-eu.admixer.net/ev_view.aspx?cc=PL/14/756135&am-uid=4df650fdfeef49b4b280a7adfa229d50&cet=4&zone=2febba63-69cc-42a7-8be2-e10bcbe63cd5&rule=2a065265-12f0-40c0-9e56-9106b83926dd&requestId=e2e0947f-7a6c-4a52-83f2-e9e7ff307db8&page=afn.by%2F&hp=1592079849&pvid=f2678a62-1d78-441d-8da5-7a05b7be400f&inst=ADS-EU-2&ts=637480338940927987&sf=0

Requested by

Host: afn.by
URL: http://afn.by/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 11:11:34 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210202/r20190131/ Frame B16A 225 KB
84 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210202/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

72e395213d052d79eb852149c9cbe3124903a7f34168c935d7fadabbafbd2ddb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 11:11:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 86331
x-xss-protection: 0
server: cafe
etag: 657319051054643926
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Feb 2021 11:11:34 GMT

GET
H3-Q050 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame B16A 12 B
458 B 155ms
96ms Script
text/javascript 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=afn.by&callback=_gfp_s_&client=ca-pub-1191230850516122&cookie=ID%3D7a5342968b39fc40-228912ce5eba000f%3AT%3D1612437094%3ART%3D1612437094%3AS%3DALNI_Mb1Xh8mml9Q_jsI9TasJQqOb42aww

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210202/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 11:11:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame B16A 109 B
781 B 57ms
43ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=afn.by

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210202/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Feb 2021 11:11:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame B16A 109 B
781 B 55ms
41ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=afn.by

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210202/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Feb 2021 11:11:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 032E 0
0 525ms
525ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1191230850516122&output=html&h=90&slotname=2820635487&adk=804009641&adf=3279755405&pi=t.ma~as.2820635487&w=970&lmt=1612437094&psa=0&format=970x90&url=http%3A%2F%2Fafn.by%2F&ea=0&flash=0&wgl=1&dt=1612437094784&bpp=4&bdt=63&idt=80&shv=r20210202&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D7a5342968b39fc40-228912ce5eba000f%3AT%3D1612437094%3ART%3D1612437094%3AS%3DALNI_Mb1Xh8mml9Q_jsI9TasJQqOb42aww&correlator=7320475425926&frm=23&ife=5&pv=2&ga_vid=1111664216.1612437094&ga_sid=1612437095&ga_hid=527539513&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=10&biw=1600&bih=1200&isw=970&ish=90&ifk=2344694012&scr_x=0&scr_y=0&eid=21068769%2C21068893&oid=3&pvsid=355787423069882&pem=829&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8196&bc=23&ifi=1&uci=1.120lnm2efj52&fsb=1&dtd=88

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210202/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8882944058597308376/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8882944058597308376/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMjYjqKM0O4CFUbisgod1FYBug&gqi=ZtYbYLzMNoWdywWw0IrYDA&layout=/sadbundle/%24csp%253Der3%24/8882944058597308376/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1191230850516122&output=html&h=90&slotname=2820635487&adk=804009641&adf=3279755405&pi=t.ma~as.2820635487&w=970&lmt=1612437094&psa=0&format=970x90&url=http%3A%2F%2Fafn.by%2F&ea=0&flash=0&wgl=1&dt=1612437094784&bpp=4&bdt=63&idt=80&shv=r20210202&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D7a5342968b39fc40-228912ce5eba000f%3AT%3D1612437094%3ART%3D1612437094%3AS%3DALNI_Mb1Xh8mml9Q_jsI9TasJQqOb42aww&correlator=7320475425926&frm=23&ife=5&pv=2&ga_vid=1111664216.1612437094&ga_sid=1612437095&ga_hid=527539513&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=10&biw=1600&bih=1200&isw=970&ish=90&ifk=2344694012&scr_x=0&scr_y=0&eid=21068769%2C21068893&oid=3&pvsid=355787423069882&pem=829&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8196&bc=23&ifi=1&uci=1.120lnm2efj52&fsb=1&dtd=88
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://afn.by/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmwAKfGW1TNfbB_XuxQCTk8h1AP4ofLQ6hKhk1-Nm0AcIyQ7qKwFIcXK6sO6zM
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://afn.by/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8882944058597308376/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8882944058597308376/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMjYjqKM0O4CFUbisgod1FYBug&gqi=ZtYbYLzMNoWdywWw0IrYDA&layout=/sadbundle/%24csp%253Der3%24/8882944058597308376/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 04 Feb 2021 11:11:35 GMT
server: cafe
content-length: 35610
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B16A 9 KB
7 KB 60ms
46ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210202&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210202/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75821f63d3b4493519583daba3eb0d0a3e9175ac1e7d7c248466c22e3cb7b66a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Feb 2021 11:11:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6701
x-xss-protection: 0

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame B16A 74 KB
28 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210202/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

208dfab1fdcf1f4e57f80d6fd873265f0ff90c42c36cb25e38dff42695e383a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 11:11:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1612182870646033"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28348
x-xss-protection: 0
expires: Thu, 04 Feb 2021 11:11:34 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B16A 17 KB
7 KB 36ms
14ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210202/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 11:11:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Thu, 04 Feb 2021 11:11:34 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 10CA 0
0 34ms
19ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://afn.by/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://afn.by/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Thu, 04 Feb 2021 09:55:43 GMT
expires: Fri, 04 Feb 2022 09:55:43 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4552
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B16A 0
56 B 40ms
39ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210202&jk=355787423069882&bg=!Tk2lTQ7NAAWnsTPUpzsAKQB2-DxaIK3BeBj8k-G6qQn6yyy51m8QsgpqqQFXCRXN7ZJzKpR9ySk_AgAAAHRSAAAADWgBBwoALuGOOg_1GPqaR2wf6lyW9No6sH-2cQ0K1_B1EVbgCKmRamRQcWWYJbffle7fkciZAd95DCT3uzGtwan3uPj9y-5cSYCjNLkQrfVruWNxs-2RBxfL5XOebd8J25WzWG6Hd5s-gsGUV7wX64zu89VTR1_KbBA1cQS47S26UMJHzuwb2V4M9UMh74yMvEc7QoI349luU19Y11Kq1B7zKXIvWVZCR130uFMtc8R4u5EEjrX-Pp2yJAw5XE4aYPyYG-WRQc5y0Fp9JTp-sOGz8gAZc-RNLWked_EmcscZegmZ0l_aq2I84zHTrS0dugL5zukIGfaIyCxN3CZJf4IoBjJ9PCs-gwjtSgA8jYKndrmYyf0vjZnogtzG5_k3WTkZcJYCPVe_H2Waxag7h2nZidecfg2FIyE5wFqvum1Val9Uetn1YDTG9Ehpq67xh4c4xXpfpsBLNXHJ4CAb0PQ9ZaICLT1PfOIm4ZoAGDA5Fu9wB0HBz3_K8qPezNtG3X3gfG6erDShvMVKAW3PkBNsXRKA_vCQON2wlEbHmmgcsWefefVHZHvZ0-TjdHlGQ8wtFETFMYpPw6q0twdyensxm-S-mPNo4oIjAYR3T4fqUBChV0-Mq1bS3n9E58czwhacuYuEa-mODaISmq1SqeQmX0Qt-MH-1qbINOCvVEGApVL-nmWPd_zDKSxuY0hZqg2RVp-KyA

Requested by

Host: afn.by
URL: http://afn.by/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 11:11:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ev_view.aspx
inv-nets-eu.admixer.net/ 43 B
300 B 49ms
49ms Image
image/gif 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets-eu.admixer.net/ev_view.aspx?cc=PL/14/756135&am-uid=4df650fdfeef49b4b280a7adfa229d50&cet=9&zone=2febba63-69cc-42a7-8be2-e10bcbe63cd5&rule=2a065265-12f0-40c0-9e56-9106b83926dd&requestId=e2e0947f-7a6c-4a52-83f2-e9e7ff307db8&page=afn.by%2F&hp=1592079849&pvid=f2678a62-1d78-441d-8da5-7a05b7be400f&inst=ADS-EU-2&ts=637480338940927987&sf=0

Requested by

Host: afn.by
URL: http://afn.by/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Feb 2021 11:11:35 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H/1.1 204
No Content logcz.aspx
inv-nets.admixer.net/ 0
220 B 50ms
50ms Image
text/plain 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/logcz.aspx?zone=2febba63-69cc-42a7-8be2-e10bcbe63cd5

Requested by

Host: afn.by
URL: http://afn.by/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 04 Feb 2021 11:11:35 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H2 200 1P5wuM8b0Li100000000U9nJJ5lMmNvlSqUbuVPLEpx5jzvXiKox9ft000IUC97GTzU_EyO6IB4pf382nJEthxe15Yy5yMet0ebMHf2EcOphpHZ0O25ZX3I4jPBnBm-4jH6aUi4I8B6NSUa6GOQZO9chZ23XkumCCWmCVnbdCJ4mp6K2YInbkW5ahsMA0hBFClq7W...
an.yandex.ru/rtbcount/ 43 B
318 B 62ms
61ms Image
image/gif 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/rtbcount/1P5wuM8b0Li100000000U9nJJ5lMmNvlSqUbuVPLEpx5jzvXiKox9ft000IUC97GTzU_EyO6IB4pf382nJEthxe15Yy5yMet0ebMHf2EcOphpHZ0O25ZX3I4jPBnBm-4jH6aUi4I8B6NSUa6GOQZO9chZ23XkumCCWmCVnbdCJ4mp6K2YInbkW5ahsMA0hBFClq7WbTC0cSQvQzlNyN0y7QMvP66NQmCVvbOGPOpWyXUPW4WEPKPf7akCnF8QY2f0B6QEMMVX77AHZFzgs3vks3o9xE34p_4kIoyvwt1h1KinmLti30TO66yoG9nzWVxXonfO73F_YqBoCaBM3bFiXxJXKZVP4rTji9uXKnIy5TMa2idi3qxisZFWzzhZbG20BbZPWa0?confirmTime=2100000&confirmRatio=1000000&test-tag=239693534855170&format-type=89&actual-format=73&rnd=7702681393236&renderWidth=1195&renderHeight=180

Requested by

Host: afn.by
URL: http://afn.by/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 11:11:36 GMT
content-type: image/gif
last-modified: Thu, 04 Feb 2021 11:11:36 GMT
server: nginx/1.12.2
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 04 Feb 2021 11:11:36 GMT

GET
H2 200 1O61tg8u0NO100000000U9nJJ6DoppemuskkeMMiXszswnqMoxHhqWaCGE094mazs3-9EJP0YfqXbH4edcaPcm4MBsK2ycet0ebMHf2EgK1P1OQPZB6I362maF66C8IraZ6N4yBQ23AXO3cGsCkudPkTuIXOvYeZIFWk8uCC0yDVnbb0S-SoWKIMCYq0ackP8e0YP...
an.yandex.ru/rtbcount/ 43 B
318 B 64ms
64ms Image
image/gif 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/rtbcount/1O61tg8u0NO100000000U9nJJ6DoppemuskkeMMiXszswnqMoxHhqWaCGE094mazs3-9EJP0YfqXbH4edcaPcm4MBsK2ycet0ebMHf2EgK1P1OQPZB6I362maF66C8IraZ6N4yBQ23AXO3cGsCkudPkTuIXOvYeZIFWk8uCC0yDVnbb0S-SoWKIMCYq0ackP8e0YPvd-0y4h9e4RTpywMyOoCFWNsXnfsCNAy9U95UG4PX3Poom0SWWpIFDSPf3xLW991OZLp2dx98nJDfhfdsI6-VegMELTCFcJsS697-9mbgmPnc3M2fPleZjOc0wmC5vWwMvllFBY_i8DOZTP87xvOF-G9GqCxjc_PG7vOm4hvqdMvxeGwPkigSjM6A-GIGh-oWfo-WIsPorpBhNDUFOh5m0BiMSU?confirmTime=2107000&confirmRatio=1000000&test-tag=239693534855170&format-type=24&actual-format=40&rnd=2906189287242&renderWidth=170&renderHeight=600

Requested by

Host: afn.by
URL: http://afn.by/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 11:11:36 GMT
content-type: image/gif
last-modified: Thu, 04 Feb 2021 11:11:36 GMT
server: nginx/1.12.2
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 04 Feb 2021 11:11:36 GMT

GET
H2

200

/
www.acint.net/ping/
Redirect Chain

http://www.acint.net/ping/?v=0.3.0&uid=3179346b-9e60-4d29-b39c-36bb0c56b32e&dp=10&tz=%2B01%3A00&nc=74205019&dT=2021-02-04T12%3A11%3A36.971
https://www.acint.net/ping/?v=0.3.0&uid=3179346b-9e60-4d29-b39c-36bb0c56b32e&dp=10&tz=%2B01%3A00&nc=74205019&dT=2021-02-04T12%3A11%3A36.971

43 B
340 B

46ms
46ms

Image
image/gif

195.201.243.71
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/ping/?v=0.3.0&uid=3179346b-9e60-4d29-b39c-36bb0c56b32e&dp=10&tz=%2B01%3A00&nc=74205019&dT=2021-02-04T12%3A11%3A36.971
Requested by: Host: afn.by
URL: http://afn.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ingolstadt.aucourant.info
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 11:11:37 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/ping/?v=0.3.0&uid=3179346b-9e60-4d29-b39c-36bb0c56b32e&dp=10&tz=%2B01%3A00&nc=74205019&dT=2021-02-04T12%3A11%3A36.971
Date: Thu, 04 Feb 2021 11:11:36 GMT
Server: openresty
Connection: keep-alive
Content-Length: 142
Content-Type: text/html

GET
H2 200 WIeejI_zO7a01Ga0H0v1zzVkQezl90K0UG4GW8200J5crXjW000003YWwJY80W6v0j6Hq54i2Cfpy0AVxvyjm3Rm1G6W1k82k0R00Sa6PgQ81zwpYA2a0000gGUtgjZoNuNS180A0OWA3G58nPItgW00nsWwn82wy0i6g0-trUAL_wkXxWIG4D7UkCgYeyQy70AG4...
an.yandex.ru/count/ 43 B
318 B 70ms
69ms Image
image/gif 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/count/WIeejI_zO7a01Ga0H0v1zzVkQezl90K0UG4GW8200J5crXjW000003YWwJY80W6v0j6Hq54i2Cfpy0AVxvyjm3Rm1G6W1k82k0R00Sa6PgQ81zwpYA2a0000gGUtgjZoNuNS180A0OWA3G58nPItgW00nsWwn82wy0i6g0-trUAL_wkXxWIG4D7UkCgYeyQy70AG4SWHXQhFgn7W507O5S6AzkoZZxpyO_395l0_WHUe5mcP6D0O4FWOW1cm6URCehpW-wp4URWPm1dbpAATWvM7iLFI6H9vOM9pNtDbSdPbSYzoDJ0mBJFe6Qi9y1c0mWCI06tO7nJSLT4mYMuX19KOcCjMU6M-KHxBzYarYD7G6yF58cs9F0opTeuQ41o52t_iId_N8S8G6Tm3~1=WZ8ejI_zOAW1HH40n1oI4thbg0BAz-gGYnQ00VlNexA9ykQDDuW1Xl-Uj5UG0U2aWwp9W8200fW1uAI3h4cW0Twe0Twu0OQyXhyWs06UexIL0U01X9kqbG7e0R01-06SYDw-0Q02ofIj69W3m8Gzi0ER28W5uAmka0NXkKwm1Q3a5RW5eEGLm0M-Xge1o0Ndco_G1TMy2U05TvW6rF-Jo0ge1k82k0U01QGFyGS00CAbofOChFii5X2lqp_92fT_xTyo9-G_u0g0YNhP2xUgsF9VXTm4w0lWh2w839o8thu1gGn8Am_c8mctl-WCcmQO3O3u9p-W3i24FO0Gpy-26veG6ma00FW_6OQ9hr-X4MVW4OsUxm7e4U7mny_tbDFbWewXG5IlMmTRGj0_c1C2u1EWv1M85DI9hhB4YEhwl06W5A3a5QWKuRbEhlBrFzWKc8t0W0Re58m2q1MOZS201jWLmOhsxAEFlFnZe1RGa9s01h0MlGF95j0Md8ZUlW615vWNXFJ9AxWN0S0NjGBO5y24FUWN0PaOe1WLi1ZEX--01hWO0VWOiiwuq8ZBgCcp0O0PYHd6BP0P0Q0Pm06u6V___m7W6G7e6Qi9y1c0mWE16l__OnF-1Zkk7G0OnJXJ1vaDPHIA21eY3Ns4TbDgSD9jI5pZai0s9POlrsmpuM86DMHwQGOBh8uyU7K3Cs8LD0PW46e4ZO2x684Qnn63AF5A224znu3bbT9PW7MjINImJS01~1?stat-id=1&test-tag=239693652321793&format-type=89&actual-format=73&banner-test-tags=eyI3MjA1NzYwMzg4MTk4NjM1MiI6IjU3MzYxIn0%3D&renderWidth=1195&renderHeight=180&confirmTime=2100000&confirmRatio=1000000&wmode=0

Requested by

Host: afn.by
URL: http://afn.by/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 11:11:37 GMT
content-type: image/gif
last-modified: Thu, 04 Feb 2021 11:11:37 GMT
server: nginx/1.12.2
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 04 Feb 2021 11:11:37 GMT

GET
H2 200 WJ4ejI_zO8K0FGa0b0u3ae_1sBzjfGK0XG4GW8200J5crXjW000003YWwJY80WAv0j6Hq54i2Cfpy0AY-hgRm3Rm1G6W1k82k0R00Sa6PW97Qi2OzMsdELreJMk5t0I02W682Wc82mIg2n1Gpv9yELq008vbFSI0kl0B1fWEveISqeQOvlfjg0-vkg7gjAsXxWIG4...
an.yandex.ru/count/ 43 B
318 B 63ms
62ms Image
image/gif 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/count/WJ4ejI_zO8K0FGa0b0u3ae_1sBzjfGK0XG4GW8200J5crXjW000003YWwJY80WAv0j6Hq54i2Cfpy0AY-hgRm3Rm1G6W1k82k0R00Sa6PW97Qi2OzMsdELreJMk5t0I02W682Wc82mIg2n1Gpv9yELq008vbFSI0kl0B1fWEveISqeQOvlfjg0-vkg7gjAsXxWIG4D7UkCgYeyQy7FWG0iWHXQhFgn7W507O5S6AzkoZZxpyO_395l0_WHUe5mcP6D0O4FWOW1cm6RWP_m706UNCefs3bOUnKz8P4dbXOdDVSsLoTcLoBt8rC30jC-WPgW7m6O320nC0E1agKp0ekAkYOHBTGWWjCJ2NhGZBVBiybkrMQX03HvNS4J9iF2RoCAIrSyOBVsm4JTGbqBX5CaamA000~1=WZOejI_zOB81PH40f1r5Sk3SiWAilBRmZ1k00V30unY80PtBkgXWa06Ogl2Ep820W0AO0PYgy8vCe06Cg06Ck06a--IG8TW1sER5bm7W0PoitX-yaTw-0Q02zAwc6803al_Pam-80x3Vb8aCc0EcrWQm0ya7Y0NGs1EG1VxG5R05xO06k0NjW0R01QFa4x7E0k05FfW6jlRCcWge1k82k0Uq1j070k07f0_n1m00mhgNamp92XSALh2DSFC_u0g0YNhP2pbTQ4rhXTm4w0lGs1E83AJsthu1gGnWgXy-ga2pF-WCcmQO3U22AZ-W3i24FTaFcmEwu-L-yJ-04AonYnoCW0BG4968hr-Xu17giCu1w16SqjQNYxQMpTBifK1HCuy0Q-lEFvWJ0gWJYuU1rEZVeR0Mu1FjW0Q858AWrhNZhxpReW6W5Es01gWK_j0LdE7fW0Re58m2q1MSuUc01jWLmOhsxAEFlFnZe1RGa9s01h0MlGF95j0MfFRUlW615vWNtS-LARWN0S0NjGBO5y24FU0NvEEcW0Re5m7u5xJoq806cHYW61Em6Bx_xe06k1W1-1YophZGYCkeoRC1W1c96USja1a1e1d00RWP____0U0P0UWPgW7m6O320u4Q__z_6Ik4IqWQ02B5E5C7MGzb52f2Q8Y4z14wRFtC_MpuNDpoGJDzDeDL3SaXv58Ze0B1a8EmsE0ao8mZi0XWg4_FCTPs_947YALq9eQZnRaWEDGaEjWcu000~1=WaSejI_zOAy1xH40X1w_-WeChmBAsAEvxH-00UFM9uW1pk6yqboG0RwXcx_BW8200fW1lg6RlqkW0UQWg07ce9k_IxW1pDFx-o3O0Tg0_9O1u07Ed_6M0Pwythu1c0B0WyOOe0B2WyOOW0EMzSivY0EhxAF_0w031B03-mE81TME8f05Xgmai0NAaWou1SgI3C05-RuXo0N9c0lG1UMn1E05FfW6ikc0rmYe1k82k0U01V470032uO6Z3548FH-vIlC_oGh6ar-ML5hdF-0AW8bwsGivNMXDQuNS1EWBrOuYY0pmdEE-0QaCKAxWr_l0e3_e39i6c0tWWYgmFg0Em8GzW12jlkORmB2G0g4HP-0Hwh3E0UWHdDBMbuksbitIxAL0yWvNmggbpp-O4mAe4uk7WTJetw6m5k0Jof8CY1I2eDQruw-ysw81e1JAaWoe58Qi9B0KplNP69Jht0F8507G5ExsbadO5C3hdu06w1IC0j0LmEkVW0RO5S6AzkoZZxpyOw0Mq92TW0Qm5hq3oHRG5l2Suxu1WHS0y3-O5zBjyIku5m705xK2s1V0X3te5m6P6A0O4B0OpeVlW0Qu60Bu6BBEkD28owZ9im606OaPvosG6G6W6S01k1d___y1u1a2w1cg0V0PWC83WHh__qVvVUii91e07yKuKmUP3MKa566u_Q26mAk65GjiDf1HcSWkKmBOSiqC3o7BuLK8sWYeWK3WWv0Ek0ao-mWi3OyOZKyoSXwfvnXmnr8wF_mInU5GCvTWcu03~1?stat-id=2&test-tag=239693543268353&format-type=24&actual-format=40&banner-test-tags=eyI3MjA1NzYwNDI1NDA3NTUzMiI6IjQyNTE2NjUiLCI3MjA1NzYwNDE3MDU0MTE1MSI6IjU3MzYyIn0%3D&renderWidth=170&renderHeight=600&confirmTime=2100000&confirmRatio=1000000&wmode=0

Requested by

Host: afn.by
URL: http://afn.by/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 11:11:37 GMT
content-type: image/gif
last-modified: Thu, 04 Feb 2021 11:11:37 GMT
server: nginx/1.12.2
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 04 Feb 2021 11:11:37 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 33ms
33ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210202&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210202/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f73cf878e0564e5d8fa7c649477e5f9e910a5b3deeb4c720cd8e6e66a966195b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Feb 2021 11:11:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6873
x-xss-protection: 0

GET
H2 200 syncframe
gum.criteo.com/ Frame C5C4 0
0 38ms
13ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=afn.by

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=afn.by
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://afn.by/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://afn.by/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
server-processing-duration-in-ticks: 1349
date: Thu, 04 Feb 2021 11:11:41 GMT
content-length: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210202/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 11:11:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Thu, 04 Feb 2021 11:11:41 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 911C 0
0 6ms
6ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://afn.by/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://afn.by/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Thu, 04 Feb 2021 09:55:43 GMT
expires: Fri, 04 Feb 2022 09:55:43 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4558
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
145 B 41ms
40ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210202&jk=798405694624151&bg=!JiWlJWbNAAWnsTPUpzsAKQB2-DxaVeVi6FYrAj72uT1iXOAL9paxxblGAlvWTSI1bxQGbZJfgYNLAgAAAGpSAAAAEWgBBwoAW1ui-8wgOGgSmb_kZZ7MYxF2VXVG8RzBPNDtUW2oe9fnr9-vPnV88cwBbZRbk0jmLsGLsPla3yRHGnQaer14h47LiVXrH_pUqj8YTO8Rpcae1L_r8O5Wz09teCGZAcU6cJLBLpB_8Zwpzhd03ukuw88sx4bhgkngnGA6llf3VVCAOsep8al09myuMRA_Fz4JGXX_PJMIDESf5cdBZuinKaixKnUMolgpCm6jzU2wn-Jnsm8-t4-BUCrdbaSbnBnUcR1sjB9m8DsJwxScvVqzr_zz2T0SOdmbWLOq18dfzVH1Wd3J3CgaF6fGhHDMOJ6O_aywu1H7v-vINCjSLN5KZgDpRSb7VlsmnJJO9jV_wggv9skWICmgQXnbCSR_IKJncmFGlIo2mxUhT-R7hDaX_LStn5JdcAAcjY0t8up3z596rK2KJW2QXuRGz1L4l2MdKZ8_7OcJ7lektPjKO_Q7OD8D1XwLyfqNxjRW6zarXTzR8ivlHWezVAx5SD7qGrUH9TIQxjPwTCFf-LlNDzyvxM5mRvrOibwm4ax9q8OxT7Gisk80XkASZp7GWwPgSgnPQQSa40FdadH1I-6f08GvEcOKQ3fLkLqRFHTu9pZiF3gf4UWGNrWd92hrLpFqpnLgK8D2KKu7eKf6vf_HPtny1F4hiOWRn1RxJlYYSY4IsWhicuZ_QwUTD3ytHquWBRhGdjwtzoMC-EHD60z6KLMdcYqWeZM

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 11:11:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1
mc.yandex.ru/watch/421539/
Redirect Chain

https://mc.yandex.ru/watch/421539?page-url=http%3A%2F%2Fafn.by%2F&charset=utf-8&browser-info=nb%3A1%3Acl%3A116%3Aar%3A1%3Agdpr%3A14%3Avf%3A65gwaazdbuxw99j%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A4...
https://mc.yandex.ru/watch/421539/1?page-url=http%3A%2F%2Fafn.by%2F&charset=utf-8&browser-info=nb%3A1%3Acl%3A116%3Aar%3A1%3Agdpr%3A14%3Avf%3A65gwaazdbuxw99j%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3...

43 B
92 B

48ms
48ms

Other
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/421539/1?page-url=http%3A%2F%2Fafn.by%2F&charset=utf-8&browser-info=nb%3A1%3Acl%3A116%3Aar%3A1%3Agdpr%3A14%3Avf%3A65gwaazdbuxw99j%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A400%3Acn%3A1%3Adp%3A1%3Als%3A662721191061%3Ahid%3A944767382%3Az%3A60%3Ai%3A20210204121149%3Aet%3A1612437109%3Ac%3A1%3Arn%3A673119975%3Arqn%3A3%3Au%3A1612437094402114443%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1612437089562%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C12211%2C12211%2C3%2C%3Adsn%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C12210%2C12210%2C4%2C%3Arqnl%3A1%3Ati%3A0%3Ast%3A1612437109&force-urlencoded=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://afn.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Feb 2021 11:11:49 GMT
last-modified: Thu, 04-Feb-2021 11:11:49 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 04-Feb-2021 11:11:49 GMT

Redirect headers

pragma: no-cache
date: Thu, 04 Feb 2021 11:11:49 GMT
last-modified: Thu, 04-Feb-2021 11:11:49 GMT
location: /watch/421539/1?page-url=http%3A%2F%2Fafn.by%2F&charset=utf-8&browser-info=nb%3A1%3Acl%3A116%3Aar%3A1%3Agdpr%3A14%3Avf%3A65gwaazdbuxw99j%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A400%3Acn%3A1%3Adp%3A1%3Als%3A662721191061%3Ahid%3A944767382%3Az%3A60%3Ai%3A20210204121149%3Aet%3A1612437109%3Ac%3A1%3Arn%3A673119975%3Arqn%3A3%3Au%3A1612437094402114443%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1612437089562%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C12211%2C12211%2C3%2C%3Adsn%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C12210%2C12210%2C4%2C%3Arqnl%3A1%3Ati%3A0%3Ast%3A1612437109&force-urlencoded=1
strict-transport-security: max-age=31536000
access-control-allow-origin: http://afn.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: Thu, 04-Feb-2021 11:11:49 GMT

Verdicts & Comments Add Verdict or Comment

190 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.advarkads.com/	1970-01-20 09:25:09	Name: u Value: 86d59b01-3b38-4090-bf3e-7fc0970d4b7c
yastatic.net/safeframe-bundles/0.80/1-1-0	1970-01-19 15:55:23	Name: pcs3 Value: 1
.acint.net/	1970-01-25 20:05:16	Name: aid Value: fwAAAWAb1mlGmgGOIz9gAr7aGkIEqmS/fkZd8U1u5qwP5YlD
.doubleclick.net/	1970-01-20 01:15:33	Name: IDE Value: AHWqTUl53rrGzgjnGW4QCxIidsBv_PNI988c4Dx-ATARyQcf_xxWGjDSubT2GTCs

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://cdn.admixer.net/scripts3/1db304b067e7ca7675bc.b.js(Line 1) Message: Chrome
console-api	log	URL: http://cdn.admixer.net/scripts3/1db304b067e7ca7675bc.b.js(Line 1) Message: Mraid Ready false
console-api	log	URL: http://cdn.admixer.net/scripts3/1db304b067e7ca7675bc.b.js(Line 1) Message: Chrome
console-api	log	URL: http://cdn.admixer.net/scripts3/1db304b067e7ca7675bc.b.js(Line 1) Message: Chrome
console-api	log	URL: http://cdn.admixer.net/scripts3/1db304b067e7ca7675bc.b.js(Line 1) Message: Event view http://inv-nets-eu.admixer.net/ev_view.aspx?cc=PL/14/756135&am-uid=4df650fdfeef49b4b280a7adfa229d50&cet=4&zone=2febba63-69cc-42a7-8be2-e10bcbe63cd5&rule=2a065265-12f0-40c0-9e56-9106b83926dd&requestId=e2e0947f-7a6c-4a52-83f2-e9e7ff307db8&page=afn.by%2F&hp=1592079849&pvid=f2678a62-1d78-441d-8da5-7a05b7be400f&inst=ADS-EU-2&ts=637480338940927987&sf=0
console-api	log	URL: http://cdn.admixer.net/scripts3/1db304b067e7ca7675bc.b.js(Line 1) Message: Event confirmview http://inv-nets-eu.admixer.net/ev_view.aspx?cc=PL/14/756135&am-uid=4df650fdfeef49b4b280a7adfa229d50&cet=9&zone=2febba63-69cc-42a7-8be2-e10bcbe63cd5&rule=2a065265-12f0-40c0-9e56-9106b83926dd&requestId=e2e0947f-7a6c-4a52-83f2-e9e7ff307db8&page=afn.by%2F&hp=1592079849&pvid=f2678a62-1d78-441d-8da5-7a05b7be400f&inst=ADS-EU-2&ts=637480338940927987&sf=0
console-api	log	URL: http://cdn.admixer.net/scripts3/1db304b067e7ca7675bc.b.js(Line 1) Message: Event confirmview http://inv-nets.admixer.net/logcz.aspx?zone=2febba63-69cc-42a7-8be2-e10bcbe63cd5

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.adriver.ru
ads.adsinspidsp.com
ads.betweendigital.com
ads.creative-serving.com
adservice.google.com
adservice.google.de
afn.by
ams.creativecdn.com
an.yandex.ru
avatars.mds.yandex.net
bidder.criteo.com
cdn.admixer.net
cm.g.doubleclick.net
creativecdn.com
dwbogv.com
event.clientgear.com
exchange.buzzoola.com
gaby.hit.gemius.pl
googleads.g.doubleclick.net
green.erne.co
gum.criteo.com
inv-nets-eu.admixer.net
inv-nets.admixer.net
ismatlab.com
m.trafmag.com
match.new-programmatic.com
mc.yandex.ru
odr.mookie1.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
rtb.com.ru
s.console.adtarget.com.tr
sdfgdgf.info
static.criteo.net
stats.g.doubleclick.net
tpc.googlesyndication.com
us.ck-ie.com
www.acint.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
x.bidswitch.net
yastatic.net
146.0.227.110
149.202.199.193
178.250.2.131
18.185.0.221
185.184.8.30
188.165.137.78
193.200.65.6
195.201.243.71
195.209.108.35
216.58.207.66
217.65.2.150
23.111.200.118
2606:4700:3037::ac43:a070
2a00:1450:4001:803::2002
2a00:1450:4001:808::2002
2a00:1450:4001:808::2004
2a00:1450:4001:811::2001
2a00:1450:4001:821::200e
2a00:1450:4001:824::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:400c:c00::9a
2a02:2638:1::13
2a02:2638:1::3
2a02:6b8:20::215
2a02:6b8::184
2a02:6b8::1:119
2a02:6b8::90
2a03:90c0:41:2801::254
2a0c:5c81:5139::2
34.98.67.61
35.157.221.90
47.252.78.131
51.89.9.251
52.210.129.60
62.173.140.157
62.76.25.27
79.171.117.17
83.222.114.187
88.198.31.232
88.214.193.83
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
07798248e32dbd9e331d3639622c8a208c92d46465d9a382e9f00a89054dab6a
146cf3b10f120064f10d9b96ec8bd9e30d9d4266c38f842a7e95e4e4f85bbc4b
1afa1aa3b0762ba63e927a6c35edd8c73db322887250d2ac7863ad760c742589
1ddb0b820dec7b14a548cd751c4a24db01dec9d0716daa5724ee5c65d3c347ec
208dfab1fdcf1f4e57f80d6fd873265f0ff90c42c36cb25e38dff42695e383a4
21805f6753661b417e371bc6d07627765a0bdb09ff769049bd4fa36a22cac022
25c8984f38856595401fa33726227a9d26afafe0a4f761b26d076241cabf5333
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
3b9bfffdd25b235582aed4cf08b709719aa5af611d5ca3f3f4a5cb5a17d9b6ee
3d8799c171813adffb4105be1ee07dfd2e7716ba4a5fdd8b785736285a3bf677
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
41f2c9e7292d189086bd05f8641572b9a673c603621e2040afa6f18f09b0e297
473feba11f89b4d197a2263ebb6567e53b75a969cff0679ccf50f6634fa3a4f5
52928c2ab25ea721e1a0403f0b0ba93d09f51989fd9503e8a65cd13bb2fa033e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
567a91bf0a24b83a65dba133e4e143dbe8608f8cd82b7e5e69be6403074d2fd3
604d0b3a64e507541fc995bbaf18cf55c712b657b26104f94a086cfa96547a1f
606fb015f87ba5bbcf783cd6fecf1ac351ede8dafa4767a43be8cf80f1634eb6
63b18b5635fc1818da6712734fc0d500652a85fecf6dfe1b4cb3cee139e52899
6a83f8baa9d1ed00994bae27f6a6d2990283f253536e11d46320fef8faaf40dd
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6e9220e0d1ddcd9b28a4ad9ea450381a4edcf4318e1286837739ea0a5871f4b4
72e395213d052d79eb852149c9cbe3124903a7f34168c935d7fadabbafbd2ddb
74c91ca534e06ebadf7699554c7a8f0eec0246427a06a8f5e0fd10bd6b97dd5d
75821f63d3b4493519583daba3eb0d0a3e9175ac1e7d7c248466c22e3cb7b66a
75bb660f0c38697ed9be3b33be8e5a24365708ee94922da9dd44875efc3776e0
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8efda3f0b5d984306920023fe9e82a919bfac7109db64ed89f752720408c888b
92b0aa59219ffef505536118efa8a7423ba6cfe6d11c920fdaab0c5715997b77
959aa45c75f1e339a3d6a91d798c6464ad0b8a7570060d38173f9db2cfa662d0
9a10b1418ae87e1667a44c85f39b5e1af9b8a24279d9a2743c0859d478f3f925
9fbf67b834344996137fa02ca817edd98348c7a609ba86e8a6a41fd2e508e053
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2108bb3f86caf930d09e8a85ae0eccf3a11a5d51296a620201e8a76a9b030c7
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
addbd0082697a941e7ae5798c7985b54c785fa90aa5f398dd35447b60eb7965d
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b092dbd71773cb73a23485e05d4aad7938fb17bdd4a2b121e4902c3c22e15895
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3883229115068714ffc63c82db6f810e84201317cb0385cc3b7c94b0c305554
b5f1343b46d0b18e78ae7bfb6ec5cfd0195a35a07f74da58d0612e06b1c429c2
bb4b42364e1b4ca428a44910af2d37ca494598cf252e86a9c4ce6e37678b761d
c09a842f4d8d70b93a89d95eaccb5e9bcc0504d7ca3b6141f0eac16bb924f31f
c5c553ada8936a3a89d422bb7b789c1f2aeec71612f1731311b39aae2bbf3243
ca5302f20a69cb2fe08a2429cf7268a2d5152d49608b0a954646553c70fd8afd
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d40a08aee575b4a76a0910980272e1097de9d7ac24b8b080fa4c86d300753674
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
ebb3597f3a327fe00b7b1b766dd19e454e3f8b34ad5d45505439b42bf1c24d42
ec48ff0e0a73ce2fd7600925f81b720a40cd8c08c447c66976da9de746c83309
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192
efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b
f1e572871055c1d0e152936f664d5fb075f505b99b412a4776f65a7abe80b505
f73cf878e0564e5d8fa7c649477e5f9e910a5b3deeb4c720cd8e6e66a966195b
fecdb167aa5328fdd5c9339c1ca85e91bc0efdcc6a7415da8da865081403deec

afn.by Open in urlscan Pro 62.173.140.157 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

109 Requests

76 %HTTPS

44 %IPv6

35 Domains

45 Subdomains

36 IPs

10 Countries

1120 kBTransfer

3302 kBSize

4 Cookies

17 Outgoing links

Redirected requests

109 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

afn.by Open in urlscan Pro
62.173.140.157 Public Scan

Screenshot
Live screenshot

Full Image

109
Requests

76 %
HTTPS

44 %
IPv6

35
Domains

45
Subdomains

36
IPs

10
Countries

1120 kB
Transfer

3302 kB
Size

4
Cookies

109 HTTP transactions
1 data transactions