ont.by Open in urlscan Pro
93.125.48.25 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ont.by/
Effective URL:
https://ont.by/
Submission: On December 16 via api (December 16th 2019, 9:14:17 am UTC) from GB

Summary HTTP 317 Redirects Links 30 Behaviour Indicators

Summary

This website contacted 35 IPs in 6 countries across 27 domains to perform 317 HTTP transactions. The main IP is 93.125.48.25, located in Belarus and belongs to BELPAK-AS BELPAK, BY. The main domain is ont.by.
TLS certificate: Issued by Let's Encrypt Authority X3 on December 11th 2019. Valid for: 3 months.

This is the only time ont.by was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 108	93.125.48.25 93.125.48.25	6697 (BELPAK-AS...) (BELPAK-AS BELPAK)
1	195.181.175.10 195.181.175.10	60068 (CDN77) (CDN77)
15	2a02:6b8:20::215 2a02:6b8:20::215	13238 (YANDEX) (YANDEX)
1	104.16.89.50 104.16.89.50	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3	87.240.190.78 87.240.190.78	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS http://vk.com)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
7	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY - Fastly)
2	217.20.147.3 217.20.147.3	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
1	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
27	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
4 17	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
2 4	2a02:6b8::92 2a02:6b8::92	13238 (YANDEX) (YANDEX)
5	2a02:6b8::90 2a02:6b8::90	13238 (YANDEX) (YANDEX)
3	178.250.0.130 178.250.0.130	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:815::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
3	217.69.133.145 217.69.133.145	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
1	2a00:1450:400... 2a00:1450:4001:817::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a00:1450:400... 2a00:1450:4001:824::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:814::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
9	93.125.31.151 93.125.31.151	6697 (BELPAK-AS...) (BELPAK-AS BELPAK)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
14	2a03:2880:f21... 2a03:2880:f21c:81c4:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK - Facebook)
7	2a00:1450:400... 2a00:1450:4001:808::2016	15169 (GOOGLE) (GOOGLE - Google LLC)
22	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1 2	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER - Twitter Inc.)
7 30	213.180.204.50 213.180.204.50	13238 (YANDEX) (YANDEX)
2	2606:2800:134... 2606:2800:134:1a0d:1429:742:782:b6	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1	2a02:6b8::2:158 2a02:6b8::2:158	13238 (YANDEX) (YANDEX)
16	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a02:6b8::36 2a02:6b8::36	13238 (YANDEX) (YANDEX)
10	2a02:6b8::184 2a02:6b8::184	13238 (YANDEX) (YANDEX)
317	35

108 93.125.48.25 (Belarus) 1 redirects

ASN6697 (BELPAK-AS BELPAK, BY)
PTR: 93-125-48-25.hoster.by

ont.by	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.181.175.10 (Frankfurt am Main, Germany)

ASN60068 (CDN77, GB)
PTR: frankfurt-2.cdn77.com

cdn.sendpulse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a02:6b8:20::215 (Russian Federation)

ASN13238 (YANDEX, RU)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.89.50 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.embedly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 87.240.190.78 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU)
PTR: srv78-190-240-87.vk.com

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticxx.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.20.147.3 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: ip3.147.odnoklassniki.ru

connect.ok.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a02:6b8::1:119 (Moscow, Russian Federation) 4 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::92 (Moscow, Russian Federation) 2 redirects

ASN13238 (YANDEX, RU)

matchid.adfox.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6b8::90 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.130 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:815::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 217.69.133.145 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:824::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

s.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8083:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 93.125.31.151 (Belarus)

ASN6697 (BELPAK-AS BELPAK, BY)
PTR: 93-125-31-151.hoster.by

93.125.31.151	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stream.ont.by	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a03:2880:f21c:81c4:face:b00c:0:43fe (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

scontent.cdninstagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:808::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.136 (United States) 1 redirects

ASN13414 (TWITTER - Twitter Inc., US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 213.180.204.50 (Russian Federation) 7 redirects

ASN13238 (YANDEX, RU)
PTR: ads.adfox.ru

ads.adfox.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

abs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::2:158 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

banners.adfox.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 172.217.16.130 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s46-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::36 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

favicon.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8::184 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

avatars.mds.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
116	ont.by 1 redirects ont.by stream.ont.by	5 MB
31	adfox.ru 7 redirects ads.adfox.ru banners.adfox.ru	267 KB
26	yandex.ru 6 redirects mc.yandex.ru matchid.adfox.yandex.ru an.yandex.ru	266 KB
24	twimg.com cdn.syndication.twimg.com abs.twimg.com pbs.twimg.com	437 KB
18	doubleclick.net googleads.g.doubleclick.net securepubads.g.doubleclick.net	345 KB
15	yastatic.net yastatic.net	210 KB
14	cdninstagram.com scontent.cdninstagram.com	838 KB
13	googletagservices.com www.googletagservices.com	235 KB
11	yandex.net favicon.yandex.net avatars.mds.yandex.net	155 KB
9	twitter.com 1 redirects platform.twitter.com syndication.twitter.com	108 KB
8	ytimg.com s.ytimg.com i.ytimg.com	232 KB
6	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	122 KB
5	google.com adservice.google.com	855 B
5	google.de adservice.google.de	855 B
5	googleapis.com imasdk.googleapis.com maps.googleapis.com	210 KB
3	mail.ru top-fwz1.mail.ru	9 KB
3	criteo.net static.criteo.net	27 KB
3	vk.com vk.com	23 KB
2	facebook.com staticxx.facebook.com www.facebook.com
2	google-analytics.com www.google-analytics.com	18 KB
2	ok.ru connect.ok.ru	1 KB
2	facebook.net connect.facebook.net	61 KB
1	criteo.com bidder.criteo.com	136 B
1	youtube.com www.youtube.com	923 B
1	googletagmanager.com www.googletagmanager.com	21 KB
1	embedly.com cdn.embedly.com	22 KB
1	sendpulse.com cdn.sendpulse.com	1 KB
317	27

	Domain	Requested by
108	ont.by	1 redirects ont.by pagead2.googlesyndication.com
30	ads.adfox.ru	7 redirects ont.by yastatic.net
21	pbs.twimg.com	ont.by
17	mc.yandex.ru	4 redirects ont.by mc.yandex.ru
16	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net ont.by
15	yastatic.net	ont.by yastatic.net an.yandex.ru
14	scontent.cdninstagram.com	ont.by
13	www.googletagservices.com	pagead2.googlesyndication.com yastatic.net securepubads.g.doubleclick.net
10	avatars.mds.yandex.net	ont.by an.yandex.ru
8	stream.ont.by	ont.by
7	i.ytimg.com	ont.by
7	platform.twitter.com	ont.by platform.twitter.com
5	adservice.google.com	pagead2.googlesyndication.com www.googletagservices.com
5	adservice.google.de	pagead2.googlesyndication.com www.googletagservices.com
5	an.yandex.ru	yastatic.net an.yandex.ru
4	tpc.googlesyndication.com	securepubads.g.doubleclick.net
4	maps.googleapis.com	ont.by maps.googleapis.com
4	matchid.adfox.yandex.ru	2 redirects yastatic.net ont.by
3	top-fwz1.mail.ru	ont.by top-fwz1.mail.ru
3	static.criteo.net	yastatic.net ont.by
3	vk.com	ont.by connect.facebook.net vk.com
2	abs.twimg.com	ont.by platform.twitter.com
2	syndication.twitter.com	1 redirects ont.by
2	www.google-analytics.com	www.googletagmanager.com ont.by
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	pagead2.googlesyndication.com	ont.by pagead2.googlesyndication.com
2	connect.ok.ru	ont.by connect.ok.ru
2	connect.facebook.net	ont.by connect.facebook.net
1	favicon.yandex.net	ont.by
1	banners.adfox.ru	ont.by
1	cdn.syndication.twimg.com	platform.twitter.com
1	bidder.criteo.com	static.criteo.net
1	www.facebook.com	connect.facebook.net
1	staticxx.facebook.com	connect.facebook.net
1	s.ytimg.com	www.youtube.com
1	www.youtube.com	ont.by
1	www.googletagmanager.com	ont.by
1	imasdk.googleapis.com	ont.by
1	cdn.embedly.com	ont.by
1	cdn.sendpulse.com	ont.by
317	40

This site contains links to these domains. Also see Links.

Domain
an.yandex.ru
play.google.com
vk.com
www.youtube.com
www.facebook.com
ok.ru
twitter.com
instagram.com
telegram.me
yandex.ru
mobile.yandex.ru
ads.adfox.ru
www.instagram.com
websecret.by

Subject Issuer	Validity	Valid
ont.by Let's Encrypt Authority X3	`2019-12-11` - `2020-03-10`	3 months	crt.sh
*.sendpulse.com COMODO RSA Domain Validation Secure Server CA	`2018-10-30` - `2020-10-29`	2 years	crt.sh
static.yandex.net Yandex CA	`2019-09-06` - `2020-09-05`	a year	crt.sh
*.embedly.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-11` - `2021-09-16`	2 years	crt.sh
vk.com Sectigo ECC Extended Validation Secure Server CA	`2019-07-11` - `2020-07-09`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-12-06` - `2020-03-05`	3 months	crt.sh
platform.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-08-28` - `2020-09-01`	a year	crt.sh
*.ok.ru GeoTrust RSA CA 2018	`2019-08-07` - `2021-03-21`	2 years	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2019-11-13` - `2020-02-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-11-13` - `2020-02-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-11-13` - `2020-02-05`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2019-09-23` - `2020-09-22`	a year	crt.sh
*.adfox.yandex.ru Yandex CA	`2019-08-01` - `2020-07-31`	a year	crt.sh
bs.yandex.ru Yandex CA	`2019-09-24` - `2020-09-23`	a year	crt.sh
*.google.com GTS CA 1O1	`2019-11-13` - `2020-02-05`	3 months	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2019-12-03` - `2021-04-06`	a year	crt.sh
*.mail.ru GlobalSign Organization Validation CA - SHA256 - G2	`2019-01-18` - `2021-01-18`	2 years	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2019-12-05` - `2021-04-08`	a year	crt.sh
stream.ont.by Let's Encrypt Authority X3	`2019-10-22` - `2020-01-20`	3 months	crt.sh
*.instagram.com DigiCert SHA2 High Assurance Server CA	`2019-11-23` - `2020-02-21`	3 months	crt.sh
edgestatic.com GTS CA 1O1	`2019-11-13` - `2020-02-05`	3 months	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2019-11-12` - `2020-11-18`	a year	crt.sh
syndication.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-04-09` - `2020-04-01`	a year	crt.sh
*.adfox.ru Yandex CA	`2019-08-01` - `2020-07-31`	a year	crt.sh
*.games.s3.yandex.net Yandex CA	`2019-04-10` - `2020-04-09`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2019-11-13` - `2020-02-05`	3 months	crt.sh
favicon.yandex.net Yandex CA	`2019-09-27` - `2020-09-26`	a year	crt.sh
*.avatars.yandex.net Yandex CA	`2019-10-04` - `2020-10-03`	a year	crt.sh

This page contains 22 frames:

Primary Page: https://ont.by/
Frame ID: 76E24EC29D47C7AB2AF4FAB8286D7EF7
Requests: 242 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20191205/r20190131/zrt_lookup.html
Frame ID: B1E070FF38C111848B0BB5839D84F60B
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.69e02060c7c44baddf1b5629549acc0c.html?origin=https%3A%2F%2Font.by
Frame ID: DD84913365160DA2479A4D14663FD245
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5557990343499447&output=html&adk=1812271804&adf=3025194257&lmt=1576487635&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C30%3A1081344%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Font.by%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1576487635341&bpp=85&bdt=732&fdt=356&idt=356&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=3612734840870&frm=20&pv=2&ga_vid=140123336.1576487636&ga_sid=1576487636&ga_hid=34092729&ga_fc=0&iag=0&icsg=2251799989862399&dssz=34&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065126&oid=3&pvsid=2326903549937810&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=369
Frame ID: 31BE93650026CA44DE11F02FD86565A8
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: 6819C87390389EBA57673F5ED79BBBB8
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=260965744509555&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df28e5de11083f54%26domain%3Dont.by%26origin%3Dhttps%253A%252F%252Font.by%252Ff1169c66fc83aa4%26relation%3Dparent.parent&container_width=300&height=400&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Ftelekanalont&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=300
Frame ID: 0AD864161BAB16DF847DBD0A8D433236
Requests: 1 HTTP requests in this frame

Frame: https://vk.com/widget_community.php?app=6615650&width=300px&_ver=1&gid=19650704&mode=4&color1=&color2=&color3=&class_name=&wide=1&height=400&url=https%3A%2F%2Font.by%2F&referrer=&title=%D0%9E%D0%9D%D0%A2%20%E2%80%94%20%D0%9E%D0%B1%D1%89%D0%B5%D0%BD%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%B0%D0%BB%D1%8C%D0%BD%D0%BE%D0%B5%20%D1%82%D0%B5%D0%BB%D0%B5%D0%B2%D0%B8%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%7C%20%D0%91%D0%B5%D0%BB%D0%BE%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8%D0%B9%20%D1%82%D0%B5%D0%BB%D0%B5%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20%D0%9E%D0%9D%D0%A2&16f0dfc4be8
Frame ID: 324118B6803379F0E98CB3E1DD237CAF
Requests: 1 HTTP requests in this frame

Frame: https://connect.ok.ru/dk?st.cmd=WidgetGroup&st.groupId=58117131206706&st.fid=__okGroup0&st.hoster=https%3A%2F%2Font.by%2F&st.settings=%7B%22width%22%3A300%2C%22height%22%3A400%7D
Frame ID: 04959CCB43912B53707CD4BDD82443E2
Requests: 1 HTTP requests in this frame

Frame: https://abs.twimg.com/emoji/v2/72x72/1f449.png
Frame ID: 1F6FC8086A92453A418FFD62E86CAE7F
Requests: 28 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: 007F12F857DE16239306FA7FEC2F3925
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 34D55BA72E7649CA71EC01411EB640C4
Requests: 8 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 24579748791AB33A30327CC53509997F
Requests: 8 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 940F625ECC526499FCEC805DE75574BD
Requests: 8 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: E19FA696F87F693BF0531DAEA2759CC2
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstMvoGeCMLpV61GDVlyoXt8DVgv7X4cWPqUeMw0XKedD88NMeKsKjsMpRfq7oAlfFpQjGWs3ZS-WGlR9_IDTK2b5YM8Qkc84rxOOUGKR--0shiMbJk0WyrgX_C-mWmtPwGrQc5BGHSfVEph-gx9Y2dseQkYQP05wnP6E9TGVGnoOoz2Mgu_QZngV13wEKYNNM6n8JWcAB-wnpV0SNp9AJzhKBiFvDys0hy4HVD25aiD8Qvd1x7H83ViAqONjx6U6CI&sai=AMfl-YTXIsCLkqk4VWlTmiZTCih9bYFyF5IqrqPuB7PN_md9RL0cZljMXslb43mSDzH0SHSHVb4kmGmjT56KRw6Nmm517teFfj08D0cRCQ8T&sig=Cg0ArKJSzA856YaZWf-yEAE&urlfix=1&adurl=
Frame ID: C2C3D3DEDA40E62671784F42BB2C23D3
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssnKpczWcGs7XRbIaQdcupKMZXvDm_dqh4r0EBkvticpjRyl5k6OkhpcoJz5upWNeOzIaGQa2XmnHhIYs5Q5nUeuzmxyZg6bRuPXj_WG1nAITuGoReheYUxzVQi2qXIrSDrMc2vSey8JvPUnSO-pDifD_nLBiLSgdaxGBWCrCc7G0an94QF-5wer9k9oMn9H_SwjxGgq6dlQ5RDgh2A1UR30N5wrCjs4eqfNeAY1N24h9QrHycOzJiRjhvihAXuMQ&sai=AMfl-YTkD9u6LB6CnpjkDAXNEHrjhH-7SpPty_LH0_XPnSPCcWz_3PGwMqlrLPL6_TQ2dc9AnHoP5WwknzyVz3LyWtM2j8fSI_jhc_1iXo0YjQ&sig=Cg0ArKJSzFKUBTpK05FcEAE&urlfix=1&adurl=
Frame ID: 5CF88F7BC3FC6B86522DB673AD46A8D8
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssjLbUvdjI-sMlXacYRoiNt-0WMQIszEqn4Ap6AgkD50lTjYg21iEhRYsYTAqIQwHq33mLrG9VcjSR8TfU6BeaSIKHm8SzGxo_SNped6U4yOsB0XyxIm5BHMmtDuOgnIFW4B_p7vrZXySsmt381uDoHayD1QneECmHMUG3gs6bZF5dTqASHvviV97OJnzS118LjCTUCgbrUm8XFRG4zJy_wdNdjo7d5cLu7CV8OixUV5f1O5gAIN0XkkU6YDNGh1g&sai=AMfl-YTaLcnk5hxzyEwbvEubZWhE1oyc1vuZFiLwa55kT3rG79Tz6h46xSmq4HGguMBdsFU09dOB0e1shxVC875n000zmtvZPhUuc6VdIJXf&sig=Cg0ArKJSzH8vFeuXVjNbEAE&urlfix=1&adurl=
Frame ID: FD2DBA72389705311EF520B15776E8BA
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvmmK7WPCGpVnWt0ZwX-a2PhD1nL4rv9Flf-vBRbKqfhhy_wTTFm96GKknMGrRBvH9etuHklqwZgM1jqY13IAS6_uqSQgihNlYLHZ3FIaWlCSApWSLM7APPEEcjlLf1oCbpJJ0BdGw3J8gRbQE72CWKvleK1UnKKEe3TGdpebGu9zURBrVJh4p3XA8UrF9Wyr58cQj5x6F1sxYj9Ewg1d7CjvxhHdwzCl2nJ4-3ILIOFBiYc0mevqWUK7qg5JF4Tg&sai=AMfl-YSHF92ZuL0PLPhTW50KvtNVkxZK6Uxhw0NO0xjyUcHjGDvFAfQXtQavDXKA7bEoGC2zjdDrAprWl5OaSaSgCuKO894MnGlXv5299qJ0&sig=Cg0ArKJSzEwtCnCoFco4EAE&urlfix=1&adurl=
Frame ID: 641D642B86FB23CFCFC4242EABBD03C6
Requests: 4 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.69/1-1-0/render.html
Frame ID: 7EB438473814AA63FE4819551A2C25D6
Requests: 1 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.69/1-1-0/render.html
Frame ID: 5394D44C43560650A97840CE837ED145
Requests: 1 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.69/1-1-0/render.html
Frame ID: B124E55DB87D284222E985A31944A9BC
Requests: 1 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.69/1-1-0/render.html
Frame ID: 2D9775A8B115E22F5EDAA72A26294F44
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://ont.by/ HTTP 301
https://ont.by/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /https?:\/\/an\.yandex\.ru\//i

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /mc\.yandex\.ru\/metrika\/watch\.js/i

Page Statistics

317
Requests

99 %
HTTPS

62 %
IPv6

27
Domains

40
Subdomains

35
IPs

6
Countries

8499 kB
Transfer

15509 kB
Size

3
Cookies

30 Outgoing links

These are links going to different origins than the main page.

URL: https://an.yandex.ru/count/OLPl6hHPCW050DC24820W04nr4htNG00000uefqlG0980c2y26W4SAIMnA01W067hQEA1OW1XSg6fqIG0TRij_8rc07ei9FaEw01vkotyZMe0UQka-Gxk078dRt17S010jW1ifV-6k01behl6kW14lW1WApUlW680WUO0fBKtXUW0iwBdXQv0cs9SanXeuYvy0ALiEdV0e03iu60ZWA80xJ6vuGBc0FYgWAm0mIm106u1Fy1w0Ig5VW4wimlY0Ngp2-G1ShrFw05wi8Eg0M3ZGom1OED3BW5YA0Gm0MmWIJ81V2J2T05vDy5u0KEy0K1c0Qy-Ptl1A06gWEe1ge3oGRJScuge-mSHz46qmQaeQFi74VP1W000C1V0000gGU1a9p_sDBOPx07W82GBD070k07XWhu1m60207G2BgAW870W826W07W2EU5Zmk02W6e2kW7mGe00000003mFzWA0k0AW8bw-0g0jHY82mwg2n2jlYqMWP0005Z3cA7EcGK0m0k0emN82u3Kam7P2u6GdF_OqjXdw0lKX2Bm2mQ8382ithu1w0mRc0siY3BW3OA0W0693W0000000F0_a0x0X3sW3i24FR0E0Q4F00000000y3-e3u6Xqlk3sxJiPzaF9aOi4Lbc_3_W3m604B-u-1MG49tjwk7GcwgtEfeG2H400000003mFyWG3D0GW9QlN_WG0e0H0eWH0P0H0Q4H00000000y3-e4S24FR0H0SWHa9Zlj0xW4PdAO-WHa-sLu8BTgTdz0V4H00000034nK3w4HaD1S9LFXK000007QHIgJqb000002q00000Y181a181gHAywqwdDWteF_0I0eWJ0v0JP9WJ0S0J____________0TeJ2WW0400O0200A03W4uYW48WKku_wyRtOo-xP0Q0KYA0Gg1JAzJ_850JG5F___________m7O59Zqf-y5?stat-id=7&test-tag=427160418395137&format-type=9&actual-format=40&banner-test-tags=eyI3MjMzNTM0NzYzIjoiMzI3NjgifQ%3D%3D

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.ont.mobile
Title: Android

Search URL Search Domain Scan URL

URL: https://vk.com/telekanalont

Search URL Search Domain Scan URL

URL: http://www.youtube.com/onttvchannel

Search URL Search Domain Scan URL

URL: https://www.facebook.com/telekanalont

Search URL Search Domain Scan URL

URL: https://ok.ru/telekanalont

Search URL Search Domain Scan URL

URL: https://twitter.com/ont_tv

Search URL Search Domain Scan URL

URL: https://instagram.com/onttvchannel

Search URL Search Domain Scan URL

URL: https://telegram.me/onttvchannel

Search URL Search Domain Scan URL

URL: https://yandex.ru/pogoda/minsk
Title: Яндекс.Погода

Search URL Search Domain Scan URL

URL: https://mobile.yandex.ru/apps/weather
Title: Погода для смартфонов

Search URL Search Domain Scan URL

URL: https://ads.adfox.ru/239538/goLink?ad-session-id=5812841576487636612&hash=727319967817a19b&sj=mkydoc4BVcpYXEnuXut7Eyl7afgE5hwHSMxifwsWeYGeJ-OoL6Niu0mvag5VnsG2OsZnS_IfNRph41qmR2yxA8BXSxSn7dqOMg9x2M0-rA%3D%3D&rand=bttuass&rqs=03JuKqPsHEfUSvddFgNBoU7abDwv7jof&pr=iafmxny&p1=ceren&ytt=260034501543957&p5=hfqjf&ybv=0.1497&p2=fgou&ylv=0.1505&pf=https%3A%2F%2Font.by%2Fprograms%2Fsong_of_the_year

Search URL Search Domain Scan URL

URL: https://an.yandex.ru/count/A4Vr2lfKYtW50DO24820W04nrKhtNG00000uefqlG0980c2y26W4SAIMnA01W067hQEA1OW1XSg6fqIG0TRij_8rc07ei9FaEw01vkotyZMe0UQka-Gxk078dRt17S010jW1ifV-6k01behl6kW14lW1WApUlW680WYO0fBKtXUW0iwBdXQv0cs9SanXeuYvy0ALiEdV0e03iu60ZWA80xJ6vuGBc0FYgWAe0mYm0mIm106u1Fy1w0Ii6_W4gCioY0MeopAG1TJKLQ05mhSFg0MYxWom1QBk3BW5qECLm0MmWIJ81V2J2T05_8q6u0KEy0K1c0Qy-Ptl1A06gWEe1ge3oGRJScuge-mSHz46qmQaeQFi74VP1W000A0N0000gGU1a9GRtjBOPx07W82GBD070k07XWhu1m60207G2BgAW870W826W07W2EU5Zmk02W6e2kW7mGe00000003mFzWA0k0AW8bw-0g0jHY82n2g2n33ckVpWP0005OAcg7EcGK0m0k0emN82u3Kam7P2u6Gb1lUqjXdw0keopBm2mQ8382ithu1w0mRc0sktpBW3OA0W0693W0000000F0_a0x0X3sW3i24FR0E0Q4F00000000y3-e3u6XuhFHsxJiPzaFoX_C-Ra70q3W3m604B-u-1MG49tjwk7GcwgtEfeG2H400000003mFyWG3D0GW9QlN_WG0e0H0eWH0P0H0Q4H00000000y3-e4S24FR0H0SWHa9Zlj0xW4TAMTUWHrjZcYV7AdFBr0V4H00000414ya3w4HaD1S9LFXK000007QHIgJqb000002q00000Y181a181gHAL9BDOHxVnF_0I0eWJ0v0JP9WJ0S0J____________0TeJ2WW0400O0200A03W4z3Z5OWKg9B9sD-LhAkZ0Q0KqECLg1JKr5N850JG5F___________m7O59Zqf-y5?stat-id=8&test-tag=427160418408449&format-type=22&actual-format=41&banner-test-tags=eyI3MjMzNTM0NzYzIjoiMzI3NjgifQ%3D%3D
Title: ₽Яндекс ДиректЕсть противопоказания. Посоветуйтесь с врачом.Диагностика в клинике Е.Малышевой!

Search URL Search Domain Scan URL

URL: https://an.yandex.ru/count/A4Vr2WcixhK50Cy24820W04nrKhtNG00000uefqlG0980c2y26W4SFhP-k0DW07CbuK3Y06Pvz7zHv01t9wViJUO0QR_e_a-e06klPgnDwW1el-Z-Jwu0SB5pgGUm042s07EXwOSu06mqP4Tw06K0lW1wjlUlW680WYW0j2DyHUv0cs9SanXeuYvy0ALiEdV0e03W9tn-GU80y-EWyWEc0EbmWIW0mIe0mYm0mIm106u1Fy1w0IE9VW4oVqWY0N9_I2G1U6x8g05-8SAg0MaiGYm1QIn2BW5qU48m0NrW1Z81Q2D1j05v_q3u0Liy0K1c0Q2qApp3g06gWEe1ge3oGRJScuge-mSHz46qmQaeQFi74VP1W000A0N0000gGU1a9GRtjBOPx07W82GBD070k07XWhu1m60207G2BgAW870W826W07W2EZ6-0k02W6e2kW7mGe00000003mFzWA0k0AW8bw-0g0jHY82n2g2n33ckVpWP0005OAcg7EcGK0m0k0emN82u3Kam7P2u6Gb1lUqjXdw0l9_I3m2mQ83EhRthu1w0mRc0sktpBW3OA0W0693W0000000B0-a0x0X3sW3i24FR0E0Q4F00000000y3-e3u6XuhFHsxJiPzaF0pXitfJuzZ_W3m604DIhb1UG49tjwk7GcwgtEfeG2H400000003mFyWGZ80A-102W142Y141a141eH400000003mFwWHm8Gzi141o16GcE-q3k0HqfPrw17MsEQ9ySgSylK1yH400000G4JoGFeH6GrqO9K-5G00000TBu9BFYK00000BG0000284W6G4W6f4lzzCp7sPDm_y182Y1C3a1Dac1C1m1F___________y1sXCA200G01W0800e0E0JqU48Y1IeaidOtvMigwC1e1JHuGYe5E6x8iWK1D0K____________0TWKrAxPxmK0?stat-id=8&test-tag=427160418408449&format-type=22&actual-format=41&banner-test-tags=eyI3NDMzNjExMTgyIjoiMzI3NjgifQ%3D%3D
Title: Распродажа шуб больших размеров

Search URL Search Domain Scan URL

URL: https://an.yandex.ru/count/A4Vr2arwQje50B824820W04nrKhtNG00000uefqlG0980c2y26W4SDgRwf81W07HYWE80QlDzFD0a07qglhSD9W1aEsZopcW0VAg-jmqg07qwAFBERW1tAh7z1p00GBO0Ug2wndW0VhSwXde0H3u0V2lthu1Y088e0AicCqNkG9jYN9COQE8kV02bR3ftmA00-x8p88EY0EgWQ_-29W3n_S2e0C6g0C8i0C4k0J_0UW4sKtu1ERu38W5vlWCa0MUlG-W1Rlv0wW5dAK3i0MSfGEu1Tht0y05bSq9o0N0k0BG1Oh80U05RF050PW6qCRhyG6W1ge3g0Qg0ya6qt9kAgFi74VH1jC6fA6Zx1n7sGO0002W5m000Aa7WP2K6zxIs6Um1u20a2pG1mBW1uOA-0S1W0W1q0YwYe21W820Xe01u0YMpEOBW0e1g0he1y4A00000000y3_O2WBW2e29UlWAWBKOY0iGgWiGmvhdyu6G001M2fgXpfa50C0BWAC5o0k0r9C1sGk1a9GRtjBOP-WBvlWCy0i6Y0pmhzw-0UWC6vWDhjyou0s2W801YGu00000001mFP0Em8Gze0x0X3sm3W6X3m0000000F0_g0-1eUApqTkqx6VP3nsCDXyPola_u0y1W12iYfSLa12TxUhXq9kgjpgQ40aH00000000y3_840Zu40A04GA84G6G4G6X4G0000000F0_g170X3sm4G784P2OxxGEu17IbdNe4TROvednofpozG7n4G000010HF90-X4P3KtPSpuL000001rooKaz9G00000j000008WI0P0I0QaIR0LQlCaVoJ_m4WA84mEG4sIO4m704____________m7Q4me80100600W02W0u1FQzmE85AYIoTZVbQohem6W5Dht0wWKdhqF?stat-id=8&test-tag=427160418408449&format-type=22&actual-format=41&banner-test-tags=eyI3MDc2NzkzMDE4IjoiMzI3NjgifQ%3D%3D
Title: Ликвидация склада женских сумок

Search URL Search Domain Scan URL

URL: https://an.yandex.ru/count/A4Vr2laGB4K50DO24820W04nrKhtNG00000uefqlG0980c2y26W4SFwgzDCDW072WRlY0OW1g9U4sK6G0SRoY_Oqc07MjRJnEQ01vlABzZIe0VYpjF4vk06AzTF_7C010jW1flM26k01wCgn6UW1Z0Bu0RBltxu1Y088e0BSyFiHkG9jYN9COQE8kV02bR3ftmA00-NgaD83Y0EfxDAk2fW3mDKBe0C8g0C8i0C4k0J_0UW4nHZu19wZ8eW5dgCYa0M3-oUW1Rsw2gW5izi8i0MpsmYu1RUK2i05s80Io0NuoGJG1UYH1E05RF050PW6YAc5cWUW1ge3g0Qg0ya6qt9kAgFi74VH1jC6fA6Zx1n7sGO0002W5m000Aa7WP2K6zxIs6Um1u20a2pG1mBW1uOA-0S1W0W1q0YwYe21m820Xe01u0Yk-Fq8W0e1g0he1y4A00000000y3_O2WBW2e29UlWAWBKOY0iGgWiGmvhdyu6G001M2fgXpfa50C0BWAC5o0k0r9C1sGk1a9GRtjBOP-WBdgCYy0i6Y0ooxz--0UWC6vWDhjyou0s2W801YGu00000000mF90Em8Gze0x0X3sm3W6X3m0000000F0_g0-1eUApqTkqx6VP3vR53QUFb_q_u0y1W13fWgGLa12TxUhXq9kgjpgQ418900G00000000HCpCpCpCpyp_848o01FWG0e0H0eWH0P0H0Q4H00000000y3-e4S24FR0H0SWHa9Zlj0xW4TAMTUWHrjZcYV7AdFBr0V4H00000414ya3w4HaDku1OFXK000007Q4bXpqb000002q00000Y181a181gHAUkrEIfnpPF_0I0eWJ0v0JP9WJ0S0J____________0TeJ2WW0400O0200A03W4xUK2eWKg9B9sD-LhAkZ0Q0KjvGAg1I3-oV850JG5F___________m7O5A3-Yku5?stat-id=8&test-tag=427160418408449&format-type=22&actual-format=41&banner-test-tags=eyI3MTAzMTUxMjY3IjoiMzI3NjgifQ%3D%3D
Title: Есть противопоказания. Посоветуйтесь с врачом.Молоткообразная деформация?

Search URL Search Domain Scan URL

URL: https://an.yandex.ru/count/MOGB9SSqaKK50DK24820W04nrKhtNG00000uefqlG0980c2y26W4SAIMnA01W067hQEA1OW1XSg6fqIG0TRij_8rc07ei9FaEw01vkotyZMe0UQka-Gxk078dRt17S010jW1ifV-6k01behl6kW14lW1WApUlW680WAO0fBKtXUW0iwBdXQv0cs9SanXeuYvy0ALiEdV0e03iu60ZWA80xJ6vuGBc0FXgWAe0mIm0mIm106u1Fy1w0IY4_W4tlusY0NU_ZQG1O29LQ05jECGg0N1_Gsm1S7z3RW5ij0Lm0MmWIJ81V2J2T05Wj86u0KEy0K1c0Qy-Ptl1A06gWEe1ge3oGRJScuge-mSHz46qmQaeQFi74VP1W000A0N0000gGU1aE01sjBOPx07W82GBD070k07XWhu1m60207G2BgAW870W826W07W2EU5Zmk02W6e2kW7mGe00000003mFzWA0k0AW8bw-0g0jHY82mIg2n3IKKthWP0006u3cQ7EcGK0m0k0emN82u3Kam7P2u6Gu07QqjXdw0lU_ZRm2mQ8382ithu1w0mRc0sfaJNW3OA0W0693W0000000F0_a0x0X3sW3i24FR0E0Q4F00000000y3-e3u6XuiwIsxJiPzaFgkv1Jnxc0a3W3m604B-u-1MG49tjwk7GcwgtEfeG2H400000003mFyWG3D0GW9QlN_WG0e0H0eWH0P0H0Q4H00000000y3-e4S24FR0H0SWHa9Zlj0xW4ONAO-WH-ENklThgjEF_0V4H0000002Sna3w4HaD1S9LFXK000007QHIgJqb000002q00000Y181a181gHBHSmRWuYlpF_0I0eWJ0v0JP9WJ0S0J____________0TeJ2WW0400O0200A03W4xBG5OWKpfJjpRpD_laFe1Ioq1Me5829LSWK1D0K____________0TWKcFIdxmK0?stat-id=2&test-tag=427160418419713&format-type=33&actual-format=40&banner-test-tags=eyI3MjMzNTM0NzYzIjoiMzI3NjgifQ%3D%3D
Title: ₽Яндекс ДиректДиагностика в клинике Е.Малышевой!Есть противопоказания. Посоветуйтесь с врачом.

Search URL Search Domain Scan URL

URL: https://an.yandex.ru/count/MOGB9GCW3xS50B424820W04nrKhtNG00000uefqlG0980c2y26W4SDgRwf81W07HYWE80QlDzFD0a07qglhSD9W1aEsZopcW0VAg-jmqg07qwAFBERW1tAh7z1p00GBO0Ug2wndW0VhSwXde0H3u0V2lthu1Y082e0AicCqNkG9jYN9COQE8kV02bR3ftmA00-x8p88EY0EgWQ_-29W3n_S2e0C4g0C4i0C4k0J_0UW4jJxu1CQh3eW5ngiEa0NMt0-W1O2m1AW5rT83i0NLqWEu1Td_0y05bSq9o0N0k0BG1TNT0U05RF050PW6X8JkyW6W1ge3g0Qg0ya6qt9kAgFi74VH1jC6fA6Zx1n7sGO0002W5m000Aa7WP3W0ThIs6Um1u20a2pG1mBW1uOA-0S1W0W1q0YwYe21W820Xe01u0YMpEOBW0e1g0he1y4A00000000y3_O2WBW2e29UlWAWBKOY0i4gWiGqb5Dwu6G001k0vcXpfa50C0BWAC5o0k0r9C1sGk1aE01sjBOP-WBngiEy0i6Y0pmhzw-0UWC6vWDgP4ru0s2W801YGu00000002mFf0Em8Gze0x0X3sm3W6X3m0000000F0_g0-1eUBEajkqx6VP3m7WyIRSCle_u0y1W12iYfSLa12TxUhXq9kgjpgQ40aH00000000y3_840Zu40A04GA84G6G4G6X4G0000000F0_g170X3sm4G784P2OxxGEu165ocFe4VZbxhtQwhJZ_m7n4G000000dCP0-X4P3KtPSpuL000001rooKaz9G00000j000008WI0P0I0QaIjqijFfiqpJ_m4WA84mEG4sIO4m704____________m7Q4me80100600W02W0u1FP_mE85CwKxSsypVxv3w0KsVy3g1JMt0y0?stat-id=2&test-tag=427160418419713&format-type=33&actual-format=40&banner-test-tags=eyI3MDc2NzkzMDE4IjoiMzI3NjgifQ%3D%3D
Title: Ликвидация склада женских сумок

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCSdJIet8Oi-8vZ1L2cxOdBA
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCSdJIet8Oi-8vZ1L2cxOdBA/?sub_confirmation=1
Title: Подписаться

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=qBTCImvPp2A
Title: IT-школу открыли в поселке Рассвет. Дети изучают роботов… 08:57 6 3:10

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=7sF6kYiJeR8
Title: Белинвестбанк предлагает юрлицам и ИП принимать мгновенные… 07:16 43 3:26

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=KIj4JoZ-qcs
Title: Social Weekend: более 300 разных проектов реализовано в… 06:55 12 0:56

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=0m_4YP2fjUg
Title: Фрагмент позвоночника для операции распечатали на 3D-принтере… 06:37 82 1:19

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=EFJUwA-tYjE
Title: Что такое корпоратив? Дети в теме! 00:15

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=zXJL-XZ6fDQ
Title: Вы любите корпоративы? Дежурная по городу спросила минчан 00:09

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=zLa-acu83_4
Title: Остров Бали. Океан. Посмотрите на эти пляжи! Но почему здесь… 15 декабря 2019, 23:19

Search URL Search Domain Scan URL

URL: https://an.yandex.ru/count/5mOhEVBI0uu50D824820W04nrKhtNG00000uefqlG0980c2y26W4SAIMnA01W067hQEA1OW1XSg6fqIG0TRij_8rc07ei9FaEw01vkotyZMe0UQka-Gxk078dRt17S010jW1ifV-6k01behl6kW14lW1WApUlW680WcO0fBKtXUW0iwBdXQv0cs9SanXeuYvy0ALiEdV0e03iu60ZWA80xJ6vuGBc0FXgWAm0mIm106u1Fy1w0I69FW4tu4oY0NVWJAG1PQJKw05Yg4Fg0N8smom1SZR3BW5yf4Lm0MmWIJ81V2J2T05YuK6u0KEy0K1c0Qy-Ptl1A06gWEe1ge3oGRJScuge-mSHz46qmQaeQFi74VP1W000A0N0000gGU1a2HCsjBOPx07W82GBD070k07XWhu1m60207G2BgAW870W826W07W2EU5Zmk02W6e2kW7mGe00000003mFzWA0k0AW8bw-0g0jHY82nAg2n3ieFcTWP00048McQ7EcGK0m0k0emN82u3Kam7P2u6G94pQqjXdw0lVWJBm2mQ8382ithu1w0mRc0sfaJNW3OA0W0693W0000000F0_a0x0X3sW3i24FR0E0Q4F00000000y3-e3u6XmlwMsxJiPzaFT-Hq5UHu0a3W3m604B-u-1MG49tjwk7GcwgtEfeG2H400000003mFyWG3D0GW9QlN_WG0e0H0eWH0P0H0Q4H00000000y3-e4S24FR0H0SWHa9Zlj0xW4QNAO-WHi_AXjjFWjzqxyH400000e4pYGFeH6Gq5mbK-5G00000Tf5AfFIK00000BG0000284W6G4W6f4hvX7smZdl4_y182Y1C3a1Dac1C1m1F___________y1sXCA200G01W0800e0E0Jyf4LY1IBmDUL-BgibRa1e1JoaHMe59QJKyWK1D0K____________0TWKcFIdxmK0?stat-id=9&test-tag=427160418395137&format-type=9&actual-format=40&banner-test-tags=eyI3MjMzNTM0NzYzIjoiMzI3NjgifQ%3D%3D

Search URL Search Domain Scan URL

URL: https://www.instagram.com/onttvchannel
Title: @onttvchannel

Search URL Search Domain Scan URL

URL: https://websecret.by/?utm_source=ont&utm_medium=link&utm_campaign=ont
Title: Разработка сайта —

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ont.by/ HTTP 301
https://ont.by/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66

https://mc.yandex.ru/watch/26812653?wmode=7&page-url=https%3A%2F%2Font.by%2F&charset=utf-8&site-info=%7B%22jquery%22%3Afalse%2C%22version%22%3Afalse%2C%22shareVersion%22%3A2%7D&browser-info=ti%3A10%3Ans%3A1576487634231%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20191216101355%3Aet%3A1576487636%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A372708168%3Ahid%3A704068923%3Ads%3A0%2C123%2C61%2C99%2C191%2C0%2C0%2C867%2C%2C%2C%2C%2C1335%3Agdpr%3A14%3Av%3A1776%3Ast%3A1576487636%3Au%3A1576487636713505257%3At%3A%D0%9E%D0%9D%D0%A2%20%E2%80%94%20%D0%9E%D0%B1%D1%89%D0%B5%D0%BD%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%B0%D0%BB%D1%8C%D0%BD%D0%BE%D0%B5%20%D1%82%D0%B5%D0%BB%D0%B5%D0%B2%D0%B8%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%7C%20%D0%91%D0%B5%D0%BB%D0%BE%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8%D0%B9%20%D1%82%D0%B5%D0%BB%D0%B5%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20%D0%9E%D0%9D%D0%A2 HTTP 302
https://mc.yandex.ru/watch/26812653/1?wmode=7&page-url=https%3A%2F%2Font.by%2F&charset=utf-8&site-info=%7B%22jquery%22%3Afalse%2C%22version%22%3Afalse%2C%22shareVersion%22%3A2%7D&browser-info=ti%3A10%3Ans%3A1576487634231%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20191216101355%3Aet%3A1576487636%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A372708168%3Ahid%3A704068923%3Ads%3A0%2C123%2C61%2C99%2C191%2C0%2C0%2C867%2C%2C%2C%2C%2C1335%3Agdpr%3A14%3Av%3A1776%3Ast%3A1576487636%3Au%3A1576487636713505257%3At%3A%D0%9E%D0%9D%D0%A2%20%E2%80%94%20%D0%9E%D0%B1%D1%89%D0%B5%D0%BD%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%B0%D0%BB%D1%8C%D0%BD%D0%BE%D0%B5%20%D1%82%D0%B5%D0%BB%D0%B5%D0%B2%D0%B8%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%7C%20%D0%91%D0%B5%D0%BB%D0%BE%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8%D0%B9%20%D1%82%D0%B5%D0%BB%D0%B5%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20%D0%9E%D0%9D%D0%A2

Request Chain 180

https://ads.adfox.ru/239538/getBulk/v2?dl=https%3A%2F%2Font.by%2F&date=2019-12-16T10%3A13%3A56.609%2B01%3A00&pd=16&pdh=1200&pdw=1600&pr1=836362105&pr=2473837910&prr=&pv=10&pw=1&extid_loader=&extid_tag_loader=ont.by&ylv=0.1505&ybv=0.1497&ytt=260034501543957&is-turbo=0&skip-token=&ad-session-id=5812841576487636612&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22width%22%3A1920%2C%22height%22%3A0%2C%22left%22%3A-167%2C%22top%22%3A0%2C%22visible%22%3A1%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&matchid-cookies=fEO4cFbeMKA-n3kK-BaJMvLRxB2QIU2sgp2wBg1jcZVQKeuTbq29xg%3D%3D&matchid-cookies-sign=PtyMFpY5t7FaSHddNsUSKg%3D%3D&p1=cerem&p2=y&matchid-direct=1&bids=W3siY2FtcGFpZ25faWQiOjc3MTAwNSwicmVzcG9uc2VfdGltZSI6MTIzOSwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjE0MTAzNzYifV0%3D&grab=dNCe0J3QoiDigJQg0J7QsdGJ0LXQvdCw0YbQuNC-0L3QsNC70YzQvdC-0LUg0YLQtdC70LXQstC40LTQtdC90LjQtSDQkdC10LvQsNGA0YPRgdC4IHwg0JHQtdC70L7RgNGD0YHRgdC60LjQuSDRgtC10LvQtdC60LDQvdCw0Lsg0J7QndCiCjIg0J_QvtGB0LvQtdC00L3QuNC1INC90L7QstC-0YHRgtC4IAoy0JPQu9Cw0LLQvdGL0LUg0L3QvtCy0L7RgdGC0LggCjIg0KHQtdC50YfQsNGBINGH0LjRgtCw0Y7RgiAKMiDQn9C-0L_Rg9C70Y_RgNC90L7QtSDQt9CwINC90LXQtNC10LvRjiAKMiDQnNCw0YDQutC-0LIuINCd0LjRh9C10LPQviDQu9C40YfQvdC-0LPQviAKMiDQntCd0KIg0L3QsCBZb3VUdWJlIAoyINCd0LDRiNC4INC90L7QstC-0YHRgtC4INCe0J3QoiAKMiDQn9GA0L7Qs9GA0LDQvNC80Ysg0Lgg0L_RgNC-0LXQutGC0YsgCjIg0JrQuNC90L4g0Lgg0YHQtdGA0LjQsNC70YsgCjIg0JzRiyDQsiDRgdC-0YbQuNCw0LvRjNC90YvRhSDRgdC10YLRj9GFIAozINCX0LAg0L_QvtGB0LvQtdC00L3QtdC1INC00LXRgdGP0YLQuNC70LXRgtC40LUg0YfQuNGB0LvQviDQv9GA0LDQstC-0L3QsNGA0YPRiNC10L3QuNC5INCy0YvRgNC-0YHQu9C-INCy0LTQstC-0LU6INCb0YPQutCw0YjQtdC90LrQviDQv9GA0L7QstC-0LTQuNGCINGB0L7QstC10YnQsNC90LjQtSDQv9C-INC_0YDQuNC80LXQvdC10L3QuNGOINCw0LTQvNC40L3QuNGB0YLRgNCw0YLQuNCy0L3QvtC5INC-0YLQstC10YLRgdGC0LLQtdC90L3QvtGB0YLQuCAKMyDQl9CwINC_0L7RgdC70LXQtNC90LXQtSDQtNC10YHRj9GC0LjQu9C10YLQuNC1INGH0LjRgdC70L4g0L_RgNCw0LLQvtC90LDRgNGD0YjQtdC90LjQuSDQstGL0YDQvtGB0LvQviDQstC00LLQvtC1OiDQm9GD0LrQsNGI0LXQvdC60L4g0L_RgNC-0LLQvtC00LjRgiDRgdC-0LLQtdGJ0LDQvdC40LUg0L_QviDQv9GA0LjQvNC10L3QtdC90LjRjiDQsNC00LzQuNC90LjRgdGC0YDQsNGC0LjQstC90L7QuSDQvtGC0LLQtdGC0YHRgtCy0LXQvdC90L7RgdGC0LggCjMg0JHQsNC90Log0YDQsNC30LLQuNGC0LjRjyDQmtC40YLQsNGPINCy0YvQtNC10LvQuNGCINCR0LXQu9Cw0YDRg9GB0Lgg0LrRgNC10LTQuNGCINC90LAgMyw1INC80LvRgNC0INGO0LDQvdC10LkgCjMg0JHQtdC70LDRgNGD0YHRjCDQv9C-0LTQvdGP0LvQsNGB0Ywg0LIg0YDQtdC50YLQuNC90LPQtSDRgdCw0LzRi9GFINC80L7Qs9GD0YnQtdGB0YLQstC10L3QvdGL0YUg0YHRgtGA0LDQvSDQvNC40YDQsCAKMyDCq9CS0YHRgtGA0LXRh9CwINC00LLRg9GFINCS0LvQsNC00LjQvNC40YDQvtCywrs6INGB0YLQsNC7INC70Lgg0LzQuNGAINC90LAg0JTQvtC90LHQsNGB0YHQtSDQsdC70LjQttC1INC_0L7RgdC70LUg0L_QtdGA0LXQs9C-0LLQvtGA0L7QsiDCq9C90L7RgNC80LDQvdC00YHQutC-0Lkg0YfQtdGC0LLRkdGA0LrQuMK7INCyINCf0LDRgNC40LbQtT8gCjMg0JHQtdC70L7RgNGD0YHRgdC60LjQtSDQtNCw0LvRjNC90L7QsdC-0LnRidC40LrQuCDRgdGH&utf8=%E2%9C%93 HTTP 302
https://ads.adfox.ru/239538/getBulkTest/v2?dl=https%3A%2F%2Font.by%2F&date=2019-12-16T10%3A13%3A56.609%2B01%3A00&pd=16&pdh=1200&pdw=1600&pr1=836362105&pr=2473837910&prr=&pv=10&pw=1&extid_loader=&extid_tag_loader=ont.by&ylv=0.1505&ybv=0.1497&ytt=260034501543957&is-turbo=0&skip-token=&ad-session-id=5812841576487636612&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22width%22%3A1920%2C%22height%22%3A0%2C%22left%22%3A-167%2C%22top%22%3A0%2C%22visible%22%3A1%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&matchid-cookies=fEO4cFbeMKA-n3kK-BaJMvLRxB2QIU2sgp2wBg1jcZVQKeuTbq29xg%3D%3D&matchid-cookies-sign=PtyMFpY5t7FaSHddNsUSKg%3D%3D&p1=cerem&p2=y&matchid-direct=1&bids=W3siY2FtcGFpZ25faWQiOjc3MTAwNSwicmVzcG9uc2VfdGltZSI6MTIzOSwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjE0MTAzNzYifV0%3D&grab=dNCe0J3QoiDigJQg0J7QsdGJ0LXQvdCw0YbQuNC-0L3QsNC70YzQvdC-0LUg0YLQtdC70LXQstC40LTQtdC90LjQtSDQkdC10LvQsNGA0YPRgdC4IHwg0JHQtdC70L7RgNGD0YHRgdC60LjQuSDRgtC10LvQtdC60LDQvdCw0Lsg0J7QndCiCjIg0J_QvtGB0LvQtdC00L3QuNC1INC90L7QstC-0YHRgtC4IAoy0JPQu9Cw0LLQvdGL0LUg0L3QvtCy0L7RgdGC0LggCjIg0KHQtdC50YfQsNGBINGH0LjRgtCw0Y7RgiAKMiDQn9C-0L_Rg9C70Y_RgNC90L7QtSDQt9CwINC90LXQtNC10LvRjiAKMiDQnNCw0YDQutC-0LIuINCd0LjRh9C10LPQviDQu9C40YfQvdC-0LPQviAKMiDQntCd0KIg0L3QsCBZb3VUdWJlIAoyINCd0LDRiNC4INC90L7QstC-0YHRgtC4INCe0J3QoiAKMiDQn9GA0L7Qs9GA0LDQvNC80Ysg0Lgg0L_RgNC-0LXQutGC0YsgCjIg0JrQuNC90L4g0Lgg0YHQtdGA0LjQsNC70YsgCjIg0JzRiyDQsiDRgdC-0YbQuNCw0LvRjNC90YvRhSDRgdC10YLRj9GFIAozINCX0LAg0L_QvtGB0LvQtdC00L3QtdC1INC00LXRgdGP0YLQuNC70LXRgtC40LUg0YfQuNGB0LvQviDQv9GA0LDQstC-0L3QsNGA0YPRiNC10L3QuNC5INCy0YvRgNC-0YHQu9C-INCy0LTQstC-0LU6INCb0YPQutCw0YjQtdC90LrQviDQv9GA0L7QstC-0LTQuNGCINGB0L7QstC10YnQsNC90LjQtSDQv9C-INC_0YDQuNC80LXQvdC10L3QuNGOINCw0LTQvNC40L3QuNGB0YLRgNCw0YLQuNCy0L3QvtC5INC-0YLQstC10YLRgdGC0LLQtdC90L3QvtGB0YLQuCAKMyDQl9CwINC_0L7RgdC70LXQtNC90LXQtSDQtNC10YHRj9GC0LjQu9C10YLQuNC1INGH0LjRgdC70L4g0L_RgNCw0LLQvtC90LDRgNGD0YjQtdC90LjQuSDQstGL0YDQvtGB0LvQviDQstC00LLQvtC1OiDQm9GD0LrQsNGI0LXQvdC60L4g0L_RgNC-0LLQvtC00LjRgiDRgdC-0LLQtdGJ0LDQvdC40LUg0L_QviDQv9GA0LjQvNC10L3QtdC90LjRjiDQsNC00LzQuNC90LjRgdGC0YDQsNGC0LjQstC90L7QuSDQvtGC0LLQtdGC0YHRgtCy0LXQvdC90L7RgdGC0LggCjMg0JHQsNC90Log0YDQsNC30LLQuNGC0LjRjyDQmtC40YLQsNGPINCy0YvQtNC10LvQuNGCINCR0LXQu9Cw0YDRg9GB0Lgg0LrRgNC10LTQuNGCINC90LAgMyw1INC80LvRgNC0INGO0LDQvdC10LkgCjMg0JHQtdC70LDRgNGD0YHRjCDQv9C-0LTQvdGP0LvQsNGB0Ywg0LIg0YDQtdC50YLQuNC90LPQtSDRgdCw0LzRi9GFINC80L7Qs9GD0YnQtdGB0YLQstC10L3QvdGL0YUg0YHRgtGA0LDQvSDQvNC40YDQsCAKMyDCq9CS0YHRgtGA0LXRh9CwINC00LLRg9GFINCS0LvQsNC00LjQvNC40YDQvtCywrs6INGB0YLQsNC7INC70Lgg0LzQuNGAINC90LAg0JTQvtC90LHQsNGB0YHQtSDQsdC70LjQttC1INC_0L7RgdC70LUg0L_QtdGA0LXQs9C-0LLQvtGA0L7QsiDCq9C90L7RgNC80LDQvdC00YHQutC-0Lkg0YfQtdGC0LLRkdGA0LrQuMK7INCyINCf0LDRgNC40LbQtT8gCjMg0JHQtdC70L7RgNGD0YHRgdC60LjQtSDQtNCw0LvRjNC90L7QsdC-0LnRidC40LrQuCDRgdGH&utf8=%E2%9C%93

Request Chain 181

https://ads.adfox.ru/239538/getBulk/v2?dl=https%3A%2F%2Font.by%2F&date=2019-12-16T10%3A13%3A56.666%2B01%3A00&pd=16&pdh=1200&pdw=1600&pr1=605161848&pr=2473837910&prr=&pv=10&pw=1&extid_loader=&extid_tag_loader=ont.by&ylv=0.1505&ybv=0.1497&ytt=260034501543957&is-turbo=0&skip-token=&ad-session-id=5812841576487636612&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22width%22%3A288%2C%22height%22%3A0%2C%22left%22%3A1125%2C%22top%22%3A458%2C%22visible%22%3A1%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&matchid-cookies=fEO4cFbeMKA-n3kK-BaJMvLRxB2QIU2sgp2wBg1jcZVQKeuTbq29xg%3D%3D&matchid-cookies-sign=PtyMFpY5t7FaSHddNsUSKg%3D%3D&p1=ceren&p2=fgou&matchid-direct=1&bids=W3siY2FtcGFpZ25faWQiOjc3MTAwNSwicmVzcG9uc2VfdGltZSI6MTI0NSwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjE0MTAzNzkifV0%3D&grab=dNCe0J3QoiDigJQg0J7QsdGJ0LXQvdCw0YbQuNC-0L3QsNC70YzQvdC-0LUg0YLQtdC70LXQstC40LTQtdC90LjQtSDQkdC10LvQsNGA0YPRgdC4IHwg0JHQtdC70L7RgNGD0YHRgdC60LjQuSDRgtC10LvQtdC60LDQvdCw0Lsg0J7QndCiCjIg0J_QvtGB0LvQtdC00L3QuNC1INC90L7QstC-0YHRgtC4IAoy0JPQu9Cw0LLQvdGL0LUg0L3QvtCy0L7RgdGC0LggCjIg0KHQtdC50YfQsNGBINGH0LjRgtCw0Y7RgiAKMiDQn9C-0L_Rg9C70Y_RgNC90L7QtSDQt9CwINC90LXQtNC10LvRjiAKMiDQnNCw0YDQutC-0LIuINCd0LjRh9C10LPQviDQu9C40YfQvdC-0LPQviAKMiDQntCd0KIg0L3QsCBZb3VUdWJlIAoyINCd0LDRiNC4INC90L7QstC-0YHRgtC4INCe0J3QoiAKMiDQn9GA0L7Qs9GA0LDQvNC80Ysg0Lgg0L_RgNC-0LXQutGC0YsgCjIg0JrQuNC90L4g0Lgg0YHQtdGA0LjQsNC70YsgCjIg0JzRiyDQsiDRgdC-0YbQuNCw0LvRjNC90YvRhSDRgdC10YLRj9GFIAozINCX0LAg0L_QvtGB0LvQtdC00L3QtdC1INC00LXRgdGP0YLQuNC70LXRgtC40LUg0YfQuNGB0LvQviDQv9GA0LDQstC-0L3QsNGA0YPRiNC10L3QuNC5INCy0YvRgNC-0YHQu9C-INCy0LTQstC-0LU6INCb0YPQutCw0YjQtdC90LrQviDQv9GA0L7QstC-0LTQuNGCINGB0L7QstC10YnQsNC90LjQtSDQv9C-INC_0YDQuNC80LXQvdC10L3QuNGOINCw0LTQvNC40L3QuNGB0YLRgNCw0YLQuNCy0L3QvtC5INC-0YLQstC10YLRgdGC0LLQtdC90L3QvtGB0YLQuCAKMyDQl9CwINC_0L7RgdC70LXQtNC90LXQtSDQtNC10YHRj9GC0LjQu9C10YLQuNC1INGH0LjRgdC70L4g0L_RgNCw0LLQvtC90LDRgNGD0YjQtdC90LjQuSDQstGL0YDQvtGB0LvQviDQstC00LLQvtC1OiDQm9GD0LrQsNGI0LXQvdC60L4g0L_RgNC-0LLQvtC00LjRgiDRgdC-0LLQtdGJ0LDQvdC40LUg0L_QviDQv9GA0LjQvNC10L3QtdC90LjRjiDQsNC00LzQuNC90LjRgdGC0YDQsNGC0LjQstC90L7QuSDQvtGC0LLQtdGC0YHRgtCy0LXQvdC90L7RgdGC0LggCjMg0JHQsNC90Log0YDQsNC30LLQuNGC0LjRjyDQmtC40YLQsNGPINCy0YvQtNC10LvQuNGCINCR0LXQu9Cw0YDRg9GB0Lgg0LrRgNC10LTQuNGCINC90LAgMyw1INC80LvRgNC0INGO0LDQvdC10LkgCjMg0JHQtdC70LDRgNGD0YHRjCDQv9C-0LTQvdGP0LvQsNGB0Ywg0LIg0YDQtdC50YLQuNC90LPQtSDRgdCw0LzRi9GFINC80L7Qs9GD0YnQtdGB0YLQstC10L3QvdGL0YUg0YHRgtGA0LDQvSDQvNC40YDQsCAKMyDCq9CS0YHRgtGA0LXRh9CwINC00LLRg9GFINCS0LvQsNC00LjQvNC40YDQvtCywrs6INGB0YLQsNC7INC70Lgg0LzQuNGAINC90LAg0JTQvtC90LHQsNGB0YHQtSDQsdC70LjQttC1INC_0L7RgdC70LUg0L_QtdGA0LXQs9C-0LLQvtGA0L7QsiDCq9C90L7RgNC80LDQvdC00YHQutC-0Lkg0YfQtdGC0LLRkdGA0LrQuMK7INCyINCf0LDRgNC40LbQtT8gCjMg0JHQtdC70L7RgNGD0YHRgdC60LjQtSDQtNCw0LvRjNC90L7QsdC-0LnRidC40LrQuCDRgdGH&utf8=%E2%9C%93 HTTP 302
https://ads.adfox.ru/239538/getBulkTest/v2?dl=https%3A%2F%2Font.by%2F&date=2019-12-16T10%3A13%3A56.666%2B01%3A00&pd=16&pdh=1200&pdw=1600&pr1=605161848&pr=2473837910&prr=&pv=10&pw=1&extid_loader=&extid_tag_loader=ont.by&ylv=0.1505&ybv=0.1497&ytt=260034501543957&is-turbo=0&skip-token=&ad-session-id=5812841576487636612&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22width%22%3A288%2C%22height%22%3A0%2C%22left%22%3A1125%2C%22top%22%3A458%2C%22visible%22%3A1%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&matchid-cookies=fEO4cFbeMKA-n3kK-BaJMvLRxB2QIU2sgp2wBg1jcZVQKeuTbq29xg%3D%3D&matchid-cookies-sign=PtyMFpY5t7FaSHddNsUSKg%3D%3D&p1=ceren&p2=fgou&matchid-direct=1&bids=W3siY2FtcGFpZ25faWQiOjc3MTAwNSwicmVzcG9uc2VfdGltZSI6MTI0NSwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjE0MTAzNzkifV0%3D&grab=dNCe0J3QoiDigJQg0J7QsdGJ0LXQvdCw0YbQuNC-0L3QsNC70YzQvdC-0LUg0YLQtdC70LXQstC40LTQtdC90LjQtSDQkdC10LvQsNGA0YPRgdC4IHwg0JHQtdC70L7RgNGD0YHRgdC60LjQuSDRgtC10LvQtdC60LDQvdCw0Lsg0J7QndCiCjIg0J_QvtGB0LvQtdC00L3QuNC1INC90L7QstC-0YHRgtC4IAoy0JPQu9Cw0LLQvdGL0LUg0L3QvtCy0L7RgdGC0LggCjIg0KHQtdC50YfQsNGBINGH0LjRgtCw0Y7RgiAKMiDQn9C-0L_Rg9C70Y_RgNC90L7QtSDQt9CwINC90LXQtNC10LvRjiAKMiDQnNCw0YDQutC-0LIuINCd0LjRh9C10LPQviDQu9C40YfQvdC-0LPQviAKMiDQntCd0KIg0L3QsCBZb3VUdWJlIAoyINCd0LDRiNC4INC90L7QstC-0YHRgtC4INCe0J3QoiAKMiDQn9GA0L7Qs9GA0LDQvNC80Ysg0Lgg0L_RgNC-0LXQutGC0YsgCjIg0JrQuNC90L4g0Lgg0YHQtdGA0LjQsNC70YsgCjIg0JzRiyDQsiDRgdC-0YbQuNCw0LvRjNC90YvRhSDRgdC10YLRj9GFIAozINCX0LAg0L_QvtGB0LvQtdC00L3QtdC1INC00LXRgdGP0YLQuNC70LXRgtC40LUg0YfQuNGB0LvQviDQv9GA0LDQstC-0L3QsNGA0YPRiNC10L3QuNC5INCy0YvRgNC-0YHQu9C-INCy0LTQstC-0LU6INCb0YPQutCw0YjQtdC90LrQviDQv9GA0L7QstC-0LTQuNGCINGB0L7QstC10YnQsNC90LjQtSDQv9C-INC_0YDQuNC80LXQvdC10L3QuNGOINCw0LTQvNC40L3QuNGB0YLRgNCw0YLQuNCy0L3QvtC5INC-0YLQstC10YLRgdGC0LLQtdC90L3QvtGB0YLQuCAKMyDQl9CwINC_0L7RgdC70LXQtNC90LXQtSDQtNC10YHRj9GC0LjQu9C10YLQuNC1INGH0LjRgdC70L4g0L_RgNCw0LLQvtC90LDRgNGD0YjQtdC90LjQuSDQstGL0YDQvtGB0LvQviDQstC00LLQvtC1OiDQm9GD0LrQsNGI0LXQvdC60L4g0L_RgNC-0LLQvtC00LjRgiDRgdC-0LLQtdGJ0LDQvdC40LUg0L_QviDQv9GA0LjQvNC10L3QtdC90LjRjiDQsNC00LzQuNC90LjRgdGC0YDQsNGC0LjQstC90L7QuSDQvtGC0LLQtdGC0YHRgtCy0LXQvdC90L7RgdGC0LggCjMg0JHQsNC90Log0YDQsNC30LLQuNGC0LjRjyDQmtC40YLQsNGPINCy0YvQtNC10LvQuNGCINCR0LXQu9Cw0YDRg9GB0Lgg0LrRgNC10LTQuNGCINC90LAgMyw1INC80LvRgNC0INGO0LDQvdC10LkgCjMg0JHQtdC70LDRgNGD0YHRjCDQv9C-0LTQvdGP0LvQsNGB0Ywg0LIg0YDQtdC50YLQuNC90LPQtSDRgdCw0LzRi9GFINC80L7Qs9GD0YnQtdGB0YLQstC10L3QvdGL0YUg0YHRgtGA0LDQvSDQvNC40YDQsCAKMyDCq9CS0YHRgtGA0LXRh9CwINC00LLRg9GFINCS0LvQsNC00LjQvNC40YDQvtCywrs6INGB0YLQsNC7INC70Lgg0LzQuNGAINC90LAg0JTQvtC90LHQsNGB0YHQtSDQsdC70LjQttC1INC_0L7RgdC70LUg0L_QtdGA0LXQs9C-0LLQvtGA0L7QsiDCq9C90L7RgNC80LDQvdC00YHQutC-0Lkg0YfQtdGC0LLRkdGA0LrQuMK7INCyINCf0LDRgNC40LbQtT8gCjMg0JHQtdC70L7RgNGD0YHRgdC60LjQtSDQtNCw0LvRjNC90L7QsdC-0LnRidC40LrQuCDRgdGH&utf8=%E2%9C%93

Request Chain 182

https://ads.adfox.ru/239538/getBulk/v2?dl=https%3A%2F%2Font.by%2F&date=2019-12-16T10%3A13%3A56.669%2B01%3A00&pd=16&pdh=1200&pdw=1600&pr1=3018816823&pr=2473837910&prr=&pv=10&pw=1&extid_loader=&extid_tag_loader=ont.by&ylv=0.1505&ybv=0.1497&ytt=260034501543957&is-turbo=0&skip-token=&ad-session-id=5812841576487636612&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22width%22%3A1240%2C%22height%22%3A0%2C%22left%22%3A173%2C%22top%22%3A1795%2C%22visible%22%3A0%2C%22req_no%22%3A2%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&matchid-cookies=fEO4cFbeMKA-n3kK-BaJMvLRxB2QIU2sgp2wBg1jcZVQKeuTbq29xg%3D%3D&matchid-cookies-sign=PtyMFpY5t7FaSHddNsUSKg%3D%3D&p1=cerep&p2=y&matchid-direct=1&bids=W3siY2FtcGFpZ25faWQiOjc3MTAwNSwicmVzcG9uc2VfdGltZSI6MTI0NSwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjE0MTAzODMifV0%3D&grab=dNCe0J3QoiDigJQg0J7QsdGJ0LXQvdCw0YbQuNC-0L3QsNC70YzQvdC-0LUg0YLQtdC70LXQstC40LTQtdC90LjQtSDQkdC10LvQsNGA0YPRgdC4IHwg0JHQtdC70L7RgNGD0YHRgdC60LjQuSDRgtC10LvQtdC60LDQvdCw0Lsg0J7QndCiCjIg0J_QvtGB0LvQtdC00L3QuNC1INC90L7QstC-0YHRgtC4IAoy0JPQu9Cw0LLQvdGL0LUg0L3QvtCy0L7RgdGC0LggCjIg0KHQtdC50YfQsNGBINGH0LjRgtCw0Y7RgiAKMiDQn9C-0L_Rg9C70Y_RgNC90L7QtSDQt9CwINC90LXQtNC10LvRjiAKMiDQnNCw0YDQutC-0LIuINCd0LjRh9C10LPQviDQu9C40YfQvdC-0LPQviAKMiDQntCd0KIg0L3QsCBZb3VUdWJlIAoyINCd0LDRiNC4INC90L7QstC-0YHRgtC4INCe0J3QoiAKMiDQn9GA0L7Qs9GA0LDQvNC80Ysg0Lgg0L_RgNC-0LXQutGC0YsgCjIg0JrQuNC90L4g0Lgg0YHQtdGA0LjQsNC70YsgCjIg0JzRiyDQsiDRgdC-0YbQuNCw0LvRjNC90YvRhSDRgdC10YLRj9GFIAozINCX0LAg0L_QvtGB0LvQtdC00L3QtdC1INC00LXRgdGP0YLQuNC70LXRgtC40LUg0YfQuNGB0LvQviDQv9GA0LDQstC-0L3QsNGA0YPRiNC10L3QuNC5INCy0YvRgNC-0YHQu9C-INCy0LTQstC-0LU6INCb0YPQutCw0YjQtdC90LrQviDQv9GA0L7QstC-0LTQuNGCINGB0L7QstC10YnQsNC90LjQtSDQv9C-INC_0YDQuNC80LXQvdC10L3QuNGOINCw0LTQvNC40L3QuNGB0YLRgNCw0YLQuNCy0L3QvtC5INC-0YLQstC10YLRgdGC0LLQtdC90L3QvtGB0YLQuCAKMyDQl9CwINC_0L7RgdC70LXQtNC90LXQtSDQtNC10YHRj9GC0LjQu9C10YLQuNC1INGH0LjRgdC70L4g0L_RgNCw0LLQvtC90LDRgNGD0YjQtdC90LjQuSDQstGL0YDQvtGB0LvQviDQstC00LLQvtC1OiDQm9GD0LrQsNGI0LXQvdC60L4g0L_RgNC-0LLQvtC00LjRgiDRgdC-0LLQtdGJ0LDQvdC40LUg0L_QviDQv9GA0LjQvNC10L3QtdC90LjRjiDQsNC00LzQuNC90LjRgdGC0YDQsNGC0LjQstC90L7QuSDQvtGC0LLQtdGC0YHRgtCy0LXQvdC90L7RgdGC0LggCjMg0JHQsNC90Log0YDQsNC30LLQuNGC0LjRjyDQmtC40YLQsNGPINCy0YvQtNC10LvQuNGCINCR0LXQu9Cw0YDRg9GB0Lgg0LrRgNC10LTQuNGCINC90LAgMyw1INC80LvRgNC0INGO0LDQvdC10LkgCjMg0JHQtdC70LDRgNGD0YHRjCDQv9C-0LTQvdGP0LvQsNGB0Ywg0LIg0YDQtdC50YLQuNC90LPQtSDRgdCw0LzRi9GFINC80L7Qs9GD0YnQtdGB0YLQstC10L3QvdGL0YUg0YHRgtGA0LDQvSDQvNC40YDQsCAKMyDCq9CS0YHRgtGA0LXRh9CwINC00LLRg9GFINCS0LvQsNC00LjQvNC40YDQvtCywrs6INGB0YLQsNC7INC70Lgg0LzQuNGAINC90LAg0JTQvtC90LHQsNGB0YHQtSDQsdC70LjQttC1INC_0L7RgdC70LUg0L_QtdGA0LXQs9C-0LLQvtGA0L7QsiDCq9C90L7RgNC80LDQvdC00YHQutC-0Lkg0YfQtdGC0LLRkdGA0LrQuMK7INCyINCf0LDRgNC40LbQtT8gCjMg0JHQtdC70L7RgNGD0YHRgdC60LjQtSDQtNCw0LvRjNC90L7QsdC-0LnRidC40LrQuCDRgdGH&utf8=%E2%9C%93 HTTP 302
https://ads.adfox.ru/239538/getBulkTest/v2?dl=https%3A%2F%2Font.by%2F&date=2019-12-16T10%3A13%3A56.669%2B01%3A00&pd=16&pdh=1200&pdw=1600&pr1=3018816823&pr=2473837910&prr=&pv=10&pw=1&extid_loader=&extid_tag_loader=ont.by&ylv=0.1505&ybv=0.1497&ytt=260034501543957&is-turbo=0&skip-token=&ad-session-id=5812841576487636612&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22width%22%3A1240%2C%22height%22%3A0%2C%22left%22%3A173%2C%22top%22%3A1795%2C%22visible%22%3A0%2C%22req_no%22%3A2%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&matchid-cookies=fEO4cFbeMKA-n3kK-BaJMvLRxB2QIU2sgp2wBg1jcZVQKeuTbq29xg%3D%3D&matchid-cookies-sign=PtyMFpY5t7FaSHddNsUSKg%3D%3D&p1=cerep&p2=y&matchid-direct=1&bids=W3siY2FtcGFpZ25faWQiOjc3MTAwNSwicmVzcG9uc2VfdGltZSI6MTI0NSwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjE0MTAzODMifV0%3D&grab=dNCe0J3QoiDigJQg0J7QsdGJ0LXQvdCw0YbQuNC-0L3QsNC70YzQvdC-0LUg0YLQtdC70LXQstC40LTQtdC90LjQtSDQkdC10LvQsNGA0YPRgdC4IHwg0JHQtdC70L7RgNGD0YHRgdC60LjQuSDRgtC10LvQtdC60LDQvdCw0Lsg0J7QndCiCjIg0J_QvtGB0LvQtdC00L3QuNC1INC90L7QstC-0YHRgtC4IAoy0JPQu9Cw0LLQvdGL0LUg0L3QvtCy0L7RgdGC0LggCjIg0KHQtdC50YfQsNGBINGH0LjRgtCw0Y7RgiAKMiDQn9C-0L_Rg9C70Y_RgNC90L7QtSDQt9CwINC90LXQtNC10LvRjiAKMiDQnNCw0YDQutC-0LIuINCd0LjRh9C10LPQviDQu9C40YfQvdC-0LPQviAKMiDQntCd0KIg0L3QsCBZb3VUdWJlIAoyINCd0LDRiNC4INC90L7QstC-0YHRgtC4INCe0J3QoiAKMiDQn9GA0L7Qs9GA0LDQvNC80Ysg0Lgg0L_RgNC-0LXQutGC0YsgCjIg0JrQuNC90L4g0Lgg0YHQtdGA0LjQsNC70YsgCjIg0JzRiyDQsiDRgdC-0YbQuNCw0LvRjNC90YvRhSDRgdC10YLRj9GFIAozINCX0LAg0L_QvtGB0LvQtdC00L3QtdC1INC00LXRgdGP0YLQuNC70LXRgtC40LUg0YfQuNGB0LvQviDQv9GA0LDQstC-0L3QsNGA0YPRiNC10L3QuNC5INCy0YvRgNC-0YHQu9C-INCy0LTQstC-0LU6INCb0YPQutCw0YjQtdC90LrQviDQv9GA0L7QstC-0LTQuNGCINGB0L7QstC10YnQsNC90LjQtSDQv9C-INC_0YDQuNC80LXQvdC10L3QuNGOINCw0LTQvNC40L3QuNGB0YLRgNCw0YLQuNCy0L3QvtC5INC-0YLQstC10YLRgdGC0LLQtdC90L3QvtGB0YLQuCAKMyDQl9CwINC_0L7RgdC70LXQtNC90LXQtSDQtNC10YHRj9GC0LjQu9C10YLQuNC1INGH0LjRgdC70L4g0L_RgNCw0LLQvtC90LDRgNGD0YjQtdC90LjQuSDQstGL0YDQvtGB0LvQviDQstC00LLQvtC1OiDQm9GD0LrQsNGI0LXQvdC60L4g0L_RgNC-0LLQvtC00LjRgiDRgdC-0LLQtdGJ0LDQvdC40LUg0L_QviDQv9GA0LjQvNC10L3QtdC90LjRjiDQsNC00LzQuNC90LjRgdGC0YDQsNGC0LjQstC90L7QuSDQvtGC0LLQtdGC0YHRgtCy0LXQvdC90L7RgdGC0LggCjMg0JHQsNC90Log0YDQsNC30LLQuNGC0LjRjyDQmtC40YLQsNGPINCy0YvQtNC10LvQuNGCINCR0LXQu9Cw0YDRg9GB0Lgg0LrRgNC10LTQuNGCINC90LAgMyw1INC80LvRgNC0INGO0LDQvdC10LkgCjMg0JHQtdC70LDRgNGD0YHRjCDQv9C-0LTQvdGP0LvQsNGB0Ywg0LIg0YDQtdC50YLQuNC90LPQtSDRgdCw0LzRi9GFINC80L7Qs9GD0YnQtdGB0YLQstC10L3QvdGL0YUg0YHRgtGA0LDQvSDQvNC40YDQsCAKMyDCq9CS0YHRgtGA0LXRh9CwINC00LLRg9GFINCS0LvQsNC00LjQvNC40YDQvtCywrs6INGB0YLQsNC7INC70Lgg0LzQuNGAINC90LAg0JTQvtC90LHQsNGB0YHQtSDQsdC70LjQttC1INC_0L7RgdC70LUg0L_QtdGA0LXQs9C-0LLQvtGA0L7QsiDCq9C90L7RgNC80LDQvdC00YHQutC-0Lkg0YfQtdGC0LLRkdGA0LrQuMK7INCyINCf0LDRgNC40LbQtT8gCjMg0JHQtdC70L7RgNGD0YHRgdC60LjQtSDQtNCw0LvRjNC90L7QsdC-0LnRidC40LrQuCDRgdGH&utf8=%E2%9C%93

Request Chain 183

https://ads.adfox.ru/239538/getBulk/v2?dl=https%3A%2F%2Font.by%2F&date=2019-12-16T10%3A13%3A56.673%2B01%3A00&pd=16&pdh=1200&pdw=1600&pr1=40644240&pr=2473837910&prr=&pv=10&pw=1&extid_loader=&extid_tag_loader=ont.by&ylv=0.1505&ybv=0.1497&ytt=260034501543957&is-turbo=0&skip-token=&ad-session-id=5812841576487636612&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22width%22%3A288%2C%22height%22%3A0%2C%22left%22%3A1125%2C%22top%22%3A2616%2C%22visible%22%3A0%2C%22req_no%22%3A3%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&matchid-cookies=fEO4cFbeMKA-n3kK-BaJMvLRxB2QIU2sgp2wBg1jcZVQKeuTbq29xg%3D%3D&matchid-cookies-sign=PtyMFpY5t7FaSHddNsUSKg%3D%3D&p1=cerer&p2=fgou&matchid-direct=1&bids=W3siY2FtcGFpZ25faWQiOjc3MTAwNSwicmVzcG9uc2VfdGltZSI6MTI0NiwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjE0MTAzNzkifV0%3D&grab=dNCe0J3QoiDigJQg0J7QsdGJ0LXQvdCw0YbQuNC-0L3QsNC70YzQvdC-0LUg0YLQtdC70LXQstC40LTQtdC90LjQtSDQkdC10LvQsNGA0YPRgdC4IHwg0JHQtdC70L7RgNGD0YHRgdC60LjQuSDRgtC10LvQtdC60LDQvdCw0Lsg0J7QndCiCjIg0J_QvtGB0LvQtdC00L3QuNC1INC90L7QstC-0YHRgtC4IAoy0JPQu9Cw0LLQvdGL0LUg0L3QvtCy0L7RgdGC0LggCjIg0KHQtdC50YfQsNGBINGH0LjRgtCw0Y7RgiAKMiDQn9C-0L_Rg9C70Y_RgNC90L7QtSDQt9CwINC90LXQtNC10LvRjiAKMiDQnNCw0YDQutC-0LIuINCd0LjRh9C10LPQviDQu9C40YfQvdC-0LPQviAKMiDQntCd0KIg0L3QsCBZb3VUdWJlIAoyINCd0LDRiNC4INC90L7QstC-0YHRgtC4INCe0J3QoiAKMiDQn9GA0L7Qs9GA0LDQvNC80Ysg0Lgg0L_RgNC-0LXQutGC0YsgCjIg0JrQuNC90L4g0Lgg0YHQtdGA0LjQsNC70YsgCjIg0JzRiyDQsiDRgdC-0YbQuNCw0LvRjNC90YvRhSDRgdC10YLRj9GFIAozINCX0LAg0L_QvtGB0LvQtdC00L3QtdC1INC00LXRgdGP0YLQuNC70LXRgtC40LUg0YfQuNGB0LvQviDQv9GA0LDQstC-0L3QsNGA0YPRiNC10L3QuNC5INCy0YvRgNC-0YHQu9C-INCy0LTQstC-0LU6INCb0YPQutCw0YjQtdC90LrQviDQv9GA0L7QstC-0LTQuNGCINGB0L7QstC10YnQsNC90LjQtSDQv9C-INC_0YDQuNC80LXQvdC10L3QuNGOINCw0LTQvNC40L3QuNGB0YLRgNCw0YLQuNCy0L3QvtC5INC-0YLQstC10YLRgdGC0LLQtdC90L3QvtGB0YLQuCAKMyDQl9CwINC_0L7RgdC70LXQtNC90LXQtSDQtNC10YHRj9GC0LjQu9C10YLQuNC1INGH0LjRgdC70L4g0L_RgNCw0LLQvtC90LDRgNGD0YjQtdC90LjQuSDQstGL0YDQvtGB0LvQviDQstC00LLQvtC1OiDQm9GD0LrQsNGI0LXQvdC60L4g0L_RgNC-0LLQvtC00LjRgiDRgdC-0LLQtdGJ0LDQvdC40LUg0L_QviDQv9GA0LjQvNC10L3QtdC90LjRjiDQsNC00LzQuNC90LjRgdGC0YDQsNGC0LjQstC90L7QuSDQvtGC0LLQtdGC0YHRgtCy0LXQvdC90L7RgdGC0LggCjMg0JHQsNC90Log0YDQsNC30LLQuNGC0LjRjyDQmtC40YLQsNGPINCy0YvQtNC10LvQuNGCINCR0LXQu9Cw0YDRg9GB0Lgg0LrRgNC10LTQuNGCINC90LAgMyw1INC80LvRgNC0INGO0LDQvdC10LkgCjMg0JHQtdC70LDRgNGD0YHRjCDQv9C-0LTQvdGP0LvQsNGB0Ywg0LIg0YDQtdC50YLQuNC90LPQtSDRgdCw0LzRi9GFINC80L7Qs9GD0YnQtdGB0YLQstC10L3QvdGL0YUg0YHRgtGA0LDQvSDQvNC40YDQsCAKMyDCq9CS0YHRgtGA0LXRh9CwINC00LLRg9GFINCS0LvQsNC00LjQvNC40YDQvtCywrs6INGB0YLQsNC7INC70Lgg0LzQuNGAINC90LAg0JTQvtC90LHQsNGB0YHQtSDQsdC70LjQttC1INC_0L7RgdC70LUg0L_QtdGA0LXQs9C-0LLQvtGA0L7QsiDCq9C90L7RgNC80LDQvdC00YHQutC-0Lkg0YfQtdGC0LLRkdGA0LrQuMK7INCyINCf0LDRgNC40LbQtT8gCjMg0JHQtdC70L7RgNGD0YHRgdC60LjQtSDQtNCw0LvRjNC90L7QsdC-0LnRidC40LrQuCDRgdGH&utf8=%E2%9C%93 HTTP 302
https://ads.adfox.ru/239538/getBulkTest/v2?dl=https%3A%2F%2Font.by%2F&date=2019-12-16T10%3A13%3A56.673%2B01%3A00&pd=16&pdh=1200&pdw=1600&pr1=40644240&pr=2473837910&prr=&pv=10&pw=1&extid_loader=&extid_tag_loader=ont.by&ylv=0.1505&ybv=0.1497&ytt=260034501543957&is-turbo=0&skip-token=&ad-session-id=5812841576487636612&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22width%22%3A288%2C%22height%22%3A0%2C%22left%22%3A1125%2C%22top%22%3A2616%2C%22visible%22%3A0%2C%22req_no%22%3A3%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&matchid-cookies=fEO4cFbeMKA-n3kK-BaJMvLRxB2QIU2sgp2wBg1jcZVQKeuTbq29xg%3D%3D&matchid-cookies-sign=PtyMFpY5t7FaSHddNsUSKg%3D%3D&p1=cerer&p2=fgou&matchid-direct=1&bids=W3siY2FtcGFpZ25faWQiOjc3MTAwNSwicmVzcG9uc2VfdGltZSI6MTI0NiwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjE0MTAzNzkifV0%3D&grab=dNCe0J3QoiDigJQg0J7QsdGJ0LXQvdCw0YbQuNC-0L3QsNC70YzQvdC-0LUg0YLQtdC70LXQstC40LTQtdC90LjQtSDQkdC10LvQsNGA0YPRgdC4IHwg0JHQtdC70L7RgNGD0YHRgdC60LjQuSDRgtC10LvQtdC60LDQvdCw0Lsg0J7QndCiCjIg0J_QvtGB0LvQtdC00L3QuNC1INC90L7QstC-0YHRgtC4IAoy0JPQu9Cw0LLQvdGL0LUg0L3QvtCy0L7RgdGC0LggCjIg0KHQtdC50YfQsNGBINGH0LjRgtCw0Y7RgiAKMiDQn9C-0L_Rg9C70Y_RgNC90L7QtSDQt9CwINC90LXQtNC10LvRjiAKMiDQnNCw0YDQutC-0LIuINCd0LjRh9C10LPQviDQu9C40YfQvdC-0LPQviAKMiDQntCd0KIg0L3QsCBZb3VUdWJlIAoyINCd0LDRiNC4INC90L7QstC-0YHRgtC4INCe0J3QoiAKMiDQn9GA0L7Qs9GA0LDQvNC80Ysg0Lgg0L_RgNC-0LXQutGC0YsgCjIg0JrQuNC90L4g0Lgg0YHQtdGA0LjQsNC70YsgCjIg0JzRiyDQsiDRgdC-0YbQuNCw0LvRjNC90YvRhSDRgdC10YLRj9GFIAozINCX0LAg0L_QvtGB0LvQtdC00L3QtdC1INC00LXRgdGP0YLQuNC70LXRgtC40LUg0YfQuNGB0LvQviDQv9GA0LDQstC-0L3QsNGA0YPRiNC10L3QuNC5INCy0YvRgNC-0YHQu9C-INCy0LTQstC-0LU6INCb0YPQutCw0YjQtdC90LrQviDQv9GA0L7QstC-0LTQuNGCINGB0L7QstC10YnQsNC90LjQtSDQv9C-INC_0YDQuNC80LXQvdC10L3QuNGOINCw0LTQvNC40L3QuNGB0YLRgNCw0YLQuNCy0L3QvtC5INC-0YLQstC10YLRgdGC0LLQtdC90L3QvtGB0YLQuCAKMyDQl9CwINC_0L7RgdC70LXQtNC90LXQtSDQtNC10YHRj9GC0LjQu9C10YLQuNC1INGH0LjRgdC70L4g0L_RgNCw0LLQvtC90LDRgNGD0YjQtdC90LjQuSDQstGL0YDQvtGB0LvQviDQstC00LLQvtC1OiDQm9GD0LrQsNGI0LXQvdC60L4g0L_RgNC-0LLQvtC00LjRgiDRgdC-0LLQtdGJ0LDQvdC40LUg0L_QviDQv9GA0LjQvNC10L3QtdC90LjRjiDQsNC00LzQuNC90LjRgdGC0YDQsNGC0LjQstC90L7QuSDQvtGC0LLQtdGC0YHRgtCy0LXQvdC90L7RgdGC0LggCjMg0JHQsNC90Log0YDQsNC30LLQuNGC0LjRjyDQmtC40YLQsNGPINCy0YvQtNC10LvQuNGCINCR0LXQu9Cw0YDRg9GB0Lgg0LrRgNC10LTQuNGCINC90LAgMyw1INC80LvRgNC0INGO0LDQvdC10LkgCjMg0JHQtdC70LDRgNGD0YHRjCDQv9C-0LTQvdGP0LvQsNGB0Ywg0LIg0YDQtdC50YLQuNC90LPQtSDRgdCw0LzRi9GFINC80L7Qs9GD0YnQtdGB0YLQstC10L3QvdGL0YUg0YHRgtGA0LDQvSDQvNC40YDQsCAKMyDCq9CS0YHRgtGA0LXRh9CwINC00LLRg9GFINCS0LvQsNC00LjQvNC40YDQvtCywrs6INGB0YLQsNC7INC70Lgg0LzQuNGAINC90LAg0JTQvtC90LHQsNGB0YHQtSDQsdC70LjQttC1INC_0L7RgdC70LUg0L_QtdGA0LXQs9C-0LLQvtGA0L7QsiDCq9C90L7RgNC80LDQvdC00YHQutC-0Lkg0YfQtdGC0LLRkdGA0LrQuMK7INCyINCf0LDRgNC40LbQtT8gCjMg0JHQtdC70L7RgNGD0YHRgdC60LjQtSDQtNCw0LvRjNC90L7QsdC-0LnRidC40LrQuCDRgdGH&utf8=%E2%9C%93

Request Chain 184

https://ads.adfox.ru/239538/getBulk/v2?dl=https%3A%2F%2Font.by%2F&date=2019-12-16T10%3A13%3A56.675%2B01%3A00&pd=16&pdh=1200&pdw=1600&pr1=3125563862&pr=2473837910&prr=&pv=10&pw=1&extid_loader=&extid_tag_loader=ont.by&ylv=0.1505&ybv=0.1497&ytt=260034501543957&is-turbo=0&skip-token=&ad-session-id=5812841576487636612&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22width%22%3A1240%2C%22height%22%3A0%2C%22left%22%3A173%2C%22top%22%3A3992%2C%22visible%22%3A0%2C%22req_no%22%3A4%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&matchid-cookies=fEO4cFbeMKA-n3kK-BaJMvLRxB2QIU2sgp2wBg1jcZVQKeuTbq29xg%3D%3D&matchid-cookies-sign=PtyMFpY5t7FaSHddNsUSKg%3D%3D&p1=ceret&p2=y&matchid-direct=1&bids=W3siY2FtcGFpZ25faWQiOjc3MTAwNSwicmVzcG9uc2VfdGltZSI6MTI0NiwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjE0MTAzODIifV0%3D&grab=dNCe0J3QoiDigJQg0J7QsdGJ0LXQvdCw0YbQuNC-0L3QsNC70YzQvdC-0LUg0YLQtdC70LXQstC40LTQtdC90LjQtSDQkdC10LvQsNGA0YPRgdC4IHwg0JHQtdC70L7RgNGD0YHRgdC60LjQuSDRgtC10LvQtdC60LDQvdCw0Lsg0J7QndCiCjIg0J_QvtGB0LvQtdC00L3QuNC1INC90L7QstC-0YHRgtC4IAoy0JPQu9Cw0LLQvdGL0LUg0L3QvtCy0L7RgdGC0LggCjIg0KHQtdC50YfQsNGBINGH0LjRgtCw0Y7RgiAKMiDQn9C-0L_Rg9C70Y_RgNC90L7QtSDQt9CwINC90LXQtNC10LvRjiAKMiDQnNCw0YDQutC-0LIuINCd0LjRh9C10LPQviDQu9C40YfQvdC-0LPQviAKMiDQntCd0KIg0L3QsCBZb3VUdWJlIAoyINCd0LDRiNC4INC90L7QstC-0YHRgtC4INCe0J3QoiAKMiDQn9GA0L7Qs9GA0LDQvNC80Ysg0Lgg0L_RgNC-0LXQutGC0YsgCjIg0JrQuNC90L4g0Lgg0YHQtdGA0LjQsNC70YsgCjIg0JzRiyDQsiDRgdC-0YbQuNCw0LvRjNC90YvRhSDRgdC10YLRj9GFIAozINCX0LAg0L_QvtGB0LvQtdC00L3QtdC1INC00LXRgdGP0YLQuNC70LXRgtC40LUg0YfQuNGB0LvQviDQv9GA0LDQstC-0L3QsNGA0YPRiNC10L3QuNC5INCy0YvRgNC-0YHQu9C-INCy0LTQstC-0LU6INCb0YPQutCw0YjQtdC90LrQviDQv9GA0L7QstC-0LTQuNGCINGB0L7QstC10YnQsNC90LjQtSDQv9C-INC_0YDQuNC80LXQvdC10L3QuNGOINCw0LTQvNC40L3QuNGB0YLRgNCw0YLQuNCy0L3QvtC5INC-0YLQstC10YLRgdGC0LLQtdC90L3QvtGB0YLQuCAKMyDQl9CwINC_0L7RgdC70LXQtNC90LXQtSDQtNC10YHRj9GC0LjQu9C10YLQuNC1INGH0LjRgdC70L4g0L_RgNCw0LLQvtC90LDRgNGD0YjQtdC90LjQuSDQstGL0YDQvtGB0LvQviDQstC00LLQvtC1OiDQm9GD0LrQsNGI0LXQvdC60L4g0L_RgNC-0LLQvtC00LjRgiDRgdC-0LLQtdGJ0LDQvdC40LUg0L_QviDQv9GA0LjQvNC10L3QtdC90LjRjiDQsNC00LzQuNC90LjRgdGC0YDQsNGC0LjQstC90L7QuSDQvtGC0LLQtdGC0YHRgtCy0LXQvdC90L7RgdGC0LggCjMg0JHQsNC90Log0YDQsNC30LLQuNGC0LjRjyDQmtC40YLQsNGPINCy0YvQtNC10LvQuNGCINCR0LXQu9Cw0YDRg9GB0Lgg0LrRgNC10LTQuNGCINC90LAgMyw1INC80LvRgNC0INGO0LDQvdC10LkgCjMg0JHQtdC70LDRgNGD0YHRjCDQv9C-0LTQvdGP0LvQsNGB0Ywg0LIg0YDQtdC50YLQuNC90LPQtSDRgdCw0LzRi9GFINC80L7Qs9GD0YnQtdGB0YLQstC10L3QvdGL0YUg0YHRgtGA0LDQvSDQvNC40YDQsCAKMyDCq9CS0YHRgtGA0LXRh9CwINC00LLRg9GFINCS0LvQsNC00LjQvNC40YDQvtCywrs6INGB0YLQsNC7INC70Lgg0LzQuNGAINC90LAg0JTQvtC90LHQsNGB0YHQtSDQsdC70LjQttC1INC_0L7RgdC70LUg0L_QtdGA0LXQs9C-0LLQvtGA0L7QsiDCq9C90L7RgNC80LDQvdC00YHQutC-0Lkg0YfQtdGC0LLRkdGA0LrQuMK7INCyINCf0LDRgNC40LbQtT8gCjMg0JHQtdC70L7RgNGD0YHRgdC60LjQtSDQtNCw0LvRjNC90L7QsdC-0LnRidC40LrQuCDRgdGH&utf8=%E2%9C%93 HTTP 302
https://ads.adfox.ru/239538/getBulkTest/v2?dl=https%3A%2F%2Font.by%2F&date=2019-12-16T10%3A13%3A56.675%2B01%3A00&pd=16&pdh=1200&pdw=1600&pr1=3125563862&pr=2473837910&prr=&pv=10&pw=1&extid_loader=&extid_tag_loader=ont.by&ylv=0.1505&ybv=0.1497&ytt=260034501543957&is-turbo=0&skip-token=&ad-session-id=5812841576487636612&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22width%22%3A1240%2C%22height%22%3A0%2C%22left%22%3A173%2C%22top%22%3A3992%2C%22visible%22%3A0%2C%22req_no%22%3A4%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&matchid-cookies=fEO4cFbeMKA-n3kK-BaJMvLRxB2QIU2sgp2wBg1jcZVQKeuTbq29xg%3D%3D&matchid-cookies-sign=PtyMFpY5t7FaSHddNsUSKg%3D%3D&p1=ceret&p2=y&matchid-direct=1&bids=W3siY2FtcGFpZ25faWQiOjc3MTAwNSwicmVzcG9uc2VfdGltZSI6MTI0NiwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjE0MTAzODIifV0%3D&grab=dNCe0J3QoiDigJQg0J7QsdGJ0LXQvdCw0YbQuNC-0L3QsNC70YzQvdC-0LUg0YLQtdC70LXQstC40LTQtdC90LjQtSDQkdC10LvQsNGA0YPRgdC4IHwg0JHQtdC70L7RgNGD0YHRgdC60LjQuSDRgtC10LvQtdC60LDQvdCw0Lsg0J7QndCiCjIg0J_QvtGB0LvQtdC00L3QuNC1INC90L7QstC-0YHRgtC4IAoy0JPQu9Cw0LLQvdGL0LUg0L3QvtCy0L7RgdGC0LggCjIg0KHQtdC50YfQsNGBINGH0LjRgtCw0Y7RgiAKMiDQn9C-0L_Rg9C70Y_RgNC90L7QtSDQt9CwINC90LXQtNC10LvRjiAKMiDQnNCw0YDQutC-0LIuINCd0LjRh9C10LPQviDQu9C40YfQvdC-0LPQviAKMiDQntCd0KIg0L3QsCBZb3VUdWJlIAoyINCd0LDRiNC4INC90L7QstC-0YHRgtC4INCe0J3QoiAKMiDQn9GA0L7Qs9GA0LDQvNC80Ysg0Lgg0L_RgNC-0LXQutGC0YsgCjIg0JrQuNC90L4g0Lgg0YHQtdGA0LjQsNC70YsgCjIg0JzRiyDQsiDRgdC-0YbQuNCw0LvRjNC90YvRhSDRgdC10YLRj9GFIAozINCX0LAg0L_QvtGB0LvQtdC00L3QtdC1INC00LXRgdGP0YLQuNC70LXRgtC40LUg0YfQuNGB0LvQviDQv9GA0LDQstC-0L3QsNGA0YPRiNC10L3QuNC5INCy0YvRgNC-0YHQu9C-INCy0LTQstC-0LU6INCb0YPQutCw0YjQtdC90LrQviDQv9GA0L7QstC-0LTQuNGCINGB0L7QstC10YnQsNC90LjQtSDQv9C-INC_0YDQuNC80LXQvdC10L3QuNGOINCw0LTQvNC40L3QuNGB0YLRgNCw0YLQuNCy0L3QvtC5INC-0YLQstC10YLRgdGC0LLQtdC90L3QvtGB0YLQuCAKMyDQl9CwINC_0L7RgdC70LXQtNC90LXQtSDQtNC10YHRj9GC0LjQu9C10YLQuNC1INGH0LjRgdC70L4g0L_RgNCw0LLQvtC90LDRgNGD0YjQtdC90LjQuSDQstGL0YDQvtGB0LvQviDQstC00LLQvtC1OiDQm9GD0LrQsNGI0LXQvdC60L4g0L_RgNC-0LLQvtC00LjRgiDRgdC-0LLQtdGJ0LDQvdC40LUg0L_QviDQv9GA0LjQvNC10L3QtdC90LjRjiDQsNC00LzQuNC90LjRgdGC0YDQsNGC0LjQstC90L7QuSDQvtGC0LLQtdGC0YHRgtCy0LXQvdC90L7RgdGC0LggCjMg0JHQsNC90Log0YDQsNC30LLQuNGC0LjRjyDQmtC40YLQsNGPINCy0YvQtNC10LvQuNGCINCR0LXQu9Cw0YDRg9GB0Lgg0LrRgNC10LTQuNGCINC90LAgMyw1INC80LvRgNC0INGO0LDQvdC10LkgCjMg0JHQtdC70LDRgNGD0YHRjCDQv9C-0LTQvdGP0LvQsNGB0Ywg0LIg0YDQtdC50YLQuNC90LPQtSDRgdCw0LzRi9GFINC80L7Qs9GD0YnQtdGB0YLQstC10L3QvdGL0YUg0YHRgtGA0LDQvSDQvNC40YDQsCAKMyDCq9CS0YHRgtGA0LXRh9CwINC00LLRg9GFINCS0LvQsNC00LjQvNC40YDQvtCywrs6INGB0YLQsNC7INC70Lgg0LzQuNGAINC90LAg0JTQvtC90LHQsNGB0YHQtSDQsdC70LjQttC1INC_0L7RgdC70LUg0L_QtdGA0LXQs9C-0LLQvtGA0L7QsiDCq9C90L7RgNC80LDQvdC00YHQutC-0Lkg0YfQtdGC0LLRkdGA0LrQuMK7INCyINCf0LDRgNC40LbQtT8gCjMg0JHQtdC70L7RgNGD0YHRgdC60LjQtSDQtNCw0LvRjNC90L7QsdC-0LnRidC40LrQuCDRgdGH&utf8=%E2%9C%93

Request Chain 224

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

Request Chain 229

https://ads.adfox.ru/239538/event?hash=4e4909517a8834cd&pm=bmo&rand=jnaegb&sj=molkcGShuBpFQyS-WidhvFdiKOe9NrT5ndksa1xd0Fnbv9XZ99XRsS3MqdInYky06lQR78D9m7ui40WKZS_dgyUJ2VeP6r8Ze9re7EoTuA%3D%3D&ad-session-id=5812841576487636612&lts=fcrvmhw&pxo=5uiZRzYXYleTwNzER6VqE9WW12qmDQopNpBqRnG7nS_pNjgzB0ObYUfaA5pxn1mxjmHfw6wN0iNIlAc-R_uvSUW37FhG1nw9hObEaYW3ZV3MPtRQ4P9WQvrHR-85EmQNUw%3D%3D&ytt=260034501543957&p2=y&rtb-si=b&ylv=0.1505&dl=https%3A%2F%2Font.by%2F&ybv=0.1497&p5=fxybz&pr=iafmxny&p1=ceret&rqs=03JuKqPsHEfUSvddV1hi4KPHO-kCI9TT HTTP 302
https://matchid.adfox.yandex.ru/?url=a8075bf1c7376ab37971b6d80664e4d2ef00c49141bc042db11aceae986d6846871af0250c156bdefe20de8e0597cb394e05a504fb8fb096f05fa0270641c9103b8f52204b35a3a97c5f5c829f638f5901dcc35dc54a06cf&sign=18e7f58be6d294a587ea226518dd02c2 HTTP 302
https://ads.adfox.ru/239538/event?yandexuid=3441922868381447110&sign=2e54f40400a04721d309b82176163209&rqs=03JuKqPsHEfUSvddV1hi4KPHO-kCI9TT&matchid-br=1

Request Chain 230

https://ads.adfox.ru/239538/event?hash=bdda14691141758b&pm=bmo&rand=bfrpzrn&sj=p2tEorX__55JiJdZ73z5tWQp1rMKonqy-w8PLBFJfw_moRw1ukrAjofWCvh_DIDy5CMr_btBFc8Q6Za0BzHRCYK3RuXEjdK9wykGQKfFBA%3D%3D&ad-session-id=5812841576487636612&lts=fcrvmhw&pxo=HHC3vz6_SYT-7cQSUufSpl7eNIS_8VIPz6RGg8LhbnFQU5x4wNM5x7dqrtx71hmyKkeM6YLoHOz8sL-qJTIL0sSyjaCeauqAJiiI0wDBRxDAvGBj3Ji0iu6uxUhwNMpgjQ%3D%3D&ytt=260034501543957&p2=fgou&rtb-si=b&ylv=0.1505&dl=https%3A%2F%2Font.by%2F&ybv=0.1497&p5=fxxyn&pr=iafmxny&p1=cerer&rqs=03JuKqPsHEfUSvdd4nG_ZdAU_eLNheiS HTTP 302
https://matchid.adfox.yandex.ru/?url=a8075bf1c7376ab37971b6d80664e4d2ef00c49141bc042db11aceae986d6846871af0250c156bdefe20de8e0597cb39b9c77f96ff9cd8d362308b7cf06ac021fe1a5420078123d67c5f5c829f638f5901dcc35dc54a06cf&sign=f7abf57792aefad12c6bac7ce14f29f3 HTTP 302
https://ads.adfox.ru/239538/event?yandexuid=7283100043817059813&sign=5560b5fec3fba4654291f3929ac2c31e&rqs=03JuKqPsHEfUSvdd4nG_ZdAU_eLNheiS&matchid-br=1

Request Chain 288

https://mc.yandex.ru/watch/386897?wmode=7&cnt-class=1&nohit=1&page-url=https%3A%2F%2Font.by%2F&charset=utf-8&browser-info=ti%3A10%3Adp%3A1%3Ans%3A1576487634231%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A3%3Aw%3A1585x1185%3Az%3A60%3Ai%3A20191216101355%3Aet%3A1576487638%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aad%3A1%3Apv%3A1%3Arn%3A349734511%3Ahid%3A704068923%3Agdpr%3A14%3Av%3A1776%3Ast%3A1576487638%3Au%3A1576487636713505257%3App%3A3629563401%3At%3A%D0%9E%D0%9D%D0%A2%20%E2%80%94%20%D0%9E%D0%B1%D1%89%D0%B5%D0%BD%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%B0%D0%BB%D1%8C%D0%BD%D0%BE%D0%B5%20%D1%82%D0%B5%D0%BB%D0%B5%D0%B2%D0%B8%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%7C%20%D0%91%D0%B5%D0%BB%D0%BE%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8%D0%B9%20%D1%82%D0%B5%D0%BB%D0%B5%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20%D0%9E%D0%9D%D0%A2 HTTP 302
https://mc.yandex.ru/watch/386897/1?wmode=7&cnt-class=1&nohit=1&page-url=https%3A%2F%2Font.by%2F&charset=utf-8&browser-info=ti%3A10%3Adp%3A1%3Ans%3A1576487634231%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A3%3Aw%3A1585x1185%3Az%3A60%3Ai%3A20191216101355%3Aet%3A1576487638%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aad%3A1%3Apv%3A1%3Arn%3A349734511%3Ahid%3A704068923%3Agdpr%3A14%3Av%3A1776%3Ast%3A1576487638%3Au%3A1576487636713505257%3App%3A3629563401%3At%3A%D0%9E%D0%9D%D0%A2%20%E2%80%94%20%D0%9E%D0%B1%D1%89%D0%B5%D0%BD%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%B0%D0%BB%D1%8C%D0%BD%D0%BE%D0%B5%20%D1%82%D0%B5%D0%BB%D0%B5%D0%B2%D0%B8%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%7C%20%D0%91%D0%B5%D0%BB%D0%BE%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8%D0%B9%20%D1%82%D0%B5%D0%BB%D0%B5%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20%D0%9E%D0%9D%D0%A2

Request Chain 290

https://mc.yandex.ru/watch/386897?cnt-class=1&page-url=https%3A%2F%2Font.by%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1576487634231%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A3%3Aw%3A1585x1185%3Az%3A60%3Ai%3A20191216101358%3Aet%3A1576487638%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Apv%3A1%3Arn%3A679322600%3Ahid%3A704068923%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%3Agdpr%3A14%3Av%3A1776%3Ast%3A1576487638%3Au%3A1576487636713505257%3App%3A3629563401%3At%3A%D0%9E%D0%9D%D0%A2%20%E2%80%94%20%D0%9E%D0%B1%D1%89%D0%B5%D0%BD%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%B0%D0%BB%D1%8C%D0%BD%D0%BE%D0%B5%20%D1%82%D0%B5%D0%BB%D0%B5%D0%B2%D0%B8%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%7C%20%D0%91%D0%B5%D0%BB%D0%BE%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8%D0%B9%20%D1%82%D0%B5%D0%BB%D0%B5%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20%D0%9E%D0%9D%D0%A2 HTTP 302
https://mc.yandex.ru/watch/386897/1?cnt-class=1&page-url=https%3A%2F%2Font.by%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1576487634231%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A3%3Aw%3A1585x1185%3Az%3A60%3Ai%3A20191216101358%3Aet%3A1576487638%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Apv%3A1%3Arn%3A679322600%3Ahid%3A704068923%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%3Agdpr%3A14%3Av%3A1776%3Ast%3A1576487638%3Au%3A1576487636713505257%3App%3A3629563401%3At%3A%D0%9E%D0%9D%D0%A2%20%E2%80%94%20%D0%9E%D0%B1%D1%89%D0%B5%D0%BD%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%B0%D0%BB%D1%8C%D0%BD%D0%BE%D0%B5%20%D1%82%D0%B5%D0%BB%D0%B5%D0%B2%D0%B8%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%7C%20%D0%91%D0%B5%D0%BB%D0%BE%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8%D0%B9%20%D1%82%D0%B5%D0%BB%D0%B5%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20%D0%9E%D0%9D%D0%A2

Request Chain 325

https://mc.yandex.ru/watch/26812653?page-url=https%3A%2F%2Font.by%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1576487634231%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1185%3Az%3A60%3Ai%3A20191216101410%3Aet%3A1576487651%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Anb%3A1%3Acl%3A574%3Arn%3A124389142%3Ahid%3A704068923%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C5067%2C5067%2C28%2C%3Agdpr%3A14%3Av%3A1776%3Ast%3A1576487651%3Au%3A1576487636713505257%3App%3A3629563401 HTTP 302
https://mc.yandex.ru/watch/26812653/1?page-url=https%3A%2F%2Font.by%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1576487634231%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1185%3Az%3A60%3Ai%3A20191216101410%3Aet%3A1576487651%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Anb%3A1%3Acl%3A574%3Arn%3A124389142%3Ahid%3A704068923%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C5067%2C5067%2C28%2C%3Agdpr%3A14%3Av%3A1776%3Ast%3A1576487651%3Au%3A1576487636713505257%3App%3A3629563401

317 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ont.by/
Redirect Chain

http://ont.by/
https://ont.by/

408 KB
57 KB

185ms
61ms

Document
text/html

93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 690a52ec779510fa03644fb3e2702fdaa6f42bd2de640abe1dfaced2b1f89daa

Request headers

:method: GET
:authority: ont.by
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
server: nginx
date: Mon, 16 Dec 2019 09:13:54 GMT
content-type: text/html; charset=utf-8
etag: "660c6-OD3mTQkbVDQDJIzj/UDPiglg6pc"
vary: Accept-Encoding
content-encoding: gzip
x-response-time: 0.000
x-cache-status: HIT
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

Redirect headers

Server: nginx
Date: Mon, 16 Dec 2019 09:13:54 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://ont.by/
X-Response-Time: 0.000
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 7a2023d4115017182b40.js Show response
ont.by/_nuxt/ 168 KB
56 KB 64ms
63ms Script
application/javascript 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://ont.by/_nuxt/7a2023d4115017182b40.js
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 78cdb7bfafdeb0a21fee435777e2a659c5884cf80698fe8281f4498035eeab4b

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:54 GMT
content-encoding: gzip
last-modified: Mon, 11 Nov 2019 14:33:22 GMT
server: nginx
access-control-allow-origin: *
etag: W/"2a155-16e5ae22d47"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=31536000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 22fc3f658e705c0ce8d1.js Show response
ont.by/_nuxt/ 2 MB
413 KB 95ms
95ms Script
application/javascript 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://ont.by/_nuxt/22fc3f658e705c0ce8d1.js
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 714117546d7867639fbf9c99baefe213cf33c5a9db5461a5062b0b4ac7886496

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:54 GMT
content-encoding: gzip
last-modified: Mon, 11 Nov 2019 14:33:22 GMT
server: nginx
access-control-allow-origin: *
etag: W/"18e1b6-16e5ae22d57"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=31536000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 ce104396bdf84b4d7313.js Show response
ont.by/_nuxt/ 287 KB
64 KB 137ms
137ms Script
application/javascript 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://ont.by/_nuxt/ce104396bdf84b4d7313.js
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 9c97a482ca5f4d6d2a18303c79b33cfe70e8e569efd29eb08d8b8d25cce8a71b

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:54 GMT
content-encoding: gzip
last-modified: Mon, 11 Nov 2019 14:33:22 GMT
server: nginx
access-control-allow-origin: *
etag: W/"47c6b-16e5ae22d47"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=31536000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 d48c73bcbd0af78de6b7.js Show response
ont.by/_nuxt/ 87 KB
17 KB 137ms
137ms Script
application/javascript 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://ont.by/_nuxt/d48c73bcbd0af78de6b7.js
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: f2a56473cab6529f4880cb0a3bc4e05ee695da60d5b3d595b4cfbed56a3c28ab

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:54 GMT
content-encoding: gzip
last-modified: Mon, 11 Nov 2019 14:33:22 GMT
server: nginx
access-control-allow-origin: *
etag: W/"15b02-16e5ae22d4b"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=31536000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 013bfbe2254c7aa6660cca629e974e0b_0.js Show response
cdn.sendpulse.com/js/push/ 3 B
1 KB 97ms
23ms Script
application/javascript 195.181.175.10
CDN77

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.sendpulse.com/js/push/013bfbe2254c7aa6660cca629e974e0b_0.js

Requested by

Host: ont.by
URL: https://ont.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.181.175.10 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),

Reverse DNS

frankfurt-2.cdn77.com

Software

CDN77-Turbo /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Content-Security-Policy	default-src wss://* blob: data: .sendpulse.com .sendpulse.com:4434 .pulse-stat.com .stat-pulse.com .pulse-stat.com:8080 .stat-pulse.com:8080 http://.sendpulse.com:4434 http://.pulse-stat.com http://.stat-pulse.com http://.pulse-stat.com:8080 http://.stat-pulse.com:8080 .sendpulse.ua .sendpulse.by .sendpulse.kz .sendpulse.cl .sendpulse.mx .sendpulse.com.tr .routee.net .bizml.ru .jquery.com .youtube.com .ytimg.com .vimeocdn.com .tinymce.com .ampproject.org .hotjar.com .hotjar.io .ipinfo.io .highcharts.com .appspot.com .doubleclick.net .facebook.com .facebook.net .fbcdn.net .fbsbx.com .rawgit.com .cloudflare.com .jsdelivr.net .kissmetrics.com .bitrix24.com .quantserve.com .quantcount.com .twitter.com .offershub.ru .stripe.com .braintreegateway.com .mlstatic.com .cloudpayments.ru .woopra.com .jivosite.com .google.com .google.com.ua .googleadservices.com .google-analytics.com .googleapis.com .googletagmanager.com .gstatic.com .online-metrix.net .maxmind.com .revisionme.com .yandex.ru .ymetrica.ru .mmapiws.com .bootstrapcdn.com .kaptcha.com .paypal.com .paypalobjects.com .mercadopago.com.br .mercadopago.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: ; font-src data: ; style-src 'unsafe-inline';, frame-ancestors 'self';
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:54 GMT
x-content-type-options: nosniff
x-edge-location: frankfurtDE
x-cache: HIT
status: 200
x-age: 134945
content-length: 3
x-xss-protection: 1; mode=block
last-modified: Mon, 03 Jun 2019 08:34:49 GMT
server: CDN77-Turbo
etag: "3-58a673ccd5d52"
vary: User-Agent,Host
content-type: application/javascript
cache-control: max-age=604800
x-edge-ip: 195.181.175.2
content-security-policy: default-src wss://* blob: data: *.sendpulse.com *.sendpulse.com:4434 *.pulse-stat.com *.stat-pulse.com *.pulse-stat.com:8080 *.stat-pulse.com:8080 http://*.sendpulse.com:4434 http://*.pulse-stat.com http://*.stat-pulse.com http://*.pulse-stat.com:8080 http://*.stat-pulse.com:8080 *.sendpulse.ua *.sendpulse.by *.sendpulse.kz *.sendpulse.cl *.sendpulse.mx *.sendpulse.com.tr *.routee.net *.bizml.ru *.jquery.com *.youtube.com *.ytimg.com *.vimeocdn.com *.tinymce.com *.ampproject.org *.hotjar.com *.hotjar.io *.ipinfo.io *.highcharts.com *.appspot.com *.doubleclick.net *.facebook.com *.facebook.net *.fbcdn.net *.fbsbx.com *.rawgit.com *.cloudflare.com *.jsdelivr.net *.kissmetrics.com *.bitrix24.com *.quantserve.com *.quantcount.com *.twitter.com *.offershub.ru *.stripe.com *.braintreegateway.com *.mlstatic.com *.cloudpayments.ru *.woopra.com *.jivosite.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.online-metrix.net *.maxmind.com *.revisionme.com *.yandex.ru *.ymetrica.ru *.mmapiws.com *.bootstrapcdn.com *.kaptcha.com *.paypal.com *.paypalobjects.com *.mercadopago.com.br *.mercadopago.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: *; font-src data: *; style-src * 'unsafe-inline';, frame-ancestors 'self';
accept-ranges: bytes
expires: Sat, 28 Sep 2019 18:14:04 GMT

GET
H2 200 share.js Show response
yastatic.net/share2/ 79 KB
27 KB 134ms
64ms Script
application/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL: https://yastatic.net/share2/share.js
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash: 64b77871affe1f7eebcf4059ee5472ded7a4c8e9e97007c6009a630292c39e09

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:54 GMT
content-encoding: br
last-modified: Tue, 24 Sep 2019 14:43:31 GMT
server: nginx/1.17.6
access-control-allow-origin: *
etag: W/"3078d7e2a7035017beffbfd531431429"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=259200, public
x-nginx-request-id: f16d397030997073
timing-allow-origin: *
expires: Thu, 19 Dec 2019 09:12:16 GMT

GET
H/1.1 200
OK platform.js Show response
cdn.embedly.com/widgets/ 71 KB
22 KB 316ms
28ms Script
application/javascript 104.16.89.50
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.embedly.com/widgets/platform.js
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.89.50 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb4cfa03e5a27d66a8e6e2e7eafe1b6bb015b120f1c7a26807aac348877564a2

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 16 Dec 2019 09:13:54 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
x-amz-request-id: 2BD37A8219DFA71A
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive
x-amz-id-2: ray84kx8Vwwk2SQtH5Hoc234ucC00o3X+etz2w7x13crzLdrEQXrJ4BXPzLiq8FO8dNfSae3n38=
Last-Modified: Thu, 31 Oct 2019 19:31:11 GMT
Server: cloudflare
ETag: W/"894925b9d4b50040e63fa1a648145b8d"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
x-amz-version-id: 3dvYL4H3zhmuBPTHOp2KjqTIqSDRRD8.
Cache-Control: public, max-age=300
CF-RAY: 545f8b4679e0c765-AMS
Expires: Mon, 16 Dec 2019 09:18:54 GMT

GET
H2 200 openapi.js Show response
vk.com/js/api/ 96 KB
23 KB 575ms
61ms Script
application/x-javascript 87.240.190.78
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/js/api/openapi.js?154
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.240.190.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),
Reverse DNS: srv78-190-240-87.vk.com
Software: VK /
Resource Hash: a3dbceb309daebd30f05e8bf72bdf2e82b680b892399bd20c3d05673297d052b

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:55 GMT
content-encoding: gzip
x-frontend: front213209
last-modified: Mon, 16 Dec 2019 01:18:18 GMT
server: VK
etag: "5df6db5a-5a8d"
content-type: application/x-javascript
status: 200
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
content-length: 23181
expires: Fri, 20 Dec 2019 09:13:55 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 8ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: ont.by
URL: https://ont.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

f0d04ff6de6ab0a54c346d546ffc91affee788c0780193bf57d69a9e1ffae5d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: PWVb214TCeyL/Oe03YV1MA==
status: 200
date: Mon, 16 Dec 2019 09:13:54 GMT
expires: Mon, 16 Dec 2019 09:32:52 GMT
alt-svc: h3-24=":443"; ma=3600
content-length: 1779
x-fb-debug: 6QRrisVXZR2JaSn8x4lOND6RtnZikgkOIjDpyO88gJkCQvJwqJpUg2YHFAag2ucqKyz8YBawUvIfRrqVmzm13A==
x-fb-trip-id: 420120009
x-fb-content-md5: f8cf8a40d2f56a209422bf8fa5a2d546
etag: "83003ec8fe61a78a7e1c5972b76b79f3"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 69ms
22ms Script
application/javascript 151.101.12.157
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: ff6a67b5b4c91cf683b9168393ce7aa41d64326a40b928809cdf7e15d0b3c8b8

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:54 GMT
content-encoding: gzip
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 28837
x-served-by: cache-iad2125-IAD, cache-fra19128-FRA
last-modified: Tue, 10 Dec 2019 23:46:10 GMT
etag: "a41dba1e30b9426e9a69c373d2c94042+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1800
accept-ranges: bytes
tw-cdn: FT

GET
H2 200 connect.js Show response
connect.ok.ru/ 3 KB
1 KB 181ms
59ms Script
text/javascript 217.20.147.3
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.ok.ru/connect.js
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.20.147.3 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS: ip3.147.odnoklassniki.ru
Software: apache /
Resource Hash: 833f61080c01cd7463fa82cd8520c599b19563547b0dc79a939f22380eae946f

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Mon, 16 Dec 2019 09:13:54 GMT
content-encoding: br
server: apache
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8

GET
H2 200 header-bidding.js Show response
yastatic.net/pcode/adfox/ 158 KB
36 KB 158ms
88ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/pcode/adfox/header-bidding.js

Requested by

Host: ont.by
URL: https://ont.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.6 /

Resource Hash

6ab14de5b89d89106d913f48cb03c6e0144cca2d39299b3fb47a9140ab5b7f14

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:54 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=43200000; includeSubDomains;
content-length: 36902
last-modified: Fri, 13 Dec 2019 16:37:13 GMT
server: nginx/1.17.6
etag: "1ab0f30403ea93fac120a40e36e0a43e"
x-robots-tag: noindex, noarchive, nofollow
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, public
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 Dec 2019 10:11:44 GMT

GET
H2 200 loader.js Show response
yastatic.net/pcode/adfox/ 162 KB
38 KB 184ms
114ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/pcode/adfox/loader.js

Requested by

Host: ont.by
URL: https://ont.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.6 /

Resource Hash

09d260913824ead4ea39e218afea0c6c270d4d419a8f157675a4342c0a77fb07

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:54 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=43200000; includeSubDomains;
content-length: 38857
last-modified: Fri, 13 Dec 2019 16:37:13 GMT
server: nginx/1.17.6
etag: "fb9be0a853d3006b6aa1fbc1fdda5969"
x-robots-tag: noindex, noarchive, nofollow
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, public
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 Dec 2019 10:13:35 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 267 KB
91 KB 61ms
40ms Script
text/javascript 2a00:1450:4001:81d::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: ont.by
URL: https://ont.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

918c4485a28931feb333074355c2f4c2e915ffa51fe70b8797e9432c37b22b8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 92690
x-xss-protection: 0
expires: Mon, 16 Dec 2019 09:13:54 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 104 KB
37 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ont.by
URL: https://ont.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

68bcdec2fdc6ce23468b97a8c39a3f9eb86233e03be5072bf3b438ac1433714d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37933
x-xss-protection: 0
server: cafe
etag: 2924851815849280674
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 16 Dec 2019 09:13:54 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 56 KB
21 KB 16ms
14ms Script
application/javascript 2a00:1450:4001:80b::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TWDQFR6&l=dataLayer

Requested by

Host: ont.by
URL: https://ont.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8868e00b355960d8d591a00d7b8d58ea5cecd55b63d87edd9fa55180f95e1a44

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:54 GMT
content-encoding: br
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 21388
x-xss-protection: 0
expires: Mon, 16 Dec 2019 09:13:54 GMT

GET
H/1.1 200
OK watch.js Show response
mc.yandex.ru/metrika/ 134 KB
40 KB 188ms
93ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: ont.by
URL: https://ont.by/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

b24d8a4ace8c1a13ccb94b77ceac513d371d5822ed03a81e74c60ed545eda861

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 16 Dec 2019 09:13:54 GMT
Content-Encoding: br
Last-Modified: Tue, 10 Dec 2019 10:33:56 GMT
Server: nginx/1.14.2
ETag: "5def7494-9dd5"
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Content-Length: 40405
Expires: Mon, 16 Dec 2019 10:13:54 GMT

GET
H2 200 logo.ec0f4ee.svg
ont.by/_nuxt/img/ 1 KB
935 B 116ms
115ms Image
image/svg+xml 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/_nuxt/img/logo.ec0f4ee.svg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: bd958f1c9c1c9154943f69814f8007e7ec08017e03f90d2c2f443377c4985e04

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:54 GMT
content-encoding: gzip
last-modified: Mon, 11 Nov 2019 14:33:22 GMT
server: nginx
access-control-allow-origin: *
etag: W/"406-16e5ae22d43"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: public, max-age=31536000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 oI3kRJ1lg5Zivr7u.jpg
ont.by/static/article/big/index/ 127 KB
127 KB 61ms
61ms Image
image/jpeg 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/article/big/index/oI3kRJ1lg5Zivr7u.jpg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: c98571c2df204e48b78b2efde9903a611c18061bd50517f80b1427c2066e5122

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:54 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:54 GMT

GET
H2 200 drzvJ3tpytobRWwA.jpg
ont.by/static/article/big/index/ 115 KB
116 KB 61ms
61ms Image
image/jpeg 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/article/big/index/drzvJ3tpytobRWwA.jpg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 42698d0f0655848bf2e3571099fe10e41b7bb4d71e6e59e6061db1d9f30fa002

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:54 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:54 GMT

GET
H2 200 vGVvZjwTw9wZuMEg.jpg
ont.by/static/article/big/index/ 106 KB
106 KB 61ms
61ms Image
image/jpeg 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/article/big/index/vGVvZjwTw9wZuMEg.jpg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: db3d285dc200b5bc2c2c67666256e4dcd1b0ac1f748dbfaa552bb86c8dea7116

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:54 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:54 GMT

GET
H2 200 ZYeUmWnzqvaxATEA.jpg
ont.by/static/article/big/index/ 102 KB
102 KB 61ms
61ms Image
image/jpeg 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/article/big/index/ZYeUmWnzqvaxATEA.jpg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 0ca261739616133f892b7d6effc74437491acb44b88795bce59bcc6be40c88e6

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:54 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:54 GMT

GET
H2 200 gAxxP66PKfRVA6LO.jpg
ont.by/static/article/big/index/ 127 KB
128 KB 61ms
61ms Image
image/jpeg 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/article/big/index/gAxxP66PKfRVA6LO.jpg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: dc3449a0d302e8e0bddbc30919f9507a09b746dd86012e9c8997cf8055861c50

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:54 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:54 GMT

GET
H2 200 nn_small.jpg
ont.by/img/ 6 KB
7 KB 69ms
69ms Image
image/jpeg 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/img/nn_small.jpg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 09bc50259fefda0fe47d137eadd4517bb4e34e6dac0c3afab2ef7c63f8162344

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.008
date: Mon, 16 Dec 2019 09:13:55 GMT
last-modified: Tue, 23 Jul 2019 12:27:47 GMT
server: nginx
access-control-allow-origin: *
etag: W/"18ee-16c1ecd4fc8"
x-cache-status: MISS
content-type: image/jpeg
status: 200
cache-control: public, max-age=0
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 6382

GET
H2 200 lNJQL94TykX8aLtE.jpg
ont.by/static/article/small/index/ 4 KB
4 KB 61ms
60ms Image
image/jpeg 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/article/small/index/lNJQL94TykX8aLtE.jpg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 948df7d6da9c2e0e61c7abef018698494d6b501b27cb4263cc521cec7ab3751b

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:55 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:55 GMT

GET
H2 200 IusIX58uwsp6eGI6.jpg
ont.by/static/article/small/index/ 39 KB
40 KB 61ms
61ms Image
image/jpeg 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/article/small/index/IusIX58uwsp6eGI6.jpg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 6532e103c38e0004e90789ffa4d24a6e5b7def63195ec90686ff07a668dd37d7

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:55 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:55 GMT

GET
H2 200 MLRsa2DrIbFWvNur.jpg
ont.by/static/article/small/index/ 4 KB
4 KB 61ms
60ms Image
image/jpeg 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/article/small/index/MLRsa2DrIbFWvNur.jpg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 0b68c3f36a558e52f164cd3aa83965edeaa41bc5f94ff87a68957b63724676c3

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:55 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:55 GMT

GET
H2 200 fs2CsPPOc3mK7itL.jpg
ont.by/static/article/small/index/ 34 KB
34 KB 61ms
61ms Image
image/jpeg 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/article/small/index/fs2CsPPOc3mK7itL.jpg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 863ea3b7b45887bb6ca4277a36cd19bdfa6af1f87c179ca4a20df269d5564b9a

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:55 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:55 GMT

GET
H2 200 rB73NRhV3mrB0ILK.jpg
ont.by/static/article/big/index/ 116 KB
116 KB 61ms
60ms Image
image/jpeg 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/article/big/index/rB73NRhV3mrB0ILK.jpg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 2886786b4f36e6dba5892863d540633f6a2ddf310db74a56f03266ceed17a981

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:55 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:55 GMT

GET
H2 200 i8BD5NXeE0QuCElV.jpg
ont.by/static/article/small/index/ 4 KB
4 KB 61ms
60ms Image
image/jpeg 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/article/small/index/i8BD5NXeE0QuCElV.jpg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 04cee45ffb82f05798448addc92a7d50d950e592106913103ad97d774f5713bc

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:55 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:55 GMT

GET
H2 200 oAtuL2jZ73J5Xs8q.jpg
ont.by/static/article/small/index/ 7 KB
7 KB 61ms
61ms Image
image/jpeg 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/article/small/index/oAtuL2jZ73J5Xs8q.jpg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 8843b4b5876d2e9b1fa3515532e2c3b37bfffd3bbbc90140ffe1b90f37cd9bc5

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:55 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:55 GMT

GET
H2 200 V1zzYz8H7KlUPlOW.jpg
ont.by/static/article/middle/index/ 28 KB
28 KB 61ms
61ms Image
image/jpeg 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/article/middle/index/V1zzYz8H7KlUPlOW.jpg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 25d53f87e8471712beee4e5ca7f2cb2a5f7927b3fc0c74bae2381dec00afd91b

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:55 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:55 GMT

GET
H2 200 M2rjLbMKPdQrTj7r.jpg
ont.by/static/article/small/index/ 4 KB
4 KB 61ms
60ms Image
image/jpeg 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/article/small/index/M2rjLbMKPdQrTj7r.jpg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 9c68f690cfe0d484df62d182fb6ceb83ddcd94e8f6af6d26a0676db06f6ac544

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:55 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:55 GMT

GET
H2 200 LGXYyKs2fW6KFNU9.jpg
ont.by/static/article/small/index/ 4 KB
5 KB 63ms
60ms Image
image/jpeg 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/article/small/index/LGXYyKs2fW6KFNU9.jpg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 523f5f00726743e435cd04833fd5161cbe35039cd705e2146abc8b79036fe620

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:55 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:55 GMT

GET
H2 200 DfFRQtPi6itBjDxl.jpg
ont.by/static/article/small/index/ 5 KB
5 KB 63ms
61ms Image
image/jpeg 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/article/small/index/DfFRQtPi6itBjDxl.jpg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 426db06134491e8848e92ee93f47f98fcc555253115b5bfbcd972a62bd51761f

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:55 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:55 GMT

GET
H2 200 79VANubah3N4bGEp.jpg
ont.by/static/article/small/index/ 5 KB
5 KB 63ms
61ms Image
image/jpeg 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/article/small/index/79VANubah3N4bGEp.jpg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 2f5db65ba70bedfaa10aeb2d2db818797e2cb878b26bc10b36cbbadb36752dcd

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:55 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:55 GMT

GET
H2 200 j4CZtXVVZFkfpOFE.png
ont.by/static/article/big/index/ 1007 KB
1008 KB 64ms
61ms Image
image/png 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/article/big/index/j4CZtXVVZFkfpOFE.png
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: cb1b009a108685905232f1495a213bc88ad15639413b6b44beadada93aea4ee6

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:55 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:55 GMT

GET
H2 200 KULp7HtlndRBQV5H.jpg
ont.by/static/article/small/index/ 3 KB
3 KB 119ms
117ms Image
image/jpeg 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/article/small/index/KULp7HtlndRBQV5H.jpg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 3ad42a803f4583a924625ea3399a5a1dbbb3c373e5dd1a94718ded5a322cf970

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:55 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:55 GMT

GET
H2 200 NywdLHJ1HCRhmseK.gif
ont.by/static/article/small/index/ 13 KB
13 KB 119ms
117ms Image
image/png 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/article/small/index/NywdLHJ1HCRhmseK.gif
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 30217a10688227e852767c4a4d12c6f7c847bddfb41e3664923d9d05d5754081

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:55 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:55 GMT

GET
H2 200 wcNvrXu4C9pjkJzU.jpg
ont.by/static/article/middle/index/ 64 KB
65 KB 120ms
117ms Image
image/jpeg 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/article/middle/index/wcNvrXu4C9pjkJzU.jpg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 769a150bcedd206b51bb5c000a496c436c5371123a38dcc451dc230752318d82

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:55 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:55 GMT

GET
H2 200 ET7Qn8GOnGZBxgdJ.jpg
ont.by/static/article/small/index/ 5 KB
6 KB 120ms
118ms Image
image/jpeg 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/article/small/index/ET7Qn8GOnGZBxgdJ.jpg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 02c5acad783031f72a8dfad0548c7606c9dd2480e49e4d0938abc63545cb0622

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:55 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:55 GMT

GET
H2 200 nWDLDFuVKOCVWTtt.jpg
ont.by/static/article/small/index/ 30 KB
30 KB 120ms
118ms Image
image/jpeg 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/article/small/index/nWDLDFuVKOCVWTtt.jpg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: bc551b8235be0f2badaf2ad178fa7233576106d6e49e8c47c2775468b5b93ed1

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:55 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:55 GMT

GET
H2 200 Vjtc1lUHyWGGbnCZ.jpg
ont.by/static/article/small/index/ 4 KB
4 KB 120ms
118ms Image
image/jpeg 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/article/small/index/Vjtc1lUHyWGGbnCZ.jpg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 77a1e21bcedd4eecda5c5b143d010ee29a0ce097cccc5d8101c88e557347e938

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:55 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:55 GMT

GET
H2 200 iphone_small.png
ont.by/markup/img/footer/ 4 KB
4 KB 121ms
119ms Image
image/png 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/markup/img/footer/iphone_small.png
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: aa49ebfd31d8b52b8a35837c8c68ed094c7eb497f2256eca035e3eadc7dfc7f1

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.001
date: Mon, 16 Dec 2019 09:13:55 GMT
last-modified: Tue, 23 Jul 2019 12:27:47 GMT
server: nginx
access-control-allow-origin: *
etag: W/"107c-16c1ecd4fd0"
x-cache-status: MISS
content-type: image/png
status: 200
cache-control: public, max-age=0
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 4220

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 197 KB
59 KB 17ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=edc7c692ea63374804ebf7e3aa4fd1d0&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

f2453a3fb6adc353f6b54bedeeba01802a569922d0b746248785d8b85ba9e778

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ont.by/
Origin: https://ont.by

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: O34INeeJ243VuF8TAZ4oiQ==
status: 200
date: Mon, 16 Dec 2019 09:13:55 GMT
expires: Tue, 15 Dec 2020 08:48:44 GMT
alt-svc: h3-24=":443"; ma=3600
content-length: 60125
x-fb-debug: sOtqZCkxWy/N/2YuIgRyDs7y6MV9hwWOp/LnPsllip4IExW00sI52lsW9bLvjEObuLVS4WdBDVChrZTJ0v/mXg==
x-fb-trip-id: 420120009
x-fb-content-md5: 3a7a4fdc4dfb7c1bb04c50ae74d8af72
etag: "489ae28ddccc1a11aba609005972051c"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

OPTIONS
H2 200 getcookie Show response
matchid.adfox.yandex.ru/ 0
257 B 129ms
42ms XHR
application/octet-stream 2a02:6b8::92
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL: https://matchid.adfox.yandex.ru/getcookie
Requested by: Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::92 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://ont.by
Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

date: Mon, 16 Dec 2019 09:13:55 GMT
server: nginx
access-control-allow-origin: https://ont.by
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
status: 200
access-control-allow-credentials: true
access-control-allow-headers: accept, accept-encoding, accept-language, cache-control, content-type, dnt, origin, x-requested-with
content-length: 0

GET
H2 200 context.js Show response
an.yandex.ru/system/ 56 KB
16 KB 206ms
107ms Script
application/javascript 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/system/context.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

eb6bb5a129629fbff4db05ceb29d32e61454191ea24a3ab0c72cf89858c5b619

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:55 GMT
content-encoding: br
last-modified: Mon, 16 Dec 2019 08:33:56 GMT
server: nginx/1.12.2
access-control-allow-origin: *
etag: W/"DEA0-5DF74174"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=3600
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 16 Dec 2019 10:13:55 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ont.by

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ont.by

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/ 225 KB
85 KB 29ms
27ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

20cdda5f0e51f5dac5693ffe15fb394528dd838e9887a785de1d02e3bb2a418f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 86385
x-xss-protection: 0
server: cafe
etag: 4513681422076315165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Dec 2019 09:13:55 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 87 KB
27 KB 365ms
49ms Script
text/javascript 178.250.0.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 30524ff4955653cc592d92ff6faff230d201fe166242858d5aa5027e9f1fe429

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:55 GMT
content-encoding: gzip
last-modified: Tue, 05 Nov 2019 14:27:47 GMT
server: nginx
access-control-allow-origin: *
etag: W/"5dc186e3-15c08"
content-type: text/javascript
status: 200
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Tue, 17 Dec 2019 09:13:55 GMT

GET
H2 200 sprite.35b5830.svg
ont.by/_nuxt/img/ 48 KB
16 KB 120ms
118ms Other
image/svg+xml 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://ont.by/_nuxt/img/sprite.35b5830.svg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 823f11340c16624f00b99e35ec3a4c70238d7bc9e7478fdfe57ff99ee8acad27

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:55 GMT
content-encoding: gzip
last-modified: Mon, 11 Nov 2019 14:33:22 GMT
server: nginx
access-control-allow-origin: *
etag: W/"bf63-16e5ae22d47"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: public, max-age=31536000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
DATA 200
OK truncated
/ 781 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9647dfddd39179d63098ebe53916fce4b7fdaca36f4c8589511506e3a2ac54c0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 footer_phone.918b44e.svg
ont.by/_nuxt/img/ 1 KB
904 B 64ms
63ms Image
image/svg+xml 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/_nuxt/img/footer_phone.918b44e.svg
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: e3daa9fed10329a790fc82169d8fb927048e9fe994a4f35a734d5702b23938da

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:55 GMT
content-encoding: gzip
last-modified: Mon, 11 Nov 2019 14:33:22 GMT
server: nginx
access-control-allow-origin: *
etag: W/"443-16e5ae22d43"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: public, max-age=31536000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 footer_mail.5167a5d.svg
ont.by/_nuxt/img/ 1 KB
915 B 64ms
63ms Image
image/svg+xml 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/_nuxt/img/footer_mail.5167a5d.svg
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 234f83d6d5c0031c0d2aa467423d0cb8c160a8b850d688f60787a1b5b72ce150

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:55 GMT
content-encoding: gzip
last-modified: Mon, 11 Nov 2019 14:33:22 GMT
server: nginx
access-control-allow-origin: *
etag: W/"47c-16e5ae22d43"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: public, max-age=31536000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 Roboto-Medium.fc76433.woff2
ont.by/_nuxt/fonts/ 22 KB
22 KB 90ms
89ms Font
font/woff2 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://ont.by/_nuxt/fonts/Roboto-Medium.fc76433.woff2
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 98c1227870d08bd31d6926cdd79b211043847ec75250b53fd7fb030b370a3ffe

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ont.by/
Origin: https://ont.by

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:55 GMT
last-modified: Mon, 11 Nov 2019 14:33:22 GMT
server: nginx
access-control-allow-origin: *
etag: W/"57b8-16e5ae22d43"
x-cache-status: HIT
content-type: font/woff2
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 22456

GET
H2 200 Roboto-Regular.7f66520.woff2
ont.by/_nuxt/fonts/ 21 KB
22 KB 91ms
90ms Font
font/woff2 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://ont.by/_nuxt/fonts/Roboto-Regular.7f66520.woff2
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 094200f2d29103a679d7255326c73deb6cf303dbcdb5ed714ff4e5d034ed4836

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ont.by/
Origin: https://ont.by

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:55 GMT
last-modified: Mon, 11 Nov 2019 14:33:22 GMT
server: nginx
access-control-allow-origin: *
etag: W/"55d0-16e5ae22d43"
x-cache-status: HIT
content-type: font/woff2
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 21968

GET
H2 200 Roboto-Black.f29749c.woff2
ont.by/_nuxt/fonts/ 22 KB
22 KB 91ms
91ms Font
font/woff2 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://ont.by/_nuxt/fonts/Roboto-Black.f29749c.woff2
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 5bdb2540421f226ed7560a9f62339c7e1d4e1defbbbe2ea94cb2f40c689ab625

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ont.by/
Origin: https://ont.by

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:55 GMT
last-modified: Mon, 11 Nov 2019 14:33:22 GMT
server: nginx
access-control-allow-origin: *
etag: W/"5660-16e5ae22d43"
x-cache-status: HIT
content-type: font/woff2
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 22112

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20191205/r20190131/ Frame B1E0 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20191205/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20191205/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://ont.by/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ont.by/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 05 Dec 2019 17:33:14 GMT
expires: Thu, 19 Dec 2019 17:33:14 GMT
content-type: text/html; charset=UTF-8
etag: 13309989325511048345
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 6574
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 920441
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TWDQFR6&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 2418
date: Mon, 16 Dec 2019 08:33:37 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Mon, 16 Dec 2019 10:33:37 GMT

GET
H/1.1 200
OK code.js Show response
top-fwz1.mail.ru/js/ 16 KB
7 KB 181ms
59ms Script
application/javascript 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/js/code.js

Requested by

Host: ont.by
URL: https://ont.by/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

900087ee075310da29b0516b9fdee9e16e77a82b96a5cc0a2f57fb0f778009b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 16 Dec 2019 09:13:55 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection: keep-alive
AMP-Access-Control-Allow-Source-Origin: *
Last-Modified: Wed, 11 Dec 2019 11:44:33 GMT
Server: nginx
ETag: W/"5df0d6a1-3ff8"
Access-Control-Allow-Methods: GET, POST, HEAD, PUT, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Cache-control: max-age=7200, private
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Keep-Alive: timeout=60

GET
H2 200 iframe_api Show response
www.youtube.com/ 859 B
923 B 23ms
23ms Script
application/javascript 2a00:1450:4001:817::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: ont.by
URL: https://ont.by/_nuxt/ce104396bdf84b4d7313.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

49d10b4e23ea6f98eecba90454ab5efe8415a4c63bd34b49cf89f60be55b028c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:55 GMT
x-content-type-options: nosniff
server: YouTube Frontend Proxy
content-type: application/javascript
status: 200
cache-control: no-cache
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 859
x-xss-protection: 0
expires: Tue, 27 Apr 1971 19:44:06 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 116 KB
38 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:824::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyAhInl_kWaLHaj4zFuecgCDMWVjTnUfKms&callback=vueGoogleMapsInit

Requested by

Host: ont.by
URL: https://ont.by/_nuxt/22fc3f658e705c0ce8d1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

mafe /

Resource Hash

9fb4d302a8f93f37ae2dc773835ca29c9f989607077f9ece7aa8939b7697e17a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:55 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
vary: Accept-Language
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=1800
server-timing: gfet4t7; dur=11
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 38486
x-xss-protection: 0
expires: Mon, 16 Dec 2019 09:43:55 GMT

GET
H2 200 e8d667d7bb8aabbee948.js Show response
ont.by/_nuxt/ 10 KB
3 KB 61ms
61ms Script
application/javascript 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://ont.by/_nuxt/e8d667d7bb8aabbee948.js
Requested by: Host: ont.by
URL: https://ont.by/_nuxt/ce104396bdf84b4d7313.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 736ea4cdc8eb65d4ca00ab1dec4bd2558b6cfb720e2b0aebeeb823d12f0c93bb

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:55 GMT
content-encoding: gzip
last-modified: Mon, 11 Nov 2019 14:33:22 GMT
server: nginx
access-control-allow-origin: *
etag: W/"27cb-16e5ae22d47"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=31536000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 b5f062def258c2e99b0e.js Show response
ont.by/_nuxt/ 9 KB
4 KB 61ms
61ms Script
application/javascript 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://ont.by/_nuxt/b5f062def258c2e99b0e.js
Requested by: Host: ont.by
URL: https://ont.by/_nuxt/ce104396bdf84b4d7313.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: d171cb4057d3208c1b9cf7a32614e481bfb570bbec8525e2b1faa6467f9d2079

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:55 GMT
content-encoding: gzip
last-modified: Mon, 11 Nov 2019 14:33:22 GMT
server: nginx
access-control-allow-origin: *
etag: W/"221c-16e5ae22d47"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=31536000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 0fa945f34fbf2fd24e47.js Show response
ont.by/_nuxt/ 16 KB
4 KB 62ms
61ms Script
application/javascript 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://ont.by/_nuxt/0fa945f34fbf2fd24e47.js
Requested by: Host: ont.by
URL: https://ont.by/_nuxt/ce104396bdf84b4d7313.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: e9c098239c287bd07ba1d955bf2fd1e7e8374bc6918502597f5816693805d7e7

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:55 GMT
content-encoding: gzip
last-modified: Mon, 11 Nov 2019 14:33:22 GMT
server: nginx
access-control-allow-origin: *
etag: W/"4019-16e5ae22d47"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=31536000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H/1.1

302
Found

1 Show response
mc.yandex.ru/watch/26812653/
Redirect Chain

https://mc.yandex.ru/watch/26812653?wmode=7&page-url=https%3A%2F%2Font.by%2F&charset=utf-8&site-info=%7B%22jquery%22%3Afalse%2C%22version%22%3Afalse%2C%22shareVersion%22%3A2%7D&browser-info=ti%3A10...
https://mc.yandex.ru/watch/26812653/1?wmode=7&page-url=https%3A%2F%2Font.by%2F&charset=utf-8&site-info=%7B%22jquery%22%3Afalse%2C%22version%22%3Afalse%2C%22shareVersion%22%3A2%7D&browser-info=ti%3A...

0
-1 B

48ms
48ms

XHR

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/26812653/1?wmode=7&page-url=https%3A%2F%2Font.by%2F&charset=utf-8&site-info=%7B%22jquery%22%3Afalse%2C%22version%22%3Afalse%2C%22shareVersion%22%3A2%7D&browser-info=ti%3A10%3Ans%3A1576487634231%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20191216101355%3Aet%3A1576487636%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A372708168%3Ahid%3A704068923%3Ads%3A0%2C123%2C61%2C99%2C191%2C0%2C0%2C867%2C%2C%2C%2C%2C1335%3Agdpr%3A14%3Av%3A1776%3Ast%3A1576487636%3Au%3A1576487636713505257%3At%3A%D0%9E%D0%9D%D0%A2%20%E2%80%94%20%D0%9E%D0%B1%D1%89%D0%B5%D0%BD%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%B0%D0%BB%D1%8C%D0%BD%D0%BE%D0%B5%20%D1%82%D0%B5%D0%BB%D0%B5%D0%B2%D0%B8%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%7C%20%D0%91%D0%B5%D0%BB%D0%BE%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8%D0%B9%20%D1%82%D0%B5%D0%BB%D0%B5%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20%D0%9E%D0%9D%D0%A2

Requested by

Host: ont.by
URL: https://ont.by/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 16 Dec 2019 09:13:55 GMT
Last-Modified: Mon, 16-Dec-2019 09:13:55 GMT
Server: nginx/1.14.2
Location: /watch/26812653/1?wmode=7&page-url=https%3A%2F%2Font.by%2F&charset=utf-8&site-info=%7B%22jquery%22%3Afalse%2C%22version%22%3Afalse%2C%22shareVersion%22%3A2%7D&browser-info=ti%3A10%3Ans%3A1576487634231%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20191216101355%3Aet%3A1576487636%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A372708168%3Ahid%3A704068923%3Ads%3A0%2C123%2C61%2C99%2C191%2C0%2C0%2C867%2C%2C%2C%2C%2C1335%3Agdpr%3A14%3Av%3A1776%3Ast%3A1576487636%3Au%3A1576487636713505257%3At%3A%D0%9E%D0%9D%D0%A2%20%E2%80%94%20%D0%9E%D0%B1%D1%89%D0%B5%D0%BD%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%B0%D0%BB%D1%8C%D0%BD%D0%BE%D0%B5%20%D1%82%D0%B5%D0%BB%D0%B5%D0%B2%D0%B8%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%7C%20%D0%91%D0%B5%D0%BB%D0%BE%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8%D0%B9%20%D1%82%D0%B5%D0%BB%D0%B5%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20%D0%9E%D0%9D%D0%A2
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Origin: https://ont.by
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Mon, 16-Dec-2019 09:13:55 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 16 Dec 2019 09:13:55 GMT
Last-Modified: Mon, 16-Dec-2019 09:13:55 GMT
Server: nginx/1.14.2
Access-Control-Allow-Origin: https://ont.by
Strict-Transport-Security: max-age=31536000
Location: /watch/26812653/1?wmode=7&page-url=https%3A%2F%2Font.by%2F&charset=utf-8&site-info=%7B%22jquery%22%3Afalse%2C%22version%22%3Afalse%2C%22shareVersion%22%3A2%7D&browser-info=ti%3A10%3Ans%3A1576487634231%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20191216101355%3Aet%3A1576487636%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A372708168%3Ahid%3A704068923%3Ads%3A0%2C123%2C61%2C99%2C191%2C0%2C0%2C867%2C%2C%2C%2C%2C1335%3Agdpr%3A14%3Av%3A1776%3Ast%3A1576487636%3Au%3A1576487636713505257%3At%3A%D0%9E%D0%9D%D0%A2%20%E2%80%94%20%D0%9E%D0%B1%D1%89%D0%B5%D0%BD%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%B0%D0%BB%D1%8C%D0%BD%D0%BE%D0%B5%20%D1%82%D0%B5%D0%BB%D0%B5%D0%B2%D0%B8%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%7C%20%D0%91%D0%B5%D0%BB%D0%BE%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8%D0%B9%20%D1%82%D0%B5%D0%BB%D0%B5%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20%D0%9E%D0%9D%D0%A2
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Mon, 16-Dec-2019 09:13:55 GMT

GET
H2 200 widget_iframe.69e02060c7c44baddf1b5629549acc0c.html
platform.twitter.com/widgets/ Frame DD84 0
0 23ms
22ms Document
text/html 151.101.12.157
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.69e02060c7c44baddf1b5629549acc0c.html?origin=https%3A%2F%2Font.by
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: platform.twitter.com
:scheme: https
:path: /widgets/widget_iframe.69e02060c7c44baddf1b5629549acc0c.html?origin=https%3A%2F%2Font.by
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://ont.by/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ont.by/

Response headers

status: 200
last-modified: Tue, 10 Dec 2019 23:44:55 GMT
cache-control: public, max-age=315360000
content-type: text/html; charset=utf-8
etag: "4b563298f37eb3ef2a2f8897be83c714+gzip"
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges: bytes
date: Mon, 16 Dec 2019 09:13:55 GMT
x-served-by: cache-iad2137-IAD, cache-fra19128-FRA
x-cache: HIT, HIT
vary: Accept-Encoding
tw-cdn: FT
content-length: 5825

POST
H2 200 getcookie Show response
matchid.adfox.yandex.ru/ 112 B
322 B 141ms
55ms XHR
application/json 2a02:6b8::92
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL: https://matchid.adfox.yandex.ru/getcookie
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::92 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: f0c9dcc1676481dcf259f7f786227bb8e3afcd5dd32cacaad8ea08bd9392d82f

Request headers

Referer: https://ont.by/
Origin: https://ont.by
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

status: 200
date: Mon, 16 Dec 2019 09:13:55 GMT
access-control-allow-credentials: true
server: nginx
access-control-allow-origin: https://ont.by
content-length: 112
content-type: application/json

GET
H/1.1 200
OK advert.gif
mc.yandex.ru/metrika/ 43 B
445 B 61ms
47ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: ont.by
URL: https://ont.by/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 16 Dec 2019 09:13:55 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Oct 2015 13:09:09 GMT
Server: nginx/1.14.2
ETag: "561bb0f5-3d"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Content-Length: 61
Expires: Mon, 16 Dec 2019 10:13:55 GMT

GET
H/1.1 200
OK 1 Show response
mc.yandex.ru/watch/26812653/ 133 B
675 B 99ms
50ms XHR
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: ont.by
URL: https://ont.by/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

dcc27bc3d3ec380b240a8a3b3ababdd92d3afe8da85bde0b495b67917ef5a5ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ont.by/
Origin: https://ont.by
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Mon, 16 Dec 2019 09:13:55 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 16-Dec-2019 09:13:55 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=31536000
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://ont.by
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 133
X-XSS-Protection: 1; mode=block
Expires: Mon, 16-Dec-2019 09:13:55 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 31BE 0
0 45ms
44ms Document
text/html 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5557990343499447&output=html&adk=1812271804&adf=3025194257&lmt=1576487635&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C30%3A1081344%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Font.by%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1576487635341&bpp=85&bdt=732&fdt=356&idt=356&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=3612734840870&frm=20&pv=2&ga_vid=140123336.1576487636&ga_sid=1576487636&ga_hid=34092729&ga_fc=0&iag=0&icsg=2251799989862399&dssz=34&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065126&oid=3&pvsid=2326903549937810&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=369

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5557990343499447&output=html&adk=1812271804&adf=3025194257&lmt=1576487635&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C30%3A1081344%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Font.by%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1576487635341&bpp=85&bdt=732&fdt=356&idt=356&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=3612734840870&frm=20&pv=2&ga_vid=140123336.1576487636&ga_sid=1576487636&ga_hid=34092729&ga_fc=0&iag=0&icsg=2251799989862399&dssz=34&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065126&oid=3&pvsid=2326903549937810&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=369
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://ont.by/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ont.by/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 16 Dec 2019 09:13:55 GMT
server: cafe
content-length: 44
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 16-Dec-2019 09:28:55 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Mon, 16 Dec 2019 09:13:55 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 78 KB
29 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

63890326f558587b0840eb0a6e6377f1bf39264e015e568f4c2a03aefce3f929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1575654529893506"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29463
x-xss-protection: 0
expires: Mon, 16 Dec 2019 09:13:55 GMT

GET
H2 200 www-widgetapi.js Show response
s.ytimg.com/yts/jsbin/www-widgetapi-vflBs9Ibw/ 23 KB
9 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:814::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s.ytimg.com/yts/jsbin/www-widgetapi-vflBs9Ibw/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

23050e3fd8c06313e53fc51fe03ebd265a5b60dec3ba8943b79a50c2f2b46e6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 07:47:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5198
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 8775
x-xss-protection: 0
last-modified: Thu, 12 Dec 2019 22:28:59 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=691200
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Tue, 24 Dec 2019 07:47:17 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
103 B 13ms
13ms Image
image/gif 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=34092729&t=pageview&_s=1&dl=https%3A%2F%2Font.by%2F&ul=en-us&de=UTF-8&dt=%D0%9E%D0%9D%D0%A2%20%E2%80%94%20%D0%9E%D0%B1%D1%89%D0%B5%D0%BD%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%B0%D0%BB%D1%8C%D0%BD%D0%BE%D0%B5%20%D1%82%D0%B5%D0%BB%D0%B5%D0%B2%D0%B8%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%7C%20%D0%91%D0%B5%D0%BB%D0%BE%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8%D0%B9%20%D1%82%D0%B5%D0%BB%D0%B5%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20%D0%9E%D0%9D%D0%A2&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YAhAAEAB~&jid=1864838978&gjid=803170969&cid=140123336.1576487636&tid=UA-124517011-1&_gid=136746417.1576487636&_r=1&gtm=2wgc61TWDQFR6&z=988309265

Requested by

Host: ont.by
URL: https://ont.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Dec 2019 09:13:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 xd_arbiter.php
staticxx.facebook.com/connect/ Frame 6819 0
0 7ms
6ms Document
text/html 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter.php?version=44

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=edc7c692ea63374804ebf7e3aa4fd1d0&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter.php?version=44
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://ont.by/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ont.by/

Response headers

status: 200
content-encoding: br
content-type: text/html; charset=utf-8
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
expires: Sat, 12 Dec 2020 20:25:12 GMT
cache-control: public,max-age=31536000,immutable
x-fb-debug: +638eJcygtikoSQarKeNbErcK3pwmjCsei7SA7I/TmvGpTNPxfKP38OFBZu+Ik1vXpZlKjJDgajA7RH4bXcrsA==
content-length: 12347
x-fb-trip-id: 420120009
date: Mon, 16 Dec 2019 09:13:55 GMT
alt-svc: h3-24=":443"; ma=3600

GET
H2 200 upload.gif
vk.com/images/ 230 B
482 B 61ms
61ms Image
image/gif 87.240.190.78
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vk.com/images/upload.gif

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=edc7c692ea63374804ebf7e3aa4fd1d0&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.190.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),

Reverse DNS

srv78-190-240-87.vk.com

Software

VK /

Resource Hash

0d7e358637c1b1caa66949aefc529c1e4488923f99e499d6be09eb8cdd0b4202

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:55 GMT
x-frontend: front213209
last-modified: Mon, 16 Dec 2019 01:11:30 GMT
server: VK
etag: "5df6d9c2-e6"
strict-transport-security: max-age=15768000
content-type: image/gif
status: 200
access-control-expose-headers: X-Frontend
cache-control: max-age=604800
accept-ranges: bytes
content-length: 230
expires: Mon, 23 Dec 2019 09:13:55 GMT

GET
H2 200 page.php
www.facebook.com/v2.7/plugins/ Frame 0AD8 0
0 83ms
82ms Document
text/html 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.7/plugins/page.php?adapt_container_width=true&app_id=260965744509555&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df28e5de11083f54%26domain%3Dont.by%26origin%3Dhttps%253A%252F%252Font.by%252Ff1169c66fc83aa4%26relation%3Dparent.parent&container_width=300&height=400&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Ftelekanalont&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=300

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=edc7c692ea63374804ebf7e3aa4fd1d0&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v2.7/plugins/page.php?adapt_container_width=true&app_id=260965744509555&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df28e5de11083f54%26domain%3Dont.by%26origin%3Dhttps%253A%252F%252Font.by%252Ff1169c66fc83aa4%26relation%3Dparent.parent&container_width=300&height=400&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Ftelekanalont&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=300
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://ont.by/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ont.by/

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary: Accept-Encoding
x-content-type-options: nosniff
facebook-api-version: v3.1
x-xss-protection: 0
content-type: text/html; charset="utf-8"
x-fb-debug: GcZgWV9pAnhYBV+vQHeoQEHyIyszIk0HamI8OK7DXXxctH/mBoa7E8UtGQrRy3o9OmU7Srep1YeW71wl0Who7A==
date: Mon, 16 Dec 2019 09:13:56 GMT
alt-svc: h3-24=":443"; ma=3600

GET
H2 200 index-1 Show response
ont.by/api/promo/info/ 13 B
239 B 108ms
98ms XHR
application/json 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://ont.by/api/promo/info/index-1?from=%2F
Requested by: Host: ont.by
URL: https://ont.by/_nuxt/7a2023d4115017182b40.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: ba5f3ea40e95f49bce11942f375ebd3882eb837976eda5c0cb78b9b99ca7b485

Request headers

Accept: application/json, text/plain, */*
Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.038
date: Mon, 16 Dec 2019 09:13:56 GMT
content-encoding: gzip
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 l-news-top-left-top Show response
ont.by/api/promo/info/ 13 B
239 B 104ms
95ms XHR
application/json 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://ont.by/api/promo/info/l-news-top-left-top?from=%2F
Requested by: Host: ont.by
URL: https://ont.by/_nuxt/7a2023d4115017182b40.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: ba5f3ea40e95f49bce11942f375ebd3882eb837976eda5c0cb78b9b99ca7b485

Request headers

Accept: application/json, text/plain, */*
Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.034
date: Mon, 16 Dec 2019 09:13:56 GMT
content-encoding: gzip
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 l-news-top-left-bottom Show response
ont.by/api/promo/info/ 13 B
239 B 120ms
112ms XHR
application/json 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://ont.by/api/promo/info/l-news-top-left-bottom?from=%2F
Requested by: Host: ont.by
URL: https://ont.by/_nuxt/7a2023d4115017182b40.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: ba5f3ea40e95f49bce11942f375ebd3882eb837976eda5c0cb78b9b99ca7b485

Request headers

Accept: application/json, text/plain, */*
Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.052
date: Mon, 16 Dec 2019 09:13:56 GMT
content-encoding: gzip
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 l-news-top-right-top Show response
ont.by/api/promo/info/ 13 B
239 B 120ms
113ms XHR
application/json 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://ont.by/api/promo/info/l-news-top-right-top?from=%2F
Requested by: Host: ont.by
URL: https://ont.by/_nuxt/7a2023d4115017182b40.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: ba5f3ea40e95f49bce11942f375ebd3882eb837976eda5c0cb78b9b99ca7b485

Request headers

Accept: application/json, text/plain, */*
Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.052
date: Mon, 16 Dec 2019 09:13:56 GMT
content-encoding: gzip
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 l-news-top-right-top2 Show response
ont.by/api/promo/info/ 13 B
239 B 101ms
92ms XHR
application/json 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://ont.by/api/promo/info/l-news-top-right-top2?from=%2F
Requested by: Host: ont.by
URL: https://ont.by/_nuxt/7a2023d4115017182b40.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: ba5f3ea40e95f49bce11942f375ebd3882eb837976eda5c0cb78b9b99ca7b485

Request headers

Accept: application/json, text/plain, */*
Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.033
date: Mon, 16 Dec 2019 09:13:56 GMT
content-encoding: gzip
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 l-news-top-right-bottom Show response
ont.by/api/promo/info/ 13 B
239 B 110ms
102ms XHR
application/json 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://ont.by/api/promo/info/l-news-top-right-bottom?from=%2F
Requested by: Host: ont.by
URL: https://ont.by/_nuxt/7a2023d4115017182b40.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: ba5f3ea40e95f49bce11942f375ebd3882eb837976eda5c0cb78b9b99ca7b485

Request headers

Accept: application/json, text/plain, */*
Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.043
date: Mon, 16 Dec 2019 09:13:56 GMT
content-encoding: gzip
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 l-news-top-1 Show response
ont.by/api/promo/info/ 13 B
239 B 103ms
95ms XHR
application/json 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://ont.by/api/promo/info/l-news-top-1?from=%2F
Requested by: Host: ont.by
URL: https://ont.by/_nuxt/7a2023d4115017182b40.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: ba5f3ea40e95f49bce11942f375ebd3882eb837976eda5c0cb78b9b99ca7b485

Request headers

Accept: application/json, text/plain, */*
Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.036
date: Mon, 16 Dec 2019 09:13:56 GMT
content-encoding: gzip
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 l-news-top-2 Show response
ont.by/api/promo/info/ 13 B
239 B 98ms
90ms XHR
application/json 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://ont.by/api/promo/info/l-news-top-2?from=%2F
Requested by: Host: ont.by
URL: https://ont.by/_nuxt/7a2023d4115017182b40.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: ba5f3ea40e95f49bce11942f375ebd3882eb837976eda5c0cb78b9b99ca7b485

Request headers

Accept: application/json, text/plain, */*
Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.030
date: Mon, 16 Dec 2019 09:13:56 GMT
content-encoding: gzip
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 l-news-week-popular Show response
ont.by/api/promo/info/ 13 B
239 B 102ms
95ms XHR
application/json 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://ont.by/api/promo/info/l-news-week-popular?from=%2F
Requested by: Host: ont.by
URL: https://ont.by/_nuxt/7a2023d4115017182b40.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: ba5f3ea40e95f49bce11942f375ebd3882eb837976eda5c0cb78b9b99ca7b485

Request headers

Accept: application/json, text/plain, */*
Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.034
date: Mon, 16 Dec 2019 09:13:56 GMT
content-encoding: gzip
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 week Show response
ont.by/api/articles/articles/ 6 KB
2 KB 68ms
60ms XHR
application/json 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://ont.by/api/articles/articles/week?page=1&per_page=4
Requested by: Host: ont.by
URL: https://ont.by/_nuxt/7a2023d4115017182b40.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: bfa2de9d71f9dbac9ae947d0650d9cae21ed5b3b0e36d45d88e37b4490290de1

Request headers

Accept: application/json, text/plain, */*
Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:40 GMT
content-encoding: gzip
server: nginx
x-cache-status: HIT
status: 200
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 l-news-body-2 Show response
ont.by/api/promo/info/ 13 B
239 B 122ms
115ms XHR
application/json 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://ont.by/api/promo/info/l-news-body-2?from=%2F
Requested by: Host: ont.by
URL: https://ont.by/_nuxt/7a2023d4115017182b40.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: ba5f3ea40e95f49bce11942f375ebd3882eb837976eda5c0cb78b9b99ca7b485

Request headers

Accept: application/json, text/plain, */*
Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.045
date: Mon, 16 Dec 2019 09:13:56 GMT
content-encoding: gzip
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 videos Show response
ont.by/api/youtube/ 35 KB
5 KB 181ms
176ms XHR
application/json 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://ont.by/api/youtube/videos?page=1&per_page=12
Requested by: Host: ont.by
URL: https://ont.by/_nuxt/7a2023d4115017182b40.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 6ea91d732afec06696843b109774d9534325b7fea7eaee174949ae6f0e2ee156

Request headers

Accept: application/json, text/plain, */*
Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.104
date: Mon, 16 Dec 2019 09:13:56 GMT
content-encoding: gzip
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 article-category Show response
ont.by/api/polls/pollable/ 2 KB
594 B 135ms
130ms XHR
application/json 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://ont.by/api/polls/pollable/article-category
Requested by: Host: ont.by
URL: https://ont.by/_nuxt/7a2023d4115017182b40.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 0635fd9123d8eb870f948a0e1e69926bd74a6f2ebcf7db024cd42e5947c4fa9d

Request headers

Accept: application/json, text/plain, */*
Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.060
date: Mon, 16 Dec 2019 09:13:56 GMT
content-encoding: gzip
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 instagram Show response
ont.by/api/ 52 KB
9 KB 119ms
114ms XHR
application/json 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://ont.by/api/instagram
Requested by: Host: ont.by
URL: https://ont.by/_nuxt/7a2023d4115017182b40.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: f55a4820cd9a983f7f4c22a799367ed6f134566322dc77aa520203a3cf9a36b4

Request headers

Accept: application/json, text/plain, */*
Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.041
date: Mon, 16 Dec 2019 09:13:56 GMT
content-encoding: gzip
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 projects Show response
ont.by/api/projects/ 6 KB
1 KB 170ms
166ms XHR
application/json 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://ont.by/api/projects/projects?per_page=7&of_home=true
Requested by: Host: ont.by
URL: https://ont.by/_nuxt/7a2023d4115017182b40.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 48eda59679bb3ca38a5cdc4dd6c0ad7cee1cbbfe4a5e1d289cefcd267c48a3f2

Request headers

Accept: application/json, text/plain, */*
Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.095
date: Mon, 16 Dec 2019 09:13:56 GMT
content-encoding: gzip
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 movies Show response
ont.by/api/movies/ 9 KB
2 KB 171ms
167ms XHR
application/json 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://ont.by/api/movies/movies?per_page=10&of_home=true
Requested by: Host: ont.by
URL: https://ont.by/_nuxt/7a2023d4115017182b40.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 1b52147fe6733dc819d759654ce2683231ed73d205f6d5b746f04e15dd446cf7

Request headers

Accept: application/json, text/plain, */*
Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.096
date: Mon, 16 Dec 2019 09:13:56 GMT
content-encoding: gzip
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 tv Show response
ont.by/api/tv-schedules/tv-schedules/queue/ 33 KB
5 KB 175ms
171ms XHR
application/json 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://ont.by/api/tv-schedules/tv-schedules/queue/tv?count=14
Requested by: Host: ont.by
URL: https://ont.by/_nuxt/7a2023d4115017182b40.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 9acc2770810b4a3267d57fcfeb9d2dd45d11d8b6f9907998b4198b8931db4762

Request headers

Accept: application/json, text/plain, */*
Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.100
date: Mon, 16 Dec 2019 09:13:56 GMT
content-encoding: gzip
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 online Show response
ont.by/api/tv-schedules/tv-schedules/queue/ 32 KB
5 KB 186ms
182ms XHR
application/json 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://ont.by/api/tv-schedules/tv-schedules/queue/online?count=14
Requested by: Host: ont.by
URL: https://ont.by/_nuxt/7a2023d4115017182b40.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 13d31a7f798e4340bf4001032513e01b1f515d1aa8ca8eedddd16202b4e64bb7

Request headers

Accept: application/json, text/plain, */*
Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.112
date: Mon, 16 Dec 2019 09:13:56 GMT
content-encoding: gzip
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 moment~timeline~tweet.a1aa0f6410f7eaada23e6b16a38824b8.js Show response
platform.twitter.com/js/ 24 KB
8 KB 24ms
22ms Script
application/javascript 151.101.12.157
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline~tweet.a1aa0f6410f7eaada23e6b16a38824b8.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 636dbf4f87fa130596fdb491938e4ad2b693b397139ba7f8d2a34b738a494078

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:56 GMT
content-encoding: gzip
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 7937
x-served-by: cache-iad2145-IAD, cache-fra19128-FRA
last-modified: Tue, 10 Dec 2019 23:44:46 GMT
etag: "352656b32c7e3a4e623687d598b66f66+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
tw-cdn: FT

GET
H2 200 timeline.f7ace10bb00711bb451dd36523152463.js Show response
platform.twitter.com/js/ 21 KB
7 KB 25ms
23ms Script
application/javascript 151.101.12.157
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.f7ace10bb00711bb451dd36523152463.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 94f68df5309f2b9a301b4e43ed6a06e5b96220647c4bac806e9f1238207a92e9

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:56 GMT
content-encoding: gzip
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 6652
x-served-by: cache-iad2124-IAD, cache-fra19128-FRA
last-modified: Tue, 10 Dec 2019 23:44:46 GMT
etag: "ded8cb1f87ca509b84b7998dc3912224+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
tw-cdn: FT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 poster.jpg
ont.by/markup/img/video/ 113 KB
113 KB 62ms
61ms Image
image/jpeg 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/markup/img/video/poster.jpg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 0592e2470e9c4c34a33dda18d501ae1c738b6cb4a74d9400113fdd9631136f00

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.001
date: Mon, 16 Dec 2019 09:13:56 GMT
last-modified: Tue, 23 Jul 2019 12:27:47 GMT
server: nginx
access-control-allow-origin: *
etag: W/"1c435-16c1ecd4ffc"
x-cache-status: MISS
content-type: image/jpeg
status: 200
cache-control: public, max-age=0
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 115765

GET
DATA 200
OK truncated
/ 461 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1906b3d47f1067d16255da7d1bed71a55412e72195981df5a0068ddf91ee8007

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 bkn_d.svg
ont.by/img/yaweather/ 4 KB
1 KB 63ms
62ms Image
image/svg+xml 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/img/yaweather/bkn_d.svg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 52f658194619cffbfd9bbc48dc30290299dd37d1c836ce4e1d7542c8a5a8a260

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.001
date: Mon, 16 Dec 2019 09:13:56 GMT
content-encoding: gzip
last-modified: Tue, 23 Jul 2019 12:27:47 GMT
server: nginx
access-control-allow-origin: *
etag: W/"11fa-16c1ecd4fc8"
x-cache-status: MISS
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: public, max-age=0
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 Roboto-Bold.21f4b44.woff2
ont.by/_nuxt/fonts/ 22 KB
22 KB 61ms
61ms Font
font/woff2 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://ont.by/_nuxt/fonts/Roboto-Bold.21f4b44.woff2
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 7bb419a7dca6454b72d099050ecb13d1698e81fc447f73a56700ec5c3d8aeac8

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ont.by/
Origin: https://ont.by

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:56 GMT
last-modified: Mon, 11 Nov 2019 14:33:22 GMT
server: nginx
access-control-allow-origin: *
etag: W/"56a4-16e5ae22d43"
x-cache-status: HIT
content-type: font/woff2
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 22180

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b03be18e07e94ff40f413fd0a41d6f374b0d3df44e951baa53295099e2c3642

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin: https://ont.by

Response headers

Content-Type: application/font-woff;charset=utf-8

POST
H/1.1 200
OK 24929690 Show response
mc.yandex.ru/watch/ 168 B
1 KB 51ms
50ms XHR
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/24929690?wmode=7&page-url=https%3A%2F%2Font.by%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1576487634231%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A2%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20191216101355%3Aet%3A1576487636%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A200054373%3Ahid%3A704068923%3Ads%3A0%2C123%2C61%2C99%2C191%2C0%2C0%2C867%2C42%2C%2C%2C%2C1335%3Awn%3A31476%3Ahl%3A2%3Agdpr%3A14%3Av%3A1776%3Ast%3A1576487636%3Au%3A1576487636713505257%3At%3A%D0%9E%D0%9D%D0%A2%20%E2%80%94%20%D0%9E%D0%B1%D1%89%D0%B5%D0%BD%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%B0%D0%BB%D1%8C%D0%BD%D0%BE%D0%B5%20%D1%82%D0%B5%D0%BB%D0%B5%D0%B2%D0%B8%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%7C%20%D0%91%D0%B5%D0%BB%D0%BE%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8%D0%B9%20%D1%82%D0%B5%D0%BB%D0%B5%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20%D0%9E%D0%9D%D0%A2

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

75e7b710895b7ea11802c90891f76e66bc483ee6ddf26eb9bcd847068eabfd69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ont.by/
Origin: https://ont.by
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Mon, 16 Dec 2019 09:13:56 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 16-Dec-2019 09:13:56 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=31536000
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://ont.by
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 168
X-XSS-Protection: 1; mode=block
Expires: Mon, 16-Dec-2019 09:13:56 GMT

GET
H/1.0 200
OK ont
93.125.31.151/ 193 KB
0 285ms
191ms Media
audio/aacp 93.125.31.151
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: http://93.125.31.151:8000/ont
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: HTTP/1.0
Server: 93.125.31.151 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-31-151.hoster.by
Software: Icecast 2.4.2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range: bytes=0-
Accept-Encoding: identity;q=1, *;q=0

Response headers

Pragma: no-cache
Date: Mon, 16 Dec 2019 09:13:56 GMT
icy-name: Center FM Minsk 101.7
Server: Icecast 2.4.2
icy-br: 128
icy-notice2: SHOUTcast Distributed Network Audio Server/win32 v1.9.8<BR>
Content-Type: audio/aacp
Access-Control-Allow-Origin: *
icy-genre: Hot AC
icy-url: http://www.centerfm.by
icy-pub: 1
icy-notice1: <BR>This stream requires <a href="http://www.winamp.com/">Winamp</a><BR>
Cache-Control: no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 widget_community.php
vk.com/ Frame 3241 0
0 138ms
137ms Document
text/html 87.240.190.78
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vk.com/widget_community.php?app=6615650&width=300px&_ver=1&gid=19650704&mode=4&color1=&color2=&color3=&class_name=&wide=1&height=400&url=https%3A%2F%2Font.by%2F&referrer=&title=%D0%9E%D0%9D%D0%A2%20%E2%80%94%20%D0%9E%D0%B1%D1%89%D0%B5%D0%BD%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%B0%D0%BB%D1%8C%D0%BD%D0%BE%D0%B5%20%D1%82%D0%B5%D0%BB%D0%B5%D0%B2%D0%B8%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%7C%20%D0%91%D0%B5%D0%BB%D0%BE%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8%D0%B9%20%D1%82%D0%B5%D0%BB%D0%B5%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20%D0%9E%D0%9D%D0%A2&16f0dfc4be8

Requested by

Host: vk.com
URL: https://vk.com/js/api/openapi.js?154

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.190.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),

Reverse DNS

srv78-190-240-87.vk.com

Software

VK / PHP/3.22351

Resource Hash

Security Headers

Name

Value

Content-Security-Policy

default-src * data: blob: about:;script-src 'self' *.vk.com static.vk.me *.mail.ru s.ytimg.com platform.twitter.com cdn.syndication.twimg.com www.instagram.com connect.facebook.net telegram.org *.yandex.ru *.google-analytics.com *.youtube.com maps.googleapis.com translate.googleapis.com *.google.com google.com *.vkpartner.ru *.moatads.com *.adlooxtracking.com *.gstatic.com *.google.ru securepubads.g.doubleclick.net cdn.ampproject.org www.googletagmanager.com googletagmanager.com *.vk-cdn.net galv.hit.gemius.pl yastatic.net 'unsafe-inline' 'unsafe-eval' blob:;style-src vk.com *.vk.com static.vk.me ton.twimg.com tagmanager.google.com platform.twitter.com *.googleapis.com 'self' 'unsafe-inline';report-uri /csp

Strict-Transport-Security

max-age=15768000

Request headers

:method: GET
:authority: vk.com
:scheme: https
:path: /widget_community.php?app=6615650&width=300px&_ver=1&gid=19650704&mode=4&color1=&color2=&color3=&class_name=&wide=1&height=400&url=https%3A%2F%2Font.by%2F&referrer=&title=%D0%9E%D0%9D%D0%A2%20%E2%80%94%20%D0%9E%D0%B1%D1%89%D0%B5%D0%BD%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%B0%D0%BB%D1%8C%D0%BD%D0%BE%D0%B5%20%D1%82%D0%B5%D0%BB%D0%B5%D0%B2%D0%B8%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%7C%20%D0%91%D0%B5%D0%BB%D0%BE%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8%D0%B9%20%D1%82%D0%B5%D0%BB%D0%B5%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20%D0%9E%D0%9D%D0%A2&16f0dfc4be8
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://ont.by/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ont.by/

Response headers

status: 200
server: VK
date: Mon, 16 Dec 2019 09:13:56 GMT
content-type: text/html; charset=windows-1251
content-length: 13275
x-powered-by: PHP/3.22351
set-cookie: remixlang=61; expires=Mon, 07 Dec 2020 01:09:49 GMT; path=/; domain=.vk.com remixstid=58815731_63351f4344d4b78434; expires=Tue, 22 Dec 2020 22:09:30 GMT; path=/; domain=.vk.com; secure
cache-control: no-store
content-security-policy: default-src * data: blob: about:;script-src 'self' *.vk.com static.vk.me *.mail.ru s.ytimg.com platform.twitter.com cdn.syndication.twimg.com www.instagram.com connect.facebook.net telegram.org *.yandex.ru *.google-analytics.com *.youtube.com maps.googleapis.com translate.googleapis.com *.google.com google.com *.vkpartner.ru *.moatads.com *.adlooxtracking.com *.gstatic.com *.google.ru securepubads.g.doubleclick.net cdn.ampproject.org www.googletagmanager.com googletagmanager.com *.vk-cdn.net galv.hit.gemius.pl yastatic.net 'unsafe-inline' 'unsafe-eval' blob:;style-src vk.com *.vk.com static.vk.me ton.twimg.com tagmanager.google.com platform.twitter.com *.googleapis.com 'self' 'unsafe-inline';report-uri /csp
content-encoding: gzip
strict-transport-security: max-age=15768000
x-frontend: front213209
access-control-expose-headers: X-Frontend

GET
H2 200 dk
connect.ok.ru/ Frame 0495 0
0 86ms
85ms Document
text/html 217.20.147.3
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ok.ru/dk?st.cmd=WidgetGroup&st.groupId=58117131206706&st.fid=__okGroup0&st.hoster=https%3A%2F%2Font.by%2F&st.settings=%7B%22width%22%3A300%2C%22height%22%3A400%7D

Requested by

Host: connect.ok.ru
URL: https://connect.ok.ru/connect.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

217.20.147.3 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

ip3.147.odnoklassniki.ru

Software

apache /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru .ok.ru odnoklassniki.ru .odnoklassniki.ru mycdn.me http://.mycdn.me https://.mycdn.me wss://ad.mail.ru .mail.ru .imgsmail.ru .mradx.net .serving-sys.com .googleapis.com .gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st .doubleverify.com .adsafeprotected.com https://consentmanager.mgr.consensu.org blob:; script-src 'unsafe-inline' 'unsafe-eval' .mail.ru https://.mail.ru .imgsmail.ru .mradx.net ok.ru .ok.ru odnoklassniki.ru .odnoklassniki.ru mycdn.me http://.mycdn.me https://.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st .google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru .googleapis.com .gstatic.com www.google.com www.youtube.com https://www.youtube.com .ytimg.com https://.ytimg.com .doubleverify.com .dvtps.com .doubleclick.net .googletagservices.com .googlesyndication.com .googleadservices.com .goodgame.ru https://.goodgame.ru https://.moatads.com .adlooxtracking.com .adsafeprotected.com .serving-sys.com https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://.hit.gemius.pl https://consentmanager.mgr.consensu.org; worker-src blob: 'self'; connect-src * wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
Strict-Transport-Security	max-age=63072000;includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: connect.ok.ru
:scheme: https
:path: /dk?st.cmd=WidgetGroup&st.groupId=58117131206706&st.fid=__okGroup0&st.hoster=https%3A%2F%2Font.by%2F&st.settings=%7B%22width%22%3A300%2C%22height%22%3A400%7D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://ont.by/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ont.by/

Response headers

status: 200
server: apache
date: Mon, 16 Dec 2019 09:13:56 GMT
content-type: text/html;charset=UTF-8
vary: Accept-Encoding
set-cookie: bci=-9201652282706573696; Domain=.ok.ru; Expires=Sat, 03-Jan-2088 12:28:03 GMT; Path=/; HttpOnly landref=ont.by; Domain=.ok.ru; Path=/
content-security-policy: default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adsafeprotected.com *.serving-sys.com https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org; worker-src blob: 'self'; connect-src * wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
content-security-policy-report-only: default-src data: blob: about: 'self' 'unsafe-inline' 'unsafe-eval' https: wss:; report-uri /csp/report?always;
cache-control: no-cache no-store
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=63072000;includeSubdomains
rendered-blocks: WidgetPage
content-encoding: br

POST
H/1.1 200
OK counter
top-fwz1.mail.ru/ 43 B
889 B 76ms
75ms Other
image/gif 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/counter?js=13;id=1566299;u=https%3A//ont.by/;st=1576487635476;title=%D0%9E%D0%9D%D0%A2%20%E2%80%94%20%D0%9E%D0%B1%D1%89%D0%B5%D0%BD%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%B0%D0%BB%D1%8C%D0%BD%D0%BE%D0%B5%20%D1%82%D0%B5%D0%BB%D0%B5%D0%B2%D0%B8%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%7C%20%D0%91%D0%B5%D0%BB%D0%BE%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8%D0%B9%20%D1%82%D0%B5%D0%BB%D0%B5%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20%D0%9E%D0%9D%D0%A2;s=1600*1200;vp=1585*1185;touch=0;hds=1;flash=;sid=1b82474212849591;ver=60.1.0;tz=-60%2FEurope%2FBerlin;ni=9.6//4g/0/0/;lvid=1576487636253%3A1576487636273%3A1%3Ac7bbbd8ba9177181ce6ba69766a8edf4;_=0.3198835735716281

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ont.by/
Origin: https://ont.by
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 16 Dec 2019 09:13:56 GMT
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
AMP-Access-Control-Allow-Source-Origin: https://ont.by
Server: nginx
Access-Control-Allow-Methods: GET, POST, HEAD, PUT, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://ont.by
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Cache-control: private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://ont.by
Keep-Alive: timeout=60

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
136 B 104ms
32ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=77&profileId=184&cb=95964292356
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ont.by/
Origin: https://ont.by
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

status: 204
date: Mon, 16 Dec 2019 09:13:55 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://ont.by
timing-allow-origin: *
vary: Origin

GET
H2 200 FSD9UmWxle9LQ87C.jpg
ont.by/static/article/big/index/ 90 KB
90 KB 61ms
60ms Image
image/jpeg 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/article/big/index/FSD9UmWxle9LQ87C.jpg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 5543d32aa9f79f96e3506c85b741da4c3fb85ae5c6cd77d8cd4f7097875512f9

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:56 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:56 GMT

GET
H2 200 KIYBaxyzCPN86YoQ.jpg
ont.by/static/article/big/index/ 109 KB
109 KB 62ms
60ms Image
image/jpeg 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/article/big/index/KIYBaxyzCPN86YoQ.jpg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: f3e321b8a9cd7cb719a26528a96931f944d623cb2da6e78e3cb8ae40fb480dc4

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:56 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:56 GMT

GET
H2 200 D7PnHJqDE5vOuhyg.jpg
ont.by/static/article/big/index/ 86 KB
86 KB 63ms
62ms Image
image/jpeg 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/article/big/index/D7PnHJqDE5vOuhyg.jpg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 3e1eb7a60d138bdda96f42fb3336367ffe32de48fe148974d44206db001a1ee4

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:56 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:56 GMT

GET
H2 200 gHCyYmamKyfKTToa.jpg
ont.by/static/article/big/index/ 65 KB
65 KB 63ms
63ms Image
image/jpeg 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/article/big/index/gHCyYmamKyfKTToa.jpg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: db4c2aa152a3e4a2b5a0fa2edcbc98f25a98074929c8d0ab22b29e6ffa0c71b6

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:56 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:56 GMT

GET
BLOB 200
OK 9473906e-c2d6-4d1d-af4b-19033e8f55dd
https://ont.by/ 229 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ont.by/9473906e-c2d6-4d1d-af4b-19033e8f55dd
Requested by: Host: ont.by
URL: https://ont.by/_nuxt/22fc3f658e705c0ce8d1.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0b68b72a7701cc1e0a24bde984726201d1d52c98d7a0917621ba54840e5b8c20

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Length: 234342
Content-Type: text/javascript

GET
H/1.1 200
OK playlist.m3u8 Show response
stream.ont.by/ont/live576p/ 136 B
641 B 1417ms
61ms XHR
application/vnd.apple.mpegurl 93.125.31.151
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.ont.by/ont/live576p/playlist.m3u8
Requested by: Host: ont.by
URL: https://ont.by/_nuxt/22fc3f658e705c0ce8d1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.31.151 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-31-151.hoster.by
Software: WowzaStreamingEngine/4.7.6 /
Resource Hash: 7a7dfc68dc0f1e02eb5111a0a76ca60cc8a905ff5c6ec3694dce4a8d96177e7e

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ont.by/
Origin: https://ont.by

Response headers

Date: Mon, 16 Dec 2019 09:13:57 GMT
Server: WowzaStreamingEngine/4.7.6
Access-Control-Allow-Methods: OPTIONS, GET, POST, HEAD
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Date, Server, Content-Type, Content-Length
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type, User-Agent, If-Modified-Since, Cache-Control, Range
Content-Length: 136

GET
H2 200 instagram_color.3eecfa1.svg
ont.by/_nuxt/img/ 2 KB
1 KB 61ms
60ms Image
image/svg+xml 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/_nuxt/img/instagram_color.3eecfa1.svg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 3ca093e4300c1beb81e0d775cd8dbb9a9b93960a4e94832d0a065bf570bcb990

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:56 GMT
content-encoding: gzip
last-modified: Mon, 11 Nov 2019 14:33:22 GMT
server: nginx
access-control-allow-origin: *
etag: W/"8eb-16e5ae22d47"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: public, max-age=31536000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 76818022_2668552046570668_7315520173545738903_n.jpg
scontent.cdninstagram.com/v/t51.2885-15/sh0.08/e35/s640x640/ 42 KB
42 KB 28ms
11ms Image
image/jpeg 2a03:2880:f21c:81c4:face:b00c:0:43fe
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.cdninstagram.com/v/t51.2885-15/sh0.08/e35/s640x640/76818022_2668552046570668_7315520173545738903_n.jpg?_nc_ht=scontent.cdninstagram.com&_nc_ohc=GiXwaTQAqusAX9AE4_p&oh=df3ebd8cc6744c7ed3a7a0f6c291889f&oe=5DF96DC1
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f21c:81c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: /
Resource Hash: 1be3ee8c252f6d7a058bf9c8168ae0a1760d204501fc1417e13104ab0b0e68fb

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-haystack-needlechecksum: 1761657778
date: Mon, 16 Dec 2019 09:13:56 GMT
x-fb-trip-id: 906246022
last-modified: Sun, 15 Dec 2019 10:16:23 GMT
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=1209600, no-transform
x-needle-checksum: 1773938877
x-fb-config-version-olb-prod: 664
timing-allow-origin: *
alt-svc: h3-24=":443"; ma=3600
content-length: 42565

GET
H2 200 75225383_2840732475939710_2125826987272058439_n.jpg
scontent.cdninstagram.com/v/t51.2885-15/sh0.08/e35/p640x640/ 152 KB
152 KB 28ms
12ms Image
image/jpeg 2a03:2880:f21c:81c4:face:b00c:0:43fe
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.cdninstagram.com/v/t51.2885-15/sh0.08/e35/p640x640/75225383_2840732475939710_2125826987272058439_n.jpg?_nc_ht=scontent.cdninstagram.com&oh=02e696252fb9ef7d02bb876571ecb3a9&oe=5E7BBC30
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f21c:81c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: /
Resource Hash: 57eef0107a44fa9f54c0d96e5a995d00447128601fe840ee1da151508531b051

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-haystack-needlechecksum: 68615479
date: Mon, 16 Dec 2019 09:13:56 GMT
x-fb-trip-id: 906246022
last-modified: Sat, 14 Dec 2019 17:29:03 GMT
access-control-allow-origin: *
accept-ranges: bytes
content-type: image/jpeg
status: 200
cache-control: max-age=1209600, no-transform
x-needle-checksum: 3183023778
x-fb-config-version-olb-prod: 664
timing-allow-origin: *
alt-svc: h3-24=":443"; ma=3600
content-length: 155187

GET
H2 200 70430103_563536747768654_1174006140738106004_n.jpg
scontent.cdninstagram.com/v/t51.2885-15/sh0.08/e35/s640x640/ 62 KB
62 KB 28ms
12ms Image
image/jpeg 2a03:2880:f21c:81c4:face:b00c:0:43fe
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.cdninstagram.com/v/t51.2885-15/sh0.08/e35/s640x640/70430103_563536747768654_1174006140738106004_n.jpg?_nc_ht=scontent.cdninstagram.com&oh=66693be1f954813b06b7f84aeaf8d41d&oe=5E76AD26
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f21c:81c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: /
Resource Hash: 42e533b31c6e1f10cbbc1e63e2242a660c7f76ae1e8c1013d15ec1720cdce6d3

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-haystack-needlechecksum: 2984149525
date: Mon, 16 Dec 2019 09:13:56 GMT
x-fb-trip-id: 906246022
last-modified: Sat, 14 Dec 2019 15:12:02 GMT
access-control-allow-origin: *
accept-ranges: bytes
content-type: image/jpeg
status: 200
cache-control: max-age=1209600, no-transform
x-needle-checksum: 1408983621
x-fb-config-version-olb-prod: 664
timing-allow-origin: *
alt-svc: h3-24=":443"; ma=3600
content-length: 63582

GET
H2 200 77051661_440301056647745_4555587587918129413_n.jpg
scontent.cdninstagram.com/v/t51.2885-15/sh0.08/e35/p640x640/ 110 KB
110 KB 28ms
12ms Image
image/jpeg 2a03:2880:f21c:81c4:face:b00c:0:43fe
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.cdninstagram.com/v/t51.2885-15/sh0.08/e35/p640x640/77051661_440301056647745_4555587587918129413_n.jpg?_nc_ht=scontent.cdninstagram.com&oh=9f5780efa237c7245dcc2c67165d3c20&oe=5E8F7A6D
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f21c:81c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: /
Resource Hash: 94748ce70bfe96f24cc14e6adffec2676bc95bd427553ff7f7f341498b9af81d

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-haystack-needlechecksum: 3611039412
date: Mon, 16 Dec 2019 09:13:56 GMT
x-fb-trip-id: 906246022
last-modified: Sat, 14 Dec 2019 07:51:45 GMT
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=1209600, no-transform
x-needle-checksum: 2213820744
x-fb-config-version-olb-prod: 664
timing-allow-origin: *
alt-svc: h3-24=":443"; ma=3600
content-length: 112382

GET
H2 200 74896041_2570892019902104_1643582239561680730_n.jpg
scontent.cdninstagram.com/v/t51.2885-15/sh0.08/e35/s640x640/ 38 KB
38 KB 23ms
6ms Image
image/jpeg 2a03:2880:f21c:81c4:face:b00c:0:43fe
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.cdninstagram.com/v/t51.2885-15/sh0.08/e35/s640x640/74896041_2570892019902104_1643582239561680730_n.jpg?_nc_ht=scontent.cdninstagram.com&oh=3ca78154539767c06610d9dbed9933c5&oe=5DF9BA3E
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f21c:81c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: /
Resource Hash: a9736a66eb99e3a76447c6a4a4960d8f25812755db1b72d56fdf21d3f9df246c

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-haystack-needlechecksum: 2830877597
date: Mon, 16 Dec 2019 09:13:56 GMT
x-fb-trip-id: 906246022
last-modified: Fri, 13 Dec 2019 16:24:53 GMT
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=1209600, no-transform
x-needle-checksum: 3796778513
x-fb-config-version-olb-prod: 664
timing-allow-origin: *
alt-svc: h3-24=":443"; ma=3600
content-length: 38711

GET
H2 200 78950112_135724684518468_2708539828744930648_n.jpg
scontent.cdninstagram.com/v/t51.2885-15/sh0.08/e35/s640x640/ 67 KB
67 KB 29ms
13ms Image
image/jpeg 2a03:2880:f21c:81c4:face:b00c:0:43fe
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.cdninstagram.com/v/t51.2885-15/sh0.08/e35/s640x640/78950112_135724684518468_2708539828744930648_n.jpg?_nc_ht=scontent.cdninstagram.com&oh=b1e408de952ab454313e031e6f050d45&oe=5E6F2CBC
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f21c:81c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: /
Resource Hash: 14bc7f63ba663eb2dbbe6699806acca20c135cacbfaa054039186c00d5aeffce

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-haystack-needlechecksum: 2218390708
date: Mon, 16 Dec 2019 09:13:56 GMT
x-fb-trip-id: 906246022
last-modified: Fri, 13 Dec 2019 14:30:09 GMT
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=1209600, no-transform
x-needle-checksum: 2790127465
x-fb-config-version-olb-prod: 664
timing-allow-origin: *
alt-svc: h3-24=":443"; ma=3600
content-length: 68653

GET
H2 200 79030136_2530239877204414_6424253238916742178_n.jpg
scontent.cdninstagram.com/v/t51.2885-15/sh0.08/e35/s640x640/ 44 KB
44 KB 13ms
12ms Image
image/jpeg 2a03:2880:f21c:81c4:face:b00c:0:43fe
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.cdninstagram.com/v/t51.2885-15/sh0.08/e35/s640x640/79030136_2530239877204414_6424253238916742178_n.jpg?_nc_ht=scontent.cdninstagram.com&oh=2c68d4139ff1246f5ae1ac45ad672584&oe=5E7BA436
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f21c:81c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: /
Resource Hash: f6fd5197a64a1504337a3bcb1fd03814eab985f2a236e1bd3c5d2b3064610096

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-haystack-needlechecksum: 1444932846
date: Mon, 16 Dec 2019 09:13:56 GMT
x-fb-trip-id: 906246022
last-modified: Thu, 12 Dec 2019 18:15:56 GMT
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=1209600, no-transform
x-needle-checksum: 3498740488
x-fb-config-version-olb-prod: 664
timing-allow-origin: *
alt-svc: h3-24=":443"; ma=3600
content-length: 44943

GET
H2 200 74342966_2545415965513689_8257393312693816673_n.jpg
scontent.cdninstagram.com/v/t51.2885-15/sh0.08/e35/s640x640/ 52 KB
52 KB 13ms
12ms Image
image/jpeg 2a03:2880:f21c:81c4:face:b00c:0:43fe
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.cdninstagram.com/v/t51.2885-15/sh0.08/e35/s640x640/74342966_2545415965513689_8257393312693816673_n.jpg?_nc_ht=scontent.cdninstagram.com&oh=8643625b781b00946d83fc01f3dd5c99&oe=5E7B1797
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f21c:81c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: /
Resource Hash: 819e13074b1c1919a9daaa43cfc88615162b64981958a90c7456ca4d1e46b622

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-haystack-needlechecksum: 531496407
date: Mon, 16 Dec 2019 09:13:56 GMT
x-fb-trip-id: 906246022
last-modified: Wed, 11 Dec 2019 16:01:22 GMT
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=1209600, no-transform
x-needle-checksum: 510356909
x-fb-config-version-olb-prod: 664
timing-allow-origin: *
alt-svc: h3-24=":443"; ma=3600
content-length: 52930

GET
H2 200 75362583_427374828151275_4080148592421111107_n.jpg
scontent.cdninstagram.com/v/t51.2885-15/sh0.08/e35/s640x640/ 46 KB
46 KB 13ms
12ms Image
image/jpeg 2a03:2880:f21c:81c4:face:b00c:0:43fe
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.cdninstagram.com/v/t51.2885-15/sh0.08/e35/s640x640/75362583_427374828151275_4080148592421111107_n.jpg?_nc_ht=scontent.cdninstagram.com&oh=28896110830cac6fd67deade346769dc&oe=5E7C4C02
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f21c:81c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: /
Resource Hash: f040699eb684a998fe8ff9c7f0fc230971652dfcdf6c15f423cd8bede7b7e3bb

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-haystack-needlechecksum: 2669941462
date: Mon, 16 Dec 2019 09:13:56 GMT
x-fb-trip-id: 906246022
last-modified: Mon, 09 Dec 2019 10:29:10 GMT
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=1209600, no-transform
x-needle-checksum: 1622956590
x-fb-config-version-olb-prod: 664
timing-allow-origin: *
alt-svc: h3-24=":443"; ma=3600
content-length: 47430

GET
H2 200 75379836_233910597593921_6643274134119538302_n.jpg
scontent.cdninstagram.com/v/t51.2885-15/sh0.08/e35/s640x640/ 33 KB
33 KB 13ms
12ms Image
image/jpeg 2a03:2880:f21c:81c4:face:b00c:0:43fe
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.cdninstagram.com/v/t51.2885-15/sh0.08/e35/s640x640/75379836_233910597593921_6643274134119538302_n.jpg?_nc_ht=scontent.cdninstagram.com&oh=639dd9c0e44f6234a8b7428fe0467900&oe=5E93E627
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f21c:81c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: /
Resource Hash: 7785842aa5c2a9a6c513d124b538e59f379e3e7126846f02f19e7afcd4451b78

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-haystack-needlechecksum: 1716792609
date: Mon, 16 Dec 2019 09:13:56 GMT
x-fb-trip-id: 906246022
last-modified: Sat, 07 Dec 2019 16:26:11 GMT
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=1209600, no-transform
x-needle-checksum: 1479805027
x-fb-config-version-olb-prod: 664
timing-allow-origin: *
alt-svc: h3-24=":443"; ma=3600
content-length: 33286

GET
H2 200 75580705_186994719100842_7202501374594353271_n.jpg
scontent.cdninstagram.com/v/t51.2885-15/sh0.08/e35/s640x640/ 48 KB
48 KB 13ms
13ms Image
image/jpeg 2a03:2880:f21c:81c4:face:b00c:0:43fe
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.cdninstagram.com/v/t51.2885-15/sh0.08/e35/s640x640/75580705_186994719100842_7202501374594353271_n.jpg?_nc_ht=scontent.cdninstagram.com&oh=6ce2054a29d5de85663ffd5adb91ab84&oe=5E70F53A
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f21c:81c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: /
Resource Hash: 7713c70e7a5cca8001d8be70754817e296df4bb3e9511dc90332432aeba89db9

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-haystack-needlechecksum: 3340729179
date: Mon, 16 Dec 2019 09:13:56 GMT
x-fb-trip-id: 906246022
last-modified: Sat, 07 Dec 2019 13:20:05 GMT
access-control-allow-origin: *
accept-ranges: bytes
content-type: image/jpeg
status: 200
cache-control: max-age=1209600, no-transform
x-needle-checksum: 424070696
x-fb-config-version-olb-prod: 664
timing-allow-origin: *
alt-svc: h3-24=":443"; ma=3600
content-length: 49543

GET
H2 200 77399656_498601947668789_85862565777816708_n.jpg
scontent.cdninstagram.com/v/t51.2885-15/sh0.08/e35/s640x640/ 31 KB
31 KB 14ms
13ms Image
image/jpeg 2a03:2880:f21c:81c4:face:b00c:0:43fe
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.cdninstagram.com/v/t51.2885-15/sh0.08/e35/s640x640/77399656_498601947668789_85862565777816708_n.jpg?_nc_ht=scontent.cdninstagram.com&oh=f744f93a0b0aadaf900332a3c44a804a&oe=5DF98D01
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f21c:81c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: /
Resource Hash: 938c82082a5c2150af1aa2315c3b6b2b5b73a08c0fd4d529a8574c5f9200b0f4

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-haystack-needlechecksum: 3649886437
date: Mon, 16 Dec 2019 09:13:56 GMT
x-fb-trip-id: 906246022
last-modified: Fri, 06 Dec 2019 16:58:56 GMT
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=1209600, no-transform
x-needle-checksum: 583327028
x-fb-config-version-olb-prod: 664
timing-allow-origin: *
alt-svc: h3-24=":443"; ma=3600
content-length: 32147

GET
H2 200 79521382_449059852449522_300131267953359323_n.jpg
scontent.cdninstagram.com/v/t51.2885-15/sh0.08/e35/s640x640/ 43 KB
43 KB 14ms
13ms Image
image/jpeg 2a03:2880:f21c:81c4:face:b00c:0:43fe
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.cdninstagram.com/v/t51.2885-15/sh0.08/e35/s640x640/79521382_449059852449522_300131267953359323_n.jpg?_nc_ht=scontent.cdninstagram.com&oh=9030ffd150092ffb54016d927108394b&oe=5EB30720
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f21c:81c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: /
Resource Hash: 9e55b13f94d40d2cf0fa324b5885869b98f7e767cdf5bebdba8913949bfbb3b6

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-haystack-needlechecksum: 2566226666
date: Mon, 16 Dec 2019 09:13:56 GMT
x-fb-trip-id: 906246022
last-modified: Fri, 06 Dec 2019 13:03:34 GMT
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=1209600, no-transform
x-needle-checksum: 426173946
x-fb-config-version-olb-prod: 664
timing-allow-origin: *
alt-svc: h3-24=":443"; ma=3600
content-length: 43621

GET
H2 200 79710999_470897497140256_2866936057657197150_n.jpg
scontent.cdninstagram.com/v/t51.2885-15/sh0.08/e35/s640x640/ 70 KB
70 KB 14ms
13ms Image
image/jpeg 2a03:2880:f21c:81c4:face:b00c:0:43fe
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.cdninstagram.com/v/t51.2885-15/sh0.08/e35/s640x640/79710999_470897497140256_2866936057657197150_n.jpg?_nc_ht=scontent.cdninstagram.com&oh=d71028575a7ebc069aad776906dc05fd&oe=5E93E50C
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f21c:81c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: /
Resource Hash: b0482244f820a99e07f9c82143765ed325a6e8995b0650093ab7d72a386c469e

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-haystack-needlechecksum: 377976846
date: Mon, 16 Dec 2019 09:13:56 GMT
x-fb-trip-id: 906246022
last-modified: Fri, 06 Dec 2019 07:57:46 GMT
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: max-age=1209600, no-transform
x-needle-checksum: 3395667856
x-fb-config-version-olb-prod: 664
timing-allow-origin: *
alt-svc: h3-24=":443"; ma=3600
content-length: 71710

GET
H2 200 BgOt12mIsR4yikhD.jpg
ont.by/static/project/main/cell/ 69 KB
69 KB 65ms
61ms Image
image/jpeg 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/project/main/cell/BgOt12mIsR4yikhD.jpg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: f2155ccff9def6a6a9b0155dff92db632305559dec3dccaac7d871e542720d4a

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:56 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:56 GMT

GET
H2 200 2HsCfuquc9jozSWo.png
ont.by/static/project/main/cell/ 474 KB
475 KB 65ms
62ms Image
image/png 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/project/main/cell/2HsCfuquc9jozSWo.png
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 4535e5c4256f71822f2429dda86137cfb5cabc8617ea24255e6613c58e7de966

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:56 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:56 GMT

GET
H2 200 8PFkVqGSbG5XouwC.jpg
ont.by/static/project/main/cell/ 60 KB
60 KB 85ms
81ms Image
image/jpeg 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/project/main/cell/8PFkVqGSbG5XouwC.jpg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: c2d60f6b8a156606407a639f7617381d8d7fbffb2264d70cf8493b9c0e29d8d9

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:56 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:56 GMT

GET
H2 200 I1ZeBXV8lE9ibJss.jpg
ont.by/static/project/main/cell/ 77 KB
77 KB 87ms
83ms Image
image/jpeg 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/project/main/cell/I1ZeBXV8lE9ibJss.jpg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: a33de638844be0e68259054b82a151c415e7e3e7d611cceb0ce6730ec733debe

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:56 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:56 GMT

GET
H2 200 pZ9uNSgbUWQWLhgZ.jpg
ont.by/static/project/main/cell/ 58 KB
58 KB 112ms
108ms Image
image/jpeg 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/project/main/cell/pZ9uNSgbUWQWLhgZ.jpg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 41029da3f8c7c93634a77bc8103cbb11a15afa14043873f4f0518c4981da1971

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:56 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:56 GMT

GET
H2 200 IuynrA8l1jMh7VEM.jpg
ont.by/static/project/main/cell/ 44 KB
44 KB 61ms
61ms Image
image/jpeg 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/project/main/cell/IuynrA8l1jMh7VEM.jpg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 1bb2ea90588c3a8e530716107c9859b4b882eacdb88574f8d07a0b3b67479d96

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:56 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:56 GMT

GET
H2 200 76ktNZ7GJmV6Uanq.png
ont.by/static/project/main/cell/ 364 KB
365 KB 61ms
60ms Image
image/png 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/project/main/cell/76ktNZ7GJmV6Uanq.png
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: e7d8f5bb8e0c1684fa0892abdfd81b766cc9e3c66da363c46aaebf10ed7ad12d

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:56 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:56 GMT

GET
H2 200 ij2Y6BnXJ2TwWWyn.jpg
ont.by/static/movie/main/cell-small/ 46 KB
46 KB 62ms
61ms Image
image/jpeg 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/movie/main/cell-small/ij2Y6BnXJ2TwWWyn.jpg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 02d979fdc1c47582105a44548423814cab4194dd1fb10f5f14e051010cf685b3

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:56 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:56 GMT

GET
H2 200 um5tyrforegISyoQ.jpg
ont.by/static/movie/main/cell-small/ 50 KB
50 KB 63ms
62ms Image
image/jpeg 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/movie/main/cell-small/um5tyrforegISyoQ.jpg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 28fa9f5cea21e7efbb53773d4cc52f50259db9bfeb7cbeae1889491c42d2ccd1

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:56 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:56 GMT

GET
H2 200 Da1DGl3ZWb6aWo2X.jpg
ont.by/static/movie/main/cell-small/ 36 KB
36 KB 63ms
63ms Image
image/jpeg 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/movie/main/cell-small/Da1DGl3ZWb6aWo2X.jpg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 30d0a99483272f636b5fb6134e64b2a9f7b94dd7a0688a5595600e3af5cec289

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:56 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:56 GMT

GET
H2 200 8f1CJugcYdjiamtZ.jpg
ont.by/static/movie/main/cell-small/ 32 KB
32 KB 64ms
63ms Image
image/jpeg 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/movie/main/cell-small/8f1CJugcYdjiamtZ.jpg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 04a1c54e23d9f2feaaa5011f66a04b2e448a01da3c7b403a3503d9d1ef0069ec

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:56 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:56 GMT

GET
H2 200 SsYPrlDxbgEkpI0Z.jpg
ont.by/static/movie/main/cell-small/ 65 KB
65 KB 64ms
63ms Image
image/jpeg 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/movie/main/cell-small/SsYPrlDxbgEkpI0Z.jpg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 95928822d05991ea657517979508775ac4aaf67658b4051eef95894275fe45e4

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:56 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:56 GMT

GET
H2 200 zDVtupf4OPtMM9fa.jpg
ont.by/static/movie/main/cell-small/ 51 KB
51 KB 78ms
77ms Image
image/jpeg 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/movie/main/cell-small/zDVtupf4OPtMM9fa.jpg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 18ef062c48d1aaf6044e6ed1fbf5e21bf3fe233e366cf796a3b3eed620f3cce2

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:56 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:56 GMT

GET
H2 200 7YYYC0DLbnqZHbRx.jpg
ont.by/static/movie/main/cell-small/ 63 KB
64 KB 79ms
78ms Image
image/jpeg 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/movie/main/cell-small/7YYYC0DLbnqZHbRx.jpg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 3c6286b9a7d514c9623e71a1e2b618b4a77cc413d030bbdcfdad6e44ab7bcd2e

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:56 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:56 GMT

GET
H2 200 4kMXg3JFqZRzdsks.jpg
ont.by/static/movie/main/cell-small/ 31 KB
31 KB 65ms
61ms Image
image/jpeg 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/movie/main/cell-small/4kMXg3JFqZRzdsks.jpg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 430a739bce94ea113150a6c0f090ba30b184951f753fd7cd23605a83f02a4db4

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:56 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:56 GMT

GET
H2 200 0YUgRhxLGYnpwRWU.jpg
ont.by/static/movie/main/cell-small/ 35 KB
35 KB 62ms
62ms Image
image/jpeg 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/movie/main/cell-small/0YUgRhxLGYnpwRWU.jpg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: f70bc240ded7b7bdb9f696710cb048cdddf4dc2582855d1139ec449eb774072f

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:56 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:56 GMT

GET
H2 200 ONi7htVUdrH3YxgM.jpg
ont.by/static/movie/main/cell-small/ 35 KB
35 KB 63ms
62ms Image
image/jpeg 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/movie/main/cell-small/ONi7htVUdrH3YxgM.jpg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 623f9db375755dc4fb496f2a99e563044b7ba9da0e2e9ce672b50e4e5bf39195

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:56 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:56 GMT

GET
H2 200 yILAB8K0uqlURK7J.jpg
ont.by/static/program/main/slider/ 2 KB
2 KB 65ms
64ms Image
image/jpeg 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/program/main/slider/yILAB8K0uqlURK7J.jpg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 22191430092ccd7ad558b4f193316d87e8ee3eaf2b62ad30f65ae91ff98172d7

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:56 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:56 GMT

GET
H2 200 9MykXoO5X5f74Bv5.jpg
ont.by/static/program/main/slider/ 2 KB
2 KB 62ms
61ms Image
image/jpeg 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/program/main/slider/9MykXoO5X5f74Bv5.jpg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: abb2a3f551e455103d3bea0cf5706a184f300c4c8bd70a57511c4c704e2c22ec

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:56 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:56 GMT

GET
H2 200 EXMIA1dCSFeSez2Q.jpg
ont.by/static/program/main/slider/ 20 KB
20 KB 64ms
63ms Image
image/jpeg 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/program/main/slider/EXMIA1dCSFeSez2Q.jpg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 121f39c2991c7a5c8fad3e4f779f962816901e74a694ead6669e0451c96a573d

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:56 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:56 GMT

GET
H2 200 Yl17r1NJVHxUTJdN.jpg
ont.by/static/program/main/slider/ 2 KB
2 KB 65ms
64ms Image
image/jpeg 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/program/main/slider/Yl17r1NJVHxUTJdN.jpg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: fea56ce6bea6b24873076d6d175ee1ce97f89fbdc3e631df1cca0170216e5dfa

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:56 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:56 GMT

GET
H2 200 RHLCk1Mnqk8EVOST.jpg
ont.by/static/program/main/slider/ 2 KB
2 KB 61ms
60ms Image
image/jpeg 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/program/main/slider/RHLCk1Mnqk8EVOST.jpg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: b2de5d9245b9c61add12b569bd9ec19c0fdec8a2896df6428aa82e633a386c99

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:56 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:56 GMT

GET
H2 200 JCY01HJ21KTTUtia.jpg
ont.by/static/program/main/slider/ 1 KB
1 KB 62ms
60ms Image
image/jpeg 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/program/main/slider/JCY01HJ21KTTUtia.jpg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: eb69694b75016c6d8febc32ff2b8eee96cef7fd776dc156e2f524097a0c9c623

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:56 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:56 GMT

GET
H2 200 EbYttcwmdQpUWEVc.jpg
ont.by/static/program/main/slider/ 2 KB
2 KB 62ms
61ms Image
image/jpeg 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/program/main/slider/EbYttcwmdQpUWEVc.jpg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: abb2a3f551e455103d3bea0cf5706a184f300c4c8bd70a57511c4c704e2c22ec

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:56 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:56 GMT

GET
H2 200 RIjL75r9xb6HaPqR.jpg
ont.by/static/program/main/slider/ 2 KB
2 KB 62ms
60ms Image
image/jpeg 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/program/main/slider/RIjL75r9xb6HaPqR.jpg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 774e0b5e1e248b4030c5f84ece37d4b7bca0e1ee770a21f27192830351d81028

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:56 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:56 GMT

GET
H2 200 zlZoytKYCdx8u398.jpg
ont.by/static/program/main/slider/ 1 KB
2 KB 62ms
61ms Image
image/jpeg 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/program/main/slider/zlZoytKYCdx8u398.jpg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 8da400506349ed9c2f1dba602f17c3e0c5eb06673096eadc402e36247925c0de

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:56 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:56 GMT

GET
H2 200 bfcqLq29IwZEfly2.jpg
ont.by/static/program/main/slider/ 2 KB
2 KB 62ms
61ms Image
image/jpeg 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/program/main/slider/bfcqLq29IwZEfly2.jpg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 06ed79e3d55657e8c0bdf162733ae94883dff192c56a3e21e0356ffe4f1f2781

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:56 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:56 GMT

GET
H2 200 XQ3gVhCvUJSqPCnj.jpg
ont.by/static/program/main/slider/ 14 KB
15 KB 62ms
62ms Image
image/jpeg 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/program/main/slider/XQ3gVhCvUJSqPCnj.jpg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: e4cd90745d5bf76cde8caa5bb7b1be00ed24942c453224e76659c2b444bbd739

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:56 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:56 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/qBTCImvPp2A/ 37 KB
37 KB 11ms
6ms Image
image/jpeg 2a00:1450:4001:808::2016
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/qBTCImvPp2A/hqdefault.jpg

Requested by

Host: ont.by
URL: https://ont.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a406cf7cd4e4c095484d566c28b997c8419c769eb93821a1bbbb83af1eb99059

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:12 GMT
x-content-type-options: nosniff
server: sffe
age: 44
etag: "1576486589"
content-type: image/jpeg
status: 200
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37400
x-xss-protection: 0
expires: Mon, 16 Dec 2019 09:18:12 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/7sF6kYiJeR8/ 38 KB
38 KB 44ms
39ms Image
image/jpeg 2a00:1450:4001:808::2016
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/7sF6kYiJeR8/hqdefault.jpg

Requested by

Host: ont.by
URL: https://ont.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa8492704a2060ce034da45c7f95a50e7f8fb94930298a79f7f66f1cbca247e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:56 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "1576480555"
content-type: image/jpeg
status: 200
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 38731
x-xss-protection: 0
expires: Mon, 16 Dec 2019 09:18:56 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/KIj4JoZ-qcs/ 38 KB
38 KB 13ms
8ms Image
image/jpeg 2a00:1450:4001:808::2016
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/KIj4JoZ-qcs/hqdefault.jpg

Requested by

Host: ont.by
URL: https://ont.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

4f69f51f1aa32071359ae4082c487b2b6bdc8a050d7dd013f0de09fe3220b5c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:13 GMT
x-content-type-options: nosniff
server: sffe
age: 43
etag: "1576479330"
content-type: image/jpeg
status: 200
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 39072
x-xss-protection: 0
expires: Mon, 16 Dec 2019 09:18:13 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/0m_4YP2fjUg/ 23 KB
23 KB 16ms
11ms Image
image/jpeg 2a00:1450:4001:808::2016
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/0m_4YP2fjUg/hqdefault.jpg

Requested by

Host: ont.by
URL: https://ont.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

ca5a4b5062839df5f502eb69c9b878aa72768d4697420be02cd92c9b35559c9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:27 GMT
x-content-type-options: nosniff
server: sffe
age: 29
etag: "1576478112"
content-type: image/jpeg
status: 200
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 23915
x-xss-protection: 0
expires: Mon, 16 Dec 2019 09:18:27 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/EFJUwA-tYjE/ 30 KB
30 KB 42ms
41ms Image
image/jpeg 2a00:1450:4001:808::2016
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/EFJUwA-tYjE/hqdefault.jpg

Requested by

Host: ont.by
URL: https://ont.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

17b8ffd35f60a425de5c25ed47f5d38f255742b1a640220b9214a709f0bb90e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:56 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "1576455253"
content-type: image/jpeg
status: 200
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 30947
x-xss-protection: 0
expires: Mon, 16 Dec 2019 09:18:56 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/zXJL-XZ6fDQ/ 32 KB
32 KB 42ms
41ms Image
image/jpeg 2a00:1450:4001:808::2016
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/zXJL-XZ6fDQ/hqdefault.jpg

Requested by

Host: ont.by
URL: https://ont.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0fc763db542863a3a82fab164292c6bfb390f65cd1a40968147ee1c3d208bd71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:56 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "1576452267"
content-type: image/jpeg
status: 200
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 32733
x-xss-protection: 0
expires: Mon, 16 Dec 2019 09:18:56 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/zLa-acu83_4/ 24 KB
25 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:808::2016
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/zLa-acu83_4/hqdefault.jpg

Requested by

Host: ont.by
URL: https://ont.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0c5c3cb261a2b9de884ea1eb247c80fa3379098c8de0fbdb2a17ec0bf7d9ab6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:13 GMT
x-content-type-options: nosniff
server: sffe
age: 43
etag: "1576451888"
content-type: image/jpeg
status: 200
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 25067
x-xss-protection: 0
expires: Mon, 16 Dec 2019 09:18:13 GMT

GET
H2 200 index-footer Show response
ont.by/api/promo/info/ 13 B
239 B 98ms
94ms XHR
application/json 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://ont.by/api/promo/info/index-footer?from=%2F
Requested by: Host: ont.by
URL: https://ont.by/_nuxt/7a2023d4115017182b40.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: ba5f3ea40e95f49bce11942f375ebd3882eb837976eda5c0cb78b9b99ca7b485

Request headers

Accept: application/json, text/plain, */*
Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.034
date: Mon, 16 Dec 2019 09:13:56 GMT
content-encoding: gzip
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 QkTT91LYpPdLExs9.jpg
ont.by/static/program/main/slider/ 3 KB
3 KB 77ms
77ms Image
image/jpeg 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/program/main/slider/QkTT91LYpPdLExs9.jpg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: f2090bdc5c4f16f2d54f7cfa244ab9f17e0936ea516bd068c1f14410b4ca244d

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:56 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:56 GMT

GET
H2 200 uQupUOZpPUhpHT46.jpg
ont.by/static/program/main/slider/ 2 KB
2 KB 77ms
77ms Image
image/jpeg 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/program/main/slider/uQupUOZpPUhpHT46.jpg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: f42fdb9bb77b5662da91a15efe173afa771932e5387f75f5c8119a6f9a7c3eca

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:56 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:56 GMT

GET
H2 200 0y93Ss9qAnq8Hrmv.jpg
ont.by/static/program/main/slider/ 2 KB
2 KB 77ms
76ms Image
image/jpeg 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/program/main/slider/0y93Ss9qAnq8Hrmv.jpg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 3641085cae451d98ebe3827e97d2bd0dd773edeb12a03f49ae365ce0adad9474

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:56 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:56 GMT

GET
H2 200 4NbsZ6FUCxRg6N5s.jpg
ont.by/static/program/main/slider/ 2 KB
2 KB 74ms
72ms Image
image/jpeg 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/program/main/slider/4NbsZ6FUCxRg6N5s.jpg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 16424cba61af903f453f756e53bc215366fa1121ec4b50728ac990de615cc409

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:56 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:56 GMT

GET
H2 200 AgW5gCmct3SZHlaT.jpg
ont.by/static/program/main/slider/ 2 KB
2 KB 74ms
73ms Image
image/jpeg 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/program/main/slider/AgW5gCmct3SZHlaT.jpg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: aa5e58ffb728c85d576ec05746f4606af2788b7231dd1d3984a7b4c76167e385

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:56 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:56 GMT

GET
H2 200 B0ID57MCpDlfApZu.jpg
ont.by/static/program/main/slider/ 2 KB
2 KB 61ms
60ms Image
image/jpeg 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/program/main/slider/B0ID57MCpDlfApZu.jpg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: fe2a1a5f8a560f6f3aca241f86111778719276880f77c00881e22fb6fc3e6273

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:56 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:56 GMT

GET
H2 200 4k9xUrJD2TUKonc6.jpg
ont.by/static/program/main/slider/ 25 KB
25 KB 61ms
61ms Image
image/jpeg 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/program/main/slider/4k9xUrJD2TUKonc6.jpg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: a5edf424c74a0309237e007f875d8bbe13a94792b46e78f038a5b1b6c8af55c9

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:56 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:56 GMT

GET
H2 200 l4bHJ26oxTgMUD8k.jpg
ont.by/static/program/main/slider/ 2 KB
3 KB 61ms
61ms Image
image/jpeg 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ont.by/static/program/main/slider/l4bHJ26oxTgMUD8k.jpg
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 1e622105e0ee282594aa9cf1ecfa3526be42e058cf6a71b6d8cc01db68e0bf87

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 0.000
date: Mon, 16 Dec 2019 09:13:56 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
status: 200
cache-control: max-age=2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Wed, 15 Jan 2020 09:13:56 GMT

GET
H2 200 profile Show response
cdn.syndication.twimg.com/timeline/ 140 KB
9 KB 209ms
188ms Script
application/javascript 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_ont_tv_old&dnt=false&domain=ont.by&lang=ru&screen_name=ont_tv&suppress_response_codes=true&t=1751652&tz=GMT%2B0100&with_replies=false

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

tsa_f /

Resource Hash

da6de134a7d897a29dc7b8ff104f41c3c7abfb584e9928643b5d4f3b08530608

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-disposition: attachment; filename=jsonp.jsonp
strict-transport-security: max-age=631138519
content-length: 9158
x-xss-protection: 0
x-response-time: 163
last-modified: Mon, 16 Dec 2019 09:13:56 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: must-revalidate, max-age=300
x-connection-hash: d9e007c3ea372241f2e2e17fc94c9b30
timing-allow-origin: *
x-transaction: 0067d03b00b015cd
expires: Mon, 16 Dec 2019 09:18:56 GMT

GET
H2 200 syndication
syndication.twitter.com/i/jot/ 43 B
383 B 138ms
138ms Image
image/gif 104.244.42.136
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/syndication?l=%7B%22_category_%22%3A%22syndicated_impression%22%2C%22triggered_on%22%3A1576487636576%2C%22dnt%22%3Afalse%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: ont.by
URL: https://ont.by/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
content-length: 65
x-xss-protection: 0
x-response-time: 116
pragma: no-cache
last-modified: Mon, 16 Dec 2019 09:13:56 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: c9644c38e7b85d8b9ddaeb7f94255f02
x-transaction: 00fe6ae0003b73b4
expires: Tue, 31 Mar 1981 05:00:00 GMT

POST
H/1.1 200
OK 1
mc.yandex.ru/watch/26812653/ 43 B
529 B 48ms
48ms Other
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/26812653/1?page-url=https%3A%2F%2Font.by%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1576487634231%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Az%3A60%3Ai%3A20191216101356%3Aet%3A1576487637%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Apa%3A1%3Arn%3A1009733520%3Ahid%3A704068923%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C42%2C%2C%2C%2C%3Afp%3A1277%3Agdpr%3A14%3Av%3A1776%3Ast%3A1576487637%3Au%3A1576487636713505257

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ont.by/
Origin: https://ont.by
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 16 Dec 2019 09:13:56 GMT
Last-Modified: Mon, 16-Dec-2019 09:13:56 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Access-Control-Allow-Origin: https://ont.by
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: Mon, 16-Dec-2019 09:13:56 GMT

POST
H/1.1 200
OK 1
mc.yandex.ru/watch/24929690/ 43 B
529 B 48ms
48ms Other
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/24929690/1?page-url=https%3A%2F%2Font.by%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1576487634231%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A2%3Az%3A60%3Ai%3A20191216101356%3Aet%3A1576487637%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Apa%3A1%3Arn%3A51204407%3Ahid%3A704068923%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%3Afp%3A1277%3Agdpr%3A14%3Av%3A1776%3Ast%3A1576487637%3Au%3A1576487636713505257

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ont.by/
Origin: https://ont.by
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 16 Dec 2019 09:13:56 GMT
Last-Modified: Mon, 16-Dec-2019 09:13:56 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Access-Control-Allow-Origin: https://ont.by
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: Mon, 16-Dec-2019 09:13:56 GMT

GET
H2

302

v2 Show response
ads.adfox.ru/239538/getBulkTest/
Redirect Chain

https://ads.adfox.ru/239538/getBulk/v2?dl=https%3A%2F%2Font.by%2F&date=2019-12-16T10%3A13%3A56.609%2B01%3A00&pd=16&pdh=1200&pdw=1600&pr1=836362105&pr=2473837910&prr=&pv=10&pw=1&extid_loader=&extid_...
https://ads.adfox.ru/239538/getBulkTest/v2?dl=https%3A%2F%2Font.by%2F&date=2019-12-16T10%3A13%3A56.609%2B01%3A00&pd=16&pdh=1200&pdw=1600&pr1=836362105&pr=2473837910&prr=&pv=10&pw=1&extid_loader=&ex...

0
-1 B

242ms
112ms

XHR

213.180.204.50
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adfox.ru/239538/getBulkTest/v2?dl=https%3A%2F%2Font.by%2F&date=2019-12-16T10%3A13%3A56.609%2B01%3A00&pd=16&pdh=1200&pdw=1600&pr1=836362105&pr=2473837910&prr=&pv=10&pw=1&extid_loader=&extid_tag_loader=ont.by&ylv=0.1505&ybv=0.1497&ytt=260034501543957&is-turbo=0&skip-token=&ad-session-id=5812841576487636612&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22width%22%3A1920%2C%22height%22%3A0%2C%22left%22%3A-167%2C%22top%22%3A0%2C%22visible%22%3A1%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&matchid-cookies=fEO4cFbeMKA-n3kK-BaJMvLRxB2QIU2sgp2wBg1jcZVQKeuTbq29xg%3D%3D&matchid-cookies-sign=PtyMFpY5t7FaSHddNsUSKg%3D%3D&p1=cerem&p2=y&matchid-direct=1&bids=W3siY2FtcGFpZ25faWQiOjc3MTAwNSwicmVzcG9uc2VfdGltZSI6MTIzOSwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjE0MTAzNzYifV0%3D&grab=dNCe0J3QoiDigJQg0J7QsdGJ0LXQvdCw0YbQuNC-0L3QsNC70YzQvdC-0LUg0YLQtdC70LXQstC40LTQtdC90LjQtSDQkdC10LvQsNGA0YPRgdC4IHwg0JHQtdC70L7RgNGD0YHRgdC60LjQuSDRgtC10LvQtdC60LDQvdCw0Lsg0J7QndCiCjIg0J_QvtGB0LvQtdC00L3QuNC1INC90L7QstC-0YHRgtC4IAoy0JPQu9Cw0LLQvdGL0LUg0L3QvtCy0L7RgdGC0LggCjIg0KHQtdC50YfQsNGBINGH0LjRgtCw0Y7RgiAKMiDQn9C-0L_Rg9C70Y_RgNC90L7QtSDQt9CwINC90LXQtNC10LvRjiAKMiDQnNCw0YDQutC-0LIuINCd0LjRh9C10LPQviDQu9C40YfQvdC-0LPQviAKMiDQntCd0KIg0L3QsCBZb3VUdWJlIAoyINCd0LDRiNC4INC90L7QstC-0YHRgtC4INCe0J3QoiAKMiDQn9GA0L7Qs9GA0LDQvNC80Ysg0Lgg0L_RgNC-0LXQutGC0YsgCjIg0JrQuNC90L4g0Lgg0YHQtdGA0LjQsNC70YsgCjIg0JzRiyDQsiDRgdC-0YbQuNCw0LvRjNC90YvRhSDRgdC10YLRj9GFIAozINCX0LAg0L_QvtGB0LvQtdC00L3QtdC1INC00LXRgdGP0YLQuNC70LXRgtC40LUg0YfQuNGB0LvQviDQv9GA0LDQstC-0L3QsNGA0YPRiNC10L3QuNC5INCy0YvRgNC-0YHQu9C-INCy0LTQstC-0LU6INCb0YPQutCw0YjQtdC90LrQviDQv9GA0L7QstC-0LTQuNGCINGB0L7QstC10YnQsNC90LjQtSDQv9C-INC_0YDQuNC80LXQvdC10L3QuNGOINCw0LTQvNC40L3QuNGB0YLRgNCw0YLQuNCy0L3QvtC5INC-0YLQstC10YLRgdGC0LLQtdC90L3QvtGB0YLQuCAKMyDQl9CwINC_0L7RgdC70LXQtNC90LXQtSDQtNC10YHRj9GC0LjQu9C10YLQuNC1INGH0LjRgdC70L4g0L_RgNCw0LLQvtC90LDRgNGD0YjQtdC90LjQuSDQstGL0YDQvtGB0LvQviDQstC00LLQvtC1OiDQm9GD0LrQsNGI0LXQvdC60L4g0L_RgNC-0LLQvtC00LjRgiDRgdC-0LLQtdGJ0LDQvdC40LUg0L_QviDQv9GA0LjQvNC10L3QtdC90LjRjiDQsNC00LzQuNC90LjRgdGC0YDQsNGC0LjQstC90L7QuSDQvtGC0LLQtdGC0YHRgtCy0LXQvdC90L7RgdGC0LggCjMg0JHQsNC90Log0YDQsNC30LLQuNGC0LjRjyDQmtC40YLQsNGPINCy0YvQtNC10LvQuNGCINCR0LXQu9Cw0YDRg9GB0Lgg0LrRgNC10LTQuNGCINC90LAgMyw1INC80LvRgNC0INGO0LDQvdC10LkgCjMg0JHQtdC70LDRgNGD0YHRjCDQv9C-0LTQvdGP0LvQsNGB0Ywg0LIg0YDQtdC50YLQuNC90LPQtSDRgdCw0LzRi9GFINC80L7Qs9GD0YnQtdGB0YLQstC10L3QvdGL0YUg0YHRgtGA0LDQvSDQvNC40YDQsCAKMyDCq9CS0YHRgtGA0LXRh9CwINC00LLRg9GFINCS0LvQsNC00LjQvNC40YDQvtCywrs6INGB0YLQsNC7INC70Lgg0LzQuNGAINC90LAg0JTQvtC90LHQsNGB0YHQtSDQsdC70LjQttC1INC_0L7RgdC70LUg0L_QtdGA0LXQs9C-0LLQvtGA0L7QsiDCq9C90L7RgNC80LDQvdC00YHQutC-0Lkg0YfQtdGC0LLRkdGA0LrQuMK7INCyINCf0LDRgNC40LbQtT8gCjMg0JHQtdC70L7RgNGD0YHRgdC60LjQtSDQtNCw0LvRjNC90L7QsdC-0LnRidC40LrQuCDRgdGH&utf8=%E2%9C%93
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.180.204.50 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS: ads.adfox.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Dec 2019 09:13:56 GMT
server: nginx
access-control-allow-origin: https://ont.by
location: /239538/getBulkTest/v2?dl=https%3A%2F%2Font.by%2F&date=2019-12-16T10%3A13%3A56.609%2B01%3A00&pd=16&pdh=1200&pdw=1600&pr1=836362105&pr=2473837910&prr=&pv=10&pw=1&extid_loader=&extid_tag_loader=ont.by&ylv=0.1505&ybv=0.1497&ytt=260034501543957&is-turbo=0&skip-token=&ad-session-id=5812841576487636612&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22width%22%3A1920%2C%22height%22%3A0%2C%22left%22%3A-167%2C%22top%22%3A0%2C%22visible%22%3A1%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&matchid-cookies=fEO4cFbeMKA-n3kK-BaJMvLRxB2QIU2sgp2wBg1jcZVQKeuTbq29xg%3D%3D&matchid-cookies-sign=PtyMFpY5t7FaSHddNsUSKg%3D%3D&p1=cerem&p2=y&matchid-direct=1&bids=W3siY2FtcGFpZ25faWQiOjc3MTAwNSwicmVzcG9uc2VfdGltZSI6MTIzOSwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjE0MTAzNzYifV0%3D&grab=dNCe0J3QoiDigJQg0J7QsdGJ0LXQvdCw0YbQuNC-0L3QsNC70YzQvdC-0LUg0YLQtdC70LXQstC40LTQtdC90LjQtSDQkdC10LvQsNGA0YPRgdC4IHwg0JHQtdC70L7RgNGD0YHRgdC60LjQuSDRgtC10LvQtdC60LDQvdCw0Lsg0J7QndCiCjIg0J_QvtGB0LvQtdC00L3QuNC1INC90L7QstC-0YHRgtC4IAoy0JPQu9Cw0LLQvdGL0LUg0L3QvtCy0L7RgdGC0LggCjIg0KHQtdC50YfQsNGBINGH0LjRgtCw0Y7RgiAKMiDQn9C-0L_Rg9C70Y_RgNC90L7QtSDQt9CwINC90LXQtNC10LvRjiAKMiDQnNCw0YDQutC-0LIuINCd0LjRh9C10LPQviDQu9C40YfQvdC-0LPQviAKMiDQntCd0KIg0L3QsCBZb3VUdWJlIAoyINCd0LDRiNC4INC90L7QstC-0YHRgtC4INCe0J3QoiAKMiDQn9GA0L7Qs9GA0LDQvNC80Ysg0Lgg0L_RgNC-0LXQutGC0YsgCjIg0JrQuNC90L4g0Lgg0YHQtdGA0LjQsNC70YsgCjIg0JzRiyDQsiDRgdC-0YbQuNCw0LvRjNC90YvRhSDRgdC10YLRj9GFIAozINCX0LAg0L_QvtGB0LvQtdC00L3QtdC1INC00LXRgdGP0YLQuNC70LXRgtC40LUg0YfQuNGB0LvQviDQv9GA0LDQstC-0L3QsNGA0YPRiNC10L3QuNC5INCy0YvRgNC-0YHQu9C-INCy0LTQstC-0LU6INCb0YPQutCw0YjQtdC90LrQviDQv9GA0L7QstC-0LTQuNGCINGB0L7QstC10YnQsNC90LjQtSDQv9C-INC_0YDQuNC80LXQvdC10L3QuNGOINCw0LTQvNC40L3QuNGB0YLRgNCw0YLQuNCy0L3QvtC5INC-0YLQstC10YLRgdGC0LLQtdC90L3QvtGB0YLQuCAKMyDQl9CwINC_0L7RgdC70LXQtNC90LXQtSDQtNC10YHRj9GC0LjQu9C10YLQuNC1INGH0LjRgdC70L4g0L_RgNCw0LLQvtC90LDRgNGD0YjQtdC90LjQuSDQstGL0YDQvtGB0LvQviDQstC00LLQvtC1OiDQm9GD0LrQsNGI0LXQvdC60L4g0L_RgNC-0LLQvtC00LjRgiDRgdC-0LLQtdGJ0LDQvdC40LUg0L_QviDQv9GA0LjQvNC10L3QtdC90LjRjiDQsNC00LzQuNC90LjRgdGC0YDQsNGC0LjQstC90L7QuSDQvtGC0LLQtdGC0YHRgtCy0LXQvdC90L7RgdGC0LggCjMg0JHQsNC90Log0YDQsNC30LLQuNGC0LjRjyDQmtC40YLQsNGPINCy0YvQtNC10LvQuNGCINCR0LXQu9Cw0YDRg9GB0Lgg0LrRgNC10LTQuNGCINC90LAgMyw1INC80LvRgNC0INGO0LDQvdC10LkgCjMg0JHQtdC70LDRgNGD0YHRjCDQv9C-0LTQvdGP0LvQsNGB0Ywg0LIg0YDQtdC50YLQuNC90LPQtSDRgdCw0LzRi9GFINC80L7Qs9GD0YnQtdGB0YLQstC10L3QvdGL0YUg0YHRgtGA0LDQvSDQvNC40YDQsCAKMyDCq9CS0YHRgtGA0LXRh9CwINC00LLRg9GFINCS0LvQsNC00LjQvNC40YDQvtCywrs6INGB0YLQsNC7INC70Lgg0LzQuNGAINC90LAg0JTQvtC90LHQsNGB0YHQtSDQsdC70LjQttC1INC_0L7RgdC70LUg0L_QtdGA0LXQs9C-0LLQvtGA0L7QsiDCq9C90L7RgNC80LDQvdC00YHQutC-0Lkg0YfQtdGC0LLRkdGA0LrQuMK7INCyINCf0LDRgNC40LbQtT8gCjMg0JHQtdC70L7RgNGD0YHRgdC60LjQtSDQtNCw0LvRjNC90L7QsdC-0LnRidC40LrQuCDRgdGH&utf8=%E2%9C%93
p3p: policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
status: 302
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 0
expires: Mon, 04 Dec 1999 21:29:02 GMT

Redirect headers

pragma: no-cache
date: Mon, 16 Dec 2019 09:13:56 GMT
server: nginx
status: 302
location: /239538/getBulkTest/v2?dl=https%3A%2F%2Font.by%2F&date=2019-12-16T10%3A13%3A56.609%2B01%3A00&pd=16&pdh=1200&pdw=1600&pr1=836362105&pr=2473837910&prr=&pv=10&pw=1&extid_loader=&extid_tag_loader=ont.by&ylv=0.1505&ybv=0.1497&ytt=260034501543957&is-turbo=0&skip-token=&ad-session-id=5812841576487636612&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22width%22%3A1920%2C%22height%22%3A0%2C%22left%22%3A-167%2C%22top%22%3A0%2C%22visible%22%3A1%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&matchid-cookies=fEO4cFbeMKA-n3kK-BaJMvLRxB2QIU2sgp2wBg1jcZVQKeuTbq29xg%3D%3D&matchid-cookies-sign=PtyMFpY5t7FaSHddNsUSKg%3D%3D&p1=cerem&p2=y&matchid-direct=1&bids=W3siY2FtcGFpZ25faWQiOjc3MTAwNSwicmVzcG9uc2VfdGltZSI6MTIzOSwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjE0MTAzNzYifV0%3D&grab=dNCe0J3QoiDigJQg0J7QsdGJ0LXQvdCw0YbQuNC-0L3QsNC70YzQvdC-0LUg0YLQtdC70LXQstC40LTQtdC90LjQtSDQkdC10LvQsNGA0YPRgdC4IHwg0JHQtdC70L7RgNGD0YHRgdC60LjQuSDRgtC10LvQtdC60LDQvdCw0Lsg0J7QndCiCjIg0J_QvtGB0LvQtdC00L3QuNC1INC90L7QstC-0YHRgtC4IAoy0JPQu9Cw0LLQvdGL0LUg0L3QvtCy0L7RgdGC0LggCjIg0KHQtdC50YfQsNGBINGH0LjRgtCw0Y7RgiAKMiDQn9C-0L_Rg9C70Y_RgNC90L7QtSDQt9CwINC90LXQtNC10LvRjiAKMiDQnNCw0YDQutC-0LIuINCd0LjRh9C10LPQviDQu9C40YfQvdC-0LPQviAKMiDQntCd0KIg0L3QsCBZb3VUdWJlIAoyINCd0LDRiNC4INC90L7QstC-0YHRgtC4INCe0J3QoiAKMiDQn9GA0L7Qs9GA0LDQvNC80Ysg0Lgg0L_RgNC-0LXQutGC0YsgCjIg0JrQuNC90L4g0Lgg0YHQtdGA0LjQsNC70YsgCjIg0JzRiyDQsiDRgdC-0YbQuNCw0LvRjNC90YvRhSDRgdC10YLRj9GFIAozINCX0LAg0L_QvtGB0LvQtdC00L3QtdC1INC00LXRgdGP0YLQuNC70LXRgtC40LUg0YfQuNGB0LvQviDQv9GA0LDQstC-0L3QsNGA0YPRiNC10L3QuNC5INCy0YvRgNC-0YHQu9C-INCy0LTQstC-0LU6INCb0YPQutCw0YjQtdC90LrQviDQv9GA0L7QstC-0LTQuNGCINGB0L7QstC10YnQsNC90LjQtSDQv9C-INC_0YDQuNC80LXQvdC10L3QuNGOINCw0LTQvNC40L3QuNGB0YLRgNCw0YLQuNCy0L3QvtC5INC-0YLQstC10YLRgdGC0LLQtdC90L3QvtGB0YLQuCAKMyDQl9CwINC_0L7RgdC70LXQtNC90LXQtSDQtNC10YHRj9GC0LjQu9C10YLQuNC1INGH0LjRgdC70L4g0L_RgNCw0LLQvtC90LDRgNGD0YjQtdC90LjQuSDQstGL0YDQvtGB0LvQviDQstC00LLQvtC1OiDQm9GD0LrQsNGI0LXQvdC60L4g0L_RgNC-0LLQvtC00LjRgiDRgdC-0LLQtdGJ0LDQvdC40LUg0L_QviDQv9GA0LjQvNC10L3QtdC90LjRjiDQsNC00LzQuNC90LjRgdGC0YDQsNGC0LjQstC90L7QuSDQvtGC0LLQtdGC0YHRgtCy0LXQvdC90L7RgdGC0LggCjMg0JHQsNC90Log0YDQsNC30LLQuNGC0LjRjyDQmtC40YLQsNGPINCy0YvQtNC10LvQuNGCINCR0LXQu9Cw0YDRg9GB0Lgg0LrRgNC10LTQuNGCINC90LAgMyw1INC80LvRgNC0INGO0LDQvdC10LkgCjMg0JHQtdC70LDRgNGD0YHRjCDQv9C-0LTQvdGP0LvQsNGB0Ywg0LIg0YDQtdC50YLQuNC90LPQtSDRgdCw0LzRi9GFINC80L7Qs9GD0YnQtdGB0YLQstC10L3QvdGL0YUg0YHRgtGA0LDQvSDQvNC40YDQsCAKMyDCq9CS0YHRgtGA0LXRh9CwINC00LLRg9GFINCS0LvQsNC00LjQvNC40YDQvtCywrs6INGB0YLQsNC7INC70Lgg0LzQuNGAINC90LAg0JTQvtC90LHQsNGB0YHQtSDQsdC70LjQttC1INC_0L7RgdC70LUg0L_QtdGA0LXQs9C-0LLQvtGA0L7QsiDCq9C90L7RgNC80LDQvdC00YHQutC-0Lkg0YfQtdGC0LLRkdGA0LrQuMK7INCyINCf0LDRgNC40LbQtT8gCjMg0JHQtdC70L7RgNGD0YHRgdC60LjQtSDQtNCw0LvRjNC90L7QsdC-0LnRidC40LrQuCDRgdGH&utf8=%E2%9C%93
p3p: policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
access-control-allow-origin: https://ont.by
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 0
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2

302

v2 Show response
ads.adfox.ru/239538/getBulkTest/
Redirect Chain

https://ads.adfox.ru/239538/getBulk/v2?dl=https%3A%2F%2Font.by%2F&date=2019-12-16T10%3A13%3A56.666%2B01%3A00&pd=16&pdh=1200&pdw=1600&pr1=605161848&pr=2473837910&prr=&pv=10&pw=1&extid_loader=&extid_...
https://ads.adfox.ru/239538/getBulkTest/v2?dl=https%3A%2F%2Font.by%2F&date=2019-12-16T10%3A13%3A56.666%2B01%3A00&pd=16&pdh=1200&pdw=1600&pr1=605161848&pr=2473837910&prr=&pv=10&pw=1&extid_loader=&ex...

0
-1 B

246ms
119ms

XHR

213.180.204.50
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adfox.ru/239538/getBulkTest/v2?dl=https%3A%2F%2Font.by%2F&date=2019-12-16T10%3A13%3A56.666%2B01%3A00&pd=16&pdh=1200&pdw=1600&pr1=605161848&pr=2473837910&prr=&pv=10&pw=1&extid_loader=&extid_tag_loader=ont.by&ylv=0.1505&ybv=0.1497&ytt=260034501543957&is-turbo=0&skip-token=&ad-session-id=5812841576487636612&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22width%22%3A288%2C%22height%22%3A0%2C%22left%22%3A1125%2C%22top%22%3A458%2C%22visible%22%3A1%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&matchid-cookies=fEO4cFbeMKA-n3kK-BaJMvLRxB2QIU2sgp2wBg1jcZVQKeuTbq29xg%3D%3D&matchid-cookies-sign=PtyMFpY5t7FaSHddNsUSKg%3D%3D&p1=ceren&p2=fgou&matchid-direct=1&bids=W3siY2FtcGFpZ25faWQiOjc3MTAwNSwicmVzcG9uc2VfdGltZSI6MTI0NSwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjE0MTAzNzkifV0%3D&grab=dNCe0J3QoiDigJQg0J7QsdGJ0LXQvdCw0YbQuNC-0L3QsNC70YzQvdC-0LUg0YLQtdC70LXQstC40LTQtdC90LjQtSDQkdC10LvQsNGA0YPRgdC4IHwg0JHQtdC70L7RgNGD0YHRgdC60LjQuSDRgtC10LvQtdC60LDQvdCw0Lsg0J7QndCiCjIg0J_QvtGB0LvQtdC00L3QuNC1INC90L7QstC-0YHRgtC4IAoy0JPQu9Cw0LLQvdGL0LUg0L3QvtCy0L7RgdGC0LggCjIg0KHQtdC50YfQsNGBINGH0LjRgtCw0Y7RgiAKMiDQn9C-0L_Rg9C70Y_RgNC90L7QtSDQt9CwINC90LXQtNC10LvRjiAKMiDQnNCw0YDQutC-0LIuINCd0LjRh9C10LPQviDQu9C40YfQvdC-0LPQviAKMiDQntCd0KIg0L3QsCBZb3VUdWJlIAoyINCd0LDRiNC4INC90L7QstC-0YHRgtC4INCe0J3QoiAKMiDQn9GA0L7Qs9GA0LDQvNC80Ysg0Lgg0L_RgNC-0LXQutGC0YsgCjIg0JrQuNC90L4g0Lgg0YHQtdGA0LjQsNC70YsgCjIg0JzRiyDQsiDRgdC-0YbQuNCw0LvRjNC90YvRhSDRgdC10YLRj9GFIAozINCX0LAg0L_QvtGB0LvQtdC00L3QtdC1INC00LXRgdGP0YLQuNC70LXRgtC40LUg0YfQuNGB0LvQviDQv9GA0LDQstC-0L3QsNGA0YPRiNC10L3QuNC5INCy0YvRgNC-0YHQu9C-INCy0LTQstC-0LU6INCb0YPQutCw0YjQtdC90LrQviDQv9GA0L7QstC-0LTQuNGCINGB0L7QstC10YnQsNC90LjQtSDQv9C-INC_0YDQuNC80LXQvdC10L3QuNGOINCw0LTQvNC40L3QuNGB0YLRgNCw0YLQuNCy0L3QvtC5INC-0YLQstC10YLRgdGC0LLQtdC90L3QvtGB0YLQuCAKMyDQl9CwINC_0L7RgdC70LXQtNC90LXQtSDQtNC10YHRj9GC0LjQu9C10YLQuNC1INGH0LjRgdC70L4g0L_RgNCw0LLQvtC90LDRgNGD0YjQtdC90LjQuSDQstGL0YDQvtGB0LvQviDQstC00LLQvtC1OiDQm9GD0LrQsNGI0LXQvdC60L4g0L_RgNC-0LLQvtC00LjRgiDRgdC-0LLQtdGJ0LDQvdC40LUg0L_QviDQv9GA0LjQvNC10L3QtdC90LjRjiDQsNC00LzQuNC90LjRgdGC0YDQsNGC0LjQstC90L7QuSDQvtGC0LLQtdGC0YHRgtCy0LXQvdC90L7RgdGC0LggCjMg0JHQsNC90Log0YDQsNC30LLQuNGC0LjRjyDQmtC40YLQsNGPINCy0YvQtNC10LvQuNGCINCR0LXQu9Cw0YDRg9GB0Lgg0LrRgNC10LTQuNGCINC90LAgMyw1INC80LvRgNC0INGO0LDQvdC10LkgCjMg0JHQtdC70LDRgNGD0YHRjCDQv9C-0LTQvdGP0LvQsNGB0Ywg0LIg0YDQtdC50YLQuNC90LPQtSDRgdCw0LzRi9GFINC80L7Qs9GD0YnQtdGB0YLQstC10L3QvdGL0YUg0YHRgtGA0LDQvSDQvNC40YDQsCAKMyDCq9CS0YHRgtGA0LXRh9CwINC00LLRg9GFINCS0LvQsNC00LjQvNC40YDQvtCywrs6INGB0YLQsNC7INC70Lgg0LzQuNGAINC90LAg0JTQvtC90LHQsNGB0YHQtSDQsdC70LjQttC1INC_0L7RgdC70LUg0L_QtdGA0LXQs9C-0LLQvtGA0L7QsiDCq9C90L7RgNC80LDQvdC00YHQutC-0Lkg0YfQtdGC0LLRkdGA0LrQuMK7INCyINCf0LDRgNC40LbQtT8gCjMg0JHQtdC70L7RgNGD0YHRgdC60LjQtSDQtNCw0LvRjNC90L7QsdC-0LnRidC40LrQuCDRgdGH&utf8=%E2%9C%93
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.180.204.50 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS: ads.adfox.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Dec 2019 09:13:56 GMT
server: nginx
access-control-allow-origin: https://ont.by
location: /239538/getBulkTest/v2?dl=https%3A%2F%2Font.by%2F&date=2019-12-16T10%3A13%3A56.666%2B01%3A00&pd=16&pdh=1200&pdw=1600&pr1=605161848&pr=2473837910&prr=&pv=10&pw=1&extid_loader=&extid_tag_loader=ont.by&ylv=0.1505&ybv=0.1497&ytt=260034501543957&is-turbo=0&skip-token=&ad-session-id=5812841576487636612&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22width%22%3A288%2C%22height%22%3A0%2C%22left%22%3A1125%2C%22top%22%3A458%2C%22visible%22%3A1%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&matchid-cookies=fEO4cFbeMKA-n3kK-BaJMvLRxB2QIU2sgp2wBg1jcZVQKeuTbq29xg%3D%3D&matchid-cookies-sign=PtyMFpY5t7FaSHddNsUSKg%3D%3D&p1=ceren&p2=fgou&matchid-direct=1&bids=W3siY2FtcGFpZ25faWQiOjc3MTAwNSwicmVzcG9uc2VfdGltZSI6MTI0NSwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjE0MTAzNzkifV0%3D&grab=dNCe0J3QoiDigJQg0J7QsdGJ0LXQvdCw0YbQuNC-0L3QsNC70YzQvdC-0LUg0YLQtdC70LXQstC40LTQtdC90LjQtSDQkdC10LvQsNGA0YPRgdC4IHwg0JHQtdC70L7RgNGD0YHRgdC60LjQuSDRgtC10LvQtdC60LDQvdCw0Lsg0J7QndCiCjIg0J_QvtGB0LvQtdC00L3QuNC1INC90L7QstC-0YHRgtC4IAoy0JPQu9Cw0LLQvdGL0LUg0L3QvtCy0L7RgdGC0LggCjIg0KHQtdC50YfQsNGBINGH0LjRgtCw0Y7RgiAKMiDQn9C-0L_Rg9C70Y_RgNC90L7QtSDQt9CwINC90LXQtNC10LvRjiAKMiDQnNCw0YDQutC-0LIuINCd0LjRh9C10LPQviDQu9C40YfQvdC-0LPQviAKMiDQntCd0KIg0L3QsCBZb3VUdWJlIAoyINCd0LDRiNC4INC90L7QstC-0YHRgtC4INCe0J3QoiAKMiDQn9GA0L7Qs9GA0LDQvNC80Ysg0Lgg0L_RgNC-0LXQutGC0YsgCjIg0JrQuNC90L4g0Lgg0YHQtdGA0LjQsNC70YsgCjIg0JzRiyDQsiDRgdC-0YbQuNCw0LvRjNC90YvRhSDRgdC10YLRj9GFIAozINCX0LAg0L_QvtGB0LvQtdC00L3QtdC1INC00LXRgdGP0YLQuNC70LXRgtC40LUg0YfQuNGB0LvQviDQv9GA0LDQstC-0L3QsNGA0YPRiNC10L3QuNC5INCy0YvRgNC-0YHQu9C-INCy0LTQstC-0LU6INCb0YPQutCw0YjQtdC90LrQviDQv9GA0L7QstC-0LTQuNGCINGB0L7QstC10YnQsNC90LjQtSDQv9C-INC_0YDQuNC80LXQvdC10L3QuNGOINCw0LTQvNC40L3QuNGB0YLRgNCw0YLQuNCy0L3QvtC5INC-0YLQstC10YLRgdGC0LLQtdC90L3QvtGB0YLQuCAKMyDQl9CwINC_0L7RgdC70LXQtNC90LXQtSDQtNC10YHRj9GC0LjQu9C10YLQuNC1INGH0LjRgdC70L4g0L_RgNCw0LLQvtC90LDRgNGD0YjQtdC90LjQuSDQstGL0YDQvtGB0LvQviDQstC00LLQvtC1OiDQm9GD0LrQsNGI0LXQvdC60L4g0L_RgNC-0LLQvtC00LjRgiDRgdC-0LLQtdGJ0LDQvdC40LUg0L_QviDQv9GA0LjQvNC10L3QtdC90LjRjiDQsNC00LzQuNC90LjRgdGC0YDQsNGC0LjQstC90L7QuSDQvtGC0LLQtdGC0YHRgtCy0LXQvdC90L7RgdGC0LggCjMg0JHQsNC90Log0YDQsNC30LLQuNGC0LjRjyDQmtC40YLQsNGPINCy0YvQtNC10LvQuNGCINCR0LXQu9Cw0YDRg9GB0Lgg0LrRgNC10LTQuNGCINC90LAgMyw1INC80LvRgNC0INGO0LDQvdC10LkgCjMg0JHQtdC70LDRgNGD0YHRjCDQv9C-0LTQvdGP0LvQsNGB0Ywg0LIg0YDQtdC50YLQuNC90LPQtSDRgdCw0LzRi9GFINC80L7Qs9GD0YnQtdGB0YLQstC10L3QvdGL0YUg0YHRgtGA0LDQvSDQvNC40YDQsCAKMyDCq9CS0YHRgtGA0LXRh9CwINC00LLRg9GFINCS0LvQsNC00LjQvNC40YDQvtCywrs6INGB0YLQsNC7INC70Lgg0LzQuNGAINC90LAg0JTQvtC90LHQsNGB0YHQtSDQsdC70LjQttC1INC_0L7RgdC70LUg0L_QtdGA0LXQs9C-0LLQvtGA0L7QsiDCq9C90L7RgNC80LDQvdC00YHQutC-0Lkg0YfQtdGC0LLRkdGA0LrQuMK7INCyINCf0LDRgNC40LbQtT8gCjMg0JHQtdC70L7RgNGD0YHRgdC60LjQtSDQtNCw0LvRjNC90L7QsdC-0LnRidC40LrQuCDRgdGH&utf8=%E2%9C%93
p3p: policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
status: 302
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 0
expires: Mon, 04 Dec 1999 21:29:02 GMT

Redirect headers

pragma: no-cache
date: Mon, 16 Dec 2019 09:13:56 GMT
server: nginx
status: 302
location: /239538/getBulkTest/v2?dl=https%3A%2F%2Font.by%2F&date=2019-12-16T10%3A13%3A56.666%2B01%3A00&pd=16&pdh=1200&pdw=1600&pr1=605161848&pr=2473837910&prr=&pv=10&pw=1&extid_loader=&extid_tag_loader=ont.by&ylv=0.1505&ybv=0.1497&ytt=260034501543957&is-turbo=0&skip-token=&ad-session-id=5812841576487636612&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22width%22%3A288%2C%22height%22%3A0%2C%22left%22%3A1125%2C%22top%22%3A458%2C%22visible%22%3A1%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&matchid-cookies=fEO4cFbeMKA-n3kK-BaJMvLRxB2QIU2sgp2wBg1jcZVQKeuTbq29xg%3D%3D&matchid-cookies-sign=PtyMFpY5t7FaSHddNsUSKg%3D%3D&p1=ceren&p2=fgou&matchid-direct=1&bids=W3siY2FtcGFpZ25faWQiOjc3MTAwNSwicmVzcG9uc2VfdGltZSI6MTI0NSwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjE0MTAzNzkifV0%3D&grab=dNCe0J3QoiDigJQg0J7QsdGJ0LXQvdCw0YbQuNC-0L3QsNC70YzQvdC-0LUg0YLQtdC70LXQstC40LTQtdC90LjQtSDQkdC10LvQsNGA0YPRgdC4IHwg0JHQtdC70L7RgNGD0YHRgdC60LjQuSDRgtC10LvQtdC60LDQvdCw0Lsg0J7QndCiCjIg0J_QvtGB0LvQtdC00L3QuNC1INC90L7QstC-0YHRgtC4IAoy0JPQu9Cw0LLQvdGL0LUg0L3QvtCy0L7RgdGC0LggCjIg0KHQtdC50YfQsNGBINGH0LjRgtCw0Y7RgiAKMiDQn9C-0L_Rg9C70Y_RgNC90L7QtSDQt9CwINC90LXQtNC10LvRjiAKMiDQnNCw0YDQutC-0LIuINCd0LjRh9C10LPQviDQu9C40YfQvdC-0LPQviAKMiDQntCd0KIg0L3QsCBZb3VUdWJlIAoyINCd0LDRiNC4INC90L7QstC-0YHRgtC4INCe0J3QoiAKMiDQn9GA0L7Qs9GA0LDQvNC80Ysg0Lgg0L_RgNC-0LXQutGC0YsgCjIg0JrQuNC90L4g0Lgg0YHQtdGA0LjQsNC70YsgCjIg0JzRiyDQsiDRgdC-0YbQuNCw0LvRjNC90YvRhSDRgdC10YLRj9GFIAozINCX0LAg0L_QvtGB0LvQtdC00L3QtdC1INC00LXRgdGP0YLQuNC70LXRgtC40LUg0YfQuNGB0LvQviDQv9GA0LDQstC-0L3QsNGA0YPRiNC10L3QuNC5INCy0YvRgNC-0YHQu9C-INCy0LTQstC-0LU6INCb0YPQutCw0YjQtdC90LrQviDQv9GA0L7QstC-0LTQuNGCINGB0L7QstC10YnQsNC90LjQtSDQv9C-INC_0YDQuNC80LXQvdC10L3QuNGOINCw0LTQvNC40L3QuNGB0YLRgNCw0YLQuNCy0L3QvtC5INC-0YLQstC10YLRgdGC0LLQtdC90L3QvtGB0YLQuCAKMyDQl9CwINC_0L7RgdC70LXQtNC90LXQtSDQtNC10YHRj9GC0LjQu9C10YLQuNC1INGH0LjRgdC70L4g0L_RgNCw0LLQvtC90LDRgNGD0YjQtdC90LjQuSDQstGL0YDQvtGB0LvQviDQstC00LLQvtC1OiDQm9GD0LrQsNGI0LXQvdC60L4g0L_RgNC-0LLQvtC00LjRgiDRgdC-0LLQtdGJ0LDQvdC40LUg0L_QviDQv9GA0LjQvNC10L3QtdC90LjRjiDQsNC00LzQuNC90LjRgdGC0YDQsNGC0LjQstC90L7QuSDQvtGC0LLQtdGC0YHRgtCy0LXQvdC90L7RgdGC0LggCjMg0JHQsNC90Log0YDQsNC30LLQuNGC0LjRjyDQmtC40YLQsNGPINCy0YvQtNC10LvQuNGCINCR0LXQu9Cw0YDRg9GB0Lgg0LrRgNC10LTQuNGCINC90LAgMyw1INC80LvRgNC0INGO0LDQvdC10LkgCjMg0JHQtdC70LDRgNGD0YHRjCDQv9C-0LTQvdGP0LvQsNGB0Ywg0LIg0YDQtdC50YLQuNC90LPQtSDRgdCw0LzRi9GFINC80L7Qs9GD0YnQtdGB0YLQstC10L3QvdGL0YUg0YHRgtGA0LDQvSDQvNC40YDQsCAKMyDCq9CS0YHRgtGA0LXRh9CwINC00LLRg9GFINCS0LvQsNC00LjQvNC40YDQvtCywrs6INGB0YLQsNC7INC70Lgg0LzQuNGAINC90LAg0JTQvtC90LHQsNGB0YHQtSDQsdC70LjQttC1INC_0L7RgdC70LUg0L_QtdGA0LXQs9C-0LLQvtGA0L7QsiDCq9C90L7RgNC80LDQvdC00YHQutC-0Lkg0YfQtdGC0LLRkdGA0LrQuMK7INCyINCf0LDRgNC40LbQtT8gCjMg0JHQtdC70L7RgNGD0YHRgdC60LjQtSDQtNCw0LvRjNC90L7QsdC-0LnRidC40LrQuCDRgdGH&utf8=%E2%9C%93
p3p: policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
access-control-allow-origin: https://ont.by
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 0
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2

302

v2 Show response
ads.adfox.ru/239538/getBulkTest/
Redirect Chain

https://ads.adfox.ru/239538/getBulk/v2?dl=https%3A%2F%2Font.by%2F&date=2019-12-16T10%3A13%3A56.669%2B01%3A00&pd=16&pdh=1200&pdw=1600&pr1=3018816823&pr=2473837910&prr=&pv=10&pw=1&extid_loader=&extid...
https://ads.adfox.ru/239538/getBulkTest/v2?dl=https%3A%2F%2Font.by%2F&date=2019-12-16T10%3A13%3A56.669%2B01%3A00&pd=16&pdh=1200&pdw=1600&pr1=3018816823&pr=2473837910&prr=&pv=10&pw=1&extid_loader=&e...

0
-1 B

288ms
164ms

XHR

213.180.204.50
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adfox.ru/239538/getBulkTest/v2?dl=https%3A%2F%2Font.by%2F&date=2019-12-16T10%3A13%3A56.669%2B01%3A00&pd=16&pdh=1200&pdw=1600&pr1=3018816823&pr=2473837910&prr=&pv=10&pw=1&extid_loader=&extid_tag_loader=ont.by&ylv=0.1505&ybv=0.1497&ytt=260034501543957&is-turbo=0&skip-token=&ad-session-id=5812841576487636612&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22width%22%3A1240%2C%22height%22%3A0%2C%22left%22%3A173%2C%22top%22%3A1795%2C%22visible%22%3A0%2C%22req_no%22%3A2%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&matchid-cookies=fEO4cFbeMKA-n3kK-BaJMvLRxB2QIU2sgp2wBg1jcZVQKeuTbq29xg%3D%3D&matchid-cookies-sign=PtyMFpY5t7FaSHddNsUSKg%3D%3D&p1=cerep&p2=y&matchid-direct=1&bids=W3siY2FtcGFpZ25faWQiOjc3MTAwNSwicmVzcG9uc2VfdGltZSI6MTI0NSwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjE0MTAzODMifV0%3D&grab=dNCe0J3QoiDigJQg0J7QsdGJ0LXQvdCw0YbQuNC-0L3QsNC70YzQvdC-0LUg0YLQtdC70LXQstC40LTQtdC90LjQtSDQkdC10LvQsNGA0YPRgdC4IHwg0JHQtdC70L7RgNGD0YHRgdC60LjQuSDRgtC10LvQtdC60LDQvdCw0Lsg0J7QndCiCjIg0J_QvtGB0LvQtdC00L3QuNC1INC90L7QstC-0YHRgtC4IAoy0JPQu9Cw0LLQvdGL0LUg0L3QvtCy0L7RgdGC0LggCjIg0KHQtdC50YfQsNGBINGH0LjRgtCw0Y7RgiAKMiDQn9C-0L_Rg9C70Y_RgNC90L7QtSDQt9CwINC90LXQtNC10LvRjiAKMiDQnNCw0YDQutC-0LIuINCd0LjRh9C10LPQviDQu9C40YfQvdC-0LPQviAKMiDQntCd0KIg0L3QsCBZb3VUdWJlIAoyINCd0LDRiNC4INC90L7QstC-0YHRgtC4INCe0J3QoiAKMiDQn9GA0L7Qs9GA0LDQvNC80Ysg0Lgg0L_RgNC-0LXQutGC0YsgCjIg0JrQuNC90L4g0Lgg0YHQtdGA0LjQsNC70YsgCjIg0JzRiyDQsiDRgdC-0YbQuNCw0LvRjNC90YvRhSDRgdC10YLRj9GFIAozINCX0LAg0L_QvtGB0LvQtdC00L3QtdC1INC00LXRgdGP0YLQuNC70LXRgtC40LUg0YfQuNGB0LvQviDQv9GA0LDQstC-0L3QsNGA0YPRiNC10L3QuNC5INCy0YvRgNC-0YHQu9C-INCy0LTQstC-0LU6INCb0YPQutCw0YjQtdC90LrQviDQv9GA0L7QstC-0LTQuNGCINGB0L7QstC10YnQsNC90LjQtSDQv9C-INC_0YDQuNC80LXQvdC10L3QuNGOINCw0LTQvNC40L3QuNGB0YLRgNCw0YLQuNCy0L3QvtC5INC-0YLQstC10YLRgdGC0LLQtdC90L3QvtGB0YLQuCAKMyDQl9CwINC_0L7RgdC70LXQtNC90LXQtSDQtNC10YHRj9GC0LjQu9C10YLQuNC1INGH0LjRgdC70L4g0L_RgNCw0LLQvtC90LDRgNGD0YjQtdC90LjQuSDQstGL0YDQvtGB0LvQviDQstC00LLQvtC1OiDQm9GD0LrQsNGI0LXQvdC60L4g0L_RgNC-0LLQvtC00LjRgiDRgdC-0LLQtdGJ0LDQvdC40LUg0L_QviDQv9GA0LjQvNC10L3QtdC90LjRjiDQsNC00LzQuNC90LjRgdGC0YDQsNGC0LjQstC90L7QuSDQvtGC0LLQtdGC0YHRgtCy0LXQvdC90L7RgdGC0LggCjMg0JHQsNC90Log0YDQsNC30LLQuNGC0LjRjyDQmtC40YLQsNGPINCy0YvQtNC10LvQuNGCINCR0LXQu9Cw0YDRg9GB0Lgg0LrRgNC10LTQuNGCINC90LAgMyw1INC80LvRgNC0INGO0LDQvdC10LkgCjMg0JHQtdC70LDRgNGD0YHRjCDQv9C-0LTQvdGP0LvQsNGB0Ywg0LIg0YDQtdC50YLQuNC90LPQtSDRgdCw0LzRi9GFINC80L7Qs9GD0YnQtdGB0YLQstC10L3QvdGL0YUg0YHRgtGA0LDQvSDQvNC40YDQsCAKMyDCq9CS0YHRgtGA0LXRh9CwINC00LLRg9GFINCS0LvQsNC00LjQvNC40YDQvtCywrs6INGB0YLQsNC7INC70Lgg0LzQuNGAINC90LAg0JTQvtC90LHQsNGB0YHQtSDQsdC70LjQttC1INC_0L7RgdC70LUg0L_QtdGA0LXQs9C-0LLQvtGA0L7QsiDCq9C90L7RgNC80LDQvdC00YHQutC-0Lkg0YfQtdGC0LLRkdGA0LrQuMK7INCyINCf0LDRgNC40LbQtT8gCjMg0JHQtdC70L7RgNGD0YHRgdC60LjQtSDQtNCw0LvRjNC90L7QsdC-0LnRidC40LrQuCDRgdGH&utf8=%E2%9C%93
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.180.204.50 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS: ads.adfox.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Dec 2019 09:13:56 GMT
server: nginx
access-control-allow-origin: https://ont.by
location: /239538/getBulkTest/v2?dl=https%3A%2F%2Font.by%2F&date=2019-12-16T10%3A13%3A56.669%2B01%3A00&pd=16&pdh=1200&pdw=1600&pr1=3018816823&pr=2473837910&prr=&pv=10&pw=1&extid_loader=&extid_tag_loader=ont.by&ylv=0.1505&ybv=0.1497&ytt=260034501543957&is-turbo=0&skip-token=&ad-session-id=5812841576487636612&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22width%22%3A1240%2C%22height%22%3A0%2C%22left%22%3A173%2C%22top%22%3A1795%2C%22visible%22%3A0%2C%22req_no%22%3A2%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&matchid-cookies=fEO4cFbeMKA-n3kK-BaJMvLRxB2QIU2sgp2wBg1jcZVQKeuTbq29xg%3D%3D&matchid-cookies-sign=PtyMFpY5t7FaSHddNsUSKg%3D%3D&p1=cerep&p2=y&matchid-direct=1&bids=W3siY2FtcGFpZ25faWQiOjc3MTAwNSwicmVzcG9uc2VfdGltZSI6MTI0NSwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjE0MTAzODMifV0%3D&grab=dNCe0J3QoiDigJQg0J7QsdGJ0LXQvdCw0YbQuNC-0L3QsNC70YzQvdC-0LUg0YLQtdC70LXQstC40LTQtdC90LjQtSDQkdC10LvQsNGA0YPRgdC4IHwg0JHQtdC70L7RgNGD0YHRgdC60LjQuSDRgtC10LvQtdC60LDQvdCw0Lsg0J7QndCiCjIg0J_QvtGB0LvQtdC00L3QuNC1INC90L7QstC-0YHRgtC4IAoy0JPQu9Cw0LLQvdGL0LUg0L3QvtCy0L7RgdGC0LggCjIg0KHQtdC50YfQsNGBINGH0LjRgtCw0Y7RgiAKMiDQn9C-0L_Rg9C70Y_RgNC90L7QtSDQt9CwINC90LXQtNC10LvRjiAKMiDQnNCw0YDQutC-0LIuINCd0LjRh9C10LPQviDQu9C40YfQvdC-0LPQviAKMiDQntCd0KIg0L3QsCBZb3VUdWJlIAoyINCd0LDRiNC4INC90L7QstC-0YHRgtC4INCe0J3QoiAKMiDQn9GA0L7Qs9GA0LDQvNC80Ysg0Lgg0L_RgNC-0LXQutGC0YsgCjIg0JrQuNC90L4g0Lgg0YHQtdGA0LjQsNC70YsgCjIg0JzRiyDQsiDRgdC-0YbQuNCw0LvRjNC90YvRhSDRgdC10YLRj9GFIAozINCX0LAg0L_QvtGB0LvQtdC00L3QtdC1INC00LXRgdGP0YLQuNC70LXRgtC40LUg0YfQuNGB0LvQviDQv9GA0LDQstC-0L3QsNGA0YPRiNC10L3QuNC5INCy0YvRgNC-0YHQu9C-INCy0LTQstC-0LU6INCb0YPQutCw0YjQtdC90LrQviDQv9GA0L7QstC-0LTQuNGCINGB0L7QstC10YnQsNC90LjQtSDQv9C-INC_0YDQuNC80LXQvdC10L3QuNGOINCw0LTQvNC40L3QuNGB0YLRgNCw0YLQuNCy0L3QvtC5INC-0YLQstC10YLRgdGC0LLQtdC90L3QvtGB0YLQuCAKMyDQl9CwINC_0L7RgdC70LXQtNC90LXQtSDQtNC10YHRj9GC0LjQu9C10YLQuNC1INGH0LjRgdC70L4g0L_RgNCw0LLQvtC90LDRgNGD0YjQtdC90LjQuSDQstGL0YDQvtGB0LvQviDQstC00LLQvtC1OiDQm9GD0LrQsNGI0LXQvdC60L4g0L_RgNC-0LLQvtC00LjRgiDRgdC-0LLQtdGJ0LDQvdC40LUg0L_QviDQv9GA0LjQvNC10L3QtdC90LjRjiDQsNC00LzQuNC90LjRgdGC0YDQsNGC0LjQstC90L7QuSDQvtGC0LLQtdGC0YHRgtCy0LXQvdC90L7RgdGC0LggCjMg0JHQsNC90Log0YDQsNC30LLQuNGC0LjRjyDQmtC40YLQsNGPINCy0YvQtNC10LvQuNGCINCR0LXQu9Cw0YDRg9GB0Lgg0LrRgNC10LTQuNGCINC90LAgMyw1INC80LvRgNC0INGO0LDQvdC10LkgCjMg0JHQtdC70LDRgNGD0YHRjCDQv9C-0LTQvdGP0LvQsNGB0Ywg0LIg0YDQtdC50YLQuNC90LPQtSDRgdCw0LzRi9GFINC80L7Qs9GD0YnQtdGB0YLQstC10L3QvdGL0YUg0YHRgtGA0LDQvSDQvNC40YDQsCAKMyDCq9CS0YHRgtGA0LXRh9CwINC00LLRg9GFINCS0LvQsNC00LjQvNC40YDQvtCywrs6INGB0YLQsNC7INC70Lgg0LzQuNGAINC90LAg0JTQvtC90LHQsNGB0YHQtSDQsdC70LjQttC1INC_0L7RgdC70LUg0L_QtdGA0LXQs9C-0LLQvtGA0L7QsiDCq9C90L7RgNC80LDQvdC00YHQutC-0Lkg0YfQtdGC0LLRkdGA0LrQuMK7INCyINCf0LDRgNC40LbQtT8gCjMg0JHQtdC70L7RgNGD0YHRgdC60LjQtSDQtNCw0LvRjNC90L7QsdC-0LnRidC40LrQuCDRgdGH&utf8=%E2%9C%93
p3p: policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
status: 302
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 0
expires: Mon, 04 Dec 1999 21:29:02 GMT

Redirect headers

pragma: no-cache
date: Mon, 16 Dec 2019 09:13:56 GMT
server: nginx
status: 302
location: /239538/getBulkTest/v2?dl=https%3A%2F%2Font.by%2F&date=2019-12-16T10%3A13%3A56.669%2B01%3A00&pd=16&pdh=1200&pdw=1600&pr1=3018816823&pr=2473837910&prr=&pv=10&pw=1&extid_loader=&extid_tag_loader=ont.by&ylv=0.1505&ybv=0.1497&ytt=260034501543957&is-turbo=0&skip-token=&ad-session-id=5812841576487636612&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22width%22%3A1240%2C%22height%22%3A0%2C%22left%22%3A173%2C%22top%22%3A1795%2C%22visible%22%3A0%2C%22req_no%22%3A2%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&matchid-cookies=fEO4cFbeMKA-n3kK-BaJMvLRxB2QIU2sgp2wBg1jcZVQKeuTbq29xg%3D%3D&matchid-cookies-sign=PtyMFpY5t7FaSHddNsUSKg%3D%3D&p1=cerep&p2=y&matchid-direct=1&bids=W3siY2FtcGFpZ25faWQiOjc3MTAwNSwicmVzcG9uc2VfdGltZSI6MTI0NSwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjE0MTAzODMifV0%3D&grab=dNCe0J3QoiDigJQg0J7QsdGJ0LXQvdCw0YbQuNC-0L3QsNC70YzQvdC-0LUg0YLQtdC70LXQstC40LTQtdC90LjQtSDQkdC10LvQsNGA0YPRgdC4IHwg0JHQtdC70L7RgNGD0YHRgdC60LjQuSDRgtC10LvQtdC60LDQvdCw0Lsg0J7QndCiCjIg0J_QvtGB0LvQtdC00L3QuNC1INC90L7QstC-0YHRgtC4IAoy0JPQu9Cw0LLQvdGL0LUg0L3QvtCy0L7RgdGC0LggCjIg0KHQtdC50YfQsNGBINGH0LjRgtCw0Y7RgiAKMiDQn9C-0L_Rg9C70Y_RgNC90L7QtSDQt9CwINC90LXQtNC10LvRjiAKMiDQnNCw0YDQutC-0LIuINCd0LjRh9C10LPQviDQu9C40YfQvdC-0LPQviAKMiDQntCd0KIg0L3QsCBZb3VUdWJlIAoyINCd0LDRiNC4INC90L7QstC-0YHRgtC4INCe0J3QoiAKMiDQn9GA0L7Qs9GA0LDQvNC80Ysg0Lgg0L_RgNC-0LXQutGC0YsgCjIg0JrQuNC90L4g0Lgg0YHQtdGA0LjQsNC70YsgCjIg0JzRiyDQsiDRgdC-0YbQuNCw0LvRjNC90YvRhSDRgdC10YLRj9GFIAozINCX0LAg0L_QvtGB0LvQtdC00L3QtdC1INC00LXRgdGP0YLQuNC70LXRgtC40LUg0YfQuNGB0LvQviDQv9GA0LDQstC-0L3QsNGA0YPRiNC10L3QuNC5INCy0YvRgNC-0YHQu9C-INCy0LTQstC-0LU6INCb0YPQutCw0YjQtdC90LrQviDQv9GA0L7QstC-0LTQuNGCINGB0L7QstC10YnQsNC90LjQtSDQv9C-INC_0YDQuNC80LXQvdC10L3QuNGOINCw0LTQvNC40L3QuNGB0YLRgNCw0YLQuNCy0L3QvtC5INC-0YLQstC10YLRgdGC0LLQtdC90L3QvtGB0YLQuCAKMyDQl9CwINC_0L7RgdC70LXQtNC90LXQtSDQtNC10YHRj9GC0LjQu9C10YLQuNC1INGH0LjRgdC70L4g0L_RgNCw0LLQvtC90LDRgNGD0YjQtdC90LjQuSDQstGL0YDQvtGB0LvQviDQstC00LLQvtC1OiDQm9GD0LrQsNGI0LXQvdC60L4g0L_RgNC-0LLQvtC00LjRgiDRgdC-0LLQtdGJ0LDQvdC40LUg0L_QviDQv9GA0LjQvNC10L3QtdC90LjRjiDQsNC00LzQuNC90LjRgdGC0YDQsNGC0LjQstC90L7QuSDQvtGC0LLQtdGC0YHRgtCy0LXQvdC90L7RgdGC0LggCjMg0JHQsNC90Log0YDQsNC30LLQuNGC0LjRjyDQmtC40YLQsNGPINCy0YvQtNC10LvQuNGCINCR0LXQu9Cw0YDRg9GB0Lgg0LrRgNC10LTQuNGCINC90LAgMyw1INC80LvRgNC0INGO0LDQvdC10LkgCjMg0JHQtdC70LDRgNGD0YHRjCDQv9C-0LTQvdGP0LvQsNGB0Ywg0LIg0YDQtdC50YLQuNC90LPQtSDRgdCw0LzRi9GFINC80L7Qs9GD0YnQtdGB0YLQstC10L3QvdGL0YUg0YHRgtGA0LDQvSDQvNC40YDQsCAKMyDCq9CS0YHRgtGA0LXRh9CwINC00LLRg9GFINCS0LvQsNC00LjQvNC40YDQvtCywrs6INGB0YLQsNC7INC70Lgg0LzQuNGAINC90LAg0JTQvtC90LHQsNGB0YHQtSDQsdC70LjQttC1INC_0L7RgdC70LUg0L_QtdGA0LXQs9C-0LLQvtGA0L7QsiDCq9C90L7RgNC80LDQvdC00YHQutC-0Lkg0YfQtdGC0LLRkdGA0LrQuMK7INCyINCf0LDRgNC40LbQtT8gCjMg0JHQtdC70L7RgNGD0YHRgdC60LjQtSDQtNCw0LvRjNC90L7QsdC-0LnRidC40LrQuCDRgdGH&utf8=%E2%9C%93
p3p: policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
access-control-allow-origin: https://ont.by
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 0
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2

302

v2 Show response
ads.adfox.ru/239538/getBulkTest/
Redirect Chain

https://ads.adfox.ru/239538/getBulk/v2?dl=https%3A%2F%2Font.by%2F&date=2019-12-16T10%3A13%3A56.673%2B01%3A00&pd=16&pdh=1200&pdw=1600&pr1=40644240&pr=2473837910&prr=&pv=10&pw=1&extid_loader=&extid_t...
https://ads.adfox.ru/239538/getBulkTest/v2?dl=https%3A%2F%2Font.by%2F&date=2019-12-16T10%3A13%3A56.673%2B01%3A00&pd=16&pdh=1200&pdw=1600&pr1=40644240&pr=2473837910&prr=&pv=10&pw=1&extid_loader=&ext...

0
-1 B

237ms
116ms

XHR

213.180.204.50
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adfox.ru/239538/getBulkTest/v2?dl=https%3A%2F%2Font.by%2F&date=2019-12-16T10%3A13%3A56.673%2B01%3A00&pd=16&pdh=1200&pdw=1600&pr1=40644240&pr=2473837910&prr=&pv=10&pw=1&extid_loader=&extid_tag_loader=ont.by&ylv=0.1505&ybv=0.1497&ytt=260034501543957&is-turbo=0&skip-token=&ad-session-id=5812841576487636612&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22width%22%3A288%2C%22height%22%3A0%2C%22left%22%3A1125%2C%22top%22%3A2616%2C%22visible%22%3A0%2C%22req_no%22%3A3%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&matchid-cookies=fEO4cFbeMKA-n3kK-BaJMvLRxB2QIU2sgp2wBg1jcZVQKeuTbq29xg%3D%3D&matchid-cookies-sign=PtyMFpY5t7FaSHddNsUSKg%3D%3D&p1=cerer&p2=fgou&matchid-direct=1&bids=W3siY2FtcGFpZ25faWQiOjc3MTAwNSwicmVzcG9uc2VfdGltZSI6MTI0NiwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjE0MTAzNzkifV0%3D&grab=dNCe0J3QoiDigJQg0J7QsdGJ0LXQvdCw0YbQuNC-0L3QsNC70YzQvdC-0LUg0YLQtdC70LXQstC40LTQtdC90LjQtSDQkdC10LvQsNGA0YPRgdC4IHwg0JHQtdC70L7RgNGD0YHRgdC60LjQuSDRgtC10LvQtdC60LDQvdCw0Lsg0J7QndCiCjIg0J_QvtGB0LvQtdC00L3QuNC1INC90L7QstC-0YHRgtC4IAoy0JPQu9Cw0LLQvdGL0LUg0L3QvtCy0L7RgdGC0LggCjIg0KHQtdC50YfQsNGBINGH0LjRgtCw0Y7RgiAKMiDQn9C-0L_Rg9C70Y_RgNC90L7QtSDQt9CwINC90LXQtNC10LvRjiAKMiDQnNCw0YDQutC-0LIuINCd0LjRh9C10LPQviDQu9C40YfQvdC-0LPQviAKMiDQntCd0KIg0L3QsCBZb3VUdWJlIAoyINCd0LDRiNC4INC90L7QstC-0YHRgtC4INCe0J3QoiAKMiDQn9GA0L7Qs9GA0LDQvNC80Ysg0Lgg0L_RgNC-0LXQutGC0YsgCjIg0JrQuNC90L4g0Lgg0YHQtdGA0LjQsNC70YsgCjIg0JzRiyDQsiDRgdC-0YbQuNCw0LvRjNC90YvRhSDRgdC10YLRj9GFIAozINCX0LAg0L_QvtGB0LvQtdC00L3QtdC1INC00LXRgdGP0YLQuNC70LXRgtC40LUg0YfQuNGB0LvQviDQv9GA0LDQstC-0L3QsNGA0YPRiNC10L3QuNC5INCy0YvRgNC-0YHQu9C-INCy0LTQstC-0LU6INCb0YPQutCw0YjQtdC90LrQviDQv9GA0L7QstC-0LTQuNGCINGB0L7QstC10YnQsNC90LjQtSDQv9C-INC_0YDQuNC80LXQvdC10L3QuNGOINCw0LTQvNC40L3QuNGB0YLRgNCw0YLQuNCy0L3QvtC5INC-0YLQstC10YLRgdGC0LLQtdC90L3QvtGB0YLQuCAKMyDQl9CwINC_0L7RgdC70LXQtNC90LXQtSDQtNC10YHRj9GC0LjQu9C10YLQuNC1INGH0LjRgdC70L4g0L_RgNCw0LLQvtC90LDRgNGD0YjQtdC90LjQuSDQstGL0YDQvtGB0LvQviDQstC00LLQvtC1OiDQm9GD0LrQsNGI0LXQvdC60L4g0L_RgNC-0LLQvtC00LjRgiDRgdC-0LLQtdGJ0LDQvdC40LUg0L_QviDQv9GA0LjQvNC10L3QtdC90LjRjiDQsNC00LzQuNC90LjRgdGC0YDQsNGC0LjQstC90L7QuSDQvtGC0LLQtdGC0YHRgtCy0LXQvdC90L7RgdGC0LggCjMg0JHQsNC90Log0YDQsNC30LLQuNGC0LjRjyDQmtC40YLQsNGPINCy0YvQtNC10LvQuNGCINCR0LXQu9Cw0YDRg9GB0Lgg0LrRgNC10LTQuNGCINC90LAgMyw1INC80LvRgNC0INGO0LDQvdC10LkgCjMg0JHQtdC70LDRgNGD0YHRjCDQv9C-0LTQvdGP0LvQsNGB0Ywg0LIg0YDQtdC50YLQuNC90LPQtSDRgdCw0LzRi9GFINC80L7Qs9GD0YnQtdGB0YLQstC10L3QvdGL0YUg0YHRgtGA0LDQvSDQvNC40YDQsCAKMyDCq9CS0YHRgtGA0LXRh9CwINC00LLRg9GFINCS0LvQsNC00LjQvNC40YDQvtCywrs6INGB0YLQsNC7INC70Lgg0LzQuNGAINC90LAg0JTQvtC90LHQsNGB0YHQtSDQsdC70LjQttC1INC_0L7RgdC70LUg0L_QtdGA0LXQs9C-0LLQvtGA0L7QsiDCq9C90L7RgNC80LDQvdC00YHQutC-0Lkg0YfQtdGC0LLRkdGA0LrQuMK7INCyINCf0LDRgNC40LbQtT8gCjMg0JHQtdC70L7RgNGD0YHRgdC60LjQtSDQtNCw0LvRjNC90L7QsdC-0LnRidC40LrQuCDRgdGH&utf8=%E2%9C%93
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.180.204.50 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS: ads.adfox.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Dec 2019 09:13:56 GMT
server: nginx
access-control-allow-origin: https://ont.by
location: /239538/getBulkTest/v2?dl=https%3A%2F%2Font.by%2F&date=2019-12-16T10%3A13%3A56.673%2B01%3A00&pd=16&pdh=1200&pdw=1600&pr1=40644240&pr=2473837910&prr=&pv=10&pw=1&extid_loader=&extid_tag_loader=ont.by&ylv=0.1505&ybv=0.1497&ytt=260034501543957&is-turbo=0&skip-token=&ad-session-id=5812841576487636612&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22width%22%3A288%2C%22height%22%3A0%2C%22left%22%3A1125%2C%22top%22%3A2616%2C%22visible%22%3A0%2C%22req_no%22%3A3%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&matchid-cookies=fEO4cFbeMKA-n3kK-BaJMvLRxB2QIU2sgp2wBg1jcZVQKeuTbq29xg%3D%3D&matchid-cookies-sign=PtyMFpY5t7FaSHddNsUSKg%3D%3D&p1=cerer&p2=fgou&matchid-direct=1&bids=W3siY2FtcGFpZ25faWQiOjc3MTAwNSwicmVzcG9uc2VfdGltZSI6MTI0NiwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjE0MTAzNzkifV0%3D&grab=dNCe0J3QoiDigJQg0J7QsdGJ0LXQvdCw0YbQuNC-0L3QsNC70YzQvdC-0LUg0YLQtdC70LXQstC40LTQtdC90LjQtSDQkdC10LvQsNGA0YPRgdC4IHwg0JHQtdC70L7RgNGD0YHRgdC60LjQuSDRgtC10LvQtdC60LDQvdCw0Lsg0J7QndCiCjIg0J_QvtGB0LvQtdC00L3QuNC1INC90L7QstC-0YHRgtC4IAoy0JPQu9Cw0LLQvdGL0LUg0L3QvtCy0L7RgdGC0LggCjIg0KHQtdC50YfQsNGBINGH0LjRgtCw0Y7RgiAKMiDQn9C-0L_Rg9C70Y_RgNC90L7QtSDQt9CwINC90LXQtNC10LvRjiAKMiDQnNCw0YDQutC-0LIuINCd0LjRh9C10LPQviDQu9C40YfQvdC-0LPQviAKMiDQntCd0KIg0L3QsCBZb3VUdWJlIAoyINCd0LDRiNC4INC90L7QstC-0YHRgtC4INCe0J3QoiAKMiDQn9GA0L7Qs9GA0LDQvNC80Ysg0Lgg0L_RgNC-0LXQutGC0YsgCjIg0JrQuNC90L4g0Lgg0YHQtdGA0LjQsNC70YsgCjIg0JzRiyDQsiDRgdC-0YbQuNCw0LvRjNC90YvRhSDRgdC10YLRj9GFIAozINCX0LAg0L_QvtGB0LvQtdC00L3QtdC1INC00LXRgdGP0YLQuNC70LXRgtC40LUg0YfQuNGB0LvQviDQv9GA0LDQstC-0L3QsNGA0YPRiNC10L3QuNC5INCy0YvRgNC-0YHQu9C-INCy0LTQstC-0LU6INCb0YPQutCw0YjQtdC90LrQviDQv9GA0L7QstC-0LTQuNGCINGB0L7QstC10YnQsNC90LjQtSDQv9C-INC_0YDQuNC80LXQvdC10L3QuNGOINCw0LTQvNC40L3QuNGB0YLRgNCw0YLQuNCy0L3QvtC5INC-0YLQstC10YLRgdGC0LLQtdC90L3QvtGB0YLQuCAKMyDQl9CwINC_0L7RgdC70LXQtNC90LXQtSDQtNC10YHRj9GC0LjQu9C10YLQuNC1INGH0LjRgdC70L4g0L_RgNCw0LLQvtC90LDRgNGD0YjQtdC90LjQuSDQstGL0YDQvtGB0LvQviDQstC00LLQvtC1OiDQm9GD0LrQsNGI0LXQvdC60L4g0L_RgNC-0LLQvtC00LjRgiDRgdC-0LLQtdGJ0LDQvdC40LUg0L_QviDQv9GA0LjQvNC10L3QtdC90LjRjiDQsNC00LzQuNC90LjRgdGC0YDQsNGC0LjQstC90L7QuSDQvtGC0LLQtdGC0YHRgtCy0LXQvdC90L7RgdGC0LggCjMg0JHQsNC90Log0YDQsNC30LLQuNGC0LjRjyDQmtC40YLQsNGPINCy0YvQtNC10LvQuNGCINCR0LXQu9Cw0YDRg9GB0Lgg0LrRgNC10LTQuNGCINC90LAgMyw1INC80LvRgNC0INGO0LDQvdC10LkgCjMg0JHQtdC70LDRgNGD0YHRjCDQv9C-0LTQvdGP0LvQsNGB0Ywg0LIg0YDQtdC50YLQuNC90LPQtSDRgdCw0LzRi9GFINC80L7Qs9GD0YnQtdGB0YLQstC10L3QvdGL0YUg0YHRgtGA0LDQvSDQvNC40YDQsCAKMyDCq9CS0YHRgtGA0LXRh9CwINC00LLRg9GFINCS0LvQsNC00LjQvNC40YDQvtCywrs6INGB0YLQsNC7INC70Lgg0LzQuNGAINC90LAg0JTQvtC90LHQsNGB0YHQtSDQsdC70LjQttC1INC_0L7RgdC70LUg0L_QtdGA0LXQs9C-0LLQvtGA0L7QsiDCq9C90L7RgNC80LDQvdC00YHQutC-0Lkg0YfQtdGC0LLRkdGA0LrQuMK7INCyINCf0LDRgNC40LbQtT8gCjMg0JHQtdC70L7RgNGD0YHRgdC60LjQtSDQtNCw0LvRjNC90L7QsdC-0LnRidC40LrQuCDRgdGH&utf8=%E2%9C%93
p3p: policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
status: 302
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 0
expires: Mon, 04 Dec 1999 21:29:02 GMT

Redirect headers

pragma: no-cache
date: Mon, 16 Dec 2019 09:13:56 GMT
server: nginx
status: 302
location: /239538/getBulkTest/v2?dl=https%3A%2F%2Font.by%2F&date=2019-12-16T10%3A13%3A56.673%2B01%3A00&pd=16&pdh=1200&pdw=1600&pr1=40644240&pr=2473837910&prr=&pv=10&pw=1&extid_loader=&extid_tag_loader=ont.by&ylv=0.1505&ybv=0.1497&ytt=260034501543957&is-turbo=0&skip-token=&ad-session-id=5812841576487636612&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22width%22%3A288%2C%22height%22%3A0%2C%22left%22%3A1125%2C%22top%22%3A2616%2C%22visible%22%3A0%2C%22req_no%22%3A3%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&matchid-cookies=fEO4cFbeMKA-n3kK-BaJMvLRxB2QIU2sgp2wBg1jcZVQKeuTbq29xg%3D%3D&matchid-cookies-sign=PtyMFpY5t7FaSHddNsUSKg%3D%3D&p1=cerer&p2=fgou&matchid-direct=1&bids=W3siY2FtcGFpZ25faWQiOjc3MTAwNSwicmVzcG9uc2VfdGltZSI6MTI0NiwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjE0MTAzNzkifV0%3D&grab=dNCe0J3QoiDigJQg0J7QsdGJ0LXQvdCw0YbQuNC-0L3QsNC70YzQvdC-0LUg0YLQtdC70LXQstC40LTQtdC90LjQtSDQkdC10LvQsNGA0YPRgdC4IHwg0JHQtdC70L7RgNGD0YHRgdC60LjQuSDRgtC10LvQtdC60LDQvdCw0Lsg0J7QndCiCjIg0J_QvtGB0LvQtdC00L3QuNC1INC90L7QstC-0YHRgtC4IAoy0JPQu9Cw0LLQvdGL0LUg0L3QvtCy0L7RgdGC0LggCjIg0KHQtdC50YfQsNGBINGH0LjRgtCw0Y7RgiAKMiDQn9C-0L_Rg9C70Y_RgNC90L7QtSDQt9CwINC90LXQtNC10LvRjiAKMiDQnNCw0YDQutC-0LIuINCd0LjRh9C10LPQviDQu9C40YfQvdC-0LPQviAKMiDQntCd0KIg0L3QsCBZb3VUdWJlIAoyINCd0LDRiNC4INC90L7QstC-0YHRgtC4INCe0J3QoiAKMiDQn9GA0L7Qs9GA0LDQvNC80Ysg0Lgg0L_RgNC-0LXQutGC0YsgCjIg0JrQuNC90L4g0Lgg0YHQtdGA0LjQsNC70YsgCjIg0JzRiyDQsiDRgdC-0YbQuNCw0LvRjNC90YvRhSDRgdC10YLRj9GFIAozINCX0LAg0L_QvtGB0LvQtdC00L3QtdC1INC00LXRgdGP0YLQuNC70LXRgtC40LUg0YfQuNGB0LvQviDQv9GA0LDQstC-0L3QsNGA0YPRiNC10L3QuNC5INCy0YvRgNC-0YHQu9C-INCy0LTQstC-0LU6INCb0YPQutCw0YjQtdC90LrQviDQv9GA0L7QstC-0LTQuNGCINGB0L7QstC10YnQsNC90LjQtSDQv9C-INC_0YDQuNC80LXQvdC10L3QuNGOINCw0LTQvNC40L3QuNGB0YLRgNCw0YLQuNCy0L3QvtC5INC-0YLQstC10YLRgdGC0LLQtdC90L3QvtGB0YLQuCAKMyDQl9CwINC_0L7RgdC70LXQtNC90LXQtSDQtNC10YHRj9GC0LjQu9C10YLQuNC1INGH0LjRgdC70L4g0L_RgNCw0LLQvtC90LDRgNGD0YjQtdC90LjQuSDQstGL0YDQvtGB0LvQviDQstC00LLQvtC1OiDQm9GD0LrQsNGI0LXQvdC60L4g0L_RgNC-0LLQvtC00LjRgiDRgdC-0LLQtdGJ0LDQvdC40LUg0L_QviDQv9GA0LjQvNC10L3QtdC90LjRjiDQsNC00LzQuNC90LjRgdGC0YDQsNGC0LjQstC90L7QuSDQvtGC0LLQtdGC0YHRgtCy0LXQvdC90L7RgdGC0LggCjMg0JHQsNC90Log0YDQsNC30LLQuNGC0LjRjyDQmtC40YLQsNGPINCy0YvQtNC10LvQuNGCINCR0LXQu9Cw0YDRg9GB0Lgg0LrRgNC10LTQuNGCINC90LAgMyw1INC80LvRgNC0INGO0LDQvdC10LkgCjMg0JHQtdC70LDRgNGD0YHRjCDQv9C-0LTQvdGP0LvQsNGB0Ywg0LIg0YDQtdC50YLQuNC90LPQtSDRgdCw0LzRi9GFINC80L7Qs9GD0YnQtdGB0YLQstC10L3QvdGL0YUg0YHRgtGA0LDQvSDQvNC40YDQsCAKMyDCq9CS0YHRgtGA0LXRh9CwINC00LLRg9GFINCS0LvQsNC00LjQvNC40YDQvtCywrs6INGB0YLQsNC7INC70Lgg0LzQuNGAINC90LAg0JTQvtC90LHQsNGB0YHQtSDQsdC70LjQttC1INC_0L7RgdC70LUg0L_QtdGA0LXQs9C-0LLQvtGA0L7QsiDCq9C90L7RgNC80LDQvdC00YHQutC-0Lkg0YfQtdGC0LLRkdGA0LrQuMK7INCyINCf0LDRgNC40LbQtT8gCjMg0JHQtdC70L7RgNGD0YHRgdC60LjQtSDQtNCw0LvRjNC90L7QsdC-0LnRidC40LrQuCDRgdGH&utf8=%E2%9C%93
p3p: policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
access-control-allow-origin: https://ont.by
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 0
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2

302

v2 Show response
ads.adfox.ru/239538/getBulkTest/
Redirect Chain

https://ads.adfox.ru/239538/getBulk/v2?dl=https%3A%2F%2Font.by%2F&date=2019-12-16T10%3A13%3A56.675%2B01%3A00&pd=16&pdh=1200&pdw=1600&pr1=3125563862&pr=2473837910&prr=&pv=10&pw=1&extid_loader=&extid...
https://ads.adfox.ru/239538/getBulkTest/v2?dl=https%3A%2F%2Font.by%2F&date=2019-12-16T10%3A13%3A56.675%2B01%3A00&pd=16&pdh=1200&pdw=1600&pr1=3125563862&pr=2473837910&prr=&pv=10&pw=1&extid_loader=&e...

0
-1 B

234ms
117ms

XHR

213.180.204.50
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adfox.ru/239538/getBulkTest/v2?dl=https%3A%2F%2Font.by%2F&date=2019-12-16T10%3A13%3A56.675%2B01%3A00&pd=16&pdh=1200&pdw=1600&pr1=3125563862&pr=2473837910&prr=&pv=10&pw=1&extid_loader=&extid_tag_loader=ont.by&ylv=0.1505&ybv=0.1497&ytt=260034501543957&is-turbo=0&skip-token=&ad-session-id=5812841576487636612&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22width%22%3A1240%2C%22height%22%3A0%2C%22left%22%3A173%2C%22top%22%3A3992%2C%22visible%22%3A0%2C%22req_no%22%3A4%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&matchid-cookies=fEO4cFbeMKA-n3kK-BaJMvLRxB2QIU2sgp2wBg1jcZVQKeuTbq29xg%3D%3D&matchid-cookies-sign=PtyMFpY5t7FaSHddNsUSKg%3D%3D&p1=ceret&p2=y&matchid-direct=1&bids=W3siY2FtcGFpZ25faWQiOjc3MTAwNSwicmVzcG9uc2VfdGltZSI6MTI0NiwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjE0MTAzODIifV0%3D&grab=dNCe0J3QoiDigJQg0J7QsdGJ0LXQvdCw0YbQuNC-0L3QsNC70YzQvdC-0LUg0YLQtdC70LXQstC40LTQtdC90LjQtSDQkdC10LvQsNGA0YPRgdC4IHwg0JHQtdC70L7RgNGD0YHRgdC60LjQuSDRgtC10LvQtdC60LDQvdCw0Lsg0J7QndCiCjIg0J_QvtGB0LvQtdC00L3QuNC1INC90L7QstC-0YHRgtC4IAoy0JPQu9Cw0LLQvdGL0LUg0L3QvtCy0L7RgdGC0LggCjIg0KHQtdC50YfQsNGBINGH0LjRgtCw0Y7RgiAKMiDQn9C-0L_Rg9C70Y_RgNC90L7QtSDQt9CwINC90LXQtNC10LvRjiAKMiDQnNCw0YDQutC-0LIuINCd0LjRh9C10LPQviDQu9C40YfQvdC-0LPQviAKMiDQntCd0KIg0L3QsCBZb3VUdWJlIAoyINCd0LDRiNC4INC90L7QstC-0YHRgtC4INCe0J3QoiAKMiDQn9GA0L7Qs9GA0LDQvNC80Ysg0Lgg0L_RgNC-0LXQutGC0YsgCjIg0JrQuNC90L4g0Lgg0YHQtdGA0LjQsNC70YsgCjIg0JzRiyDQsiDRgdC-0YbQuNCw0LvRjNC90YvRhSDRgdC10YLRj9GFIAozINCX0LAg0L_QvtGB0LvQtdC00L3QtdC1INC00LXRgdGP0YLQuNC70LXRgtC40LUg0YfQuNGB0LvQviDQv9GA0LDQstC-0L3QsNGA0YPRiNC10L3QuNC5INCy0YvRgNC-0YHQu9C-INCy0LTQstC-0LU6INCb0YPQutCw0YjQtdC90LrQviDQv9GA0L7QstC-0LTQuNGCINGB0L7QstC10YnQsNC90LjQtSDQv9C-INC_0YDQuNC80LXQvdC10L3QuNGOINCw0LTQvNC40L3QuNGB0YLRgNCw0YLQuNCy0L3QvtC5INC-0YLQstC10YLRgdGC0LLQtdC90L3QvtGB0YLQuCAKMyDQl9CwINC_0L7RgdC70LXQtNC90LXQtSDQtNC10YHRj9GC0LjQu9C10YLQuNC1INGH0LjRgdC70L4g0L_RgNCw0LLQvtC90LDRgNGD0YjQtdC90LjQuSDQstGL0YDQvtGB0LvQviDQstC00LLQvtC1OiDQm9GD0LrQsNGI0LXQvdC60L4g0L_RgNC-0LLQvtC00LjRgiDRgdC-0LLQtdGJ0LDQvdC40LUg0L_QviDQv9GA0LjQvNC10L3QtdC90LjRjiDQsNC00LzQuNC90LjRgdGC0YDQsNGC0LjQstC90L7QuSDQvtGC0LLQtdGC0YHRgtCy0LXQvdC90L7RgdGC0LggCjMg0JHQsNC90Log0YDQsNC30LLQuNGC0LjRjyDQmtC40YLQsNGPINCy0YvQtNC10LvQuNGCINCR0LXQu9Cw0YDRg9GB0Lgg0LrRgNC10LTQuNGCINC90LAgMyw1INC80LvRgNC0INGO0LDQvdC10LkgCjMg0JHQtdC70LDRgNGD0YHRjCDQv9C-0LTQvdGP0LvQsNGB0Ywg0LIg0YDQtdC50YLQuNC90LPQtSDRgdCw0LzRi9GFINC80L7Qs9GD0YnQtdGB0YLQstC10L3QvdGL0YUg0YHRgtGA0LDQvSDQvNC40YDQsCAKMyDCq9CS0YHRgtGA0LXRh9CwINC00LLRg9GFINCS0LvQsNC00LjQvNC40YDQvtCywrs6INGB0YLQsNC7INC70Lgg0LzQuNGAINC90LAg0JTQvtC90LHQsNGB0YHQtSDQsdC70LjQttC1INC_0L7RgdC70LUg0L_QtdGA0LXQs9C-0LLQvtGA0L7QsiDCq9C90L7RgNC80LDQvdC00YHQutC-0Lkg0YfQtdGC0LLRkdGA0LrQuMK7INCyINCf0LDRgNC40LbQtT8gCjMg0JHQtdC70L7RgNGD0YHRgdC60LjQtSDQtNCw0LvRjNC90L7QsdC-0LnRidC40LrQuCDRgdGH&utf8=%E2%9C%93
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.180.204.50 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS: ads.adfox.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Dec 2019 09:13:56 GMT
server: nginx
access-control-allow-origin: https://ont.by
location: /239538/getBulkTest/v2?dl=https%3A%2F%2Font.by%2F&date=2019-12-16T10%3A13%3A56.675%2B01%3A00&pd=16&pdh=1200&pdw=1600&pr1=3125563862&pr=2473837910&prr=&pv=10&pw=1&extid_loader=&extid_tag_loader=ont.by&ylv=0.1505&ybv=0.1497&ytt=260034501543957&is-turbo=0&skip-token=&ad-session-id=5812841576487636612&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22width%22%3A1240%2C%22height%22%3A0%2C%22left%22%3A173%2C%22top%22%3A3992%2C%22visible%22%3A0%2C%22req_no%22%3A4%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&matchid-cookies=fEO4cFbeMKA-n3kK-BaJMvLRxB2QIU2sgp2wBg1jcZVQKeuTbq29xg%3D%3D&matchid-cookies-sign=PtyMFpY5t7FaSHddNsUSKg%3D%3D&p1=ceret&p2=y&matchid-direct=1&bids=W3siY2FtcGFpZ25faWQiOjc3MTAwNSwicmVzcG9uc2VfdGltZSI6MTI0NiwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjE0MTAzODIifV0%3D&grab=dNCe0J3QoiDigJQg0J7QsdGJ0LXQvdCw0YbQuNC-0L3QsNC70YzQvdC-0LUg0YLQtdC70LXQstC40LTQtdC90LjQtSDQkdC10LvQsNGA0YPRgdC4IHwg0JHQtdC70L7RgNGD0YHRgdC60LjQuSDRgtC10LvQtdC60LDQvdCw0Lsg0J7QndCiCjIg0J_QvtGB0LvQtdC00L3QuNC1INC90L7QstC-0YHRgtC4IAoy0JPQu9Cw0LLQvdGL0LUg0L3QvtCy0L7RgdGC0LggCjIg0KHQtdC50YfQsNGBINGH0LjRgtCw0Y7RgiAKMiDQn9C-0L_Rg9C70Y_RgNC90L7QtSDQt9CwINC90LXQtNC10LvRjiAKMiDQnNCw0YDQutC-0LIuINCd0LjRh9C10LPQviDQu9C40YfQvdC-0LPQviAKMiDQntCd0KIg0L3QsCBZb3VUdWJlIAoyINCd0LDRiNC4INC90L7QstC-0YHRgtC4INCe0J3QoiAKMiDQn9GA0L7Qs9GA0LDQvNC80Ysg0Lgg0L_RgNC-0LXQutGC0YsgCjIg0JrQuNC90L4g0Lgg0YHQtdGA0LjQsNC70YsgCjIg0JzRiyDQsiDRgdC-0YbQuNCw0LvRjNC90YvRhSDRgdC10YLRj9GFIAozINCX0LAg0L_QvtGB0LvQtdC00L3QtdC1INC00LXRgdGP0YLQuNC70LXRgtC40LUg0YfQuNGB0LvQviDQv9GA0LDQstC-0L3QsNGA0YPRiNC10L3QuNC5INCy0YvRgNC-0YHQu9C-INCy0LTQstC-0LU6INCb0YPQutCw0YjQtdC90LrQviDQv9GA0L7QstC-0LTQuNGCINGB0L7QstC10YnQsNC90LjQtSDQv9C-INC_0YDQuNC80LXQvdC10L3QuNGOINCw0LTQvNC40L3QuNGB0YLRgNCw0YLQuNCy0L3QvtC5INC-0YLQstC10YLRgdGC0LLQtdC90L3QvtGB0YLQuCAKMyDQl9CwINC_0L7RgdC70LXQtNC90LXQtSDQtNC10YHRj9GC0LjQu9C10YLQuNC1INGH0LjRgdC70L4g0L_RgNCw0LLQvtC90LDRgNGD0YjQtdC90LjQuSDQstGL0YDQvtGB0LvQviDQstC00LLQvtC1OiDQm9GD0LrQsNGI0LXQvdC60L4g0L_RgNC-0LLQvtC00LjRgiDRgdC-0LLQtdGJ0LDQvdC40LUg0L_QviDQv9GA0LjQvNC10L3QtdC90LjRjiDQsNC00LzQuNC90LjRgdGC0YDQsNGC0LjQstC90L7QuSDQvtGC0LLQtdGC0YHRgtCy0LXQvdC90L7RgdGC0LggCjMg0JHQsNC90Log0YDQsNC30LLQuNGC0LjRjyDQmtC40YLQsNGPINCy0YvQtNC10LvQuNGCINCR0LXQu9Cw0YDRg9GB0Lgg0LrRgNC10LTQuNGCINC90LAgMyw1INC80LvRgNC0INGO0LDQvdC10LkgCjMg0JHQtdC70LDRgNGD0YHRjCDQv9C-0LTQvdGP0LvQsNGB0Ywg0LIg0YDQtdC50YLQuNC90LPQtSDRgdCw0LzRi9GFINC80L7Qs9GD0YnQtdGB0YLQstC10L3QvdGL0YUg0YHRgtGA0LDQvSDQvNC40YDQsCAKMyDCq9CS0YHRgtGA0LXRh9CwINC00LLRg9GFINCS0LvQsNC00LjQvNC40YDQvtCywrs6INGB0YLQsNC7INC70Lgg0LzQuNGAINC90LAg0JTQvtC90LHQsNGB0YHQtSDQsdC70LjQttC1INC_0L7RgdC70LUg0L_QtdGA0LXQs9C-0LLQvtGA0L7QsiDCq9C90L7RgNC80LDQvdC00YHQutC-0Lkg0YfQtdGC0LLRkdGA0LrQuMK7INCyINCf0LDRgNC40LbQtT8gCjMg0JHQtdC70L7RgNGD0YHRgdC60LjQtSDQtNCw0LvRjNC90L7QsdC-0LnRidC40LrQuCDRgdGH&utf8=%E2%9C%93
p3p: policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
status: 302
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 0
expires: Mon, 04 Dec 1999 21:29:02 GMT

Redirect headers

pragma: no-cache
date: Mon, 16 Dec 2019 09:13:56 GMT
server: nginx
status: 302
location: /239538/getBulkTest/v2?dl=https%3A%2F%2Font.by%2F&date=2019-12-16T10%3A13%3A56.675%2B01%3A00&pd=16&pdh=1200&pdw=1600&pr1=3125563862&pr=2473837910&prr=&pv=10&pw=1&extid_loader=&extid_tag_loader=ont.by&ylv=0.1505&ybv=0.1497&ytt=260034501543957&is-turbo=0&skip-token=&ad-session-id=5812841576487636612&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22width%22%3A1240%2C%22height%22%3A0%2C%22left%22%3A173%2C%22top%22%3A3992%2C%22visible%22%3A0%2C%22req_no%22%3A4%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&matchid-cookies=fEO4cFbeMKA-n3kK-BaJMvLRxB2QIU2sgp2wBg1jcZVQKeuTbq29xg%3D%3D&matchid-cookies-sign=PtyMFpY5t7FaSHddNsUSKg%3D%3D&p1=ceret&p2=y&matchid-direct=1&bids=W3siY2FtcGFpZ25faWQiOjc3MTAwNSwicmVzcG9uc2VfdGltZSI6MTI0NiwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjE0MTAzODIifV0%3D&grab=dNCe0J3QoiDigJQg0J7QsdGJ0LXQvdCw0YbQuNC-0L3QsNC70YzQvdC-0LUg0YLQtdC70LXQstC40LTQtdC90LjQtSDQkdC10LvQsNGA0YPRgdC4IHwg0JHQtdC70L7RgNGD0YHRgdC60LjQuSDRgtC10LvQtdC60LDQvdCw0Lsg0J7QndCiCjIg0J_QvtGB0LvQtdC00L3QuNC1INC90L7QstC-0YHRgtC4IAoy0JPQu9Cw0LLQvdGL0LUg0L3QvtCy0L7RgdGC0LggCjIg0KHQtdC50YfQsNGBINGH0LjRgtCw0Y7RgiAKMiDQn9C-0L_Rg9C70Y_RgNC90L7QtSDQt9CwINC90LXQtNC10LvRjiAKMiDQnNCw0YDQutC-0LIuINCd0LjRh9C10LPQviDQu9C40YfQvdC-0LPQviAKMiDQntCd0KIg0L3QsCBZb3VUdWJlIAoyINCd0LDRiNC4INC90L7QstC-0YHRgtC4INCe0J3QoiAKMiDQn9GA0L7Qs9GA0LDQvNC80Ysg0Lgg0L_RgNC-0LXQutGC0YsgCjIg0JrQuNC90L4g0Lgg0YHQtdGA0LjQsNC70YsgCjIg0JzRiyDQsiDRgdC-0YbQuNCw0LvRjNC90YvRhSDRgdC10YLRj9GFIAozINCX0LAg0L_QvtGB0LvQtdC00L3QtdC1INC00LXRgdGP0YLQuNC70LXRgtC40LUg0YfQuNGB0LvQviDQv9GA0LDQstC-0L3QsNGA0YPRiNC10L3QuNC5INCy0YvRgNC-0YHQu9C-INCy0LTQstC-0LU6INCb0YPQutCw0YjQtdC90LrQviDQv9GA0L7QstC-0LTQuNGCINGB0L7QstC10YnQsNC90LjQtSDQv9C-INC_0YDQuNC80LXQvdC10L3QuNGOINCw0LTQvNC40L3QuNGB0YLRgNCw0YLQuNCy0L3QvtC5INC-0YLQstC10YLRgdGC0LLQtdC90L3QvtGB0YLQuCAKMyDQl9CwINC_0L7RgdC70LXQtNC90LXQtSDQtNC10YHRj9GC0LjQu9C10YLQuNC1INGH0LjRgdC70L4g0L_RgNCw0LLQvtC90LDRgNGD0YjQtdC90LjQuSDQstGL0YDQvtGB0LvQviDQstC00LLQvtC1OiDQm9GD0LrQsNGI0LXQvdC60L4g0L_RgNC-0LLQvtC00LjRgiDRgdC-0LLQtdGJ0LDQvdC40LUg0L_QviDQv9GA0LjQvNC10L3QtdC90LjRjiDQsNC00LzQuNC90LjRgdGC0YDQsNGC0LjQstC90L7QuSDQvtGC0LLQtdGC0YHRgtCy0LXQvdC90L7RgdGC0LggCjMg0JHQsNC90Log0YDQsNC30LLQuNGC0LjRjyDQmtC40YLQsNGPINCy0YvQtNC10LvQuNGCINCR0LXQu9Cw0YDRg9GB0Lgg0LrRgNC10LTQuNGCINC90LAgMyw1INC80LvRgNC0INGO0LDQvdC10LkgCjMg0JHQtdC70LDRgNGD0YHRjCDQv9C-0LTQvdGP0LvQsNGB0Ywg0LIg0YDQtdC50YLQuNC90LPQtSDRgdCw0LzRi9GFINC80L7Qs9GD0YnQtdGB0YLQstC10L3QvdGL0YUg0YHRgtGA0LDQvSDQvNC40YDQsCAKMyDCq9CS0YHRgtGA0LXRh9CwINC00LLRg9GFINCS0LvQsNC00LjQvNC40YDQvtCywrs6INGB0YLQsNC7INC70Lgg0LzQuNGAINC90LAg0JTQvtC90LHQsNGB0YHQtSDQsdC70LjQttC1INC_0L7RgdC70LUg0L_QtdGA0LXQs9C-0LLQvtGA0L7QsiDCq9C90L7RgNC80LDQvdC00YHQutC-0Lkg0YfQtdGC0LLRkdGA0LrQuMK7INCyINCf0LDRgNC40LbQtT8gCjMg0JHQtdC70L7RgNGD0YHRgdC60LjQtSDQtNCw0LvRjNC90L7QsdC-0LnRidC40LrQuCDRgdGH&utf8=%E2%9C%93
p3p: policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
access-control-allow-origin: https://ont.by
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 0
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
260 B 33ms
32ms Image
image/gif 178.250.0.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=1
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:56 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
access-control-allow-origin: *
etag: "493ea254-2b"
content-type: image/gif
status: 200
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Thu, 10 Dec 2020 09:13:56 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
260 B 31ms
31ms Image
image/gif 178.250.0.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=2
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:56 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
access-control-allow-origin: *
etag: "493ea254-2b"
content-type: image/gif
status: 200
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Thu, 10 Dec 2020 09:13:56 GMT

GET
H2 200 1f449.png
abs.twimg.com/emoji/v2/72x72/ Frame 1F6F 423 B
711 B 26ms
7ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f449.png

Requested by

Host: ont.by
URL: https://ont.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40DD) /

Resource Hash

9cf1114324a6653750f0f8af7783a744e45adadca47c48844e4ee0f11df269bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:56 GMT
x-content-type-options: nosniff
x-ton-expected-size: 423
x-cache: HIT
status: 200
content-length: 423
x-response-time: 9
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:28:35 GMT
server: ECS (fcn/40DD)
etag: "LFXrh3o/sfOGHVbERP/uFQ=="
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 24366c0b69efa712199f8741a5d53e19
accept-ranges: bytes
expires: Tue, 15 Dec 2020 09:13:56 GMT

GET
H2 200 timeline.b19b28e5dd6afdadd09507e64bad84c7.light.ltr.css
platform.twitter.com/css/ Frame 1F6F 52 KB
12 KB 22ms
22ms Stylesheet
text/css 151.101.12.157
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/timeline.b19b28e5dd6afdadd09507e64bad84c7.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 12bf529a0f4d0a3f10d003a07d5b91e40579a3da18022a9896a9ccd9e5dc1b33

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:56 GMT
content-encoding: gzip
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 12155
x-served-by: cache-iad2137-IAD, cache-fra19128-FRA
last-modified: Tue, 10 Dec 2019 23:44:42 GMT
etag: "0100ec69a2c00683a1ae89e074b822c1+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
tw-cdn: FT

GET
H2 200 timeline.b19b28e5dd6afdadd09507e64bad84c7.light.ltr.css
platform.twitter.com/css/ 52 KB
52 KB 24ms
24ms Image
text/css 151.101.12.157
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/timeline.b19b28e5dd6afdadd09507e64bad84c7.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:56 GMT
content-encoding: gzip
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 12155
x-served-by: cache-iad2137-IAD, cache-fra19128-FRA
last-modified: Tue, 10 Dec 2019 23:44:42 GMT
etag: "0100ec69a2c00683a1ae89e074b822c1+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
tw-cdn: FT

GET
H2 200 v2 Show response
ads.adfox.ru/239538/getBulkTest/ 10 KB
3 KB 255ms
254ms XHR
application/json 213.180.204.50
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adfox.ru/239538/getBulkTest/v2?dl=https%3A%2F%2Font.by%2F&date=2019-12-16T10%3A13%3A56.609%2B01%3A00&pd=16&pdh=1200&pdw=1600&pr1=836362105&pr=2473837910&prr=&pv=10&pw=1&extid_loader=&extid_tag_loader=ont.by&ylv=0.1505&ybv=0.1497&ytt=260034501543957&is-turbo=0&skip-token=&ad-session-id=5812841576487636612&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22width%22%3A1920%2C%22height%22%3A0%2C%22left%22%3A-167%2C%22top%22%3A0%2C%22visible%22%3A1%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&matchid-cookies=fEO4cFbeMKA-n3kK-BaJMvLRxB2QIU2sgp2wBg1jcZVQKeuTbq29xg%3D%3D&matchid-cookies-sign=PtyMFpY5t7FaSHddNsUSKg%3D%3D&p1=cerem&p2=y&matchid-direct=1&bids=W3siY2FtcGFpZ25faWQiOjc3MTAwNSwicmVzcG9uc2VfdGltZSI6MTIzOSwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjE0MTAzNzYifV0%3D&grab=dNCe0J3QoiDigJQg0J7QsdGJ0LXQvdCw0YbQuNC-0L3QsNC70YzQvdC-0LUg0YLQtdC70LXQstC40LTQtdC90LjQtSDQkdC10LvQsNGA0YPRgdC4IHwg0JHQtdC70L7RgNGD0YHRgdC60LjQuSDRgtC10LvQtdC60LDQvdCw0Lsg0J7QndCiCjIg0J_QvtGB0LvQtdC00L3QuNC1INC90L7QstC-0YHRgtC4IAoy0JPQu9Cw0LLQvdGL0LUg0L3QvtCy0L7RgdGC0LggCjIg0KHQtdC50YfQsNGBINGH0LjRgtCw0Y7RgiAKMiDQn9C-0L_Rg9C70Y_RgNC90L7QtSDQt9CwINC90LXQtNC10LvRjiAKMiDQnNCw0YDQutC-0LIuINCd0LjRh9C10LPQviDQu9C40YfQvdC-0LPQviAKMiDQntCd0KIg0L3QsCBZb3VUdWJlIAoyINCd0LDRiNC4INC90L7QstC-0YHRgtC4INCe0J3QoiAKMiDQn9GA0L7Qs9GA0LDQvNC80Ysg0Lgg0L_RgNC-0LXQutGC0YsgCjIg0JrQuNC90L4g0Lgg0YHQtdGA0LjQsNC70YsgCjIg0JzRiyDQsiDRgdC-0YbQuNCw0LvRjNC90YvRhSDRgdC10YLRj9GFIAozINCX0LAg0L_QvtGB0LvQtdC00L3QtdC1INC00LXRgdGP0YLQuNC70LXRgtC40LUg0YfQuNGB0LvQviDQv9GA0LDQstC-0L3QsNGA0YPRiNC10L3QuNC5INCy0YvRgNC-0YHQu9C-INCy0LTQstC-0LU6INCb0YPQutCw0YjQtdC90LrQviDQv9GA0L7QstC-0LTQuNGCINGB0L7QstC10YnQsNC90LjQtSDQv9C-INC_0YDQuNC80LXQvdC10L3QuNGOINCw0LTQvNC40L3QuNGB0YLRgNCw0YLQuNCy0L3QvtC5INC-0YLQstC10YLRgdGC0LLQtdC90L3QvtGB0YLQuCAKMyDQl9CwINC_0L7RgdC70LXQtNC90LXQtSDQtNC10YHRj9GC0LjQu9C10YLQuNC1INGH0LjRgdC70L4g0L_RgNCw0LLQvtC90LDRgNGD0YjQtdC90LjQuSDQstGL0YDQvtGB0LvQviDQstC00LLQvtC1OiDQm9GD0LrQsNGI0LXQvdC60L4g0L_RgNC-0LLQvtC00LjRgiDRgdC-0LLQtdGJ0LDQvdC40LUg0L_QviDQv9GA0LjQvNC10L3QtdC90LjRjiDQsNC00LzQuNC90LjRgdGC0YDQsNGC0LjQstC90L7QuSDQvtGC0LLQtdGC0YHRgtCy0LXQvdC90L7RgdGC0LggCjMg0JHQsNC90Log0YDQsNC30LLQuNGC0LjRjyDQmtC40YLQsNGPINCy0YvQtNC10LvQuNGCINCR0LXQu9Cw0YDRg9GB0Lgg0LrRgNC10LTQuNGCINC90LAgMyw1INC80LvRgNC0INGO0LDQvdC10LkgCjMg0JHQtdC70LDRgNGD0YHRjCDQv9C-0LTQvdGP0LvQsNGB0Ywg0LIg0YDQtdC50YLQuNC90LPQtSDRgdCw0LzRi9GFINC80L7Qs9GD0YnQtdGB0YLQstC10L3QvdGL0YUg0YHRgtGA0LDQvSDQvNC40YDQsCAKMyDCq9CS0YHRgtGA0LXRh9CwINC00LLRg9GFINCS0LvQsNC00LjQvNC40YDQvtCywrs6INGB0YLQsNC7INC70Lgg0LzQuNGAINC90LAg0JTQvtC90LHQsNGB0YHQtSDQsdC70LjQttC1INC_0L7RgdC70LUg0L_QtdGA0LXQs9C-0LLQvtGA0L7QsiDCq9C90L7RgNC80LDQvdC00YHQutC-0Lkg0YfQtdGC0LLRkdGA0LrQuMK7INCyINCf0LDRgNC40LbQtT8gCjMg0JHQtdC70L7RgNGD0YHRgdC60LjQtSDQtNCw0LvRjNC90L7QsdC-0LnRidC40LrQuCDRgdGH&utf8=%E2%9C%93
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.180.204.50 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS: ads.adfox.ru
Software: nginx /
Resource Hash: 8256703fede87393afb218b6e1b01bfbba5823e72aa408fba886efe81438c096

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ont.by/
Origin: https://ont.by

Response headers

pragma: no-cache
date: Mon, 16 Dec 2019 09:13:57 GMT
content-encoding: gzip
content-type: application/json
server: nginx
status: 200
p3p: policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
access-control-allow-origin: https://ont.by
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 v2 Show response
ads.adfox.ru/239538/getBulkTest/ 10 KB
3 KB 281ms
280ms XHR
application/json 213.180.204.50
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adfox.ru/239538/getBulkTest/v2?dl=https%3A%2F%2Font.by%2F&date=2019-12-16T10%3A13%3A56.673%2B01%3A00&pd=16&pdh=1200&pdw=1600&pr1=40644240&pr=2473837910&prr=&pv=10&pw=1&extid_loader=&extid_tag_loader=ont.by&ylv=0.1505&ybv=0.1497&ytt=260034501543957&is-turbo=0&skip-token=&ad-session-id=5812841576487636612&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22width%22%3A288%2C%22height%22%3A0%2C%22left%22%3A1125%2C%22top%22%3A2616%2C%22visible%22%3A0%2C%22req_no%22%3A3%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&matchid-cookies=fEO4cFbeMKA-n3kK-BaJMvLRxB2QIU2sgp2wBg1jcZVQKeuTbq29xg%3D%3D&matchid-cookies-sign=PtyMFpY5t7FaSHddNsUSKg%3D%3D&p1=cerer&p2=fgou&matchid-direct=1&bids=W3siY2FtcGFpZ25faWQiOjc3MTAwNSwicmVzcG9uc2VfdGltZSI6MTI0NiwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjE0MTAzNzkifV0%3D&grab=dNCe0J3QoiDigJQg0J7QsdGJ0LXQvdCw0YbQuNC-0L3QsNC70YzQvdC-0LUg0YLQtdC70LXQstC40LTQtdC90LjQtSDQkdC10LvQsNGA0YPRgdC4IHwg0JHQtdC70L7RgNGD0YHRgdC60LjQuSDRgtC10LvQtdC60LDQvdCw0Lsg0J7QndCiCjIg0J_QvtGB0LvQtdC00L3QuNC1INC90L7QstC-0YHRgtC4IAoy0JPQu9Cw0LLQvdGL0LUg0L3QvtCy0L7RgdGC0LggCjIg0KHQtdC50YfQsNGBINGH0LjRgtCw0Y7RgiAKMiDQn9C-0L_Rg9C70Y_RgNC90L7QtSDQt9CwINC90LXQtNC10LvRjiAKMiDQnNCw0YDQutC-0LIuINCd0LjRh9C10LPQviDQu9C40YfQvdC-0LPQviAKMiDQntCd0KIg0L3QsCBZb3VUdWJlIAoyINCd0LDRiNC4INC90L7QstC-0YHRgtC4INCe0J3QoiAKMiDQn9GA0L7Qs9GA0LDQvNC80Ysg0Lgg0L_RgNC-0LXQutGC0YsgCjIg0JrQuNC90L4g0Lgg0YHQtdGA0LjQsNC70YsgCjIg0JzRiyDQsiDRgdC-0YbQuNCw0LvRjNC90YvRhSDRgdC10YLRj9GFIAozINCX0LAg0L_QvtGB0LvQtdC00L3QtdC1INC00LXRgdGP0YLQuNC70LXRgtC40LUg0YfQuNGB0LvQviDQv9GA0LDQstC-0L3QsNGA0YPRiNC10L3QuNC5INCy0YvRgNC-0YHQu9C-INCy0LTQstC-0LU6INCb0YPQutCw0YjQtdC90LrQviDQv9GA0L7QstC-0LTQuNGCINGB0L7QstC10YnQsNC90LjQtSDQv9C-INC_0YDQuNC80LXQvdC10L3QuNGOINCw0LTQvNC40L3QuNGB0YLRgNCw0YLQuNCy0L3QvtC5INC-0YLQstC10YLRgdGC0LLQtdC90L3QvtGB0YLQuCAKMyDQl9CwINC_0L7RgdC70LXQtNC90LXQtSDQtNC10YHRj9GC0LjQu9C10YLQuNC1INGH0LjRgdC70L4g0L_RgNCw0LLQvtC90LDRgNGD0YjQtdC90LjQuSDQstGL0YDQvtGB0LvQviDQstC00LLQvtC1OiDQm9GD0LrQsNGI0LXQvdC60L4g0L_RgNC-0LLQvtC00LjRgiDRgdC-0LLQtdGJ0LDQvdC40LUg0L_QviDQv9GA0LjQvNC10L3QtdC90LjRjiDQsNC00LzQuNC90LjRgdGC0YDQsNGC0LjQstC90L7QuSDQvtGC0LLQtdGC0YHRgtCy0LXQvdC90L7RgdGC0LggCjMg0JHQsNC90Log0YDQsNC30LLQuNGC0LjRjyDQmtC40YLQsNGPINCy0YvQtNC10LvQuNGCINCR0LXQu9Cw0YDRg9GB0Lgg0LrRgNC10LTQuNGCINC90LAgMyw1INC80LvRgNC0INGO0LDQvdC10LkgCjMg0JHQtdC70LDRgNGD0YHRjCDQv9C-0LTQvdGP0LvQsNGB0Ywg0LIg0YDQtdC50YLQuNC90LPQtSDRgdCw0LzRi9GFINC80L7Qs9GD0YnQtdGB0YLQstC10L3QvdGL0YUg0YHRgtGA0LDQvSDQvNC40YDQsCAKMyDCq9CS0YHRgtGA0LXRh9CwINC00LLRg9GFINCS0LvQsNC00LjQvNC40YDQvtCywrs6INGB0YLQsNC7INC70Lgg0LzQuNGAINC90LAg0JTQvtC90LHQsNGB0YHQtSDQsdC70LjQttC1INC_0L7RgdC70LUg0L_QtdGA0LXQs9C-0LLQvtGA0L7QsiDCq9C90L7RgNC80LDQvdC00YHQutC-0Lkg0YfQtdGC0LLRkdGA0LrQuMK7INCyINCf0LDRgNC40LbQtT8gCjMg0JHQtdC70L7RgNGD0YHRgdC60LjQtSDQtNCw0LvRjNC90L7QsdC-0LnRidC40LrQuCDRgdGH&utf8=%E2%9C%93
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.180.204.50 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS: ads.adfox.ru
Software: nginx /
Resource Hash: e6534ef488097ede7c9a9e5c6092f1cbf56f6dbf28c131c342bd02dedba2b074

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ont.by/
Origin: https://ont.by

Response headers

pragma: no-cache
date: Mon, 16 Dec 2019 09:13:57 GMT
content-encoding: gzip
content-type: application/json
server: nginx
status: 200
p3p: policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
access-control-allow-origin: https://ont.by
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 v2 Show response
ads.adfox.ru/239538/getBulkTest/ 10 KB
3 KB 271ms
271ms XHR
application/json 213.180.204.50
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adfox.ru/239538/getBulkTest/v2?dl=https%3A%2F%2Font.by%2F&date=2019-12-16T10%3A13%3A56.675%2B01%3A00&pd=16&pdh=1200&pdw=1600&pr1=3125563862&pr=2473837910&prr=&pv=10&pw=1&extid_loader=&extid_tag_loader=ont.by&ylv=0.1505&ybv=0.1497&ytt=260034501543957&is-turbo=0&skip-token=&ad-session-id=5812841576487636612&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22width%22%3A1240%2C%22height%22%3A0%2C%22left%22%3A173%2C%22top%22%3A3992%2C%22visible%22%3A0%2C%22req_no%22%3A4%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&matchid-cookies=fEO4cFbeMKA-n3kK-BaJMvLRxB2QIU2sgp2wBg1jcZVQKeuTbq29xg%3D%3D&matchid-cookies-sign=PtyMFpY5t7FaSHddNsUSKg%3D%3D&p1=ceret&p2=y&matchid-direct=1&bids=W3siY2FtcGFpZ25faWQiOjc3MTAwNSwicmVzcG9uc2VfdGltZSI6MTI0NiwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjE0MTAzODIifV0%3D&grab=dNCe0J3QoiDigJQg0J7QsdGJ0LXQvdCw0YbQuNC-0L3QsNC70YzQvdC-0LUg0YLQtdC70LXQstC40LTQtdC90LjQtSDQkdC10LvQsNGA0YPRgdC4IHwg0JHQtdC70L7RgNGD0YHRgdC60LjQuSDRgtC10LvQtdC60LDQvdCw0Lsg0J7QndCiCjIg0J_QvtGB0LvQtdC00L3QuNC1INC90L7QstC-0YHRgtC4IAoy0JPQu9Cw0LLQvdGL0LUg0L3QvtCy0L7RgdGC0LggCjIg0KHQtdC50YfQsNGBINGH0LjRgtCw0Y7RgiAKMiDQn9C-0L_Rg9C70Y_RgNC90L7QtSDQt9CwINC90LXQtNC10LvRjiAKMiDQnNCw0YDQutC-0LIuINCd0LjRh9C10LPQviDQu9C40YfQvdC-0LPQviAKMiDQntCd0KIg0L3QsCBZb3VUdWJlIAoyINCd0LDRiNC4INC90L7QstC-0YHRgtC4INCe0J3QoiAKMiDQn9GA0L7Qs9GA0LDQvNC80Ysg0Lgg0L_RgNC-0LXQutGC0YsgCjIg0JrQuNC90L4g0Lgg0YHQtdGA0LjQsNC70YsgCjIg0JzRiyDQsiDRgdC-0YbQuNCw0LvRjNC90YvRhSDRgdC10YLRj9GFIAozINCX0LAg0L_QvtGB0LvQtdC00L3QtdC1INC00LXRgdGP0YLQuNC70LXRgtC40LUg0YfQuNGB0LvQviDQv9GA0LDQstC-0L3QsNGA0YPRiNC10L3QuNC5INCy0YvRgNC-0YHQu9C-INCy0LTQstC-0LU6INCb0YPQutCw0YjQtdC90LrQviDQv9GA0L7QstC-0LTQuNGCINGB0L7QstC10YnQsNC90LjQtSDQv9C-INC_0YDQuNC80LXQvdC10L3QuNGOINCw0LTQvNC40L3QuNGB0YLRgNCw0YLQuNCy0L3QvtC5INC-0YLQstC10YLRgdGC0LLQtdC90L3QvtGB0YLQuCAKMyDQl9CwINC_0L7RgdC70LXQtNC90LXQtSDQtNC10YHRj9GC0LjQu9C10YLQuNC1INGH0LjRgdC70L4g0L_RgNCw0LLQvtC90LDRgNGD0YjQtdC90LjQuSDQstGL0YDQvtGB0LvQviDQstC00LLQvtC1OiDQm9GD0LrQsNGI0LXQvdC60L4g0L_RgNC-0LLQvtC00LjRgiDRgdC-0LLQtdGJ0LDQvdC40LUg0L_QviDQv9GA0LjQvNC10L3QtdC90LjRjiDQsNC00LzQuNC90LjRgdGC0YDQsNGC0LjQstC90L7QuSDQvtGC0LLQtdGC0YHRgtCy0LXQvdC90L7RgdGC0LggCjMg0JHQsNC90Log0YDQsNC30LLQuNGC0LjRjyDQmtC40YLQsNGPINCy0YvQtNC10LvQuNGCINCR0LXQu9Cw0YDRg9GB0Lgg0LrRgNC10LTQuNGCINC90LAgMyw1INC80LvRgNC0INGO0LDQvdC10LkgCjMg0JHQtdC70LDRgNGD0YHRjCDQv9C-0LTQvdGP0LvQsNGB0Ywg0LIg0YDQtdC50YLQuNC90LPQtSDRgdCw0LzRi9GFINC80L7Qs9GD0YnQtdGB0YLQstC10L3QvdGL0YUg0YHRgtGA0LDQvSDQvNC40YDQsCAKMyDCq9CS0YHRgtGA0LXRh9CwINC00LLRg9GFINCS0LvQsNC00LjQvNC40YDQvtCywrs6INGB0YLQsNC7INC70Lgg0LzQuNGAINC90LAg0JTQvtC90LHQsNGB0YHQtSDQsdC70LjQttC1INC_0L7RgdC70LUg0L_QtdGA0LXQs9C-0LLQvtGA0L7QsiDCq9C90L7RgNC80LDQvdC00YHQutC-0Lkg0YfQtdGC0LLRkdGA0LrQuMK7INCyINCf0LDRgNC40LbQtT8gCjMg0JHQtdC70L7RgNGD0YHRgdC60LjQtSDQtNCw0LvRjNC90L7QsdC-0LnRidC40LrQuCDRgdGH&utf8=%E2%9C%93
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.180.204.50 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS: ads.adfox.ru
Software: nginx /
Resource Hash: 62b8ad2c7c6624a29a9265f2c8f8addbcbea4412d696948407b605c7d34b93c4

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ont.by/
Origin: https://ont.by

Response headers

pragma: no-cache
date: Mon, 16 Dec 2019 09:13:57 GMT
content-encoding: gzip
content-type: application/json
server: nginx
status: 200
p3p: policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
access-control-allow-origin: https://ont.by
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 1f449.png
abs.twimg.com/emoji/v2/72x72/ Frame 1F6F 423 B
486 B 9ms
8ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f449.png

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.a1aa0f6410f7eaada23e6b16a38824b8.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40DD) /

Resource Hash

9cf1114324a6653750f0f8af7783a744e45adadca47c48844e4ee0f11df269bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:56 GMT
x-content-type-options: nosniff
x-ton-expected-size: 423
x-cache: HIT
status: 200
content-length: 423
x-response-time: 9
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:28:35 GMT
server: ECS (fcn/40DD)
etag: "LFXrh3o/sfOGHVbERP/uFQ=="
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 24366c0b69efa712199f8741a5d53e19
accept-ranges: bytes
expires: Tue, 15 Dec 2020 09:13:56 GMT

GET
H2 200 k5MB5AYq_normal.jpg
pbs.twimg.com/profile_images/994495274952380417/ Frame 1F6F 2 KB
2 KB 31ms
17ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/994495274952380417/k5MB5AYq_normal.jpg

Requested by

Host: ont.by
URL: https://ont.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41AD) /

Resource Hash

aaf051805d44905a45b4ca9c1496e1d190c463f07fe2b31dc62204a20ef99c85

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:56 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 2263
x-response-time: 116
surrogate-key: profile_images profile_images/bucket/0 profile_images/994495274952380417
last-modified: Thu, 10 May 2018 08:30:05 GMT
server: ECS (fcn/41AD)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 64779b93d80082e552a06d7deb58de1e
accept-ranges: bytes

GET
H2 200 EL5Ywk7W4AIPZto
pbs.twimg.com/media/ Frame 1F6F 16 KB
16 KB 26ms
12ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EL5Ywk7W4AIPZto?format=jpg&name=360x360

Requested by

Host: ont.by
URL: https://ont.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41AD) /

Resource Hash

d10ef3897dea4c017edb32735383f1a3472efa0ba160c87c7092ab0559da9018

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:56 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 15942
x-response-time: 141
surrogate-key: media media/bucket/7 media/1206499341751476226
last-modified: Mon, 16 Dec 2019 08:58:33 GMT
server: ECS (fcn/41AD)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a5f670d011517a7daddec44d04d0fda3
accept-ranges: bytes

GET
H2 200 EL5TnGuWoAA_-K1
pbs.twimg.com/media/ Frame 1F6F 20 KB
20 KB 25ms
12ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EL5TnGuWoAA_-K1?format=jpg&name=360x360

Requested by

Host: ont.by
URL: https://ont.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40FE) /

Resource Hash

ceb36f40dad69a50fd4fc0b637ced376126c7fcb32e587ce2fe00ba5158b0b47

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:56 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 19999
x-response-time: 153
surrogate-key: media media/bucket/2 media/1206493681466908672
last-modified: Mon, 16 Dec 2019 08:36:03 GMT
server: ECS (fcn/40FE)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 9bd4bebf3e570a0827b6bcde461dc2df
accept-ranges: bytes

GET
H2 200 EL5RyVeXsAAoGvQ
pbs.twimg.com/media/ Frame 1F6F 20 KB
20 KB 31ms
17ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EL5RyVeXsAAoGvQ?format=jpg&name=360x360

Requested by

Host: ont.by
URL: https://ont.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40B2) /

Resource Hash

7f7528de9c0903035cf348147b78fa8e2ca5775d0640c6f56f40ae4cf9a8ddcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:56 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 20340
x-response-time: 149
surrogate-key: media media/bucket/8 media/1206491675381706752
last-modified: Mon, 16 Dec 2019 08:28:05 GMT
server: ECS (fcn/40B2)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 852df71899e7c36d8571056d4105be00
accept-ranges: bytes

GET
H2 200 EL5MEt5WwAISV4c
pbs.twimg.com/media/ Frame 1F6F 27 KB
27 KB 20ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EL5MEt5WwAISV4c?format=jpg&name=360x360

Requested by

Host: ont.by
URL: https://ont.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40DD) /

Resource Hash

a509035271bab5cc3eafa5279386f6d260df1b2e410e34b476e367df1a693109

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:56 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 27739
x-response-time: 159
surrogate-key: media media/bucket/0 media/1206485394105221122
last-modified: Mon, 16 Dec 2019 08:03:08 GMT
server: ECS (fcn/40DD)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: ec04ae42d7b79db08fcd19c9f97baa95
accept-ranges: bytes

GET
H2 200 EL5F_ODWoAAoMIn
pbs.twimg.com/media/ Frame 1F6F 27 KB
27 KB 1112ms
1099ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EL5F_ODWoAAoMIn?format=jpg&name=360x360

Requested by

Host: ont.by
URL: https://ont.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40DF) /

Resource Hash

306122f0308145721220e47394ec0d355766034aa1e37e6a158729bf95f92d10

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:58 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 27273
x-response-time: 146
surrogate-key: media media/bucket/3 media/1206478702588108800
last-modified: Mon, 16 Dec 2019 07:36:32 GMT
server: ECS (fcn/40DF)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: adce48b88b0dae214297e5a836bbb3a0
accept-ranges: bytes

GET
H2 200 EL49f9EXYAAoick
pbs.twimg.com/media/ Frame 1F6F 24 KB
24 KB 272ms
272ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EL49f9EXYAAoick?format=jpg&name=360x360

Requested by

Host: ont.by
URL: https://ont.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40DF) /

Resource Hash

879178684fdb8ba7e281297a319070783637ce4c8078d437bb82b3ae13616b11

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:57 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 24554
x-response-time: 149
surrogate-key: media media/bucket/4 media/1206469369359982592
last-modified: Mon, 16 Dec 2019 06:59:27 GMT
server: ECS (fcn/40DF)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 94d2a16802a9bd849097ad142238b923
accept-ranges: bytes

GET
H2 200 EL42IDnXsAAQ097
pbs.twimg.com/media/ Frame 1F6F 17 KB
17 KB 6ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EL42IDnXsAAQ097?format=jpg&name=360x360

Requested by

Host: ont.by
URL: https://ont.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/4193) /

Resource Hash

cd1a693cc90973ab2511b766595f1f2329c5d3813189bc5c9237b1dd5bc5aad0

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:56 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 17162
x-response-time: 151
surrogate-key: media media/bucket/2 media/1206461262219161600
last-modified: Mon, 16 Dec 2019 06:27:14 GMT
server: ECS (fcn/4193)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 6621fd5f8976781499d7af973b84ee2f
accept-ranges: bytes

GET
H2 200 EL4yLgWWoAAY5Qc
pbs.twimg.com/media/ Frame 1F6F 17 KB
17 KB 6ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EL4yLgWWoAAY5Qc?format=jpg&name=360x360

Requested by

Host: ont.by
URL: https://ont.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/4196) /

Resource Hash

a7aeb948c1efb81be97d00e344ffc39368567df59ed62ad7199d0541b1d8950b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:56 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 17060
x-response-time: 215
surrogate-key: media media/bucket/5 media/1206456923425513472
last-modified: Mon, 16 Dec 2019 06:10:00 GMT
server: ECS (fcn/4196)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 19a2865b83e832bee672046f3d4aae2f
accept-ranges: bytes

GET
H2 200 EL2YeWwXsAA_IgY
pbs.twimg.com/media/ Frame 1F6F 23 KB
23 KB 7ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EL2YeWwXsAA_IgY?format=jpg&name=360x360

Requested by

Host: ont.by
URL: https://ont.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41AA) /

Resource Hash

9fa9f249f92a5a0bb293a776ea2140ff576272974196d90cc9b1a6d863886275

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:56 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 23662
x-response-time: 156
surrogate-key: media media/bucket/6 media/1206287922477117440
last-modified: Sun, 15 Dec 2019 18:58:27 GMT
server: ECS (fcn/41AA)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 7e15abd066195ea203621a507ccfdaa0
accept-ranges: bytes

GET
H2 200 EL2UG_zXYAQHtGd
pbs.twimg.com/media/ Frame 1F6F 18 KB
18 KB 18ms
17ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EL2UG_zXYAQHtGd?format=jpg&name=360x360

Requested by

Host: ont.by
URL: https://ont.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41AC) /

Resource Hash

3b6bbf03db196b97c74e4abf2073401059d6cf7cf905868ff2db942633c9a92d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:56 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 18151
x-response-time: 156
surrogate-key: media media/bucket/4 media/1206283123132162052
last-modified: Sun, 15 Dec 2019 18:39:22 GMT
server: ECS (fcn/41AC)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 3042b313fdc603b2a46bd4e4a5f552ee
accept-ranges: bytes

GET
H2 200 EL2KzHbWoAcKPNl
pbs.twimg.com/media/ Frame 1F6F 19 KB
19 KB 6ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EL2KzHbWoAcKPNl?format=jpg&name=360x360

Requested by

Host: ont.by
URL: https://ont.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40E4) /

Resource Hash

0c942c885bce2964fcdac4142fdf7e685b5fdc13718c0995ce5c94a30336f0f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:56 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 19491
x-response-time: 153
surrogate-key: media media/bucket/0 media/1206272885976899591
last-modified: Sun, 15 Dec 2019 17:58:42 GMT
server: ECS (fcn/40E4)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 02d858b44d2f2f8dde8c0eb6f744d176
accept-ranges: bytes

GET
H2 200 EL2FjmGXsAEQMRM
pbs.twimg.com/media/ Frame 1F6F 23 KB
23 KB 1070ms
1070ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EL2FjmGXsAEQMRM?format=jpg&name=360x360

Requested by

Host: ont.by
URL: https://ont.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40DF) /

Resource Hash

ed7c8837d99c6acb0f34eb0627072dc1a3ae9b97e9822533c6b50d9b2c446aa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:58 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 23379
x-response-time: 158
surrogate-key: media media/bucket/1 media/1206267121774342145
last-modified: Sun, 15 Dec 2019 17:35:47 GMT
server: ECS (fcn/40DF)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: dee53b400151fadcb9b57350656776b9
accept-ranges: bytes

GET
H2 200 EL19HCFWoAAMVl8
pbs.twimg.com/media/ Frame 1F6F 13 KB
13 KB 8ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EL19HCFWoAAMVl8?format=jpg&name=360x360

Requested by

Host: ont.by
URL: https://ont.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40EA) /

Resource Hash

84209e6d5281cae729ffe086fc7cb359833ebcd15ffec8e1c894a0d89f565ff1

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:56 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 13625
x-response-time: 156
surrogate-key: media media/bucket/8 media/1206257834977042432
last-modified: Sun, 15 Dec 2019 16:58:53 GMT
server: ECS (fcn/40EA)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 20e2dd9eddcc7fb525b900cc04f5a794
accept-ranges: bytes

GET
H2 200 EL12GS2W4AM8I9T
pbs.twimg.com/media/ Frame 1F6F 30 KB
30 KB 8ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EL12GS2W4AM8I9T?format=jpg&name=360x360

Requested by

Host: ont.by
URL: https://ont.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41AB) /

Resource Hash

eb1131a76fe1a9fb2156a7b18a6a89b4111364edc3f69ad32dd12369f0c6d1b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:56 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 30546
x-response-time: 162
surrogate-key: media media/bucket/6 media/1206250125716283395
last-modified: Sun, 15 Dec 2019 16:28:15 GMT
server: ECS (fcn/41AB)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 329f5e39df7921316c49818b568dd06e
accept-ranges: bytes

GET
H2 200 EL1vbJAW4AAdUVz
pbs.twimg.com/media/ Frame 1F6F 22 KB
22 KB 7ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EL1vbJAW4AAdUVz?format=jpg&name=360x360

Requested by

Host: ont.by
URL: https://ont.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40B0) /

Resource Hash

ee69015dc9ac564f274dccdc7d54c6257849f0512aee8597921c6baaf6dd5cd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:56 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 22039
x-response-time: 159
surrogate-key: media media/bucket/3 media/1206242787269730304
last-modified: Sun, 15 Dec 2019 15:59:06 GMT
server: ECS (fcn/40B0)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a4d40dd40caaa68a1d8e4683c615115d
accept-ranges: bytes

GET
H2 200 EL1oWAxXUAITQ1v
pbs.twimg.com/media/ Frame 1F6F 12 KB
13 KB 7ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EL1oWAxXUAITQ1v?format=jpg&name=360x360

Requested by

Host: ont.by
URL: https://ont.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40D9) /

Resource Hash

b1a6749aa963ce1979af8968dc4a778fc046e6f2c80cb5880bd594ad9021320f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:56 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 12700
x-response-time: 152
surrogate-key: media media/bucket/8 media/1206235002578620418
last-modified: Sun, 15 Dec 2019 15:28:10 GMT
server: ECS (fcn/40D9)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b07c712d3c2376c08556929e5ab8183b
accept-ranges: bytes

GET
H2 200 EL1amToWkAYd9TI
pbs.twimg.com/media/ Frame 1F6F 16 KB
16 KB 7ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EL1amToWkAYd9TI?format=jpg&name=360x360

Requested by

Host: ont.by
URL: https://ont.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41A7) /

Resource Hash

1633f70842342a4215a3b106f5fe5166824d057d81d6b753c30186991e80520a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:56 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 15936
x-response-time: 146
surrogate-key: media media/bucket/0 media/1206219889356214278
last-modified: Sun, 15 Dec 2019 14:28:06 GMT
server: ECS (fcn/41A7)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 9f1a68d8271312b54d08e30be7b9bb57
accept-ranges: bytes

GET
H2 200 EL1T6eFWsAAEA99
pbs.twimg.com/media/ Frame 1F6F 31 KB
31 KB 7ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EL1T6eFWsAAEA99?format=jpg&name=360x360

Requested by

Host: ont.by
URL: https://ont.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/4189) /

Resource Hash

a0d4c19c449c8502fe7b9a83bb39375a0060f468d6e6983bf4a1d4eeaffcfb0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:56 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 31649
x-response-time: 157
surrogate-key: media media/bucket/6 media/1206212539178201088
last-modified: Sun, 15 Dec 2019 13:58:54 GMT
server: ECS (fcn/4189)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c465bbc5b392d58b550d7040c3c85c0a
accept-ranges: bytes

GET
H2 200 EL1NxZCXsAERr5X
pbs.twimg.com/media/ Frame 1F6F 16 KB
16 KB 8ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EL1NxZCXsAERr5X?format=jpg&name=360x360

Requested by

Host: ont.by
URL: https://ont.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40D1) /

Resource Hash

b17b7b3a49e347706b2523389b1b09b435c6d4a5841f84c2fe74c18a1737b89b

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:57 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 16175
x-response-time: 145
surrogate-key: media media/bucket/0 media/1206205786134917121
last-modified: Sun, 15 Dec 2019 13:32:04 GMT
server: ECS (fcn/40D1)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: d0f775785ea13957e62c28a921252b91
accept-ranges: bytes

GET
H2 200 EL1GP-bW4AET6Il
pbs.twimg.com/media/ Frame 1F6F 33 KB
33 KB 7ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/EL1GP-bW4AET6Il?format=jpg&name=360x360

Requested by

Host: ont.by
URL: https://ont.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40D2) /

Resource Hash

92358557848b97817b94d14b003b2eb15c2273c90f8e3419d4bf5f806da2ca65

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:57 GMT
x-content-type-options: nosniff
x-cache: HIT
status: 200
content-length: 34049
x-response-time: 153
surrogate-key: media media/bucket/6 media/1206197515474886657
last-modified: Sun, 15 Dec 2019 12:59:12 GMT
server: ECS (fcn/40D2)
strict-transport-security: max-age=631138519
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 1a1b7c890f721fe390188ddb965955d3
accept-ranges: bytes

GET
H2 200 v2 Show response
ads.adfox.ru/239538/getBulkTest/ 2 KB
1 KB 104ms
103ms XHR
application/json 213.180.204.50
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adfox.ru/239538/getBulkTest/v2?dl=https%3A%2F%2Font.by%2F&date=2019-12-16T10%3A13%3A56.666%2B01%3A00&pd=16&pdh=1200&pdw=1600&pr1=605161848&pr=2473837910&prr=&pv=10&pw=1&extid_loader=&extid_tag_loader=ont.by&ylv=0.1505&ybv=0.1497&ytt=260034501543957&is-turbo=0&skip-token=&ad-session-id=5812841576487636612&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22width%22%3A288%2C%22height%22%3A0%2C%22left%22%3A1125%2C%22top%22%3A458%2C%22visible%22%3A1%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&matchid-cookies=fEO4cFbeMKA-n3kK-BaJMvLRxB2QIU2sgp2wBg1jcZVQKeuTbq29xg%3D%3D&matchid-cookies-sign=PtyMFpY5t7FaSHddNsUSKg%3D%3D&p1=ceren&p2=fgou&matchid-direct=1&bids=W3siY2FtcGFpZ25faWQiOjc3MTAwNSwicmVzcG9uc2VfdGltZSI6MTI0NSwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjE0MTAzNzkifV0%3D&grab=dNCe0J3QoiDigJQg0J7QsdGJ0LXQvdCw0YbQuNC-0L3QsNC70YzQvdC-0LUg0YLQtdC70LXQstC40LTQtdC90LjQtSDQkdC10LvQsNGA0YPRgdC4IHwg0JHQtdC70L7RgNGD0YHRgdC60LjQuSDRgtC10LvQtdC60LDQvdCw0Lsg0J7QndCiCjIg0J_QvtGB0LvQtdC00L3QuNC1INC90L7QstC-0YHRgtC4IAoy0JPQu9Cw0LLQvdGL0LUg0L3QvtCy0L7RgdGC0LggCjIg0KHQtdC50YfQsNGBINGH0LjRgtCw0Y7RgiAKMiDQn9C-0L_Rg9C70Y_RgNC90L7QtSDQt9CwINC90LXQtNC10LvRjiAKMiDQnNCw0YDQutC-0LIuINCd0LjRh9C10LPQviDQu9C40YfQvdC-0LPQviAKMiDQntCd0KIg0L3QsCBZb3VUdWJlIAoyINCd0LDRiNC4INC90L7QstC-0YHRgtC4INCe0J3QoiAKMiDQn9GA0L7Qs9GA0LDQvNC80Ysg0Lgg0L_RgNC-0LXQutGC0YsgCjIg0JrQuNC90L4g0Lgg0YHQtdGA0LjQsNC70YsgCjIg0JzRiyDQsiDRgdC-0YbQuNCw0LvRjNC90YvRhSDRgdC10YLRj9GFIAozINCX0LAg0L_QvtGB0LvQtdC00L3QtdC1INC00LXRgdGP0YLQuNC70LXRgtC40LUg0YfQuNGB0LvQviDQv9GA0LDQstC-0L3QsNGA0YPRiNC10L3QuNC5INCy0YvRgNC-0YHQu9C-INCy0LTQstC-0LU6INCb0YPQutCw0YjQtdC90LrQviDQv9GA0L7QstC-0LTQuNGCINGB0L7QstC10YnQsNC90LjQtSDQv9C-INC_0YDQuNC80LXQvdC10L3QuNGOINCw0LTQvNC40L3QuNGB0YLRgNCw0YLQuNCy0L3QvtC5INC-0YLQstC10YLRgdGC0LLQtdC90L3QvtGB0YLQuCAKMyDQl9CwINC_0L7RgdC70LXQtNC90LXQtSDQtNC10YHRj9GC0LjQu9C10YLQuNC1INGH0LjRgdC70L4g0L_RgNCw0LLQvtC90LDRgNGD0YjQtdC90LjQuSDQstGL0YDQvtGB0LvQviDQstC00LLQvtC1OiDQm9GD0LrQsNGI0LXQvdC60L4g0L_RgNC-0LLQvtC00LjRgiDRgdC-0LLQtdGJ0LDQvdC40LUg0L_QviDQv9GA0LjQvNC10L3QtdC90LjRjiDQsNC00LzQuNC90LjRgdGC0YDQsNGC0LjQstC90L7QuSDQvtGC0LLQtdGC0YHRgtCy0LXQvdC90L7RgdGC0LggCjMg0JHQsNC90Log0YDQsNC30LLQuNGC0LjRjyDQmtC40YLQsNGPINCy0YvQtNC10LvQuNGCINCR0LXQu9Cw0YDRg9GB0Lgg0LrRgNC10LTQuNGCINC90LAgMyw1INC80LvRgNC0INGO0LDQvdC10LkgCjMg0JHQtdC70LDRgNGD0YHRjCDQv9C-0LTQvdGP0LvQsNGB0Ywg0LIg0YDQtdC50YLQuNC90LPQtSDRgdCw0LzRi9GFINC80L7Qs9GD0YnQtdGB0YLQstC10L3QvdGL0YUg0YHRgtGA0LDQvSDQvNC40YDQsCAKMyDCq9CS0YHRgtGA0LXRh9CwINC00LLRg9GFINCS0LvQsNC00LjQvNC40YDQvtCywrs6INGB0YLQsNC7INC70Lgg0LzQuNGAINC90LAg0JTQvtC90LHQsNGB0YHQtSDQsdC70LjQttC1INC_0L7RgdC70LUg0L_QtdGA0LXQs9C-0LLQvtGA0L7QsiDCq9C90L7RgNC80LDQvdC00YHQutC-0Lkg0YfQtdGC0LLRkdGA0LrQuMK7INCyINCf0LDRgNC40LbQtT8gCjMg0JHQtdC70L7RgNGD0YHRgdC60LjQtSDQtNCw0LvRjNC90L7QsdC-0LnRidC40LrQuCDRgdGH&utf8=%E2%9C%93
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.180.204.50 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS: ads.adfox.ru
Software: nginx /
Resource Hash: a57293fe72c2499dae206e2b7f73dcdb72f67bf20a1066c5be9cd92eb0d0189a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ont.by/
Origin: https://ont.by

Response headers

pragma: no-cache
date: Mon, 16 Dec 2019 09:13:57 GMT
content-encoding: gzip
content-type: application/json
server: nginx
status: 200
p3p: policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
access-control-allow-origin: https://ont.by
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
DATA 200
OK truncated
/ Frame 1F6F 512 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 1F6F 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 1F6F 572 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: abd2a457215e60ab60b2a6b4f25a17583c5d80e13935f76e097236f729c5dcd6

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 1F6F 644 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a87f4fd815fc95288f2da6efc536c950ef940bd9eb52176fd9e8e56107cc65e2

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 v2 Show response
ads.adfox.ru/239538/getBulkTest/ 10 KB
3 KB 302ms
302ms XHR
application/json 213.180.204.50
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adfox.ru/239538/getBulkTest/v2?dl=https%3A%2F%2Font.by%2F&date=2019-12-16T10%3A13%3A56.669%2B01%3A00&pd=16&pdh=1200&pdw=1600&pr1=3018816823&pr=2473837910&prr=&pv=10&pw=1&extid_loader=&extid_tag_loader=ont.by&ylv=0.1505&ybv=0.1497&ytt=260034501543957&is-turbo=0&skip-token=&ad-session-id=5812841576487636612&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22width%22%3A1240%2C%22height%22%3A0%2C%22left%22%3A173%2C%22top%22%3A1795%2C%22visible%22%3A0%2C%22req_no%22%3A2%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&matchid-cookies=fEO4cFbeMKA-n3kK-BaJMvLRxB2QIU2sgp2wBg1jcZVQKeuTbq29xg%3D%3D&matchid-cookies-sign=PtyMFpY5t7FaSHddNsUSKg%3D%3D&p1=cerep&p2=y&matchid-direct=1&bids=W3siY2FtcGFpZ25faWQiOjc3MTAwNSwicmVzcG9uc2VfdGltZSI6MTI0NSwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjE0MTAzODMifV0%3D&grab=dNCe0J3QoiDigJQg0J7QsdGJ0LXQvdCw0YbQuNC-0L3QsNC70YzQvdC-0LUg0YLQtdC70LXQstC40LTQtdC90LjQtSDQkdC10LvQsNGA0YPRgdC4IHwg0JHQtdC70L7RgNGD0YHRgdC60LjQuSDRgtC10LvQtdC60LDQvdCw0Lsg0J7QndCiCjIg0J_QvtGB0LvQtdC00L3QuNC1INC90L7QstC-0YHRgtC4IAoy0JPQu9Cw0LLQvdGL0LUg0L3QvtCy0L7RgdGC0LggCjIg0KHQtdC50YfQsNGBINGH0LjRgtCw0Y7RgiAKMiDQn9C-0L_Rg9C70Y_RgNC90L7QtSDQt9CwINC90LXQtNC10LvRjiAKMiDQnNCw0YDQutC-0LIuINCd0LjRh9C10LPQviDQu9C40YfQvdC-0LPQviAKMiDQntCd0KIg0L3QsCBZb3VUdWJlIAoyINCd0LDRiNC4INC90L7QstC-0YHRgtC4INCe0J3QoiAKMiDQn9GA0L7Qs9GA0LDQvNC80Ysg0Lgg0L_RgNC-0LXQutGC0YsgCjIg0JrQuNC90L4g0Lgg0YHQtdGA0LjQsNC70YsgCjIg0JzRiyDQsiDRgdC-0YbQuNCw0LvRjNC90YvRhSDRgdC10YLRj9GFIAozINCX0LAg0L_QvtGB0LvQtdC00L3QtdC1INC00LXRgdGP0YLQuNC70LXRgtC40LUg0YfQuNGB0LvQviDQv9GA0LDQstC-0L3QsNGA0YPRiNC10L3QuNC5INCy0YvRgNC-0YHQu9C-INCy0LTQstC-0LU6INCb0YPQutCw0YjQtdC90LrQviDQv9GA0L7QstC-0LTQuNGCINGB0L7QstC10YnQsNC90LjQtSDQv9C-INC_0YDQuNC80LXQvdC10L3QuNGOINCw0LTQvNC40L3QuNGB0YLRgNCw0YLQuNCy0L3QvtC5INC-0YLQstC10YLRgdGC0LLQtdC90L3QvtGB0YLQuCAKMyDQl9CwINC_0L7RgdC70LXQtNC90LXQtSDQtNC10YHRj9GC0LjQu9C10YLQuNC1INGH0LjRgdC70L4g0L_RgNCw0LLQvtC90LDRgNGD0YjQtdC90LjQuSDQstGL0YDQvtGB0LvQviDQstC00LLQvtC1OiDQm9GD0LrQsNGI0LXQvdC60L4g0L_RgNC-0LLQvtC00LjRgiDRgdC-0LLQtdGJ0LDQvdC40LUg0L_QviDQv9GA0LjQvNC10L3QtdC90LjRjiDQsNC00LzQuNC90LjRgdGC0YDQsNGC0LjQstC90L7QuSDQvtGC0LLQtdGC0YHRgtCy0LXQvdC90L7RgdGC0LggCjMg0JHQsNC90Log0YDQsNC30LLQuNGC0LjRjyDQmtC40YLQsNGPINCy0YvQtNC10LvQuNGCINCR0LXQu9Cw0YDRg9GB0Lgg0LrRgNC10LTQuNGCINC90LAgMyw1INC80LvRgNC0INGO0LDQvdC10LkgCjMg0JHQtdC70LDRgNGD0YHRjCDQv9C-0LTQvdGP0LvQsNGB0Ywg0LIg0YDQtdC50YLQuNC90LPQtSDRgdCw0LzRi9GFINC80L7Qs9GD0YnQtdGB0YLQstC10L3QvdGL0YUg0YHRgtGA0LDQvSDQvNC40YDQsCAKMyDCq9CS0YHRgtGA0LXRh9CwINC00LLRg9GFINCS0LvQsNC00LjQvNC40YDQvtCywrs6INGB0YLQsNC7INC70Lgg0LzQuNGAINC90LAg0JTQvtC90LHQsNGB0YHQtSDQsdC70LjQttC1INC_0L7RgdC70LUg0L_QtdGA0LXQs9C-0LLQvtGA0L7QsiDCq9C90L7RgNC80LDQvdC00YHQutC-0Lkg0YfQtdGC0LLRkdGA0LrQuMK7INCyINCf0LDRgNC40LbQtT8gCjMg0JHQtdC70L7RgNGD0YHRgdC60LjQtSDQtNCw0LvRjNC90L7QsdC-0LnRidC40LrQuCDRgdGH&utf8=%E2%9C%93
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.180.204.50 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS: ads.adfox.ru
Software: nginx /
Resource Hash: 93d8b7f5184c7eec574154f91dbf58f0bee318758c885c8ea6f7a40fe2d520b6

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ont.by/
Origin: https://ont.by

Response headers

pragma: no-cache
date: Mon, 16 Dec 2019 09:13:57 GMT
content-encoding: gzip
content-type: application/json
server: nginx
status: 200
p3p: policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
access-control-allow-origin: https://ont.by
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 banner_image.js Show response
yastatic.net/pcode-bundles/0.1497/banner_image/ 52 KB
13 KB 110ms
42ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/pcode-bundles/0.1497/banner_image/banner_image.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.6 /

Resource Hash

6e2c5ba8a0278fbbddd110dda27e2b760990485eed28e16f03df2620e082f394

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ont.by/
Origin: https://ont.by

Response headers

date: Mon, 16 Dec 2019 09:13:57 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=43200000; includeSubDomains;
content-length: 12469
last-modified: Thu, 12 Dec 2019 17:07:17 GMT
server: nginx/1.17.6
etag: "a2d1b38ae6fcd19db50926bef2bab82f"
x-robots-tag: noindex, noarchive, nofollow
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 3297767.4a3bd88c373a4558d8e861d6804fd6c4.png
banners.adfox.ru/191120/adfox/1191298/ 188 KB
189 KB 198ms
96ms Image
image/png 2a02:6b8::2:158
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banners.adfox.ru/191120/adfox/1191298/3297767.4a3bd88c373a4558d8e861d6804fd6c4.png
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::2:158 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 7c42c9be4e351ffbbb16200829138ed5f2c238bb8a602d36392bc82bd9400353

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:57 GMT
last-modified: Wed, 20 Nov 2019 12:47:46 GMT
server: nginx
x-amz-request-id: c4db723999d7aff2
etag: "4a3bd88c373a4558d8e861d6804fd6c4"
x-nginx-request-id: c4db723999d7aff2
content-type: image/png
status: 200
accept-ranges: bytes
access-control-allow-origin: *
content-length: 192596

GET
H2 200 banner_dfp.js Show response
yastatic.net/pcode-bundles/0.1497/banner_dfp/ 90 KB
22 KB 45ms
44ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/pcode-bundles/0.1497/banner_dfp/banner_dfp.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.6 /

Resource Hash

1d2914cab65438053bb73a6a72cb3015dd410c0808e15051a8fddcd2c5006b96

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ont.by/
Origin: https://ont.by

Response headers

date: Mon, 16 Dec 2019 09:13:57 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=43200000; includeSubDomains;
content-length: 22599
last-modified: Thu, 12 Dec 2019 17:07:17 GMT
server: nginx/1.17.6
etag: "a3e6d522fa1b432c8af8723f191e1d18"
x-robots-tag: noindex, noarchive, nofollow
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

jot.html
platform.twitter.com/ Frame 007F
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

0
0

27ms
27ms

Document
text/html

151.101.12.157
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: platform.twitter.com
:scheme: https
:path: /jot.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Origin: https://ont.by
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
last-modified: Tue, 10 Dec 2019 23:46:10 GMT
cache-control: public, max-age=315360000
content-type: text/html; charset=utf-8
etag: "d9592a6c704736fa4da218d4357976dd+gzip"
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges: bytes
date: Mon, 16 Dec 2019 09:13:57 GMT
x-served-by: cache-iad2120-IAD, cache-fra19128-FRA
x-cache: HIT, HIT
vary: Accept-Encoding
tw-cdn: FT
content-length: 95

Redirect headers

status: 302 302 Found
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length: 0
content-type: text/html;charset=utf-8
date: Mon, 16 Dec 2019 09:13:57 GMT
expires: Tue, 31 Mar 1981 05:00:00 GMT
last-modified: Mon, 16 Dec 2019 09:13:57 GMT
location: https://platform.twitter.com/jot.html
pragma: no-cache
server: tsa_o
strict-transport-security: max-age=631138519
x-connection-hash: c9644c38e7b85d8b9ddaeb7f94255f02
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-time: 116
x-transaction: 00ea99f80009eb63
x-tsa-request-body-time: 1
x-twitter-response-tags: BouncerCompliant
x-xss-protection: 0

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 34D5 51 KB
16 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode-bundles/0.1497/banner_dfp/banner_dfp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a82712e7f23f58c7f3c38944001a3fd5f077e89de326b729da4c145ff033b232

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "368 / 382 of 1000 / last-modified: 1576171782"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15846
x-xss-protection: 0
expires: Mon, 16 Dec 2019 09:13:57 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 2457 51 KB
16 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode-bundles/0.1497/banner_dfp/banner_dfp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a82712e7f23f58c7f3c38944001a3fd5f077e89de326b729da4c145ff033b232

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "368 / 677 of 1000 / last-modified: 1576171782"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15846
x-xss-protection: 0
expires: Mon, 16 Dec 2019 09:13:57 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 940F 51 KB
16 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode-bundles/0.1497/banner_dfp/banner_dfp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a82712e7f23f58c7f3c38944001a3fd5f077e89de326b729da4c145ff033b232

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "368 / 806 of 1000 / last-modified: 1576171782"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15846
x-xss-protection: 0
expires: Mon, 16 Dec 2019 09:13:57 GMT

GET
H2 204 event
ads.adfox.ru/239538/ 0
81 B 93ms
92ms Image
text/plain 213.180.204.50
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.adfox.ru/239538/event?hash=fc43bfc42a0e005b&pm=bmo&rand=kyaloui&sj=zooCG7kCqrYRam21GysrY4vVn0GRO0fE-rgC5XKEMcLDniWBvxa75c8fNRh_kqNabvuGSg1fXUtjeb2G1sCeqoFNr550rmF0HIZYtvW-aA%3D%3D&ad-session-id=5812841576487636612&lts=fcrvmhw&pxo=NhI8aHzOC4Xi5uZhCeGBWjkIMu70Tc77avONJaDKoRakw5_eSIOdb_ggcEi7gJKSNv1h6ZQZu0EBQO_usrz61OV9_gJeDzX1e-9vIjKPlGGbTtSvG5vy33feKb4x2bTYCg%3D%3D&ytt=260034501543957&p2=y&rtb-si=b&ylv=0.1505&dl=https%3A%2F%2Font.by%2F&ybv=0.1497&p5=fxybz&pr=iafmxny&p1=cerem&rqs=03JuKqPsHEfUSvddh4MrukNgCEh8gCqX
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.180.204.50 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS: ads.adfox.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Mon, 16 Dec 2019 09:13:57 GMT
server: nginx
access-control-allow-origin: *
timing-allow-origin: *

GET
H2

204

event
ads.adfox.ru/239538/
Redirect Chain

https://ads.adfox.ru/239538/event?hash=4e4909517a8834cd&pm=bmo&rand=jnaegb&sj=molkcGShuBpFQyS-WidhvFdiKOe9NrT5ndksa1xd0Fnbv9XZ99XRsS3MqdInYky06lQR78D9m7ui40WKZS_dgyUJ2VeP6r8Ze9re7EoTuA%3D%3D&ad-ses...
https://matchid.adfox.yandex.ru/?url=a8075bf1c7376ab37971b6d80664e4d2ef00c49141bc042db11aceae986d6846871af0250c156bdefe20de8e0597cb394e05a504fb8fb096f05fa0270641c9103b8f52204b35a3a97c5f5c829f638f59...
https://ads.adfox.ru/239538/event?yandexuid=3441922868381447110&sign=2e54f40400a04721d309b82176163209&rqs=03JuKqPsHEfUSvddV1hi4KPHO-kCI9TT&matchid-br=1

0
81 B

80ms
80ms

Image
text/plain

213.180.204.50
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.adfox.ru/239538/event?yandexuid=3441922868381447110&sign=2e54f40400a04721d309b82176163209&rqs=03JuKqPsHEfUSvddV1hi4KPHO-kCI9TT&matchid-br=1
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.180.204.50 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS: ads.adfox.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Mon, 16 Dec 2019 09:13:57 GMT
server: nginx
access-control-allow-origin: *
timing-allow-origin: *

Redirect headers

status: 302
date: Mon, 16 Dec 2019 09:13:57 GMT
access-control-allow-credentials: true
server: nginx
access-control-allow-origin: *
content-length: 0
location: https://ads.adfox.ru/239538/event?yandexuid=3441922868381447110&sign=2e54f40400a04721d309b82176163209&rqs=03JuKqPsHEfUSvddV1hi4KPHO-kCI9TT&matchid-br=1

GET
H2

204

event
ads.adfox.ru/239538/
Redirect Chain

https://ads.adfox.ru/239538/event?hash=bdda14691141758b&pm=bmo&rand=bfrpzrn&sj=p2tEorX__55JiJdZ73z5tWQp1rMKonqy-w8PLBFJfw_moRw1ukrAjofWCvh_DIDy5CMr_btBFc8Q6Za0BzHRCYK3RuXEjdK9wykGQKfFBA%3D%3D&ad-se...
https://matchid.adfox.yandex.ru/?url=a8075bf1c7376ab37971b6d80664e4d2ef00c49141bc042db11aceae986d6846871af0250c156bdefe20de8e0597cb39b9c77f96ff9cd8d362308b7cf06ac021fe1a5420078123d67c5f5c829f638f59...
https://ads.adfox.ru/239538/event?yandexuid=7283100043817059813&sign=5560b5fec3fba4654291f3929ac2c31e&rqs=03JuKqPsHEfUSvdd4nG_ZdAU_eLNheiS&matchid-br=1

0
81 B

90ms
89ms

Image
text/plain

213.180.204.50
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.adfox.ru/239538/event?yandexuid=7283100043817059813&sign=5560b5fec3fba4654291f3929ac2c31e&rqs=03JuKqPsHEfUSvdd4nG_ZdAU_eLNheiS&matchid-br=1
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.180.204.50 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS: ads.adfox.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Mon, 16 Dec 2019 09:13:57 GMT
server: nginx
access-control-allow-origin: *
timing-allow-origin: *

Redirect headers

status: 302
date: Mon, 16 Dec 2019 09:13:57 GMT
access-control-allow-credentials: true
server: nginx
access-control-allow-origin: *
content-length: 0
location: https://ads.adfox.ru/239538/event?yandexuid=7283100043817059813&sign=5560b5fec3fba4654291f3929ac2c31e&rqs=03JuKqPsHEfUSvdd4nG_ZdAU_eLNheiS&matchid-br=1

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame E19F 51 KB
16 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode-bundles/0.1497/banner_dfp/banner_dfp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a82712e7f23f58c7f3c38944001a3fd5f077e89de326b729da4c145ff033b232

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "368 / 173 of 1000 / last-modified: 1576171782"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15846
x-xss-protection: 0
expires: Mon, 16 Dec 2019 09:13:57 GMT

GET
H2 204 event
ads.adfox.ru/239538/ 0
81 B 82ms
82ms Image
text/plain 213.180.204.50
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.adfox.ru/239538/event?hash=c463b43290c8684c&pm=bmo&rand=edjxcbs&sj=6w2huxtowBNjM5eMbRg_G3yE9qnMxJk_2_rii1jyVATL9c0eMSyHW5MEfe62ygZn9R8IPM4t4WZ0dvom-WvN7lVWhupV1s4O1-k566MzDw%3D%3D&ad-session-id=5812841576487636612&lts=fcrvmhx&pxo=Pbtu1l-K3DkPpYn9qllPsbleEXWrHnqlGvnlItHPJ1121gzaiI2GvxixKz6GNb1O1Ax7ePnZNBokEoioz3hmYusovIXkRjuiuakzJqFi3r1Hp7BSJG2EhL1rRAKi_ELq7Q%3D%3D&ytt=260034501543957&p2=y&rtb-si=b&ylv=0.1505&dl=https%3A%2F%2Font.by%2F&ybv=0.1497&p5=fxybz&pr=iafmxny&p1=cerep&rqs=03JuKqPsHEfVSvdddjWyd_lPBciZkHrD
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.180.204.50 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS: ads.adfox.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Mon, 16 Dec 2019 09:13:57 GMT
server: nginx
access-control-allow-origin: *
timing-allow-origin: *

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 34D5 109 B
171 B 15ms
14ms Script
application/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ont.by

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 34D5 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ont.by

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2019121002.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 34D5 163 KB
60 KB 55ms
54ms Script
text/javascript 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

216fd62bccc74ef4e4d35292cd4874e7072a4fb30685afb6235d894a3ec1a2df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Dec 2019 17:29:18 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 60922
x-xss-protection: 0
expires: Mon, 16 Dec 2019 09:13:57 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 2457 109 B
171 B 15ms
14ms Script
application/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ont.by

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 2457 109 B
171 B 16ms
15ms Script
application/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ont.by

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2019121002.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 2457 163 KB
60 KB 56ms
56ms Script
text/javascript 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

216fd62bccc74ef4e4d35292cd4874e7072a4fb30685afb6235d894a3ec1a2df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Dec 2019 17:29:18 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 60922
x-xss-protection: 0
expires: Mon, 16 Dec 2019 09:13:57 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 940F 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ont.by

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 940F 109 B
171 B 16ms
15ms Script
application/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ont.by

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2019121002.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 940F 163 KB
60 KB 66ms
66ms Script
text/javascript 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

216fd62bccc74ef4e4d35292cd4874e7072a4fb30685afb6235d894a3ec1a2df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Dec 2019 17:29:18 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 60922
x-xss-protection: 0
expires: Mon, 16 Dec 2019 09:13:57 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame E19F 109 B
171 B 16ms
15ms Script
application/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ont.by

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame E19F 109 B
171 B 16ms
15ms Script
application/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ont.by

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2019121002.js Show response
securepubads.g.doubleclick.net/gpt/ Frame E19F 163 KB
60 KB 61ms
60ms Script
text/javascript 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

216fd62bccc74ef4e4d35292cd4874e7072a4fb30685afb6235d894a3ec1a2df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Dec 2019 17:29:18 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 60922
x-xss-protection: 0
expires: Mon, 16 Dec 2019 09:13:57 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 34D5 4 KB
2 KB 250ms
250ms XHR
text/plain 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=460175906251322&correlator=1654567942716505&output=ldjh&impl=fifs&adsid=NT&eid=21062415%2C21065168&vrg=2019121002&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20191216&iu_parts=21857590943%2Cont.by%2Cont_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x90&cust_params=for_DM2.0%3Dbid_2.82&cookie_enabled=1&cdm=ont.by&bc=31&abxe=1&lmt=1576487637&dt=1576487637428&dlt=1576487637270&idt=143&frm=23&biw=1585&bih=1185&isw=1920&ish=90&oid=3&adxs=-167&adys=0&adks=14354168&ucis=1ta2esjjvre9&ifi=1&ifk=1082385453&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Font.by%2F&top=https%3A%2F%2Font.by%2F&dssz=7&icsg=170&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1920x90&msz=970x-1&ga_vid=951379910.1576487637&ga_sid=1576487637&ga_hid=7705821&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

4f6ea1cdacae000aba03a104dbef857108942742d1dec395d0c2280d819f3d71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ont.by/
Origin: https://ont.by

Response headers

date: Mon, 16 Dec 2019 09:13:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2291
x-xss-protection: 0
google-lineitem-id: 5202110818
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138291755689
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ont.by
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019121002.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 34D5 64 KB
24 KB 55ms
54ms Script
text/javascript 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

4c52ed8f9039265ffed7fdca0b967b2624325e6356433f437e044b0dd332cddf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Dec 2019 17:29:18 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24811
x-xss-protection: 0
expires: Mon, 16 Dec 2019 09:13:57 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 34D5 0
0 6ms
6ms Other
text/html 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 2457 4 KB
2 KB 171ms
170ms XHR
text/plain 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2204680170040553&correlator=858656602474156&output=ldjh&impl=fifs&adsid=NT&eid=21062818&vrg=2019121002&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20191216&iu_parts=21857590943%2Cont.by%2Cont_5&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&cust_params=for_DM2.0%3Dbid_2.33&cookie_enabled=1&cdm=ont.by&bc=31&abxe=1&lmt=1576487637&dt=1576487637456&dlt=1576487637276&idt=175&frm=23&biw=1585&bih=1185&isw=1240&ish=90&oid=3&adxs=173&adys=4082&adks=2574717913&ucis=hfstkdp3fh2q&ifi=1&ifk=1177067961&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Font.by%2F&top=https%3A%2F%2Font.by%2F&dssz=7&icsg=170&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1240x90&msz=728x-1&ga_vid=2109892656.1576487637&ga_sid=1576487637&ga_hid=1040722286&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

756e927b927d51fd7a1396176fd724386bc0bca1e0bd7a3fcecbbb0785e75b82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ont.by/
Origin: https://ont.by

Response headers

date: Mon, 16 Dec 2019 09:13:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2274
x-xss-protection: 0
google-lineitem-id: 5201785404
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138291470105
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ont.by
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019121002.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 2457 64 KB
24 KB 54ms
54ms Script
text/javascript 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

4c52ed8f9039265ffed7fdca0b967b2624325e6356433f437e044b0dd332cddf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Dec 2019 17:29:18 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24811
x-xss-protection: 0
expires: Mon, 16 Dec 2019 09:13:57 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 2457 0
0 6ms
5ms Other
text/html 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 940F 4 KB
2 KB 121ms
120ms XHR
text/plain 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4316145434451846&correlator=2935848654987178&output=ldjh&impl=fifs&adsid=NT&eid=21063145&vrg=2019121002&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20191216&iu_parts=21857590943%2Cont.by%2Cont_4&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=240x400&cust_params=for_DM2.0%3Dbid_3.24&cookie_enabled=1&cdm=ont.by&bc=31&abxe=1&lmt=1576487637&dt=1576487637476&dlt=1576487637280&idt=191&ea=0&frm=23&biw=1585&bih=1185&isw=288&ish=400&oid=3&adxs=1125&adys=2706&adks=2263023603&ucis=r0ksl7dj4buj&ifi=1&ifk=1968998659&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Font.by%2F&top=https%3A%2F%2Font.by%2F&dssz=7&icsg=170&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=288x400&msz=240x-1&ga_vid=2101530862.1576487637&ga_sid=1576487637&ga_hid=1414630582&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

26d239375853fb15b0e9db18beb047fffe6b2154e50482bf5530ea34b220476b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ont.by/
Origin: https://ont.by

Response headers

date: Mon, 16 Dec 2019 09:13:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2270
x-xss-protection: 0
google-lineitem-id: 5202123574
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138291758602
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ont.by
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019121002.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 940F 64 KB
24 KB 53ms
53ms Script
text/javascript 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

4c52ed8f9039265ffed7fdca0b967b2624325e6356433f437e044b0dd332cddf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Dec 2019 17:29:18 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24811
x-xss-protection: 0
expires: Mon, 16 Dec 2019 09:13:57 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 940F 0
0 6ms
5ms Other
text/html 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame E19F 4 KB
2 KB 184ms
184ms XHR
text/plain 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=182295033517806&correlator=304636306248770&output=ldjh&impl=fifs&adsid=NT&vrg=2019121002&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20191216&iu_parts=21857590943%2Cont.by%2Cont_3&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&cust_params=for_DM2.0%3Dbid_1.48&cookie_enabled=1&cdm=ont.by&bc=31&abxe=1&lmt=1576487637&dt=1576487637489&dlt=1576487637306&idt=176&frm=23&biw=1585&bih=1185&isw=1240&ish=90&oid=3&adxs=173&adys=1795&adks=3441686402&ucis=rbkfhdaupawh&ifi=1&ifk=1177067961&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Font.by%2F&top=https%3A%2F%2Font.by%2F&dssz=7&icsg=170&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1240x90&msz=728x-1&ga_vid=252591537.1576487637&ga_sid=1576487637&ga_hid=428965213&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

3677ccd3dcfe8b88d4a8e4e3756430a9960ffa9441431726a4bb2c0e5aff3110

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ont.by/
Origin: https://ont.by

Response headers

date: Mon, 16 Dec 2019 09:13:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2276
x-xss-protection: 0
google-lineitem-id: 5201741481
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138291398469
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ont.by
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019121002.js Show response
securepubads.g.doubleclick.net/gpt/ Frame E19F 64 KB
24 KB 54ms
54ms Script
text/javascript 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

4c52ed8f9039265ffed7fdca0b967b2624325e6356433f437e044b0dd332cddf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Dec 2019 17:29:18 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24811
x-xss-protection: 0
expires: Mon, 16 Dec 2019 09:13:57 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame E19F 0
0 6ms
6ms Other
text/html 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame C2C3 0
0 32ms
32ms Fetch
image/gif 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstMvoGeCMLpV61GDVlyoXt8DVgv7X4cWPqUeMw0XKedD88NMeKsKjsMpRfq7oAlfFpQjGWs3ZS-WGlR9_IDTK2b5YM8Qkc84rxOOUGKR--0shiMbJk0WyrgX_C-mWmtPwGrQc5BGHSfVEph-gx9Y2dseQkYQP05wnP6E9TGVGnoOoz2Mgu_QZngV13wEKYNNM6n8JWcAB-wnpV0SNp9AJzhKBiFvDys0hy4HVD25aiD8Qvd1x7H83ViAqONjx6U6CI&sai=AMfl-YTXIsCLkqk4VWlTmiZTCih9bYFyF5IqrqPuB7PN_md9RL0cZljMXslb43mSDzH0SHSHVb4kmGmjT56KRw6Nmm517teFfj08D0cRCQ8T&sig=Cg0ArKJSzA856YaZWf-yEAE&urlfix=1&adurl=

Requested by

Host: ont.by
URL: https://ont.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 16 Dec 2019 09:13:57 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 16 Dec 2019 09:13:57 GMT

GET
H2 200 adfox-adx-stub.js Show response
yastatic.net/pcode/adfox/ Frame C2C3 51 KB
13 KB 34ms
34ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/pcode/adfox/adfox-adx-stub.js

Requested by

Host: ont.by
URL: https://ont.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.6 /

Resource Hash

f51cfc661e82540a7a46a53f0e233003007b7a6954f424d81508064020cdf3ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:57 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=43200000; includeSubDomains;
content-length: 12681
last-modified: Fri, 13 Dec 2019 16:37:12 GMT
server: nginx/1.17.6
etag: "627e039fde3f49eeed022e986acf2e01"
x-robots-tag: noindex, noarchive, nofollow
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, public
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 Dec 2019 10:11:31 GMT

GET
H2 200 osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame C2C3 77 KB
0 39ms
39ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1575654529893506"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29272
x-xss-protection: 0
expires: Mon, 16 Dec 2019 09:13:57 GMT

GET
H2 200 osd.js
www.googletagservices.com/activeview/js/current/ Frame 940F 78 KB
0 39ms
39ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1575654529893506"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29463
x-xss-protection: 0
expires: Mon, 16 Dec 2019 09:13:57 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5CF8 0
0 32ms
32ms Fetch
image/gif 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssnKpczWcGs7XRbIaQdcupKMZXvDm_dqh4r0EBkvticpjRyl5k6OkhpcoJz5upWNeOzIaGQa2XmnHhIYs5Q5nUeuzmxyZg6bRuPXj_WG1nAITuGoReheYUxzVQi2qXIrSDrMc2vSey8JvPUnSO-pDifD_nLBiLSgdaxGBWCrCc7G0an94QF-5wer9k9oMn9H_SwjxGgq6dlQ5RDgh2A1UR30N5wrCjs4eqfNeAY1N24h9QrHycOzJiRjhvihAXuMQ&sai=AMfl-YTkD9u6LB6CnpjkDAXNEHrjhH-7SpPty_LH0_XPnSPCcWz_3PGwMqlrLPL6_TQ2dc9AnHoP5WwknzyVz3LyWtM2j8fSI_jhc_1iXo0YjQ&sig=Cg0ArKJSzFKUBTpK05FcEAE&urlfix=1&adurl=

Requested by

Host: ont.by
URL: https://ont.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 16 Dec 2019 09:13:57 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 16 Dec 2019 09:13:57 GMT

GET
H2 200 adfox-adx-stub.js Show response
yastatic.net/pcode/adfox/ Frame 5CF8 51 KB
13 KB 34ms
34ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/pcode/adfox/adfox-adx-stub.js

Requested by

Host: ont.by
URL: https://ont.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.6 /

Resource Hash

f51cfc661e82540a7a46a53f0e233003007b7a6954f424d81508064020cdf3ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:57 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=43200000; includeSubDomains;
content-length: 12681
last-modified: Fri, 13 Dec 2019 16:37:12 GMT
server: nginx/1.17.6
etag: "627e039fde3f49eeed022e986acf2e01"
x-robots-tag: noindex, noarchive, nofollow
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, public
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 Dec 2019 10:11:31 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5CF8 77 KB
29 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

44178919accac2fd92f71084d312c8ff266dd25b8b808f8e9b32fe2926aefb41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1575654529893506"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29272
x-xss-protection: 0
expires: Mon, 16 Dec 2019 09:13:57 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2457 78 KB
29 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

63890326f558587b0840eb0a6e6377f1bf39264e015e568f4c2a03aefce3f929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1575654529893506"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29463
x-xss-protection: 0
expires: Mon, 16 Dec 2019 09:13:57 GMT

GET
H2 200 v2 Show response
ads.adfox.ru/239538/getBulkTest/ 38 KB
12 KB 111ms
111ms XHR
application/json 213.180.204.50
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adfox.ru/239538/getBulkTest/v2?bids=W3siY2FtcGFpZ25faWQiOjc3MTAwNSwicmVzcG9uc2VfdGltZSI6MTI0NiwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjE0MTAzNzkifV0%3D&date=2019-12-16T10%3A13%3A56.673%2B01%3A00&dl=https%3A%2F%2Font.by%2F&enable-flat-highlight=1&extid_loader=&extid_tag_loader=ont.by&grab=dNCe0J3QoiDigJQg0J7QsdGJ0LXQvdCw0YbQuNC-0L3QsNC70YzQvdC-0LUg0YLQtdC70LXQstC40LTQtdC90LjQtSDQkdC10LvQsNGA0YPRgdC4IHwg0JHQtdC70L7RgNGD0YHRgdC60LjQuSDRgtC10LvQtdC60LDQvdCw0Lsg0J7QndCiCjIg0J_QvtGB0LvQtdC00L3QuNC1INC90L7QstC-0YHRgtC4IAoy0JPQu9Cw0LLQvdGL0LUg0L3QvtCy0L7RgdGC0LggCjIg0KHQtdC50YfQsNGBINGH0LjRgtCw0Y7RgiAKMiDQn9C-0L_Rg9C70Y_RgNC90L7QtSDQt9CwINC90LXQtNC10LvRjiAKMiDQnNCw0YDQutC-0LIuINCd0LjRh9C10LPQviDQu9C40YfQvdC-0LPQviAKMiDQntCd0KIg0L3QsCBZb3VUdWJlIAoyINCd0LDRiNC4INC90L7QstC-0YHRgtC4INCe0J3QoiAKMiDQn9GA0L7Qs9GA0LDQvNC80Ysg0Lgg0L_RgNC-0LXQutGC0YsgCjIg0JrQuNC90L4g0Lgg0YHQtdGA0LjQsNC70YsgCjIg0JzRiyDQsiDRgdC-0YbQuNCw0LvRjNC90YvRhSDRgdC10YLRj9GFIAozINCX0LAg0L_QvtGB0LvQtdC00L3QtdC1INC00LXRgdGP0YLQuNC70LXRgtC40LUg0YfQuNGB0LvQviDQv9GA0LDQstC-0L3QsNGA0YPRiNC10L3QuNC5INCy0YvRgNC-0YHQu9C-INCy0LTQstC-0LU6INCb0YPQutCw0YjQtdC90LrQviDQv9GA0L7QstC-0LTQuNGCINGB0L7QstC10YnQsNC90LjQtSDQv9C-INC_0YDQuNC80LXQvdC10L3QuNGOINCw0LTQvNC40L3QuNGB0YLRgNCw0YLQuNCy0L3QvtC5INC-0YLQstC10YLRgdGC0LLQtdC90L3QvtGB0YLQuCAKMyDQl9CwINC_0L7RgdC70LXQtNC90LXQtSDQtNC10YHRj9GC0LjQu9C10YLQuNC1INGH0LjRgdC70L4g0L_RgNCw0LLQvtC90LDRgNGD0YjQtdC90LjQuSDQstGL0YDQvtGB0LvQviDQstC00LLQvtC1OiDQm9GD0LrQsNGI0LXQvdC60L4g0L_RgNC-0LLQvtC00LjRgiDRgdC-0LLQtdGJ0LDQvdC40LUg0L_QviDQv9GA0LjQvNC10L3QtdC90LjRjiDQsNC00LzQuNC90LjRgdGC0YDQsNGC0LjQstC90L7QuSDQvtGC0LLQtdGC0YHRgtCy0LXQvdC90L7RgdGC0LggCjMg0JHQsNC90Log0YDQsNC30LLQuNGC0LjRjyDQmtC40YLQsNGPINCy0YvQtNC10LvQuNGCINCR0LXQu9Cw0YDRg9GB0Lgg0LrRgNC10LTQuNGCINC90LAgMyw1INC80LvRgNC0INGO0LDQvdC10LkgCjMg0JHQtdC70LDRgNGD0YHRjCDQv9C-0LTQvdGP0LvQsNGB0Ywg0LIg0YDQtdC50YLQuNC90LPQtSDRgdCw0LzRi9GFINC80L7Qs9GD0YnQtdGB0YLQstC10L3QvdGL0YUg0YHRgtGA0LDQvSDQvNC40YDQsCAKMyDCq9CS0YHRgtGA0LXRh9CwINC00LLRg9GFINCS0LvQsNC00LjQvNC40YDQvtCywrs6INGB0YLQsNC7INC70Lgg0LzQuNGAINC90LAg0JTQvtC90LHQsNGB0YHQtSDQsdC70LjQttC1INC_0L7RgdC70LUg0L_QtdGA0LXQs9C-0LLQvtGA0L7QsiDCq9C90L7RgNC80LDQvdC00YHQutC-0Lkg0YfQtdGC0LLRkdGA0LrQuMK7INCyINCf0LDRgNC40LbQtT8gCjMg0JHQtdC70L7RgNGD0YHRgdC60LjQtSDQtNCw0LvRjNC90L7QsdC-0LnRidC40LrQuCDRgdGH&is-turbo=0&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22width%22%3A288%2C%22height%22%3A0%2C%22left%22%3A1125%2C%22top%22%3A2616%2C%22visible%22%3A0%2C%22req_no%22%3A3%2C%22ad_no%22%3A0%7D&matchid-cookies=fEO4cFbeMKA-n3kK-BaJMvLRxB2QIU2sgp2wBg1jcZVQKeuTbq29xg%3D%3D&matchid-cookies-sign=PtyMFpY5t7FaSHddNsUSKg%3D%3D&matchid-direct=1&p1=cerer&p2=fgou&pd=16&pdh=1200&pdw=1600&pr=2473837910&pr1=40644240&prr=&pv=10&pw=1&skip-token=&utf8=%E2%9C%93&ybv=0.1497&ylv=0.1505&ytt=260034501543957&lvlfrom=20&rqs=03JuKqPsHEfUSvdd4nG_ZdAU_eLNheiS&rtb-si=1&dmv=2&csl=&ad-session-id=5812841576487636612&rtb-answer-hash=17288655216299103043&usgn=AdRaJ7o-1lFziouxQFTvtKgWLNNjZVHMPxL8YkHQjTBA
Requested by: Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.180.204.50 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS: ads.adfox.ru
Software: nginx /
Resource Hash: c463d183fec1c835bffd30c23fbbc3cee94e18eb6c41377d96011ed3a3c25267

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ont.by/
Origin: https://ont.by

Response headers

pragma: no-cache
date: Mon, 16 Dec 2019 09:13:57 GMT
content-encoding: gzip
content-type: application/json
server: nginx
status: 200
p3p: policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
access-control-allow-origin: https://ont.by
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 204 event
ads.adfox.ru/239538/ 0
81 B 84ms
83ms Image
text/plain 213.180.204.50
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.adfox.ru/239538/event?hash=9be282a16b2751a9&pm=bmt&rand=ndasblq&sj=p2tEorX__55JiJdZ73z5tWQp1rMKonqy-w8PLBFJfw_moRw1ukrAjofWCvh_DIDy5CMr_btBFc8Q6Za0BzHRCYK3RuXEjdK9wykGQKfFBA%3D%3D&ad-session-id=5812841576487636612&lts=fcrvmhw&pxo=HHC3vz6_SYT-7cQSUufSpl7eNIS_8VIPz6RGg8LhbnFQU5x4wNM5x7dqrtx71hmyKkeM6YLoHOz8sL-qJTIL0sSyjaCeauqAJiiI0wDBRxDAvGBj3Ji0iu6uxUhwNMpgjQ%3D%3D&ytt=260034501543957&p2=fgou&rtb-si=b&ylv=0.1505&dl=https%3A%2F%2Font.by%2F&ybv=0.1497&p5=fxxyn&pr=iafmxny&p1=cerer&rqs=03JuKqPsHEfUSvdd4nG_ZdAU_eLNheiS
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.180.204.50 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS: ads.adfox.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Mon, 16 Dec 2019 09:13:57 GMT
server: nginx
access-control-allow-origin: *
timing-allow-origin: *

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame FD2D 0
0 33ms
33ms Fetch
image/gif 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssjLbUvdjI-sMlXacYRoiNt-0WMQIszEqn4Ap6AgkD50lTjYg21iEhRYsYTAqIQwHq33mLrG9VcjSR8TfU6BeaSIKHm8SzGxo_SNped6U4yOsB0XyxIm5BHMmtDuOgnIFW4B_p7vrZXySsmt381uDoHayD1QneECmHMUG3gs6bZF5dTqASHvviV97OJnzS118LjCTUCgbrUm8XFRG4zJy_wdNdjo7d5cLu7CV8OixUV5f1O5gAIN0XkkU6YDNGh1g&sai=AMfl-YTaLcnk5hxzyEwbvEubZWhE1oyc1vuZFiLwa55kT3rG79Tz6h46xSmq4HGguMBdsFU09dOB0e1shxVC875n000zmtvZPhUuc6VdIJXf&sig=Cg0ArKJSzH8vFeuXVjNbEAE&urlfix=1&adurl=

Requested by

Host: ont.by
URL: https://ont.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 16 Dec 2019 09:13:57 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 16 Dec 2019 09:13:57 GMT

GET
H2 200 adfox-adx-stub.js Show response
yastatic.net/pcode/adfox/ Frame FD2D 51 KB
13 KB 34ms
34ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/pcode/adfox/adfox-adx-stub.js

Requested by

Host: ont.by
URL: https://ont.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.6 /

Resource Hash

f51cfc661e82540a7a46a53f0e233003007b7a6954f424d81508064020cdf3ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:57 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=43200000; includeSubDomains;
content-length: 12681
last-modified: Fri, 13 Dec 2019 16:37:12 GMT
server: nginx/1.17.6
etag: "627e039fde3f49eeed022e986acf2e01"
x-robots-tag: noindex, noarchive, nofollow
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, public
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 Dec 2019 10:11:31 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame FD2D 77 KB
29 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

44178919accac2fd92f71084d312c8ff266dd25b8b808f8e9b32fe2926aefb41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1575654529893506"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29272
x-xss-protection: 0
expires: Mon, 16 Dec 2019 09:13:57 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame E19F 78 KB
29 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

63890326f558587b0840eb0a6e6377f1bf39264e015e568f4c2a03aefce3f929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1575654529893506"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29463
x-xss-protection: 0
expires: Mon, 16 Dec 2019 09:13:57 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 641D 0
0 33ms
33ms Fetch
image/gif 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvmmK7WPCGpVnWt0ZwX-a2PhD1nL4rv9Flf-vBRbKqfhhy_wTTFm96GKknMGrRBvH9etuHklqwZgM1jqY13IAS6_uqSQgihNlYLHZ3FIaWlCSApWSLM7APPEEcjlLf1oCbpJJ0BdGw3J8gRbQE72CWKvleK1UnKKEe3TGdpebGu9zURBrVJh4p3XA8UrF9Wyr58cQj5x6F1sxYj9Ewg1d7CjvxhHdwzCl2nJ4-3ILIOFBiYc0mevqWUK7qg5JF4Tg&sai=AMfl-YSHF92ZuL0PLPhTW50KvtNVkxZK6Uxhw0NO0xjyUcHjGDvFAfQXtQavDXKA7bEoGC2zjdDrAprWl5OaSaSgCuKO894MnGlXv5299qJ0&sig=Cg0ArKJSzEwtCnCoFco4EAE&urlfix=1&adurl=

Requested by

Host: ont.by
URL: https://ont.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 16 Dec 2019 09:13:57 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 16 Dec 2019 09:13:57 GMT

GET
H2 200 adfox-adx-stub.js Show response
yastatic.net/pcode/adfox/ Frame 641D 51 KB
13 KB 34ms
34ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/pcode/adfox/adfox-adx-stub.js

Requested by

Host: ont.by
URL: https://ont.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.6 /

Resource Hash

f51cfc661e82540a7a46a53f0e233003007b7a6954f424d81508064020cdf3ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:57 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=43200000; includeSubDomains;
content-length: 12681
last-modified: Fri, 13 Dec 2019 16:37:12 GMT
server: nginx/1.17.6
etag: "627e039fde3f49eeed022e986acf2e01"
x-robots-tag: noindex, noarchive, nofollow
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, public
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 Dec 2019 10:11:31 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 641D 77 KB
29 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

44178919accac2fd92f71084d312c8ff266dd25b8b808f8e9b32fe2926aefb41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1575654529893506"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29272
x-xss-protection: 0
expires: Mon, 16 Dec 2019 09:13:57 GMT

GET
H2 200 osd.js
www.googletagservices.com/activeview/js/current/ Frame 34D5 78 KB
0 69ms
68ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1575654529893506"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29463
x-xss-protection: 0
expires: Mon, 16 Dec 2019 09:13:57 GMT

GET
DATA 200
OK truncated
/ Frame 5CF8 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f99b2e57203374f2485f93d8714f33d488f44fa87352eb9f8c9a346617693ff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 v2 Show response
ads.adfox.ru/239538/getBulkTest/ 26 KB
7 KB 99ms
99ms XHR
application/json 213.180.204.50
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adfox.ru/239538/getBulkTest/v2?bids=W3siY2FtcGFpZ25faWQiOjc3MTAwNSwicmVzcG9uc2VfdGltZSI6MTI0NiwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjE0MTAzODIifV0%3D&date=2019-12-16T10%3A13%3A56.675%2B01%3A00&dl=https%3A%2F%2Font.by%2F&enable-flat-highlight=1&extid_loader=&extid_tag_loader=ont.by&grab=dNCe0J3QoiDigJQg0J7QsdGJ0LXQvdCw0YbQuNC-0L3QsNC70YzQvdC-0LUg0YLQtdC70LXQstC40LTQtdC90LjQtSDQkdC10LvQsNGA0YPRgdC4IHwg0JHQtdC70L7RgNGD0YHRgdC60LjQuSDRgtC10LvQtdC60LDQvdCw0Lsg0J7QndCiCjIg0J_QvtGB0LvQtdC00L3QuNC1INC90L7QstC-0YHRgtC4IAoy0JPQu9Cw0LLQvdGL0LUg0L3QvtCy0L7RgdGC0LggCjIg0KHQtdC50YfQsNGBINGH0LjRgtCw0Y7RgiAKMiDQn9C-0L_Rg9C70Y_RgNC90L7QtSDQt9CwINC90LXQtNC10LvRjiAKMiDQnNCw0YDQutC-0LIuINCd0LjRh9C10LPQviDQu9C40YfQvdC-0LPQviAKMiDQntCd0KIg0L3QsCBZb3VUdWJlIAoyINCd0LDRiNC4INC90L7QstC-0YHRgtC4INCe0J3QoiAKMiDQn9GA0L7Qs9GA0LDQvNC80Ysg0Lgg0L_RgNC-0LXQutGC0YsgCjIg0JrQuNC90L4g0Lgg0YHQtdGA0LjQsNC70YsgCjIg0JzRiyDQsiDRgdC-0YbQuNCw0LvRjNC90YvRhSDRgdC10YLRj9GFIAozINCX0LAg0L_QvtGB0LvQtdC00L3QtdC1INC00LXRgdGP0YLQuNC70LXRgtC40LUg0YfQuNGB0LvQviDQv9GA0LDQstC-0L3QsNGA0YPRiNC10L3QuNC5INCy0YvRgNC-0YHQu9C-INCy0LTQstC-0LU6INCb0YPQutCw0YjQtdC90LrQviDQv9GA0L7QstC-0LTQuNGCINGB0L7QstC10YnQsNC90LjQtSDQv9C-INC_0YDQuNC80LXQvdC10L3QuNGOINCw0LTQvNC40L3QuNGB0YLRgNCw0YLQuNCy0L3QvtC5INC-0YLQstC10YLRgdGC0LLQtdC90L3QvtGB0YLQuCAKMyDQl9CwINC_0L7RgdC70LXQtNC90LXQtSDQtNC10YHRj9GC0LjQu9C10YLQuNC1INGH0LjRgdC70L4g0L_RgNCw0LLQvtC90LDRgNGD0YjQtdC90LjQuSDQstGL0YDQvtGB0LvQviDQstC00LLQvtC1OiDQm9GD0LrQsNGI0LXQvdC60L4g0L_RgNC-0LLQvtC00LjRgiDRgdC-0LLQtdGJ0LDQvdC40LUg0L_QviDQv9GA0LjQvNC10L3QtdC90LjRjiDQsNC00LzQuNC90LjRgdGC0YDQsNGC0LjQstC90L7QuSDQvtGC0LLQtdGC0YHRgtCy0LXQvdC90L7RgdGC0LggCjMg0JHQsNC90Log0YDQsNC30LLQuNGC0LjRjyDQmtC40YLQsNGPINCy0YvQtNC10LvQuNGCINCR0LXQu9Cw0YDRg9GB0Lgg0LrRgNC10LTQuNGCINC90LAgMyw1INC80LvRgNC0INGO0LDQvdC10LkgCjMg0JHQtdC70LDRgNGD0YHRjCDQv9C-0LTQvdGP0LvQsNGB0Ywg0LIg0YDQtdC50YLQuNC90LPQtSDRgdCw0LzRi9GFINC80L7Qs9GD0YnQtdGB0YLQstC10L3QvdGL0YUg0YHRgtGA0LDQvSDQvNC40YDQsCAKMyDCq9CS0YHRgtGA0LXRh9CwINC00LLRg9GFINCS0LvQsNC00LjQvNC40YDQvtCywrs6INGB0YLQsNC7INC70Lgg0LzQuNGAINC90LAg0JTQvtC90LHQsNGB0YHQtSDQsdC70LjQttC1INC_0L7RgdC70LUg0L_QtdGA0LXQs9C-0LLQvtGA0L7QsiDCq9C90L7RgNC80LDQvdC00YHQutC-0Lkg0YfQtdGC0LLRkdGA0LrQuMK7INCyINCf0LDRgNC40LbQtT8gCjMg0JHQtdC70L7RgNGD0YHRgdC60LjQtSDQtNCw0LvRjNC90L7QsdC-0LnRidC40LrQuCDRgdGH&is-turbo=0&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22width%22%3A1240%2C%22height%22%3A0%2C%22left%22%3A173%2C%22top%22%3A3992%2C%22visible%22%3A0%2C%22req_no%22%3A4%2C%22ad_no%22%3A0%7D&matchid-cookies=fEO4cFbeMKA-n3kK-BaJMvLRxB2QIU2sgp2wBg1jcZVQKeuTbq29xg%3D%3D&matchid-cookies-sign=PtyMFpY5t7FaSHddNsUSKg%3D%3D&matchid-direct=1&p1=ceret&p2=y&pd=16&pdh=1200&pdw=1600&pr=2473837910&pr1=3125563862&prr=&pv=10&pw=1&skip-token=&utf8=%E2%9C%93&ybv=0.1497&ylv=0.1505&ytt=260034501543957&lvlfrom=20&rqs=03JuKqPsHEfUSvddV1hi4KPHO-kCI9TT&rtb-si=1&dmv=2&csl=&ad-session-id=5812841576487636612&rtb-answer-hash=17288655216298468405&usgn=AdUxr4TBJNiiSkbYsV1ym5CS6B5NXo5WacpYh-A_uKXm
Requested by: Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.180.204.50 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS: ads.adfox.ru
Software: nginx /
Resource Hash: 079520cb738a0251a4ff6357086d700faab2598b19dc04b0e41bafd953da1a3b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ont.by/
Origin: https://ont.by

Response headers

pragma: no-cache
date: Mon, 16 Dec 2019 09:13:57 GMT
content-encoding: gzip
content-type: application/json
server: nginx
status: 200
p3p: policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
access-control-allow-origin: https://ont.by
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 204 event
ads.adfox.ru/239538/ 0
81 B 83ms
82ms Image
text/plain 213.180.204.50
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.adfox.ru/239538/event?hash=eb37744f920540a1&pm=bmt&rand=uyftd&sj=molkcGShuBpFQyS-WidhvFdiKOe9NrT5ndksa1xd0Fnbv9XZ99XRsS3MqdInYky06lQR78D9m7ui40WKZS_dgyUJ2VeP6r8Ze9re7EoTuA%3D%3D&ad-session-id=5812841576487636612&lts=fcrvmhw&pxo=5uiZRzYXYleTwNzER6VqE9WW12qmDQopNpBqRnG7nS_pNjgzB0ObYUfaA5pxn1mxjmHfw6wN0iNIlAc-R_uvSUW37FhG1nw9hObEaYW3ZV3MPtRQ4P9WQvrHR-85EmQNUw%3D%3D&ytt=260034501543957&p2=y&rtb-si=b&ylv=0.1505&dl=https%3A%2F%2Font.by%2F&ybv=0.1497&p5=fxybz&pr=iafmxny&p1=ceret&rqs=03JuKqPsHEfUSvddV1hi4KPHO-kCI9TT
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.180.204.50 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS: ads.adfox.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Mon, 16 Dec 2019 09:13:57 GMT
server: nginx
access-control-allow-origin: *
timing-allow-origin: *

GET
H/1.1 200
OK chunklist_w320106539.m3u8 Show response
stream.ont.by/ont/live576p/ 545 B
1 KB 64ms
63ms XHR
application/vnd.apple.mpegurl 93.125.31.151
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.ont.by/ont/live576p/chunklist_w320106539.m3u8
Requested by: Host: ont.by
URL: https://ont.by/_nuxt/22fc3f658e705c0ce8d1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.31.151 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-31-151.hoster.by
Software: WowzaStreamingEngine/4.7.6 /
Resource Hash: b148b674f3daf9111001f2ce4eb6f01b4680bf20dfad42aadfe1cd3893d0bf09

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ont.by/
Origin: https://ont.by

Response headers

Date: Mon, 16 Dec 2019 09:13:57 GMT
Server: WowzaStreamingEngine/4.7.6
Access-Control-Allow-Methods: OPTIONS, GET, POST, HEAD
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Date, Server, Content-Type, Content-Length
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type, User-Agent, If-Modified-Since, Cache-Control, Range
Content-Length: 545

GET
DATA 200
OK truncated
/ Frame FD2D 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 58a1c10beed9235a14089110f7590a260a6d3214f9892cc67c7a019205d18715

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 641D 221 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 91ce3696069e62b0dc48bfc866521c5e7db2e5082edcbf4c87a65dee01c563a8

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 v2 Show response
ads.adfox.ru/239538/getBulkTest/ 83 KB
22 KB 116ms
116ms XHR
application/json 213.180.204.50
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adfox.ru/239538/getBulkTest/v2?bids=W3siY2FtcGFpZ25faWQiOjc3MTAwNSwicmVzcG9uc2VfdGltZSI6MTI0NSwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjE0MTAzODMifV0%3D&date=2019-12-16T10%3A13%3A56.669%2B01%3A00&dl=https%3A%2F%2Font.by%2F&enable-flat-highlight=1&extid_loader=&extid_tag_loader=ont.by&grab=dNCe0J3QoiDigJQg0J7QsdGJ0LXQvdCw0YbQuNC-0L3QsNC70YzQvdC-0LUg0YLQtdC70LXQstC40LTQtdC90LjQtSDQkdC10LvQsNGA0YPRgdC4IHwg0JHQtdC70L7RgNGD0YHRgdC60LjQuSDRgtC10LvQtdC60LDQvdCw0Lsg0J7QndCiCjIg0J_QvtGB0LvQtdC00L3QuNC1INC90L7QstC-0YHRgtC4IAoy0JPQu9Cw0LLQvdGL0LUg0L3QvtCy0L7RgdGC0LggCjIg0KHQtdC50YfQsNGBINGH0LjRgtCw0Y7RgiAKMiDQn9C-0L_Rg9C70Y_RgNC90L7QtSDQt9CwINC90LXQtNC10LvRjiAKMiDQnNCw0YDQutC-0LIuINCd0LjRh9C10LPQviDQu9C40YfQvdC-0LPQviAKMiDQntCd0KIg0L3QsCBZb3VUdWJlIAoyINCd0LDRiNC4INC90L7QstC-0YHRgtC4INCe0J3QoiAKMiDQn9GA0L7Qs9GA0LDQvNC80Ysg0Lgg0L_RgNC-0LXQutGC0YsgCjIg0JrQuNC90L4g0Lgg0YHQtdGA0LjQsNC70YsgCjIg0JzRiyDQsiDRgdC-0YbQuNCw0LvRjNC90YvRhSDRgdC10YLRj9GFIAozINCX0LAg0L_QvtGB0LvQtdC00L3QtdC1INC00LXRgdGP0YLQuNC70LXRgtC40LUg0YfQuNGB0LvQviDQv9GA0LDQstC-0L3QsNGA0YPRiNC10L3QuNC5INCy0YvRgNC-0YHQu9C-INCy0LTQstC-0LU6INCb0YPQutCw0YjQtdC90LrQviDQv9GA0L7QstC-0LTQuNGCINGB0L7QstC10YnQsNC90LjQtSDQv9C-INC_0YDQuNC80LXQvdC10L3QuNGOINCw0LTQvNC40L3QuNGB0YLRgNCw0YLQuNCy0L3QvtC5INC-0YLQstC10YLRgdGC0LLQtdC90L3QvtGB0YLQuCAKMyDQl9CwINC_0L7RgdC70LXQtNC90LXQtSDQtNC10YHRj9GC0LjQu9C10YLQuNC1INGH0LjRgdC70L4g0L_RgNCw0LLQvtC90LDRgNGD0YjQtdC90LjQuSDQstGL0YDQvtGB0LvQviDQstC00LLQvtC1OiDQm9GD0LrQsNGI0LXQvdC60L4g0L_RgNC-0LLQvtC00LjRgiDRgdC-0LLQtdGJ0LDQvdC40LUg0L_QviDQv9GA0LjQvNC10L3QtdC90LjRjiDQsNC00LzQuNC90LjRgdGC0YDQsNGC0LjQstC90L7QuSDQvtGC0LLQtdGC0YHRgtCy0LXQvdC90L7RgdGC0LggCjMg0JHQsNC90Log0YDQsNC30LLQuNGC0LjRjyDQmtC40YLQsNGPINCy0YvQtNC10LvQuNGCINCR0LXQu9Cw0YDRg9GB0Lgg0LrRgNC10LTQuNGCINC90LAgMyw1INC80LvRgNC0INGO0LDQvdC10LkgCjMg0JHQtdC70LDRgNGD0YHRjCDQv9C-0LTQvdGP0LvQsNGB0Ywg0LIg0YDQtdC50YLQuNC90LPQtSDRgdCw0LzRi9GFINC80L7Qs9GD0YnQtdGB0YLQstC10L3QvdGL0YUg0YHRgtGA0LDQvSDQvNC40YDQsCAKMyDCq9CS0YHRgtGA0LXRh9CwINC00LLRg9GFINCS0LvQsNC00LjQvNC40YDQvtCywrs6INGB0YLQsNC7INC70Lgg0LzQuNGAINC90LAg0JTQvtC90LHQsNGB0YHQtSDQsdC70LjQttC1INC_0L7RgdC70LUg0L_QtdGA0LXQs9C-0LLQvtGA0L7QsiDCq9C90L7RgNC80LDQvdC00YHQutC-0Lkg0YfQtdGC0LLRkdGA0LrQuMK7INCyINCf0LDRgNC40LbQtT8gCjMg0JHQtdC70L7RgNGD0YHRgdC60LjQtSDQtNCw0LvRjNC90L7QsdC-0LnRidC40LrQuCDRgdGH&is-turbo=0&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22width%22%3A1240%2C%22height%22%3A0%2C%22left%22%3A173%2C%22top%22%3A1795%2C%22visible%22%3A0%2C%22req_no%22%3A2%2C%22ad_no%22%3A0%7D&matchid-cookies=fEO4cFbeMKA-n3kK-BaJMvLRxB2QIU2sgp2wBg1jcZVQKeuTbq29xg%3D%3D&matchid-cookies-sign=PtyMFpY5t7FaSHddNsUSKg%3D%3D&matchid-direct=1&p1=cerep&p2=y&pd=16&pdh=1200&pdw=1600&pr=2473837910&pr1=3018816823&prr=&pv=10&pw=1&skip-token=&utf8=%E2%9C%93&ybv=0.1497&ylv=0.1505&ytt=260034501543957&lvlfrom=20&rqs=03JuKqPsHEfVSvdddjWyd_lPBciZkHrD&rtb-si=1&dmv=2&csl=&ad-session-id=5812841576487636612&rtb-answer-hash=17288655216301442649&usgn=AVsiDiqHprcs47xHAkix5oQ5_NhLxqvEfDXyCRNNwkGF
Requested by: Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.180.204.50 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS: ads.adfox.ru
Software: nginx /
Resource Hash: 715cdc971b76038e66497b770c324481860bf76b271483afdbccc38fd61338f8

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ont.by/
Origin: https://ont.by

Response headers

pragma: no-cache
date: Mon, 16 Dec 2019 09:13:57 GMT
content-encoding: gzip
content-type: application/json
server: nginx
status: 200
p3p: policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
access-control-allow-origin: https://ont.by
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 204 event
ads.adfox.ru/239538/ 0
81 B 78ms
78ms Image
text/plain 213.180.204.50
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.adfox.ru/239538/event?hash=3051baa5bb205594&pm=bmt&rand=bagvzwp&sj=6w2huxtowBNjM5eMbRg_G3yE9qnMxJk_2_rii1jyVATL9c0eMSyHW5MEfe62ygZn9R8IPM4t4WZ0dvom-WvN7lVWhupV1s4O1-k566MzDw%3D%3D&ad-session-id=5812841576487636612&lts=fcrvmhx&pxo=Pbtu1l-K3DkPpYn9qllPsbleEXWrHnqlGvnlItHPJ1121gzaiI2GvxixKz6GNb1O1Ax7ePnZNBokEoioz3hmYusovIXkRjuiuakzJqFi3r1Hp7BSJG2EhL1rRAKi_ELq7Q%3D%3D&ytt=260034501543957&p2=y&rtb-si=b&ylv=0.1505&dl=https%3A%2F%2Font.by%2F&ybv=0.1497&p5=fxybz&pr=iafmxny&p1=cerep&rqs=03JuKqPsHEfVSvdddjWyd_lPBciZkHrD
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.180.204.50 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS: ads.adfox.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Mon, 16 Dec 2019 09:13:57 GMT
server: nginx
access-control-allow-origin: *
timing-allow-origin: *

GET
H2 200 banner_direct.js Show response
yastatic.net/pcode-bundles/0.1497/banner_direct/ 59 KB
14 KB 43ms
42ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/pcode-bundles/0.1497/banner_direct/banner_direct.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.6 /

Resource Hash

2112700bfbe3bfafb5b61dde101ff27baaf42240895fa10bca50163ef3aed51c

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ont.by/
Origin: https://ont.by

Response headers

date: Mon, 16 Dec 2019 09:13:57 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=43200000; includeSubDomains;
content-length: 14262
last-modified: Thu, 12 Dec 2019 17:07:17 GMT
server: nginx/1.17.6
etag: "2a6822dee14e9fcc87228e36a3ebc599"
x-robots-tag: noindex, noarchive, nofollow
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 v2 Show response
ads.adfox.ru/239538/getBulkTest/ 26 KB
8 KB 106ms
106ms XHR
application/json 213.180.204.50
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adfox.ru/239538/getBulkTest/v2?bids=W3siY2FtcGFpZ25faWQiOjc3MTAwNSwicmVzcG9uc2VfdGltZSI6MTIzOSwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjE0MTAzNzYifV0%3D&date=2019-12-16T10%3A13%3A56.609%2B01%3A00&dl=https%3A%2F%2Font.by%2F&enable-flat-highlight=1&extid_loader=&extid_tag_loader=ont.by&grab=dNCe0J3QoiDigJQg0J7QsdGJ0LXQvdCw0YbQuNC-0L3QsNC70YzQvdC-0LUg0YLQtdC70LXQstC40LTQtdC90LjQtSDQkdC10LvQsNGA0YPRgdC4IHwg0JHQtdC70L7RgNGD0YHRgdC60LjQuSDRgtC10LvQtdC60LDQvdCw0Lsg0J7QndCiCjIg0J_QvtGB0LvQtdC00L3QuNC1INC90L7QstC-0YHRgtC4IAoy0JPQu9Cw0LLQvdGL0LUg0L3QvtCy0L7RgdGC0LggCjIg0KHQtdC50YfQsNGBINGH0LjRgtCw0Y7RgiAKMiDQn9C-0L_Rg9C70Y_RgNC90L7QtSDQt9CwINC90LXQtNC10LvRjiAKMiDQnNCw0YDQutC-0LIuINCd0LjRh9C10LPQviDQu9C40YfQvdC-0LPQviAKMiDQntCd0KIg0L3QsCBZb3VUdWJlIAoyINCd0LDRiNC4INC90L7QstC-0YHRgtC4INCe0J3QoiAKMiDQn9GA0L7Qs9GA0LDQvNC80Ysg0Lgg0L_RgNC-0LXQutGC0YsgCjIg0JrQuNC90L4g0Lgg0YHQtdGA0LjQsNC70YsgCjIg0JzRiyDQsiDRgdC-0YbQuNCw0LvRjNC90YvRhSDRgdC10YLRj9GFIAozINCX0LAg0L_QvtGB0LvQtdC00L3QtdC1INC00LXRgdGP0YLQuNC70LXRgtC40LUg0YfQuNGB0LvQviDQv9GA0LDQstC-0L3QsNGA0YPRiNC10L3QuNC5INCy0YvRgNC-0YHQu9C-INCy0LTQstC-0LU6INCb0YPQutCw0YjQtdC90LrQviDQv9GA0L7QstC-0LTQuNGCINGB0L7QstC10YnQsNC90LjQtSDQv9C-INC_0YDQuNC80LXQvdC10L3QuNGOINCw0LTQvNC40L3QuNGB0YLRgNCw0YLQuNCy0L3QvtC5INC-0YLQstC10YLRgdGC0LLQtdC90L3QvtGB0YLQuCAKMyDQl9CwINC_0L7RgdC70LXQtNC90LXQtSDQtNC10YHRj9GC0LjQu9C10YLQuNC1INGH0LjRgdC70L4g0L_RgNCw0LLQvtC90LDRgNGD0YjQtdC90LjQuSDQstGL0YDQvtGB0LvQviDQstC00LLQvtC1OiDQm9GD0LrQsNGI0LXQvdC60L4g0L_RgNC-0LLQvtC00LjRgiDRgdC-0LLQtdGJ0LDQvdC40LUg0L_QviDQv9GA0LjQvNC10L3QtdC90LjRjiDQsNC00LzQuNC90LjRgdGC0YDQsNGC0LjQstC90L7QuSDQvtGC0LLQtdGC0YHRgtCy0LXQvdC90L7RgdGC0LggCjMg0JHQsNC90Log0YDQsNC30LLQuNGC0LjRjyDQmtC40YLQsNGPINCy0YvQtNC10LvQuNGCINCR0LXQu9Cw0YDRg9GB0Lgg0LrRgNC10LTQuNGCINC90LAgMyw1INC80LvRgNC0INGO0LDQvdC10LkgCjMg0JHQtdC70LDRgNGD0YHRjCDQv9C-0LTQvdGP0LvQsNGB0Ywg0LIg0YDQtdC50YLQuNC90LPQtSDRgdCw0LzRi9GFINC80L7Qs9GD0YnQtdGB0YLQstC10L3QvdGL0YUg0YHRgtGA0LDQvSDQvNC40YDQsCAKMyDCq9CS0YHRgtGA0LXRh9CwINC00LLRg9GFINCS0LvQsNC00LjQvNC40YDQvtCywrs6INGB0YLQsNC7INC70Lgg0LzQuNGAINC90LAg0JTQvtC90LHQsNGB0YHQtSDQsdC70LjQttC1INC_0L7RgdC70LUg0L_QtdGA0LXQs9C-0LLQvtGA0L7QsiDCq9C90L7RgNC80LDQvdC00YHQutC-0Lkg0YfQtdGC0LLRkdGA0LrQuMK7INCyINCf0LDRgNC40LbQtT8gCjMg0JHQtdC70L7RgNGD0YHRgdC60LjQtSDQtNCw0LvRjNC90L7QsdC-0LnRidC40LrQuCDRgdGH&is-turbo=0&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22width%22%3A1920%2C%22height%22%3A0%2C%22left%22%3A-167%2C%22top%22%3A0%2C%22visible%22%3A1%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&matchid-cookies=fEO4cFbeMKA-n3kK-BaJMvLRxB2QIU2sgp2wBg1jcZVQKeuTbq29xg%3D%3D&matchid-cookies-sign=PtyMFpY5t7FaSHddNsUSKg%3D%3D&matchid-direct=1&p1=cerem&p2=y&pd=16&pdh=1200&pdw=1600&pr=2473837910&pr1=836362105&prr=&pv=10&pw=1&skip-token=&utf8=%E2%9C%93&ybv=0.1497&ylv=0.1505&ytt=260034501543957&lvlfrom=20&rqs=03JuKqPsHEfUSvddh4MrukNgCEh8gCqX&rtb-si=1&dmv=2&csl=&ad-session-id=5812841576487636612&rtb-answer-hash=17288655216298469614&usgn=Aak5dn6aquU2J0UeH-scd8Crc3L_umB24qnTsAtIv9m9
Requested by: Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.180.204.50 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS: ads.adfox.ru
Software: nginx /
Resource Hash: c02d24f6f98be4331883d2a9ca88c05b94aeecd1cf151ed5d42f7e3a92f339c1

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ont.by/
Origin: https://ont.by

Response headers

pragma: no-cache
date: Mon, 16 Dec 2019 09:13:57 GMT
content-encoding: gzip
content-type: application/json
server: nginx
status: 200
p3p: policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
access-control-allow-origin: https://ont.by
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 204 event
ads.adfox.ru/239538/ 0
81 B 108ms
107ms Image
text/plain 213.180.204.50
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.adfox.ru/239538/event?hash=295f5cb30b692a92&pm=bmt&rand=gkzyzku&sj=zooCG7kCqrYRam21GysrY4vVn0GRO0fE-rgC5XKEMcLDniWBvxa75c8fNRh_kqNabvuGSg1fXUtjeb2G1sCeqoFNr550rmF0HIZYtvW-aA%3D%3D&ad-session-id=5812841576487636612&lts=fcrvmhw&pxo=NhI8aHzOC4Xi5uZhCeGBWjkIMu70Tc77avONJaDKoRakw5_eSIOdb_ggcEi7gJKSNv1h6ZQZu0EBQO_usrz61OV9_gJeDzX1e-9vIjKPlGGbTtSvG5vy33feKb4x2bTYCg%3D%3D&ytt=260034501543957&p2=y&rtb-si=b&ylv=0.1505&dl=https%3A%2F%2Font.by%2F&ybv=0.1497&p5=fxybz&pr=iafmxny&p1=cerem&rqs=03JuKqPsHEfUSvddh4MrukNgCEh8gCqX
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.180.204.50 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS: ads.adfox.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Mon, 16 Dec 2019 09:13:57 GMT
server: nginx
access-control-allow-origin: *
timing-allow-origin: *

GET
H2 200 context_static.js Show response
an.yandex.ru/partner-code-bundles/9993/ 1 MB
180 KB 98ms
98ms Script
text/javascript 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/partner-code-bundles/9993/context_static.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

96ff667bebaa41ccfff12920717fd0f275d55d6ead6426a5d33b0e359bdaf1d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;, max-age=31536000

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:57 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=43200000; includeSubDomains;, max-age=31536000
content-length: 183703
last-modified: Mon, 16 Dec 2019 07:14:38 GMT
server: nginx/1.12.2
etag: "1409c519fd5ba1a85bf782bfdf6bbcfc"
x-robots-tag: noindex, noarchive, nofollow
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cafb158a4161c500cece.js Show response
an.yandex.ru/partner-code-bundles/9994/ 61 KB
16 KB 193ms
193ms Script
text/javascript 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/partner-code-bundles/9994/cafb158a4161c500cece.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

83e71be4edbb3fa54bcdded27ab54adbdd20e3122bae3300edccf78488713f69

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;, max-age=31536000

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:57 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=43200000; includeSubDomains;, max-age=31536000
content-length: 16263
last-modified: Mon, 16 Dec 2019 07:36:24 GMT
server: nginx/1.12.2
etag: "386ad4c8719a4ee746f062e918b6657b"
x-robots-tag: noindex, noarchive, nofollow
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1

302
Found

1 Show response
mc.yandex.ru/watch/386897/
Redirect Chain

https://mc.yandex.ru/watch/386897?wmode=7&cnt-class=1&nohit=1&page-url=https%3A%2F%2Font.by%2F&charset=utf-8&browser-info=ti%3A10%3Adp%3A1%3Ans%3A1576487634231%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1...
https://mc.yandex.ru/watch/386897/1?wmode=7&cnt-class=1&nohit=1&page-url=https%3A%2F%2Font.by%2F&charset=utf-8&browser-info=ti%3A10%3Adp%3A1%3Ans%3A1576487634231%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3...

0
-1 B

51ms
50ms

XHR

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/386897/1?wmode=7&cnt-class=1&nohit=1&page-url=https%3A%2F%2Font.by%2F&charset=utf-8&browser-info=ti%3A10%3Adp%3A1%3Ans%3A1576487634231%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A3%3Aw%3A1585x1185%3Az%3A60%3Ai%3A20191216101355%3Aet%3A1576487638%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aad%3A1%3Apv%3A1%3Arn%3A349734511%3Ahid%3A704068923%3Agdpr%3A14%3Av%3A1776%3Ast%3A1576487638%3Au%3A1576487636713505257%3App%3A3629563401%3At%3A%D0%9E%D0%9D%D0%A2%20%E2%80%94%20%D0%9E%D0%B1%D1%89%D0%B5%D0%BD%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%B0%D0%BB%D1%8C%D0%BD%D0%BE%D0%B5%20%D1%82%D0%B5%D0%BB%D0%B5%D0%B2%D0%B8%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%7C%20%D0%91%D0%B5%D0%BB%D0%BE%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8%D0%B9%20%D1%82%D0%B5%D0%BB%D0%B5%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20%D0%9E%D0%9D%D0%A2

Requested by

Host: ont.by
URL: https://ont.by/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 16 Dec 2019 09:13:58 GMT
Last-Modified: Mon, 16-Dec-2019 09:13:58 GMT
Server: nginx/1.14.2
Location: /watch/386897/1?wmode=7&cnt-class=1&nohit=1&page-url=https%3A%2F%2Font.by%2F&charset=utf-8&browser-info=ti%3A10%3Adp%3A1%3Ans%3A1576487634231%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A3%3Aw%3A1585x1185%3Az%3A60%3Ai%3A20191216101355%3Aet%3A1576487638%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aad%3A1%3Apv%3A1%3Arn%3A349734511%3Ahid%3A704068923%3Agdpr%3A14%3Av%3A1776%3Ast%3A1576487638%3Au%3A1576487636713505257%3App%3A3629563401%3At%3A%D0%9E%D0%9D%D0%A2%20%E2%80%94%20%D0%9E%D0%B1%D1%89%D0%B5%D0%BD%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%B0%D0%BB%D1%8C%D0%BD%D0%BE%D0%B5%20%D1%82%D0%B5%D0%BB%D0%B5%D0%B2%D0%B8%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%7C%20%D0%91%D0%B5%D0%BB%D0%BE%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8%D0%B9%20%D1%82%D0%B5%D0%BB%D0%B5%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20%D0%9E%D0%9D%D0%A2
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Origin: https://ont.by
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Mon, 16-Dec-2019 09:13:58 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 16 Dec 2019 09:13:58 GMT
Last-Modified: Mon, 16-Dec-2019 09:13:58 GMT
Server: nginx/1.14.2
Access-Control-Allow-Origin: https://ont.by
Strict-Transport-Security: max-age=31536000
Location: /watch/386897/1?wmode=7&cnt-class=1&nohit=1&page-url=https%3A%2F%2Font.by%2F&charset=utf-8&browser-info=ti%3A10%3Adp%3A1%3Ans%3A1576487634231%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A3%3Aw%3A1585x1185%3Az%3A60%3Ai%3A20191216101355%3Aet%3A1576487638%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aad%3A1%3Apv%3A1%3Arn%3A349734511%3Ahid%3A704068923%3Agdpr%3A14%3Av%3A1776%3Ast%3A1576487638%3Au%3A1576487636713505257%3App%3A3629563401%3At%3A%D0%9E%D0%9D%D0%A2%20%E2%80%94%20%D0%9E%D0%B1%D1%89%D0%B5%D0%BD%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%B0%D0%BB%D1%8C%D0%BD%D0%BE%D0%B5%20%D1%82%D0%B5%D0%BB%D0%B5%D0%B2%D0%B8%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%7C%20%D0%91%D0%B5%D0%BB%D0%BE%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8%D0%B9%20%D1%82%D0%B5%D0%BB%D0%B5%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20%D0%9E%D0%9D%D0%A2
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Mon, 16-Dec-2019 09:13:58 GMT

POST
H/1.1 200
OK 1
mc.yandex.ru/watch/386897/ 43 B
529 B 44ms
44ms Other
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ont.by/
Origin: https://ont.by
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 16 Dec 2019 09:13:58 GMT
Last-Modified: Mon, 16-Dec-2019 09:13:58 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Access-Control-Allow-Origin: https://ont.by
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: Mon, 16-Dec-2019 09:13:58 GMT

GET
H/1.1

200
OK

1
mc.yandex.ru/watch/386897/
Redirect Chain

https://mc.yandex.ru/watch/386897?cnt-class=1&page-url=https%3A%2F%2Font.by%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1576487634231%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3...
https://mc.yandex.ru/watch/386897/1?cnt-class=1&page-url=https%3A%2F%2Font.by%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1576487634231%3As%3A1600x1200x24%3Ask%3A1%3Ahdl...

43 B
444 B

54ms
50ms

Other
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/386897/1?cnt-class=1&page-url=https%3A%2F%2Font.by%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1576487634231%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A3%3Aw%3A1585x1185%3Az%3A60%3Ai%3A20191216101358%3Aet%3A1576487638%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Apv%3A1%3Arn%3A679322600%3Ahid%3A704068923%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%3Agdpr%3A14%3Av%3A1776%3Ast%3A1576487638%3Au%3A1576487636713505257%3App%3A3629563401%3At%3A%D0%9E%D0%9D%D0%A2%20%E2%80%94%20%D0%9E%D0%B1%D1%89%D0%B5%D0%BD%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%B0%D0%BB%D1%8C%D0%BD%D0%BE%D0%B5%20%D1%82%D0%B5%D0%BB%D0%B5%D0%B2%D0%B8%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%7C%20%D0%91%D0%B5%D0%BB%D0%BE%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8%D0%B9%20%D1%82%D0%B5%D0%BB%D0%B5%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20%D0%9E%D0%9D%D0%A2

Requested by

Host: ont.by
URL: https://ont.by/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 16 Dec 2019 09:13:58 GMT
Last-Modified: Mon, 16-Dec-2019 09:13:58 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: Mon, 16-Dec-2019 09:13:58 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 16 Dec 2019 09:13:58 GMT
Last-Modified: Mon, 16-Dec-2019 09:13:58 GMT
Server: nginx/1.14.2
Location: /watch/386897/1?cnt-class=1&page-url=https%3A%2F%2Font.by%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1576487634231%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A3%3Aw%3A1585x1185%3Az%3A60%3Ai%3A20191216101358%3Aet%3A1576487638%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Apv%3A1%3Arn%3A679322600%3Ahid%3A704068923%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%3Agdpr%3A14%3Av%3A1776%3Ast%3A1576487638%3Au%3A1576487636713505257%3App%3A3629563401%3At%3A%D0%9E%D0%9D%D0%A2%20%E2%80%94%20%D0%9E%D0%B1%D1%89%D0%B5%D0%BD%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%B0%D0%BB%D1%8C%D0%BD%D0%BE%D0%B5%20%D1%82%D0%B5%D0%BB%D0%B5%D0%B2%D0%B8%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%7C%20%D0%91%D0%B5%D0%BB%D0%BE%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8%D0%B9%20%D1%82%D0%B5%D0%BB%D0%B5%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20%D0%9E%D0%9D%D0%A2
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Origin: https://ont.by
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Mon, 16-Dec-2019 09:13:58 GMT

GET
H/1.1 200
Ok action.clinicamalyshevoy.ru
favicon.yandex.net/favicon/ 549 B
762 B 141ms
47ms Image
image/png 2a02:6b8::36
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/action.clinicamalyshevoy.ru

Requested by

Host: ont.by
URL: https://ont.by/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

35f893facdb159571aaa1dbc209d25c721e813d0fa68ea01901ab65c99851f88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

access-control-allow-origin: *
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Content-Type: image/png

GET
H2 200 y300
avatars.mds.yandex.net/get-direct/1524269/ZJu1m8hsCfh8Pq8BwMt9cw/ 19 KB
20 KB 192ms
89ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/1524269/ZJu1m8hsCfh8Pq8BwMt9cw/y300
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: b9c48a69e4d5ae05ede9e620801696da85470a3dee0f97e61f8d8c9222f2dd15

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:58 GMT
last-modified: Thu, 12 Sep 2019 10:30:43 GMT
server: nginx
access-control-allow-origin: *
content-type: image/webp
status: 200
cache-control: max-age=604800,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 19750
x-request-id: f4a2c8aa49f8d8ca

GET
H2 200 y300
avatars.mds.yandex.net/get-direct/330515/8Uz8apElyeCegFsWUQX41w/ 13 KB
14 KB 195ms
92ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/330515/8Uz8apElyeCegFsWUQX41w/y300
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 41ed17630087d9fe7b4b68edf60544b785219d52089169c6a6c173262220bb3e

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:58 GMT
last-modified: Tue, 02 Jul 2019 20:33:00 GMT
server: nginx
access-control-allow-origin: *
content-type: image/webp
status: 200
cache-control: max-age=604800,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 13738
x-request-id: 77583887b4ae20a4

GET
H2 200 y90
avatars.mds.yandex.net/get-direct/1524269/ZJu1m8hsCfh8Pq8BwMt9cw/ 3 KB
4 KB 240ms
138ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/1524269/ZJu1m8hsCfh8Pq8BwMt9cw/y90
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 2ebd7de803c699bd8666097c38e2b38ad8de43db3889094b518648bb4893ef4c

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:58 GMT
last-modified: Thu, 12 Sep 2019 10:30:43 GMT
server: nginx
access-control-allow-origin: *
content-type: image/webp
status: 200
cache-control: max-age=604800,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 3516
x-request-id: 744c639d24b181b3

GET
H2 200 y450
avatars.mds.yandex.net/get-direct/2396344/d-rojMuxMLL-jae-95Duag/ 10 KB
11 KB 237ms
135ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/2396344/d-rojMuxMLL-jae-95Duag/y450
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 3345415de42dd8c95378e22fd89b2e6aea60fa4028472d3f0b080f48865b3ac8

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:58 GMT
last-modified: Fri, 06 Dec 2019 17:57:19 GMT
server: nginx
access-control-allow-origin: *
content-type: image/webp
status: 200
cache-control: max-age=604800,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 10668
x-request-id: 5084845f8a0c039f

GET
H2 200 x450
avatars.mds.yandex.net/get-direct/330515/8Uz8apElyeCegFsWUQX41w/ 26 KB
26 KB 239ms
137ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/330515/8Uz8apElyeCegFsWUQX41w/x450
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 8f925c869e1a7397aa2a2c8c9f3910dabb76203b172bb54f1730ac5eced4f1c2

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:58 GMT
last-modified: Tue, 02 Jul 2019 20:33:00 GMT
server: nginx
access-control-allow-origin: *
content-type: image/webp
status: 200
cache-control: max-age=604800,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 26760
x-request-id: a157b693650103df

GET
H2 200 x450
avatars.mds.yandex.net/get-direct/200189/C6BTT38_2j8kkW5arTdFxA/ 12 KB
12 KB 239ms
138ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/200189/C6BTT38_2j8kkW5arTdFxA/x450
Requested by: Host: ont.by
URL: https://ont.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: f9d9be2d06018892bd41400d12913a615e9a99c002623b0654385124100c4493

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 16 Dec 2019 09:13:58 GMT
last-modified: Tue, 06 Nov 2018 13:07:13 GMT
server: nginx
access-control-allow-origin: *
content-type: image/webp
status: 200
cache-control: max-age=604800,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 12148
x-request-id: 8d5a17deffb192a7

GET
H/1.1 200
OK 1 Show response
mc.yandex.ru/watch/386897/ 35 B
576 B 54ms
50ms XHR
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: ont.by
URL: https://ont.by/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

d9443ef74dadcd4d4c3d09b0e96b6f27bff47789258e3984fc774e2c81f07f37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ont.by/
Origin: https://ont.by
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Mon, 16 Dec 2019 09:13:58 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 16-Dec-2019 09:13:58 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=31536000
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://ont.by
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 35
X-XSS-Protection: 1; mode=block
Expires: Mon, 16-Dec-2019 09:13:58 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.69/ 29 KB
8 KB 41ms
37ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.69/host.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/partner-code-bundles/9993/context_static.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.6 /

Resource Hash

9fa8c2bb49f0e9e391d87f70459663c0e3898f32d4506c81239151b9c0b870d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ont.by/
Origin: https://ont.by

Response headers

date: Mon, 16 Dec 2019 09:13:58 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=43200000; includeSubDomains;
content-length: 8104
last-modified: Tue, 20 Aug 2019 11:55:41 GMT
server: nginx/1.17.6
etag: "901e860c36afb614c88b40352db2214f"
x-robots-tag: noindex, noarchive, nofollow
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 y300
avatars.mds.yandex.net/get-direct/1524269/ZJu1m8hsCfh8Pq8BwMt9cw/ 19 KB
20 KB 190ms
91ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/1524269/ZJu1m8hsCfh8Pq8BwMt9cw/y300
Requested by: Host: an.yandex.ru
URL: https://an.yandex.ru/partner-code-bundles/9993/context_static.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: b9c48a69e4d5ae05ede9e620801696da85470a3dee0f97e61f8d8c9222f2dd15

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ont.by/
Origin: https://ont.by

Response headers

date: Mon, 16 Dec 2019 09:13:58 GMT
last-modified: Thu, 12 Sep 2019 10:30:43 GMT
server: nginx
access-control-allow-origin: *
content-type: image/webp
status: 200
cache-control: max-age=604800,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 19750
x-request-id: 5c50d9b44fcbf46

GET
H2 200 y450
avatars.mds.yandex.net/get-direct/2396344/d-rojMuxMLL-jae-95Duag/ 10 KB
11 KB 150ms
92ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/2396344/d-rojMuxMLL-jae-95Duag/y450
Requested by: Host: an.yandex.ru
URL: https://an.yandex.ru/partner-code-bundles/9993/context_static.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 3345415de42dd8c95378e22fd89b2e6aea60fa4028472d3f0b080f48865b3ac8

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ont.by/
Origin: https://ont.by

Response headers

date: Mon, 16 Dec 2019 09:13:58 GMT
last-modified: Fri, 06 Dec 2019 17:57:19 GMT
server: nginx
access-control-allow-origin: *
content-type: image/webp
status: 200
cache-control: max-age=604800,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 10668
x-request-id: 99e624616d8059b5

GET
H2 200 x450
avatars.mds.yandex.net/get-direct/200189/C6BTT38_2j8kkW5arTdFxA/ 12 KB
12 KB 140ms
91ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/200189/C6BTT38_2j8kkW5arTdFxA/x450
Requested by: Host: an.yandex.ru
URL: https://an.yandex.ru/partner-code-bundles/9993/context_static.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: f9d9be2d06018892bd41400d12913a615e9a99c002623b0654385124100c4493

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ont.by/
Origin: https://ont.by

Response headers

date: Mon, 16 Dec 2019 09:13:58 GMT
last-modified: Tue, 06 Nov 2018 13:07:13 GMT
server: nginx
access-control-allow-origin: *
content-type: image/webp
status: 200
cache-control: max-age=604800,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 12148
x-request-id: 2753bde8a2bb726

GET
H2 200 x450
avatars.mds.yandex.net/get-direct/330515/8Uz8apElyeCegFsWUQX41w/ 26 KB
26 KB 185ms
137ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/330515/8Uz8apElyeCegFsWUQX41w/x450
Requested by: Host: an.yandex.ru
URL: https://an.yandex.ru/partner-code-bundles/9993/context_static.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 8f925c869e1a7397aa2a2c8c9f3910dabb76203b172bb54f1730ac5eced4f1c2

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ont.by/
Origin: https://ont.by

Response headers

date: Mon, 16 Dec 2019 09:13:58 GMT
last-modified: Tue, 02 Jul 2019 20:33:00 GMT
server: nginx
access-control-allow-origin: *
content-type: image/webp
status: 200
cache-control: max-age=604800,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 26760
x-request-id: 40890ee2e1f0a927

POST
H/1.1 200
OK tracker
top-fwz1.mail.ru/ 43 B
797 B 61ms
60ms Other
image/gif 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=1566299;u=https%3A//ont.by/;st=1576487635476;s=1600*1200;vp=1585*1185;touch=0;hds=1;flash=;sid=1b82474212849591;ver=60.1.0;tz=-60%2FEurope%2FBerlin;nt=0/0/1576487634231/////191/192/192/192/315/205/315/376/475/378/1245/1335/1377/5067/5067/;ni=9.6//4g/0/0/;detect=0;lvid=1576487636253%3A1576487639324%3A2%3Ac7bbbd8ba9177181ce6ba69766a8edf4;_=0.6854108390131801;e=RT/load;et=1576487639324

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ont.by/
Origin: https://ont.by
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 16 Dec 2019 09:13:59 GMT
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
AMP-Access-Control-Allow-Source-Origin: https://ont.by
Server: nginx
Access-Control-Allow-Methods: GET, POST, HEAD, PUT, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://ont.by
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Cache-control: private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://ont.by
Keep-Alive: timeout=60

GET
H2 200 render.html
yastatic.net/safeframe-bundles/0.69/1-1-0/ Frame 7EB4 0
0 33ms
32ms Document
text/html 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.69/1-1-0/render.html

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.69/host.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.6 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

:method: GET
:authority: yastatic.net
:scheme: https
:path: /safeframe-bundles/0.69/1-1-0/render.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://ont.by/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ont.by/

Response headers

status: 200
server: nginx/1.17.6
date: Mon, 16 Dec 2019 09:13:59 GMT
content-type: text/html
content-length: 6026
etag: "f883bd7781c332870c9968db60e89349"
last-modified: Tue, 20 Aug 2019 11:55:41 GMT
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000 public
access-control-allow-origin: *
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
content-encoding: br
accept-ranges: bytes

GET
H2 200 render.html
yastatic.net/safeframe-bundles/0.69/1-1-0/ Frame 5394 0
0 33ms
32ms Document
text/html 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.69/1-1-0/render.html

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.69/host.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.6 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

:method: GET
:authority: yastatic.net
:scheme: https
:path: /safeframe-bundles/0.69/1-1-0/render.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://ont.by/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ont.by/

Response headers

status: 200
server: nginx/1.17.6
date: Mon, 16 Dec 2019 09:13:59 GMT
content-type: text/html
content-length: 6026
etag: "f883bd7781c332870c9968db60e89349"
last-modified: Tue, 20 Aug 2019 11:55:41 GMT
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000 public
access-control-allow-origin: *
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
content-encoding: br
accept-ranges: bytes

GET
H2 200 render.html
yastatic.net/safeframe-bundles/0.69/1-1-0/ Frame B124 0
0 33ms
32ms Document
text/html 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.69/1-1-0/render.html

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.69/host.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.6 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

:method: GET
:authority: yastatic.net
:scheme: https
:path: /safeframe-bundles/0.69/1-1-0/render.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://ont.by/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ont.by/

Response headers

status: 200
server: nginx/1.17.6
date: Mon, 16 Dec 2019 09:13:59 GMT
content-type: text/html
content-length: 6026
etag: "f883bd7781c332870c9968db60e89349"
last-modified: Tue, 20 Aug 2019 11:55:41 GMT
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000 public
access-control-allow-origin: *
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
content-encoding: br
accept-ranges: bytes

GET
H2 200 render.html
yastatic.net/safeframe-bundles/0.69/1-1-0/ Frame 2D97 0
0 33ms
33ms Document
text/html 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.69/1-1-0/render.html

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.69/host.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.6 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

:method: GET
:authority: yastatic.net
:scheme: https
:path: /safeframe-bundles/0.69/1-1-0/render.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://ont.by/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ont.by/

Response headers

status: 200
server: nginx/1.17.6
date: Mon, 16 Dec 2019 09:13:59 GMT
content-type: text/html
content-length: 6026
etag: "f883bd7781c332870c9968db60e89349"
last-modified: Tue, 20 Aug 2019 11:55:41 GMT
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000 public
access-control-allow-origin: *
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
content-encoding: br
accept-ranges: bytes

GET
H/1.1 200
OK chunklist_w320106539.m3u8 Show response
stream.ont.by/ont/live576p/ 545 B
1 KB 61ms
61ms XHR
application/vnd.apple.mpegurl 93.125.31.151
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.ont.by/ont/live576p/chunklist_w320106539.m3u8
Requested by: Host: ont.by
URL: https://ont.by/_nuxt/22fc3f658e705c0ce8d1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.31.151 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-31-151.hoster.by
Software: WowzaStreamingEngine/4.7.6 /
Resource Hash: 9ff99ae38a75b1cfcbd19a456b4d65ee1c9ef3968600f564001cd8dbbf3e4643

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ont.by/
Origin: https://ont.by

Response headers

Date: Mon, 16 Dec 2019 09:13:59 GMT
Server: WowzaStreamingEngine/4.7.6
Access-Control-Allow-Methods: OPTIONS, GET, POST, HEAD
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Date, Server, Content-Type, Content-Length
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type, User-Agent, If-Modified-Since, Cache-Control, Range
Content-Length: 545

GET
H2 204 event
ads.adfox.ru/239538/ 0
81 B 82ms
81ms Image
text/plain 213.180.204.50
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.adfox.ru/239538/event?hash=d376a92b1857e009&pm=bmn&rand=bnkgkhp&sj=mkydoc4BVcpYXEnuXut7Eyl7afgE5hwHSMxifwsWeYGeJ-OoL6Niu0mvag5VnsG2OsZnS_IfNRph41qmR2yxA8BXSxSn7dqOMg9x2M0-rA%3D%3D&ad-session-id=5812841576487636612&lts=fcrvmhw&ytt=260034501543957&ylv=0.1505&dl=https%3A%2F%2Font.by%2F&ybv=0.1497&p5=hfqjf&pr=iafmxny&p1=ceren&rqs=03JuKqPsHEfUSvddFgNBoU7abDwv7jof&p2=fgou
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.180.204.50 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS: ads.adfox.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Mon, 16 Dec 2019 09:13:59 GMT
server: nginx
access-control-allow-origin: *
timing-allow-origin: *

GET
H2 200 tv Show response
ont.by/api/tv-schedules/tv-schedules/queue/ 33 KB
5 KB 1214ms
1213ms XHR
application/json 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://ont.by/api/tv-schedules/tv-schedules/queue/tv?count=14
Requested by: Host: ont.by
URL: https://ont.by/_nuxt/7a2023d4115017182b40.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 9acc2770810b4a3267d57fcfeb9d2dd45d11d8b6f9907998b4198b8931db4762

Request headers

Accept: application/json, text/plain, */*
Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 1.149
date: Mon, 16 Dec 2019 09:14:01 GMT
content-encoding: gzip
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 online Show response
ont.by/api/tv-schedules/tv-schedules/queue/ 32 KB
5 KB 1244ms
1244ms XHR
application/json 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://ont.by/api/tv-schedules/tv-schedules/queue/online?count=14
Requested by: Host: ont.by
URL: https://ont.by/_nuxt/7a2023d4115017182b40.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 13d31a7f798e4340bf4001032513e01b1f515d1aa8ca8eedddd16202b4e64bb7

Request headers

Accept: application/json, text/plain, */*
Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 1.180
date: Mon, 16 Dec 2019 09:14:01 GMT
content-encoding: gzip
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET tv
ont.by/api/tv-schedules/tv-schedules/queue/ 0
0

GET
H2 200 online Show response
ont.by/api/tv-schedules/tv-schedules/queue/ 32 KB
5 KB 6185ms
6185ms XHR
application/json 93.125.48.25
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://ont.by/api/tv-schedules/tv-schedules/queue/online?count=14
Requested by: Host: ont.by
URL: https://ont.by/_nuxt/7a2023d4115017182b40.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 93.125.48.25 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-48-25.hoster.by
Software: nginx /
Resource Hash: 13d31a7f798e4340bf4001032513e01b1f515d1aa8ca8eedddd16202b4e64bb7

Request headers

Accept: application/json, text/plain, */*
Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-response-time: 6.124
date: Mon, 16 Dec 2019 09:14:06 GMT
content-encoding: gzip
server: nginx
status: 200
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 OLPl6YXWtZ4500W14820W04nr4htNG00000uefqlY087kG9jYN9COQE8kV02bR3ftmBm1G6W1ge3oGRJScuge-mSHz46qmQaeQFi74VP1W000C1V0000gGU1a9p_sDBOPz080e0A0OWAZm6e2kW7Y0iEgWiGhRuj5e6G001OmvYXpfa50C0BWAC5o0k0r9C1y0i6u...
an.yandex.ru/count/ 0
265 B 56ms
56ms Image
text/plain 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/count/OLPl6YXWtZ4500W14820W04nr4htNG00000uefqlY087kG9jYN9COQE8kV02bR3ftmBm1G6W1ge3oGRJScuge-mSHz46qmQaeQFi74VP1W000C1V0000gGU1a9p_sDBOPz080e0A0OWAZm6e2kW7Y0iEgWiGhRuj5e6G001OmvYXpfa50C0BWAC5o0k0r9C1y0i6u0s2W801g0-1eTBxWzkqx6VW3m6G49tjwk7GcwgtElWG0e0H0eWH0P0H0QWHm8Gzo16GcE-q3leH6Gq000005G00000T000002K00000BG00003m4WA84mEG4sJ04____________m7Q4me80100600W02W0=sJ0WvjK1G0980c2y26W4SAIMnA01W067hQEA1OW1XSg6fqIG0TRij_8rc07ei9FaEw01vkotyZMe0UQka-Gxk078dRt17TW1ifV-6k01behl6kW14lW1WApUlW6O0fBKtXUW0iwBdXQ00xE1W8u2Y0EqnkU42vW3uge2i0C2i0G1k0J_0UW4gXM81UhCBv05olK_i0M3ZGou1OYW4C05i84ao0NmamdG1UJV1U053fW6lFcTxmIe1ge3i0U0W90iq0S2u0U62l4700000000003u1m60207G2BgAW870W826W07W2EU5Zmk02W712W0000000F0_s0e2u0g0YNhu2e2r6DaBWP2S_zZIs6Ve2zI48eWCWApUlW7e31kO3Qo8CeaE00000000y3-G3i24FQ0Em8GzeGy00000003mFzaF9aOi4Lbc_3-04B-u-1MQ40aH00000000y3_840pG482Mhr-X4G0000000F0_g170X3sm4G7W4PdAO-WHa-sLu8BTgTdz0V4H00000034nK284W6G4W6f4hphJgSs3UW_c1C1u1E8e1285BkF-l6zsClksG6W58YW4AWKolK_o1G4q1J___________y1s1IOzAVl1G00?stat-id=7&test-tag=427160418395137&format-type=9&actual-format=40&banner-test-tags=eyI3MjMzNTM0NzYzIjoiMzI3NjkifQ%3D%3D&renderWidth=1920&renderHeight=90&confirmTime=2100000&confirmRatio=830000&wmode

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Dec 2019 09:14:00 GMT
last-modified: Mon, 16 Dec 2019 09:14:00 GMT
server: nginx/1.12.2
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
status: 200
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 0
x-xss-protection: 1; mode=block
expires: Mon, 16 Dec 2019 09:14:00 GMT

GET
H2 200 1V_PCjeu0OG100000000U9nJl5oKfxNuZOoxOUE44liRbswaMrxn-XxB00IUC95GgVomnDZ0vwmCgOn0ySp62NF-WyHBsO6ysgj0efKHH4u5oYemp6Jiq6O0WuMC3rGWh9MCBO8GraQG2GVYWSHUniWsReQZO9chZ23XkumDDWmCSvb0xALCfvWP6DOoHO7qC5rcM...
an.yandex.ru/rtbcount/ 43 B
318 B 52ms
52ms Image
image/gif 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/rtbcount/1V_PCjeu0OG100000000U9nJl5oKfxNuZOoxOUE44liRbswaMrxn-XxB00IUC95GgVomnDZ0vwmCgOn0ySp62NF-WyHBsO6ysgj0efKHH4u5oYemp6Jiq6O0WuMC3rGWh9MCBO8GraQG2GVYWSHUniWsReQZO9chZ23XkumDDWmCSvb0xALCfvWP6DOoHO7qC5rcMx8GvCYpJF-1u2dJ2w3SAoO1GvF2kCO930nF-cOiF3UJbU4l4ol8CSmWifTP0EGaPf1XSvcPG8u0aWeGHp2tdDFQDZTcTS1LiFnTCFcJsS697om_YqN1mDYhrBimeDZ3DIqqk2mb9SF4jwWqso_TsJN38jsvC68XY-HJ2R3Y5ImTuHjO_iC0umuazW4azaqMI0Xyi7_8aWO6z-pVie1y3m048t-c?confirmTime=2101000&confirmRatio=830000&test-tag=427160267390978&format-type=9&actual-format=40&rnd=9316840557755&renderWidth=1920&renderHeight=90

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Dec 2019 09:14:00 GMT
last-modified: Mon, 16 Dec 2019 09:14:00 GMT
server: nginx/1.12.2
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif
status: 200
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 16 Dec 2019 09:14:00 GMT

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/39/4/ 77 KB
28 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:824::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/39/4/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAhInl_kWaLHaj4zFuecgCDMWVjTnUfKms&callback=vueGoogleMapsInit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

9fb82fc2a36ff7dbbf0efe3d4645ea9e20d7b65c16642865ca3e9ca8c99cd2bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Dec 2019 14:36:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Dec 2019 01:04:11 GMT
server: sffe
age: 67052
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28693
x-xss-protection: 0
expires: Mon, 14 Dec 2020 14:36:29 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/39/4/ 144 KB
53 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:824::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/39/4/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAhInl_kWaLHaj4zFuecgCDMWVjTnUfKms&callback=vueGoogleMapsInit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

4477795273c6ca3125cae93f9657e733b115de5ad3c4d00ced9d5d558fd00b76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Dec 2019 14:36:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Dec 2019 01:04:11 GMT
server: sffe
age: 67047
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 54348
x-xss-protection: 0
expires: Mon, 14 Dec 2020 14:36:34 GMT

GET
H2 200 AuthenticationService.Authenticate Show response
maps.googleapis.com/maps/api/js/ 62 B
144 B 19ms
18ms Script
text/javascript 2a00:1450:4001:824::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Font.by%2F&4sAIzaSyAhInl_kWaLHaj4zFuecgCDMWVjTnUfKms&callback=_xdc_._4o2ra6&key=AIzaSyAhInl_kWaLHaj4zFuecgCDMWVjTnUfKms&token=126187

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/39/4/common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

mafe /

Resource Hash

c285891eaf8f2f743efbd625c54b58c4e7c900dc2f284036299aa2c7097504cc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Dec 2019 09:14:01 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment
server-timing: gfet4t7; dur=5
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK chunklist_w320106539.m3u8 Show response
stream.ont.by/ont/live576p/ 545 B
1 KB 61ms
61ms XHR
application/vnd.apple.mpegurl 93.125.31.151
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.ont.by/ont/live576p/chunklist_w320106539.m3u8
Requested by: Host: ont.by
URL: https://ont.by/_nuxt/22fc3f658e705c0ce8d1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.31.151 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-31-151.hoster.by
Software: WowzaStreamingEngine/4.7.6 /
Resource Hash: a5c3492323550144ab6140bc0e84ac7571fcc1617ef00f5c8ef88b915d1e9388

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ont.by/
Origin: https://ont.by

Response headers

Date: Mon, 16 Dec 2019 09:14:01 GMT
Server: WowzaStreamingEngine/4.7.6
Access-Control-Allow-Methods: OPTIONS, GET, POST, HEAD
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Date, Server, Content-Type, Content-Length
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type, User-Agent, If-Modified-Since, Cache-Control, Range
Content-Length: 545

GET
H/1.1 200
OK chunklist_w320106539.m3u8 Show response
stream.ont.by/ont/live576p/ 545 B
1 KB 61ms
60ms XHR
application/vnd.apple.mpegurl 93.125.31.151
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.ont.by/ont/live576p/chunklist_w320106539.m3u8
Requested by: Host: ont.by
URL: https://ont.by/_nuxt/22fc3f658e705c0ce8d1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.31.151 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-31-151.hoster.by
Software: WowzaStreamingEngine/4.7.6 /
Resource Hash: 6df5a6b469ceaa06c2dc5f5dc26753be2bf43c5f6525ae2833e88e767c6b01e6

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ont.by/
Origin: https://ont.by

Response headers

Date: Mon, 16 Dec 2019 09:14:04 GMT
Server: WowzaStreamingEngine/4.7.6
Access-Control-Allow-Methods: OPTIONS, GET, POST, HEAD
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Date, Server, Content-Type, Content-Length
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type, User-Agent, If-Modified-Since, Cache-Control, Range
Content-Length: 545

GET
H/1.1 200
OK chunklist_w320106539.m3u8 Show response
stream.ont.by/ont/live576p/ 545 B
1 KB 64ms
63ms XHR
application/vnd.apple.mpegurl 93.125.31.151
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.ont.by/ont/live576p/chunklist_w320106539.m3u8
Requested by: Host: ont.by
URL: https://ont.by/_nuxt/22fc3f658e705c0ce8d1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.31.151 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-31-151.hoster.by
Software: WowzaStreamingEngine/4.7.6 /
Resource Hash: 991dc16dff93ad1b486fb318d407b6d45a71994f4b7fe0ca50757a5a0dad1cfb

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ont.by/
Origin: https://ont.by

Response headers

Date: Mon, 16 Dec 2019 09:14:06 GMT
Server: WowzaStreamingEngine/4.7.6
Access-Control-Allow-Methods: OPTIONS, GET, POST, HEAD
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Date, Server, Content-Type, Content-Length
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type, User-Agent, If-Modified-Since, Cache-Control, Range
Content-Length: 545

GET
H/1.1 200
OK chunklist_w320106539.m3u8 Show response
stream.ont.by/ont/live576p/ 545 B
1 KB 61ms
61ms XHR
application/vnd.apple.mpegurl 93.125.31.151
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.ont.by/ont/live576p/chunklist_w320106539.m3u8
Requested by: Host: ont.by
URL: https://ont.by/_nuxt/22fc3f658e705c0ce8d1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.31.151 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-31-151.hoster.by
Software: WowzaStreamingEngine/4.7.6 /
Resource Hash: 0f1ede4054bd2e8c404523296db6b0eb93abf20dbf1f67935ae000279c5ce563

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ont.by/
Origin: https://ont.by

Response headers

Date: Mon, 16 Dec 2019 09:14:08 GMT
Server: WowzaStreamingEngine/4.7.6
Access-Control-Allow-Methods: OPTIONS, GET, POST, HEAD
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Date, Server, Content-Type, Content-Length
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type, User-Agent, If-Modified-Since, Cache-Control, Range
Content-Length: 545

GET
H/1.1 200
OK chunklist_w320106539.m3u8 Show response
stream.ont.by/ont/live576p/ 545 B
1 KB 61ms
60ms XHR
application/vnd.apple.mpegurl 93.125.31.151
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.ont.by/ont/live576p/chunklist_w320106539.m3u8
Requested by: Host: ont.by
URL: https://ont.by/_nuxt/22fc3f658e705c0ce8d1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.125.31.151 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 93-125-31-151.hoster.by
Software: WowzaStreamingEngine/4.7.6 /
Resource Hash: f653ca0f0bf9e1b93190002f69faaf62f54e0a0383e21ee1dc1f1664686e494e

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ont.by/
Origin: https://ont.by

Response headers

Date: Mon, 16 Dec 2019 09:14:10 GMT
Server: WowzaStreamingEngine/4.7.6
Access-Control-Allow-Methods: OPTIONS, GET, POST, HEAD
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Date, Server, Content-Type, Content-Length
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type, User-Agent, If-Modified-Since, Cache-Control, Range
Content-Length: 545

GET
H/1.1

200
OK

1
mc.yandex.ru/watch/26812653/
Redirect Chain

https://mc.yandex.ru/watch/26812653?page-url=https%3A%2F%2Font.by%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1576487634231%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3...
https://mc.yandex.ru/watch/26812653/1?page-url=https%3A%2F%2Font.by%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1576487634231%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb...

43 B
444 B

50ms
49ms

Other
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/26812653/1?page-url=https%3A%2F%2Font.by%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1576487634231%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1185%3Az%3A60%3Ai%3A20191216101410%3Aet%3A1576487651%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Anb%3A1%3Acl%3A574%3Arn%3A124389142%3Ahid%3A704068923%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C5067%2C5067%2C28%2C%3Agdpr%3A14%3Av%3A1776%3Ast%3A1576487651%3Au%3A1576487636713505257%3App%3A3629563401

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ont.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 16 Dec 2019 09:14:10 GMT
Last-Modified: Mon, 16-Dec-2019 09:14:10 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: Mon, 16-Dec-2019 09:14:10 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 16 Dec 2019 09:14:10 GMT
Last-Modified: Mon, 16-Dec-2019 09:14:10 GMT
Server: nginx/1.14.2
Location: /watch/26812653/1?page-url=https%3A%2F%2Font.by%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1576487634231%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1185%3Az%3A60%3Ai%3A20191216101410%3Aet%3A1576487651%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Anb%3A1%3Acl%3A574%3Arn%3A124389142%3Ahid%3A704068923%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C5067%2C5067%2C28%2C%3Agdpr%3A14%3Av%3A1776%3Ast%3A1576487651%3Au%3A1576487636713505257%3App%3A3629563401
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Origin: https://ont.by
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Mon, 16-Dec-2019 09:14:10 GMT

POST
H/1.1 200
OK 24929690
mc.yandex.ru/watch/ 43 B
529 B 49ms
49ms Other
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/24929690?page-url=https%3A%2F%2Font.by%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1576487634231%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A2%3Aw%3A1585x1185%3Az%3A60%3Ai%3A20191216101410%3Aet%3A1576487651%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Anb%3A1%3Acl%3A-1893%3Arn%3A376211135%3Ahid%3A704068923%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C5067%2C5067%2C28%2C%3Agdpr%3A14%3Av%3A1776%3Ast%3A1576487651%3Au%3A1576487636713505257%3App%3A3629563401

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ont.by/
Origin: https://ont.by
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 16 Dec 2019 09:14:10 GMT
Last-Modified: Mon, 16-Dec-2019 09:14:10 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Access-Control-Allow-Origin: https://ont.by
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: Mon, 16-Dec-2019 09:14:10 GMT

GET chunklist_w320106539.m3u8
stream.ont.by/ont/live576p/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ont.by
URL: https://ont.by/api/tv-schedules/tv-schedules/queue/tv?count=14

Domain: stream.ont.by
URL: https://stream.ont.by/ont/live576p/chunklist_w320106539.m3u8

Verdicts & Comments Add Verdict or Comment

111 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
yastatic.net/safeframe-bundles/0.69/1-1-0	1970-01-19 05:56:14	Name: pcs3 Value: 1
.ont.by/	1970-01-19 13:54:18	Name: tmr_reqNum Value: 2
ont.by/	1970-01-19 05:56:14	Name: tmr_detect Value: 0%7C1576487639036

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://ont.by/_nuxt/22fc3f658e705c0ce8d1.js(Line 2) Message: VIDEOJS: WARN: this.options() has been deprecated and will be moved to the constructor in 6.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

abs.twimg.com
ads.adfox.ru
adservice.google.com
adservice.google.de
an.yandex.ru
avatars.mds.yandex.net
banners.adfox.ru
bidder.criteo.com
cdn.embedly.com
cdn.sendpulse.com
cdn.syndication.twimg.com
connect.facebook.net
connect.ok.ru
favicon.yandex.net
googleads.g.doubleclick.net
i.ytimg.com
imasdk.googleapis.com
maps.googleapis.com
matchid.adfox.yandex.ru
mc.yandex.ru
ont.by
pagead2.googlesyndication.com
pbs.twimg.com
platform.twitter.com
s.ytimg.com
scontent.cdninstagram.com
securepubads.g.doubleclick.net
static.criteo.net
staticxx.facebook.com
stream.ont.by
syndication.twitter.com
top-fwz1.mail.ru
tpc.googlesyndication.com
vk.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.youtube.com
yastatic.net
ont.by
stream.ont.by
104.16.89.50
104.244.42.136
151.101.12.157
172.217.16.130
178.250.0.130
178.250.0.165
195.181.175.10
213.180.204.50
217.20.147.3
217.69.133.145
2606:2800:134:1a0d:1429:742:782:b6
2606:2800:134:fa2:1627:1fe:edb:1665
2a00:1450:4001:808::2001
2a00:1450:4001:808::2016
2a00:1450:4001:80b::2008
2a00:1450:4001:814::200e
2a00:1450:4001:815::200e
2a00:1450:4001:817::200e
2a00:1450:4001:81d::2002
2a00:1450:4001:81d::200a
2a00:1450:4001:824::200a
2a02:6b8:20::215
2a02:6b8::184
2a02:6b8::1:119
2a02:6b8::2:158
2a02:6b8::36
2a02:6b8::90
2a02:6b8::92
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a03:2880:f21c:81c4:face:b00c:0:43fe
87.240.190.78
93.125.31.151
93.125.48.25
02c5acad783031f72a8dfad0548c7606c9dd2480e49e4d0938abc63545cb0622
02d979fdc1c47582105a44548423814cab4194dd1fb10f5f14e051010cf685b3
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
04a1c54e23d9f2feaaa5011f66a04b2e448a01da3c7b403a3503d9d1ef0069ec
04cee45ffb82f05798448addc92a7d50d950e592106913103ad97d774f5713bc
0592e2470e9c4c34a33dda18d501ae1c738b6cb4a74d9400113fdd9631136f00
0635fd9123d8eb870f948a0e1e69926bd74a6f2ebcf7db024cd42e5947c4fa9d
06ed79e3d55657e8c0bdf162733ae94883dff192c56a3e21e0356ffe4f1f2781
079520cb738a0251a4ff6357086d700faab2598b19dc04b0e41bafd953da1a3b
094200f2d29103a679d7255326c73deb6cf303dbcdb5ed714ff4e5d034ed4836
09bc50259fefda0fe47d137eadd4517bb4e34e6dac0c3afab2ef7c63f8162344
09d260913824ead4ea39e218afea0c6c270d4d419a8f157675a4342c0a77fb07
0b68b72a7701cc1e0a24bde984726201d1d52c98d7a0917621ba54840e5b8c20
0b68c3f36a558e52f164cd3aa83965edeaa41bc5f94ff87a68957b63724676c3
0c5c3cb261a2b9de884ea1eb247c80fa3379098c8de0fbdb2a17ec0bf7d9ab6f
0c942c885bce2964fcdac4142fdf7e685b5fdc13718c0995ce5c94a30336f0f9
0ca261739616133f892b7d6effc74437491acb44b88795bce59bcc6be40c88e6
0d7e358637c1b1caa66949aefc529c1e4488923f99e499d6be09eb8cdd0b4202
0f1ede4054bd2e8c404523296db6b0eb93abf20dbf1f67935ae000279c5ce563
0fc763db542863a3a82fab164292c6bfb390f65cd1a40968147ee1c3d208bd71
121f39c2991c7a5c8fad3e4f779f962816901e74a694ead6669e0451c96a573d
12bf529a0f4d0a3f10d003a07d5b91e40579a3da18022a9896a9ccd9e5dc1b33
13d31a7f798e4340bf4001032513e01b1f515d1aa8ca8eedddd16202b4e64bb7
14bc7f63ba663eb2dbbe6699806acca20c135cacbfaa054039186c00d5aeffce
1633f70842342a4215a3b106f5fe5166824d057d81d6b753c30186991e80520a
16424cba61af903f453f756e53bc215366fa1121ec4b50728ac990de615cc409
17b8ffd35f60a425de5c25ed47f5d38f255742b1a640220b9214a709f0bb90e9
18ef062c48d1aaf6044e6ed1fbf5e21bf3fe233e366cf796a3b3eed620f3cce2
1906b3d47f1067d16255da7d1bed71a55412e72195981df5a0068ddf91ee8007
1b03be18e07e94ff40f413fd0a41d6f374b0d3df44e951baa53295099e2c3642
1b52147fe6733dc819d759654ce2683231ed73d205f6d5b746f04e15dd446cf7
1bb2ea90588c3a8e530716107c9859b4b882eacdb88574f8d07a0b3b67479d96
1be3ee8c252f6d7a058bf9c8168ae0a1760d204501fc1417e13104ab0b0e68fb
1d2914cab65438053bb73a6a72cb3015dd410c0808e15051a8fddcd2c5006b96
1e622105e0ee282594aa9cf1ecfa3526be42e058cf6a71b6d8cc01db68e0bf87
1f99b2e57203374f2485f93d8714f33d488f44fa87352eb9f8c9a346617693ff
20cdda5f0e51f5dac5693ffe15fb394528dd838e9887a785de1d02e3bb2a418f
2112700bfbe3bfafb5b61dde101ff27baaf42240895fa10bca50163ef3aed51c
216fd62bccc74ef4e4d35292cd4874e7072a4fb30685afb6235d894a3ec1a2df
22191430092ccd7ad558b4f193316d87e8ee3eaf2b62ad30f65ae91ff98172d7
23050e3fd8c06313e53fc51fe03ebd265a5b60dec3ba8943b79a50c2f2b46e6f
234f83d6d5c0031c0d2aa467423d0cb8c160a8b850d688f60787a1b5b72ce150
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
25d53f87e8471712beee4e5ca7f2cb2a5f7927b3fc0c74bae2381dec00afd91b
26d239375853fb15b0e9db18beb047fffe6b2154e50482bf5530ea34b220476b
2886786b4f36e6dba5892863d540633f6a2ddf310db74a56f03266ceed17a981
28fa9f5cea21e7efbb53773d4cc52f50259db9bfeb7cbeae1889491c42d2ccd1
2ebd7de803c699bd8666097c38e2b38ad8de43db3889094b518648bb4893ef4c
2f5db65ba70bedfaa10aeb2d2db818797e2cb878b26bc10b36cbbadb36752dcd
30217a10688227e852767c4a4d12c6f7c847bddfb41e3664923d9d05d5754081
30524ff4955653cc592d92ff6faff230d201fe166242858d5aa5027e9f1fe429
306122f0308145721220e47394ec0d355766034aa1e37e6a158729bf95f92d10
30d0a99483272f636b5fb6134e64b2a9f7b94dd7a0688a5595600e3af5cec289
3345415de42dd8c95378e22fd89b2e6aea60fa4028472d3f0b080f48865b3ac8
35f893facdb159571aaa1dbc209d25c721e813d0fa68ea01901ab65c99851f88
3641085cae451d98ebe3827e97d2bd0dd773edeb12a03f49ae365ce0adad9474
3677ccd3dcfe8b88d4a8e4e3756430a9960ffa9441431726a4bb2c0e5aff3110
3ad42a803f4583a924625ea3399a5a1dbbb3c373e5dd1a94718ded5a322cf970
3b6bbf03db196b97c74e4abf2073401059d6cf7cf905868ff2db942633c9a92d
3c6286b9a7d514c9623e71a1e2b618b4a77cc413d030bbdcfdad6e44ab7bcd2e
3ca093e4300c1beb81e0d775cd8dbb9a9b93960a4e94832d0a065bf570bcb990
3e1eb7a60d138bdda96f42fb3336367ffe32de48fe148974d44206db001a1ee4
41029da3f8c7c93634a77bc8103cbb11a15afa14043873f4f0518c4981da1971
41ed17630087d9fe7b4b68edf60544b785219d52089169c6a6c173262220bb3e
42698d0f0655848bf2e3571099fe10e41b7bb4d71e6e59e6061db1d9f30fa002
426db06134491e8848e92ee93f47f98fcc555253115b5bfbcd972a62bd51761f
42e533b31c6e1f10cbbc1e63e2242a660c7f76ae1e8c1013d15ec1720cdce6d3
430a739bce94ea113150a6c0f090ba30b184951f753fd7cd23605a83f02a4db4
44178919accac2fd92f71084d312c8ff266dd25b8b808f8e9b32fe2926aefb41
4477795273c6ca3125cae93f9657e733b115de5ad3c4d00ced9d5d558fd00b76
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc
4535e5c4256f71822f2429dda86137cfb5cabc8617ea24255e6613c58e7de966
48eda59679bb3ca38a5cdc4dd6c0ad7cee1cbbfe4a5e1d289cefcd267c48a3f2
49d10b4e23ea6f98eecba90454ab5efe8415a4c63bd34b49cf89f60be55b028c
4c52ed8f9039265ffed7fdca0b967b2624325e6356433f437e044b0dd332cddf
4f69f51f1aa32071359ae4082c487b2b6bdc8a050d7dd013f0de09fe3220b5c3
4f6ea1cdacae000aba03a104dbef857108942742d1dec395d0c2280d819f3d71
4fa8492704a2060ce034da45c7f95a50e7f8fb94930298a79f7f66f1cbca247e
523f5f00726743e435cd04833fd5161cbe35039cd705e2146abc8b79036fe620
52f658194619cffbfd9bbc48dc30290299dd37d1c836ce4e1d7542c8a5a8a260
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5543d32aa9f79f96e3506c85b741da4c3fb85ae5c6cd77d8cd4f7097875512f9
57eef0107a44fa9f54c0d96e5a995d00447128601fe840ee1da151508531b051
58a1c10beed9235a14089110f7590a260a6d3214f9892cc67c7a019205d18715
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5bdb2540421f226ed7560a9f62339c7e1d4e1defbbbe2ea94cb2f40c689ab625
623f9db375755dc4fb496f2a99e563044b7ba9da0e2e9ce672b50e4e5bf39195
62b8ad2c7c6624a29a9265f2c8f8addbcbea4412d696948407b605c7d34b93c4
636dbf4f87fa130596fdb491938e4ad2b693b397139ba7f8d2a34b738a494078
63890326f558587b0840eb0a6e6377f1bf39264e015e568f4c2a03aefce3f929
64b77871affe1f7eebcf4059ee5472ded7a4c8e9e97007c6009a630292c39e09
6532e103c38e0004e90789ffa4d24a6e5b7def63195ec90686ff07a668dd37d7
68bcdec2fdc6ce23468b97a8c39a3f9eb86233e03be5072bf3b438ac1433714d
690a52ec779510fa03644fb3e2702fdaa6f42bd2de640abe1dfaced2b1f89daa
6ab14de5b89d89106d913f48cb03c6e0144cca2d39299b3fb47a9140ab5b7f14
6df5a6b469ceaa06c2dc5f5dc26753be2bf43c5f6525ae2833e88e767c6b01e6
6e2c5ba8a0278fbbddd110dda27e2b760990485eed28e16f03df2620e082f394
6ea91d732afec06696843b109774d9534325b7fea7eaee174949ae6f0e2ee156
714117546d7867639fbf9c99baefe213cf33c5a9db5461a5062b0b4ac7886496
715cdc971b76038e66497b770c324481860bf76b271483afdbccc38fd61338f8
736ea4cdc8eb65d4ca00ab1dec4bd2558b6cfb720e2b0aebeeb823d12f0c93bb
756e927b927d51fd7a1396176fd724386bc0bca1e0bd7a3fcecbbb0785e75b82
75e7b710895b7ea11802c90891f76e66bc483ee6ddf26eb9bcd847068eabfd69
769a150bcedd206b51bb5c000a496c436c5371123a38dcc451dc230752318d82
7713c70e7a5cca8001d8be70754817e296df4bb3e9511dc90332432aeba89db9
774e0b5e1e248b4030c5f84ece37d4b7bca0e1ee770a21f27192830351d81028
7785842aa5c2a9a6c513d124b538e59f379e3e7126846f02f19e7afcd4451b78
77a1e21bcedd4eecda5c5b143d010ee29a0ce097cccc5d8101c88e557347e938
78cdb7bfafdeb0a21fee435777e2a659c5884cf80698fe8281f4498035eeab4b
7a7dfc68dc0f1e02eb5111a0a76ca60cc8a905ff5c6ec3694dce4a8d96177e7e
7bb419a7dca6454b72d099050ecb13d1698e81fc447f73a56700ec5c3d8aeac8
7c42c9be4e351ffbbb16200829138ed5f2c238bb8a602d36392bc82bd9400353
7f7528de9c0903035cf348147b78fa8e2ca5775d0640c6f56f40ae4cf9a8ddcd
819e13074b1c1919a9daaa43cfc88615162b64981958a90c7456ca4d1e46b622
823f11340c16624f00b99e35ec3a4c70238d7bc9e7478fdfe57ff99ee8acad27
8256703fede87393afb218b6e1b01bfbba5823e72aa408fba886efe81438c096
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
833f61080c01cd7463fa82cd8520c599b19563547b0dc79a939f22380eae946f
83e71be4edbb3fa54bcdded27ab54adbdd20e3122bae3300edccf78488713f69
84209e6d5281cae729ffe086fc7cb359833ebcd15ffec8e1c894a0d89f565ff1
863ea3b7b45887bb6ca4277a36cd19bdfa6af1f87c179ca4a20df269d5564b9a
879178684fdb8ba7e281297a319070783637ce4c8078d437bb82b3ae13616b11
8843b4b5876d2e9b1fa3515532e2c3b37bfffd3bbbc90140ffe1b90f37cd9bc5
8868e00b355960d8d591a00d7b8d58ea5cecd55b63d87edd9fa55180f95e1a44
8da400506349ed9c2f1dba602f17c3e0c5eb06673096eadc402e36247925c0de
8f925c869e1a7397aa2a2c8c9f3910dabb76203b172bb54f1730ac5eced4f1c2
900087ee075310da29b0516b9fdee9e16e77a82b96a5cc0a2f57fb0f778009b4
918c4485a28931feb333074355c2f4c2e915ffa51fe70b8797e9432c37b22b8f
91ce3696069e62b0dc48bfc866521c5e7db2e5082edcbf4c87a65dee01c563a8
92358557848b97817b94d14b003b2eb15c2273c90f8e3419d4bf5f806da2ca65
938c82082a5c2150af1aa2315c3b6b2b5b73a08c0fd4d529a8574c5f9200b0f4
93d8b7f5184c7eec574154f91dbf58f0bee318758c885c8ea6f7a40fe2d520b6
94748ce70bfe96f24cc14e6adffec2676bc95bd427553ff7f7f341498b9af81d
948df7d6da9c2e0e61c7abef018698494d6b501b27cb4263cc521cec7ab3751b
94f68df5309f2b9a301b4e43ed6a06e5b96220647c4bac806e9f1238207a92e9
95928822d05991ea657517979508775ac4aaf67658b4051eef95894275fe45e4
9647dfddd39179d63098ebe53916fce4b7fdaca36f4c8589511506e3a2ac54c0
96ff667bebaa41ccfff12920717fd0f275d55d6ead6426a5d33b0e359bdaf1d7
98c1227870d08bd31d6926cdd79b211043847ec75250b53fd7fb030b370a3ffe
991dc16dff93ad1b486fb318d407b6d45a71994f4b7fe0ca50757a5a0dad1cfb
9acc2770810b4a3267d57fcfeb9d2dd45d11d8b6f9907998b4198b8931db4762
9c68f690cfe0d484df62d182fb6ceb83ddcd94e8f6af6d26a0676db06f6ac544
9c97a482ca5f4d6d2a18303c79b33cfe70e8e569efd29eb08d8b8d25cce8a71b
9cf1114324a6653750f0f8af7783a744e45adadca47c48844e4ee0f11df269bf
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
9e55b13f94d40d2cf0fa324b5885869b98f7e767cdf5bebdba8913949bfbb3b6
9fa8c2bb49f0e9e391d87f70459663c0e3898f32d4506c81239151b9c0b870d6
9fa9f249f92a5a0bb293a776ea2140ff576272974196d90cc9b1a6d863886275
9fb4d302a8f93f37ae2dc773835ca29c9f989607077f9ece7aa8939b7697e17a
9fb82fc2a36ff7dbbf0efe3d4645ea9e20d7b65c16642865ca3e9ca8c99cd2bd
9ff99ae38a75b1cfcbd19a456b4d65ee1c9ef3968600f564001cd8dbbf3e4643
a0d4c19c449c8502fe7b9a83bb39375a0060f468d6e6983bf4a1d4eeaffcfb0d
a33de638844be0e68259054b82a151c415e7e3e7d611cceb0ce6730ec733debe
a3dbceb309daebd30f05e8bf72bdf2e82b680b892399bd20c3d05673297d052b
a406cf7cd4e4c095484d566c28b997c8419c769eb93821a1bbbb83af1eb99059
a509035271bab5cc3eafa5279386f6d260df1b2e410e34b476e367df1a693109
a57293fe72c2499dae206e2b7f73dcdb72f67bf20a1066c5be9cd92eb0d0189a
a5c3492323550144ab6140bc0e84ac7571fcc1617ef00f5c8ef88b915d1e9388
a5edf424c74a0309237e007f875d8bbe13a94792b46e78f038a5b1b6c8af55c9
a7aeb948c1efb81be97d00e344ffc39368567df59ed62ad7199d0541b1d8950b
a82712e7f23f58c7f3c38944001a3fd5f077e89de326b729da4c145ff033b232
a87f4fd815fc95288f2da6efc536c950ef940bd9eb52176fd9e8e56107cc65e2
a9736a66eb99e3a76447c6a4a4960d8f25812755db1b72d56fdf21d3f9df246c
aa49ebfd31d8b52b8a35837c8c68ed094c7eb497f2256eca035e3eadc7dfc7f1
aa5e58ffb728c85d576ec05746f4606af2788b7231dd1d3984a7b4c76167e385
aaf051805d44905a45b4ca9c1496e1d190c463f07fe2b31dc62204a20ef99c85
abb2a3f551e455103d3bea0cf5706a184f300c4c8bd70a57511c4c704e2c22ec
abd2a457215e60ab60b2a6b4f25a17583c5d80e13935f76e097236f729c5dcd6
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b0482244f820a99e07f9c82143765ed325a6e8995b0650093ab7d72a386c469e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b148b674f3daf9111001f2ce4eb6f01b4680bf20dfad42aadfe1cd3893d0bf09
b17b7b3a49e347706b2523389b1b09b435c6d4a5841f84c2fe74c18a1737b89b
b1a6749aa963ce1979af8968dc4a778fc046e6f2c80cb5880bd594ad9021320f
b24d8a4ace8c1a13ccb94b77ceac513d371d5822ed03a81e74c60ed545eda861
b2de5d9245b9c61add12b569bd9ec19c0fdec8a2896df6428aa82e633a386c99
b9c48a69e4d5ae05ede9e620801696da85470a3dee0f97e61f8d8c9222f2dd15
ba5f3ea40e95f49bce11942f375ebd3882eb837976eda5c0cb78b9b99ca7b485
bc551b8235be0f2badaf2ad178fa7233576106d6e49e8c47c2775468b5b93ed1
bd958f1c9c1c9154943f69814f8007e7ec08017e03f90d2c2f443377c4985e04
bfa2de9d71f9dbac9ae947d0650d9cae21ed5b3b0e36d45d88e37b4490290de1
c02d24f6f98be4331883d2a9ca88c05b94aeecd1cf151ed5d42f7e3a92f339c1
c285891eaf8f2f743efbd625c54b58c4e7c900dc2f284036299aa2c7097504cc
c2d60f6b8a156606407a639f7617381d8d7fbffb2264d70cf8493b9c0e29d8d9
c463d183fec1c835bffd30c23fbbc3cee94e18eb6c41377d96011ed3a3c25267
c98571c2df204e48b78b2efde9903a611c18061bd50517f80b1427c2066e5122
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca5a4b5062839df5f502eb69c9b878aa72768d4697420be02cd92c9b35559c9e
cb1b009a108685905232f1495a213bc88ad15639413b6b44beadada93aea4ee6
cb4cfa03e5a27d66a8e6e2e7eafe1b6bb015b120f1c7a26807aac348877564a2
cd1a693cc90973ab2511b766595f1f2329c5d3813189bc5c9237b1dd5bc5aad0
ceb36f40dad69a50fd4fc0b637ced376126c7fcb32e587ce2fe00ba5158b0b47
d10ef3897dea4c017edb32735383f1a3472efa0ba160c87c7092ab0559da9018
d171cb4057d3208c1b9cf7a32614e481bfb570bbec8525e2b1faa6467f9d2079
d9443ef74dadcd4d4c3d09b0e96b6f27bff47789258e3984fc774e2c81f07f37
da6de134a7d897a29dc7b8ff104f41c3c7abfb584e9928643b5d4f3b08530608
db3d285dc200b5bc2c2c67666256e4dcd1b0ac1f748dbfaa552bb86c8dea7116
db4c2aa152a3e4a2b5a0fa2edcbc98f25a98074929c8d0ab22b29e6ffa0c71b6
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dc3449a0d302e8e0bddbc30919f9507a09b746dd86012e9c8997cf8055861c50
dcc27bc3d3ec380b240a8a3b3ababdd92d3afe8da85bde0b495b67917ef5a5ea
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3daa9fed10329a790fc82169d8fb927048e9fe994a4f35a734d5702b23938da
e4cd90745d5bf76cde8caa5bb7b1be00ed24942c453224e76659c2b444bbd739
e6534ef488097ede7c9a9e5c6092f1cbf56f6dbf28c131c342bd02dedba2b074
e7d8f5bb8e0c1684fa0892abdfd81b766cc9e3c66da363c46aaebf10ed7ad12d
e9c098239c287bd07ba1d955bf2fd1e7e8374bc6918502597f5816693805d7e7
eb1131a76fe1a9fb2156a7b18a6a89b4111364edc3f69ad32dd12369f0c6d1b2
eb69694b75016c6d8febc32ff2b8eee96cef7fd776dc156e2f524097a0c9c623
eb6bb5a129629fbff4db05ceb29d32e61454191ea24a3ab0c72cf89858c5b619
ed7c8837d99c6acb0f34eb0627072dc1a3ae9b97e9822533c6b50d9b2c446aa7
eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b
ee69015dc9ac564f274dccdc7d54c6257849f0512aee8597921c6baaf6dd5cd7
f040699eb684a998fe8ff9c7f0fc230971652dfcdf6c15f423cd8bede7b7e3bb
f0c9dcc1676481dcf259f7f786227bb8e3afcd5dd32cacaad8ea08bd9392d82f
f0d04ff6de6ab0a54c346d546ffc91affee788c0780193bf57d69a9e1ffae5d8
f2090bdc5c4f16f2d54f7cfa244ab9f17e0936ea516bd068c1f14410b4ca244d
f2155ccff9def6a6a9b0155dff92db632305559dec3dccaac7d871e542720d4a
f2453a3fb6adc353f6b54bedeeba01802a569922d0b746248785d8b85ba9e778
f2a56473cab6529f4880cb0a3bc4e05ee695da60d5b3d595b4cfbed56a3c28ab
f3e321b8a9cd7cb719a26528a96931f944d623cb2da6e78e3cb8ae40fb480dc4
f42fdb9bb77b5662da91a15efe173afa771932e5387f75f5c8119a6f9a7c3eca
f51cfc661e82540a7a46a53f0e233003007b7a6954f424d81508064020cdf3ef
f55a4820cd9a983f7f4c22a799367ed6f134566322dc77aa520203a3cf9a36b4
f653ca0f0bf9e1b93190002f69faaf62f54e0a0383e21ee1dc1f1664686e494e
f6fd5197a64a1504337a3bcb1fd03814eab985f2a236e1bd3c5d2b3064610096
f70bc240ded7b7bdb9f696710cb048cdddf4dc2582855d1139ec449eb774072f
f9d9be2d06018892bd41400d12913a615e9a99c002623b0654385124100c4493
fe2a1a5f8a560f6f3aca241f86111778719276880f77c00881e22fb6fc3e6273
fea56ce6bea6b24873076d6d175ee1ce97f89fbdc3e631df1cca0170216e5dfa
ff6a67b5b4c91cf683b9168393ce7aa41d64326a40b928809cdf7e15d0b3c8b8

ont.by Open in urlscan Pro 93.125.48.25 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

317 Requests

99 %HTTPS

62 %IPv6

27 Domains

40 Subdomains

35 IPs

6 Countries

8499 kBTransfer

15509 kBSize

3 Cookies

30 Outgoing links

Page URL History

Redirected requests

317 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ont.by Open in urlscan Pro
93.125.48.25 Public Scan

Screenshot
Live screenshot

Full Image

317
Requests

99 %
HTTPS

62 %
IPv6

27
Domains

40
Subdomains

35
IPs

6
Countries

8499 kB
Transfer

15509 kB
Size

3
Cookies

317 HTTP transactions
12 data transactions