ex-press.by Open in urlscan Pro
178.172.173.1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ex-press.by/
Effective URL:
https://ex-press.by/
Submission: On May 21 via manual (May 21st 2020, 10:34:16 pm UTC) from IL

Summary HTTP 166 Redirects Links 61 Behaviour Indicators

Summary

This website contacted 41 IPs in 10 countries across 40 domains to perform 166 HTTP transactions. The main IP is 178.172.173.1, located in Belarus and belongs to BELPAK-AS BELPAK, BY. The main domain is ex-press.by.
TLS certificate: Issued by RapidSSL RSA CA 2018 on February 27th 2019. Valid for: 2 years.

This is the only time ex-press.by was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 9	178.172.173.1 178.172.173.1	6697 (BELPAK-AS...) (BELPAK-AS BELPAK)
1	2a00:1450:400... 2a00:1450:4001:821::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:81e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
7	195.161.16.142 195.161.16.142	8342 (RTCOMM-AS) (RTCOMM-AS)
6	2a02:6b8:20::215 2a02:6b8:20::215	13238 (YANDEX) (YANDEX)
2	92.223.103.176 92.223.103.176	199524 (GCORE) (GCORE)
2	212.224.112.8 212.224.112.8	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
3	2a03:90c0:999... 2a03:90c0:9997::9997	199524 (GCORE) (GCORE)
1 11	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1	2a02:6b8::16b 2a02:6b8::16b	13238 (YANDEX) (YANDEX)
7	2a02:6b8::90 2a02:6b8::90	13238 (YANDEX) (YANDEX)
3	217.69.133.145 217.69.133.145	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
39	95.163.144.221 95.163.144.221	205830 (CYMRG-AS) (CYMRG-AS)
9	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
2 5	77.88.21.179 77.88.21.179	13238 (YANDEX) (YANDEX)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81b::2002	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:81b::200e	15169 (GOOGLE) (GOOGLE)
13	104.19.135.78 104.19.135.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1148:db0... 2a00:1148:db00::17	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
1 2	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
1 2	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1 2	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:81e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
4	178.250.2.152 178.250.2.152	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	104.19.136.78 104.19.136.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:6b8::184 2a02:6b8::184	13238 (YANDEX) (YANDEX)
1 3	104.111.214.103 104.111.214.103	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a03:2880:f01... 2a03:2880:f01c:800e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
1	87.240.190.78 87.240.190.78	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS http://vk.com)
1	217.20.147.3 217.20.147.3	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
2 2	52.208.84.65 52.208.84.65	16509 (AMAZON-02) (AMAZON-02)
1 1	138.201.86.121 138.201.86.121	24940 (HETZNER-AS) (HETZNER-AS)
1	23.105.245.5 23.105.245.5	7979 (SERVERS) (SERVERS)
1	104.16.221.74 104.16.221.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	188.42.196.115 188.42.196.115	7979 (SERVERS) (SERVERS)
5 5	35.157.107.235 35.157.107.235	16509 (AMAZON-02) (AMAZON-02)
1 2	52.59.15.106 52.59.15.106	16509 (AMAZON-02) (AMAZON-02)
2 2	18.185.190.97 18.185.190.97	16509 (AMAZON-02) (AMAZON-02)
1 2	104.111.230.142 104.111.230.142	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	172.217.18.162 172.217.18.162	15169 (GOOGLE) (GOOGLE)
2 2	35.212.212.222 35.212.212.222	19527 (GOOGLE-2) (GOOGLE-2)
1 1	23.105.254.60 23.105.254.60	7979 (SERVERS) (SERVERS)
14	195.161.16.132 195.161.16.132	8342 (RTCOMM-AS) (RTCOMM-AS)
2	2a00:1450:400... 2a00:1450:4001:81a::2001	15169 (GOOGLE) (GOOGLE)
166	41

9 178.172.173.1 (Belarus) 1 redirects

ASN6697 (BELPAK-AS BELPAK, BY)
PTR: 178-172-173-1.hosterby.com

ex-press.by	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 195.161.16.142 (Ostrovnoy, Russian Federation)

ASN8342 (RTCOMM-AS, RU)

code.giraff.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
data.giraff.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6b8:20::215 (Russian Federation)

ASN13238 (YANDEX, RU)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 92.223.103.176 (Moscow, Russian Federation)

ASN199524 (GCORE, AT)
PTR: f1.moevideo.net

moevideo.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.224.112.8 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
PTR: dsde696-17.fornex.org

unfeaecmhszmsx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:90c0:9997::9997 (Germany)

ASN199524 (GCORE, AT)

cdn.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::16b (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

matchid.adfox.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::90 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 217.69.133.145 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 95.163.144.221 (Russian Federation)

ASN205830 (CYMRG-AS, CY)

hb.bizmrg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 77.88.21.179 (Russian Federation) 2 redirects

ASN13238 (YANDEX, RU)
PTR: adfox-external-l3-engine.stable.qloud-b.yandex.net

ads.adfox.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81b::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 104.19.135.78 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.198 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.30 (Poland) 1 redirects

ASN204995 (RTB-HOUSE-AMS, NL)
PTR: ip-185-184-8-30.rtbhouse.net

pubs2-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9d (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.2.152 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.136.78 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::184 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

avatars.mds.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.214.103 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-214-103.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:800e:face:b00c:0:2 (Ireland)

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.240.190.78 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU)
PTR: srv78-190-240-87.vk.com

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.20.147.3 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: ip3.147.odnoklassniki.ru

connect.ok.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.208.84.65 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-84-65.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.86.121 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.121.86.201.138.clients.your-server.de

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.105.245.5 (Russian Federation)

ASN7979 (SERVERS, US)

cm.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.221.74 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.196.115 (Luxembourg) 2 redirects

ASN7979 (SERVERS, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.157.107.235 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-107-235.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.59.15.106 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-15-106.eu-central-1.compute.amazonaws.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.185.190.97 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-190-97.eu-central-1.compute.amazonaws.com

prod.perf-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.230.142 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s29-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.212.212.222 (Mountain View, United States) 2 redirects

ASN19527 (GOOGLE-2, US)
PTR: 222.212.212.35.bc.googleusercontent.com

rtb-usw.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.105.254.60 (Russian Federation) 1 redirects

ASN7979 (SERVERS, US)

udata.mixmarket.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 195.161.16.132 (Ostrovnoy, Russian Federation)

ASN8342 (RTCOMM-AS, RU)

a.giraff.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	bizmrg.com hb.bizmrg.com	9 MB
21	giraff.io code.giraff.io data.giraff.io a.giraff.io	287 KB
19	yandex.ru 1 redirects mc.yandex.ru matchid.adfox.yandex.ru an.yandex.ru	326 KB
14	mgid.com jsc.mgid.com cdn.mgid.com servicer.mgid.com cm.mgid.com	191 KB
9	gstatic.com fonts.gstatic.com	98 KB
9	ex-press.by 1 redirects ex-press.by	338 KB
6	yastatic.net yastatic.net	115 KB
6	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	132 KB
5	bidswitch.net 5 redirects x.bidswitch.net	2 KB
5	doubleclick.net 2 redirects googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	1 KB
5	adfox.ru 2 redirects ads.adfox.ru	63 KB
5	mail.ru top-fwz1.mail.ru ad.mail.ru	12 KB
4	criteo.com bidder.criteo.com	775 B
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	criteo.net static.criteo.net	30 KB
3	google-analytics.com 2 redirects www.google-analytics.com	18 KB
3	admixer.net cdn.admixer.net	56 KB
2	mfadsrvr.com 2 redirects rtb-usw.mfadsrvr.com	657 B
2	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com	279 B
2	perf-serving.com 2 redirects prod.perf-serving.com	1 KB
2	3lift.com 1 redirects eb2.3lift.com	726 B
2	betweendigital.com 2 redirects ads.betweendigital.com	934 B
2	adsrvr.org 2 redirects match.adsrvr.org	906 B
2	creativecdn.com 1 redirects pubs2-eu.creativecdn.com creativecdn.com	950 B
2	yadro.ru 1 redirects counter.yadro.ru	1 KB
2	google.com 1 redirects adservice.google.com www.google.com	350 B
2	google.de adservice.google.de www.google.de	274 B
2	unfeaecmhszmsx.com unfeaecmhszmsx.com	7 KB
2	moevideo.biz moevideo.biz	48 KB
2	googletagmanager.com www.googletagmanager.com	65 KB
1	mixmarket.biz 1 redirects udata.mixmarket.biz	207 B
1	idealmedia.io cm.idealmedia.io	556 B
1	lentainform.com cm.lentainform.com	329 B
1	loopme.me 1 redirects csync.loopme.me	191 B
1	ok.ru connect.ok.ru	2 KB
1	vk.com vk.com	321 B
1	facebook.com graph.facebook.com	468 B
1	yandex.net avatars.mds.yandex.net	9 KB
1	googletagservices.com www.googletagservices.com	27 KB
1	googleapis.com fonts.googleapis.com	994 B
166	40

	Domain	Requested by
39	hb.bizmrg.com	ex-press.by pagead2.googlesyndication.com yastatic.net
14	a.giraff.io	code.giraff.io ex-press.by
11	mc.yandex.ru	1 redirects ex-press.by mc.yandex.ru
10	cm.mgid.com	jsc.mgid.com ex-press.by
9	fonts.gstatic.com	ex-press.by jsc.mgid.com
9	ex-press.by	1 redirects ex-press.by
7	an.yandex.ru	yastatic.net an.yandex.ru
6	yastatic.net	ex-press.by yastatic.net an.yandex.ru
5	x.bidswitch.net	5 redirects
5	ads.adfox.ru	2 redirects ex-press.by yastatic.net
4	data.giraff.io	code.giraff.io ex-press.by
4	bidder.criteo.com	static.criteo.net
4	pagead2.googlesyndication.com	ex-press.by pagead2.googlesyndication.com
3	sb.scorecardresearch.com	1 redirects jsc.mgid.com ex-press.by
3	static.criteo.net	yastatic.net ex-press.by
3	www.google-analytics.com	2 redirects www.googletagmanager.com
3	top-fwz1.mail.ru	ex-press.by top-fwz1.mail.ru
3	cdn.admixer.net	ex-press.by cdn.admixer.net
3	code.giraff.io	ex-press.by code.giraff.io
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	rtb-usw.mfadsrvr.com	2 redirects
2	prod.perf-serving.com	2 redirects
2	eb2.3lift.com	1 redirects ex-press.by
2	ads.betweendigital.com	2 redirects
2	match.adsrvr.org	2 redirects
2	cdn.mgid.com	www.googletagservices.com ex-press.by
2	stats.g.doubleclick.net	1 redirects ex-press.by
2	counter.yadro.ru	1 redirects ex-press.by
2	ad.mail.ru	yastatic.net code.giraff.io
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	unfeaecmhszmsx.com	ex-press.by unfeaecmhszmsx.com
2	moevideo.biz	ex-press.by moevideo.biz
2	www.googletagmanager.com	ex-press.by www.googletagmanager.com
1	udata.mixmarket.biz	1 redirects
1	cm.g.doubleclick.net	1 redirects
1	eus.rubiconproject.com	ex-press.by
1	secure-assets.rubiconproject.com	1 redirects
1	creativecdn.com	1 redirects
1	cm.idealmedia.io	ex-press.by
1	cm.lentainform.com	ex-press.by
1	csync.loopme.me	1 redirects
1	connect.ok.ru	code.giraff.io
1	vk.com	code.giraff.io
1	graph.facebook.com	code.giraff.io
1	avatars.mds.yandex.net	ex-press.by
1	servicer.mgid.com	jsc.mgid.com
1	www.google.de	ex-press.by
1	www.google.com	1 redirects
1	pubs2-eu.creativecdn.com	cdn.admixer.net
1	www.googletagservices.com	pagead2.googlesyndication.com
1	jsc.mgid.com	ex-press.by
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	matchid.adfox.yandex.ru	yastatic.net
1	fonts.googleapis.com	ex-press.by
166	55

This site contains links to these domains. Also see Links.

Domain
ex-press.ex-press.by
twitter.com
www.facebook.com
vk.com
www.instagram.com
matrac.by
t.me
an.yandex.ru
direct.yandex.ru
a.giraff.io
giraff.io
widgets.mgid.com
bitcointrader
funeralcost
ketoviante
bitcoinrevolution
elitefreshluxury.com
inspiredot.net
zestradar.com
flatbelly
bitcoinera
www.liveinternet.ru

Subject Issuer	Validity	Valid
ex-press.by RapidSSL RSA CA 2018	`2019-02-27` - `2021-03-23`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
giraff.io Let's Encrypt Authority X3	`2020-04-25` - `2020-07-24`	3 months	crt.sh
static.yandex.net Yandex CA	`2019-09-06` - `2020-09-05`	a year	crt.sh
*.moevideo.biz AlphaSSL CA - SHA256 - G2	`2020-05-18` - `2021-05-19`	a year	crt.sh
unfeaecmhszmsx.com Let's Encrypt Authority X3	`2020-03-13` - `2020-06-11`	3 months	crt.sh
*.admixer.net Sectigo RSA Domain Validation Secure Server CA	`2020-03-12` - `2021-06-21`	a year	crt.sh
mc.yandex.ru Yandex CA	`2019-09-23` - `2020-09-22`	a year	crt.sh
matchid.adfox.yandex.ru Yandex CA	`2020-02-26` - `2021-02-25`	a year	crt.sh
bs.yandex.ru Yandex CA	`2019-09-24` - `2020-09-23`	a year	crt.sh
*.mail.ru GlobalSign Organization Validation CA - SHA256 - G2	`2019-01-18` - `2021-01-18`	2 years	crt.sh
bizmrg.com GeoTrust RSA CA 2018	`2017-12-08` - `2020-07-03`	3 years	crt.sh
*.gstatic.com GTS CA 1O1	`2020-04-28` - `2020-07-21`	3 months	crt.sh
*.adfox.ru Yandex CA	`2019-08-01` - `2020-07-31`	a year	crt.sh
*.google.de GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-04-28` - `2020-07-21`	3 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-04-07` - `2020-10-09`	6 months	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2020-03-30` - `2020-06-28`	3 months	crt.sh
counter.yadro.ru GoGetSSL ECC DV CA	`2020-02-02` - `2022-05-02`	2 years	crt.sh
*.creativecdn.com RapidSSL RSA CA 2018	`2019-01-11` - `2021-04-11`	2 years	crt.sh
www.google.de GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2020-03-30` - `2020-06-28`	3 months	crt.sh
*.avatars.yandex.net Yandex CA	`2019-10-04` - `2020-10-03`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2019-12-16` - `2020-12-25`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-05-14` - `2020-08-05`	3 months	crt.sh
vk.com Sectigo ECC Extended Validation Secure Server CA	`2019-07-11` - `2020-07-09`	a year	crt.sh
*.ok.ru GeoTrust RSA CA 2018	`2019-08-07` - `2021-03-21`	2 years	crt.sh
*.lentainform.com Go Daddy Secure Certificate Authority - G2	`2020-01-09` - `2021-01-20`	a year	crt.sh
*.3lift.com Amazon	`2019-07-17` - `2020-08-17`	a year	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-02-13` - `2021-02-17`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-04-28` - `2020-07-21`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://ex-press.by/
Frame ID: A4D3B5106F17034F358B0DEAE91B3EC1
Requests: 160 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200519/r20190131/zrt_lookup.html
Frame ID: E544533591F065BC53B78A70D31220CA
Requests: 1 HTTP requests in this frame

Frame: https://jsc.mgid.com/e/x/ex-press.by.400055.js?t=202042122
Frame ID: 145BF6D5FADFD51C2D17D05FFA633215
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9813867482838331&output=html&adk=1812271804&adf=3025194257&lmt=1590100437&plat=1%3A32776%2C2%3A32776%2C8%3A32768%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fex-press.by%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1590100436913&bpp=20&bdt=336&idt=187&shv=r20200519&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4877061839492&frm=20&pv=2&ga_vid=1429654070.1590100437&ga_sid=1590100437&ga_hid=1612374462&ga_fc=0&iag=0&icsg=538968704&dssz=34&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066004%2C21066085&oid=3&pvsid=325195282189403&pem=210&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=0&uci=a!0&fsb=1&dtd=210
Frame ID: 80DB5769E40BACAEBC44222694441685
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1590100438132887160579
Frame ID: AE99CE171638F1EBBC6C29CF6068E29A
Requests: 2 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.69/1-1-0/render.html
Frame ID: A1291B593E07846C847099A37F69E820
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 53BDEC929B962E2F490FE231FAADC895
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://ex-press.by/ HTTP 301
https://ex-press.by/ Page URL

Detected technologies

Ruby (Programming Languages) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

166
Requests

100 %
HTTPS

43 %
IPv6

40
Domains

55
Subdomains

41
IPs

10
Countries

10810 kB
Transfer

14048 kB
Size

19
Cookies

61 Outgoing links

These are links going to different origins than the main page.

URL: https://ex-press.ex-press.by/rss
Title: RSS

Search URL Search Domain Scan URL

URL: https://ex-press.ex-press.by/rss/rubrics/novosti-borisova
Title: RSS

Search URL Search Domain Scan URL

URL: https://ex-press.ex-press.by/rss/rubrics/novosti-zhodino
Title: RSS

Search URL Search Domain Scan URL

URL: https://ex-press.ex-press.by/rss/rubrics/politika
Title: RSS

Search URL Search Domain Scan URL

URL: https://ex-press.ex-press.by/rss/rubrics/ekonomika
Title: RSS

Search URL Search Domain Scan URL

URL: https://ex-press.ex-press.by/rss/rubrics/obshhestvo
Title: RSS

Search URL Search Domain Scan URL

URL: https://ex-press.ex-press.by/rss/rubrics/proisshestviya
Title: RSS

Search URL Search Domain Scan URL

URL: https://ex-press.ex-press.by/rss/rubrics/sport
Title: RSS

Search URL Search Domain Scan URL

URL: https://ex-press.ex-press.by/rss/rubrics/kultura
Title: RSS

Search URL Search Domain Scan URL

URL: https://ex-press.ex-press.by/rss/rubrics/texnologii
Title: RSS

Search URL Search Domain Scan URL

URL: https://ex-press.ex-press.by/rss/rubrics/v-mire
Title: RSS

Search URL Search Domain Scan URL

URL: https://ex-press.ex-press.by/rss/rubrics/blognot
Title: RSS

Search URL Search Domain Scan URL

URL: https://ex-press.ex-press.by/rss/rubrics/novosti-germanii
Title: RSS

Search URL Search Domain Scan URL

URL: https://ex-press.ex-press.by/rss/rubrics/novosti-kompanij
Title: RSS

Search URL Search Domain Scan URL

URL: https://ex-press.ex-press.by/rss/rubrics/vopros-yuristu
Title: RSS

Search URL Search Domain Scan URL

URL: https://ex-press.ex-press.by/rss/rubrics/spadchyna
Title: RSS

Search URL Search Domain Scan URL

URL: https://twitter.com/exPress_Belarus

Search URL Search Domain Scan URL

URL: https://www.facebook.com/exPess.by

Search URL Search Domain Scan URL

URL: https://vk.com/ex.pressby

Search URL Search Domain Scan URL

URL: https://www.instagram.com/ex_press.by/

Search URL Search Domain Scan URL

URL: https://matrac.by/

Search URL Search Domain Scan URL

URL: https://t.me/expressby
Title: Telegram: EX-PRESS.BY

Search URL Search Domain Scan URL

URL: https://an.yandex.ru/count/WYWejI_zO102zH00f1jqXziO9FTw6GK040CnrG77NW00000uzlagXeJDmWQ00SEq0uW1guwCk4QG0QJeYzqsc06uxyxOFQ01eEYBtJQe0QZlpjWzk06CmPtz7S010jW1hBla6-01ZeEW5-W1PlW1ekdX1PW2eh6h5Q02mil55Ba27Qz1WVdNV9Bm0f2seSOCfGRu1E2Q8eW5lgaQa0NWcYAW1VAt2gW5dza8i0MVsGYu1P_P2EMG1E05Tzghhj88e0Ri0QW6x06f1vD-qEpzYgGck0U01SBXvQ8AoGeviVZ1ql_o2geB4CgG_ZAJVW00-5Es6p2cw0k-gHhfuRu1gGp069ftkB6iF-WC0PWDdyfPFw0EXuuRa_t1kTxVej8csG_W3m604EtUrnQG4D__wFV0aRdtHj0GmfTajEbZcPdfjSdgZGtW4R29mW7e4UYtsipRhyUDKWMrGBQ_C_j8ODFW4v_P28WKmPYccekmeUGDe1IVsGYe5E2QyD7pymNW507e50ZG5V3Hy_C5s1N1YlRieu-y_6FmW1QLaC20W81Me1RGZvtr1R0MlGF95j0MekdXlW615vWNnfkQ6hWN0S0N0TWNm8Gz7W0qvB2XfEcokN8xj3T0Fnbddns-WOnm3SI6qpOyufTqLZ64loPOGUD4GcqjbKURljEXWaS4YtTwW9wpZIqN1sXm4d3d0WSEZRnoCgOqHcCO3gBqyZwu9uLtZ2-0cQZ10Wy0~1?stat-id=5&test-tag=473340179437569&format-type=54&actual-format=40&banner-test-tags=eyI3MzQ1MzcxNjY2IjoiMzI3NjkifQ%3D%3D

Search URL Search Domain Scan URL

URL: https://direct.yandex.ru/?partner
Title: Яндекс.Директ

Search URL Search Domain Scan URL

URL: https://an.yandex.ru/count/WYuejI_zO1i29H4011n0MbmXKHKzwmK06mCnrG77NW00000u_9iXmhVTaWg00Rhs2OW1vQNnfasG0PJKojB3W8200fW1bDJAqaEW0OIe0OIu0UBaxQGVm042s07gyxeVu06sa9GVgEtV3fW2bDYe0Q02r9bnkG8Thq61-TTyal02-zAGnGI00_p_hza9Y0FalCzA_X3u1EAo1uW5kF46a0NYiWUW1UoW0gW5sl01i0NQy06u1Thm0QfovDtNsmAW1km1g0Ri0Qa7atvq2_wAf2Qu1xG6mkhCECaAoWmiB0X2yXog2n2Ei37yatu006vgjXimfkWBkF6exT--0QaCW7tJ7H7Lc3_e306O3TcdOA0Em8Gza_tHlU3Vej8csG-aRa3je6xmF-0F0O0GtzlQ690Gt__ezy2HkVT6q121xsIqwMEPcUdZmyoH2k0H-C-a0UWHkDopweg7XF4D86H0_pLn6ahynU0Jsl01Y1IPZAMzyzcksY-W5Dhm0QWKuh87vCwPzWNW507e50ZG5UJEcVO5s1N1YlRieu-y_6FmW1QLaC20W81Me1RGZvtr1R0MlGF95j0MgEtVlW615vWNiDJg9xWN0S0N0TWNm8Gz7W0qvB2XfEcoEVd-p0F_at6stE4RtWZNG6nERSCZLoQw9qvmUXxvjqGKCSZ7151lfyVgELlUSd6M1kS0TpfmOEWyQnAeD4PRkjN0LPOPztJK7ro0TKALnH4WEDSa96gRm0C0~1?stat-id=14&test-tag=473340179390977&format-type=72&actual-format=18&banner-test-tags=eyI3MjA1NzYwMzExNzExMDUzOCI6IjMyNzY5In0%3D

Search URL Search Domain Scan URL

URL: https://an.yandex.ru/count/WYuejI_zO1i29H4011n0MbmXi1gUsWK06mCnrG77NW00000u_9iXmhVTaWg00Rhs2OW1vQNnfasG0PJKojB3W8200fW1bDJAqaEW0OIe0OIu0UBaxQGVm04-s07gyxeVu06sa9GVgEtV3fW2bDYe0Q02r9bnkG8Thq61-TTyal02-zAGnGI00_p_hza9Y0FalCzA_X3u1EAo1uW5kF46a0NYiWUW1UoW0gW5sl01i0NQy06u1Thm0QfovDtNsmAW1km1g0Ri0Qa7atvq2_wAf2Qu1xG6mkhCECaAoWmiB0X2yXog2n2Ei37yatu006vgjXimfkWBkF6exT--0QaCW7tJ7H7Lc3_e306O3TcdOA0Em8Gza_tHlU3Vej8csG-aRa3je6xmF-0F0O0GtzlQ690Gt__ezy2HkVT6q121xsIqwMEPcUdZmyoH2k0H-C-a0UWHkDopweg7XF4D86H0_pLn6ahynU0Jsl01Y1IPZAMzyzcksY-W5Dhm0QWKuh87vCwPzWNW507e50ZG5UJEcVO5s1N1YlRieu-y_6FmW1QLaC20W81Me1RGZvtr1R0MlGF95j0MgEtVlW615vWNiDJg9xWN0S0N0TWNm8Gz7W0qvB2XfEcoEVd-p0F_at6stE4RtWZNG6nERSCZLoQw9qvmUXxvjqGKCSZ7151lfyVgELlUSd6M1kS0TpfmOEWyQnAeD4PRkjN0LPOPztJK7ro0TKALnH4WEDSa96gRm0C0~1?stat-id=14&test-tag=473340179390977&format-type=72&actual-format=18&banner-test-tags=eyI3MjA1NzYwMzExNzExMDUzOCI6IjMyNzY5In0%3D
Title: Опыт 20 лет

Search URL Search Domain Scan URL

URL: https://an.yandex.ru/count/WYyejI_zO1i2BH4051n0MbmXyrMcV0K06mCnrG77NW00000u_9iXmhVTaWg00Rhs2OW1vQNnfasG0PJKojB3W8200fW1bDJAqaEW0OIe0OIu0UBaxQGVm052s07gyxeVu06sa9GVgEtV3fW2bDYe0Q02r9bnkG8Thq61-TTyal02-zAGnGI00_p_hza9Y0FalCzA_X3u1EAo1uW5kF46a0NYiWUW1UoW0gW5sl01i0NQy06u1Thm0QfovDtNsmAW1km1g0Ri0Qa7atvq2_wAf2Qu1xG6mkhCECaAoWmiB0X2yXog2n2Ei37yatu006vgjXimfkWBkF6exT--0QaCW7tJ7H7Lc3_e306O3TcdOA0Em8Gza_tHlU3Vej8csG-aRa3je6xmF-0F0O0GtzlQ690Gt__ezy2HkVT6q121xsIqwMEPcUdZmyoH2k0H-C-a0UWHkDopweg7XF4DyI1aGFyrSHfA_CNW4zhm0OWKcOoblVFPhjele1JQy06e5EAo1-JEcVO5u1G1w1G8q1Napfds1TWLmOhsxAEFlFnZy80MbP30W820Lg0Mq8-TzGMm5hq3oHRG5gZjtxu1WHUO5x3KwYUu5m705m7O5y24FHu0DEImeQJfiZdv_im3_vDnjjpX6oa9t81XJct38rSckYTES7eU-RT45378nmHGRwV7wZbRtd9nbWRd07SwS63eF6iIg3H6MxhLm5MM6VTqr1zSW7L2bSKH83ZN92Hgcy03~1?stat-id=14&test-tag=473340179390977&format-type=72&actual-format=18&banner-test-tags=eyI3MjA1NzYwMzExNzExMDUzOCI6IjMyNzY5In0%3D
Title: Анонимно

Search URL Search Domain Scan URL

URL: https://an.yandex.ru/count/WYuejI_zO1i29H4011n0MbmXgNJU-GK06mCnrG77NW00000u_9iXmhVTaWg00Rhs2OW1vQNnfasG0PJKojB3W8200fW1bDJAqaEW0OIe0OIu0UBaxQGVm056s07gyxeVu06sa9GVgEtV3fW2bDYe0Q02r9bnkG8Thq61-TTyal02-zAGnGI00_p_hza9Y0FalCzA_X3u1EAo1uW5kF46a0NYiWUW1UoW0gW5sl01i0NQy06u1Thm0QfovDtNsmAW1km1g0Ri0Qa7atvq2_wAf2Qu1xG6mkhCECaAoWmiB0X2yXog2n2Ei37yatu006vgjXimfkWBkF6exT--0QaCW7tJ7H7Lc3_e306O3TcdOA0Em8Gza_tHlU3Vej8csG-aRa3je6xmF-0F0O0GtzlQ690Gt__ezy2HkVT6q121xsIqwMEPcUdZmyoH2k0H-C-a0UWHkDopweg7XF4D86H0_pLn6ahynU0Jsl01Y1IPZAMzyzcksY-W5Dhm0QWKuh87vCwPzWNW507e50ZG5UJEcVO5s1N1YlRieu-y_6FmW1QLaC20W81Me1RGZvtr1R0MlGF95j0MgEtVlW615vWNiDJg9xWN0S0N0TWNm8Gz7W0qvB2XfEcoEVd-p0F_at6stE4RtWZNG6nERSCZLoQw9qvmUXxvjqGKCSZ7151lfyVgELlUSd6M1kS0TpfmOEWyQnAeD4PRkjN0LPOPztJK7ro0TKALnH4WEDSa96gRm0C0~1?stat-id=14&test-tag=473340179390977&format-type=72&actual-format=18&banner-test-tags=eyI3MjA1NzYwMzExNzExMDUzOCI6IjMyNzY5In0%3D
Title: Быстро

Search URL Search Domain Scan URL

URL: https://an.yandex.ru/count/WYqejI_zO1i27H4011n0MbmX6e0wh0K06mCnrG77NW00000u_9iXmhVTaWg00Rhs2OW1vQNnfasG0PJKojB3W8200fW1bDJAqaEW0OIe0OIu0UBaxQGVm05Ms07gyxeVu06sa9GVgEtV3fW2bDYe0Q02r9bnkG8Thq61-TTyal02-zAGnGI00_p_hza9Y0FalCzA_X3u1EAo1uW5kF46a0NYiWUW1UoW0gW5sl01i0NQy06u1Thm0QfovDtNsmAW1km1g0Ri0Qa7atvq2_wAf2Qu1xG6mkhCECaAoWmiB0X2yXog2n2Ei37yatu006vgjXimfkWBkF6exT--0QaCW7tJ7H7Lc3_e306O3TcdOA0Em8Gza_tHlU3Vej8csG-aRa3je6xmF-0F0O0GtzlQ690Gt__ezy2HkVT6q121xsIqwMEPcUdZmyoH2k0H-C-a0UWHkDopweg7XF4D86H0_pLn6ahynU0Jsl01Y1IPZAMzyzcksY-W5Dhm0QWKuh87vCwPzWNW507e50ZG5UJEcVO5s1N1YlRieu-y_6FmW1QLaC20W81Me1RGZvtr1R0MlGF95j0MgEtVlW615vWNiDJg9xWN0S0N0TWNm8Gz7W0qvB2XfEcoEVd-p0CvW6VB7RxXZN0DnERKDZnoPQ9xuWIdvv5_IqGHWtnC0FLsUgoUi-Kj5sTfS0vmfmC7Xiwp9e5AOxIbMmrSPPbnJqVzmGLO9rHP7062Sqr2ehO9F000~1?stat-id=14&test-tag=473340179390977&format-type=72&actual-format=18&banner-test-tags=eyI3MjA1NzYwMzExNzExMDUzOCI6IjMyNzY5In0%3D
Title: Для женщин

Search URL Search Domain Scan URL

URL: https://an.yandex.ru/count/WYqejI_zO1i27H4011n0MbmXltQqP0K06mCnrG77NW00000u_9iXmhVTaWg00Rhs2OW1vQNnfasG0PJKojB3W8200fW1bDJAqaEW0OIe0OIu0UBaxQGVm04Es07gyxeVu06sa9GVgEtV3fW2bDYe0Q02r9bnkG8Thq61-TTyal02-zAGnGI00_p_hza9Y0FalCzA_X3u1EAo1uW5kF46a0NYiWUW1UoW0gW5sl01i0NQy06u1Thm0QfovDtNsmAW1km1g0Ri0Qa7atvq2_wAf2Qu1xG6mkhCECaAoWmiB0X2yXog2n2Ei37yatu006vgjXimfkWBkF6exT--0QaCW7tJ7H7Lc3_e306O3TcdOA0Em8Gza_tHlU3Vej8csG-aRa3je6xmF-0F0O0GtzlQ690Gt__ezy2HkVT6q121xsIqwMEPcUdZmyoH2k0H-C-a0UWHkDopweg7XF4D86H0_pLn6ahynU0Jsl01Y1IPZAMzyzcksY-W5Dhm0QWKuh87vCwPzWNW507e50ZG5UJEcVO5s1N1YlRieu-y_6FmW1QLaC20W81Me1RGZvtr1R0MlGF95j0MgEtVlW615vWNiDJg9xWN0S0N0TWNm8Gz7W0qvB2XfEcoEVd-p0F_at6stE4RtWZNG6nERSCZLoQw9qvmUXxvjqGKCSZ7151lr-DiPSjRBixIu1pWJWSE39rdJGALncXBjnguoZBZdexwWmkmJgYoE084vvg4H6qJU000~1?stat-id=14&test-tag=473340179390977&format-type=72&actual-format=18&banner-test-tags=eyI3MjA1NzYwMzExNzExMDUzOCI6IjMyNzY5In0%3D
Title: Адрес и телефон

Search URL Search Domain Scan URL

URL: https://an.yandex.ru/count/WXeejI_zO042XH0051j0MbmXMgjxvGK00GCnrG77NW00000u_9iXXixKWWY00R6-vCpmuB2UUOW1gidpvKUG0RZekwKtc066j-RYFg01WeMcfJUe0Twsvk8-k07myAUV7i010jW1vDsS7E01uAIg6kW1VeW23g02gDdc5xa27Qz1WVdNV9Bm0llIaCNy1lW4aeyFY0N_mWwG1PAF3w05iSu4g0N-wmEm1Vxh0xW5_ki3sEa1u0Ltn8x2-G6W1km1g0Ri0Qa7atvq2_wAf2Qu1u05mjIiyyaAu5x7zmtB7AeB48wmCVoJVW00Rcgs6p2cw0l_mWxm2mQf381mhh_FHgI_w0m1c0shfs2mFg0EeFSsa_tHlU3Vej8csG_W3m604BQAZ1UG4D__wFV0aRdtHcIqwMEPcUdZmyoH2k0H-C-a0UWHkDopweg7XF4DyI1aG3CqXHxjsS3W4_xh0uWKcOoblVFPhjele1J-wmEe59AFl93SzGNW507e50ZG5RoGtFK5s1N1YlRieu-y_6FmW1QLaC20W81Me1RGZvtr1R0MlGF95e4Nc1VQtReUk1S1m1S1s1V0X3tW5xoGtFK5700jWiaiqdJPN1MfUWCVW6TZ7RvHZy0D64Ow6mb0IoHpcDSp4wn1Gp_25mGgyGWUOPdRwSAru1nv1hq3cSIPZ8FKsDXaIscCXZ0SHAdmhToB2UWEPODt31ErJU01~1?stat-id=14&test-tag=473340179390977&format-type=72&actual-format=18&banner-test-tags=eyI3NDIxMjYyMzY0IjoiMzI3NzAifQ%3D%3D

Search URL Search Domain Scan URL

URL: https://an.yandex.ru/count/WY8ejI_zO0u2nH00L1j0MbmX07TbTmK03WCnrG77NW00000u_9iXXeJDmWQ00UFjY0M80RkEZBX6a06kw8lTDfW1jE_Es3sW0PJeYzqsg06axyxOFRW1ZC6T_Ht00GBO0Qoxv1lW0Ow3e1Ve0MRu0QBfuQAngnMW0iBBnHIv0XslGO7vrtoIy0Bxqf35bWRu1EUe4OW5uRmGa0Ndg16W1QYa1QW5pBC4i0NCimIu1Sop1DgB0k05Tzghhj88e0Ri0QW6x06f1vD-T0l-YgGck0U01SBXvQ8AoGhnRRn-LgRf7AeB48wmCVoJVW00Rcgs6p2cw0lXlABfuRu1gGmWJG60fu7Cl-WC0PWDgwTWS3sW3eUE6vFzqRtWtwBI9jaFu0y1W13jtjSMa13V_-Ztm96vzqPajEbZcPdfuyFCaGhW4VZFf07e4RZSi-gAXuJn3V4WP41c5ipQRnhHu1FCimI859cCfRtpsQxQBw0KpBC4g1JdgF3Hy_C5u1G1w1G8q1NmqVFp1TWLmOhsxAEFlFnZy80MbP30W820Lg0Mq8-TzGMm5hq3oHRG5gBfuRu1WHUO5yQRcXgu5m705m7O5y24FHq0DEI0eQJfihb63-ODi02UNNRunaC2Ds0OmwInYY7yDi4QjBWSMRQk3e59y0Z0tKuFqdEsjUNY40rE0kvauC0XabTErfJ6Q133GPIAyWVtSjpHWHNUCGQJPIxc6BLDZ040~1?stat-id=14&test-tag=473340179390977&format-type=72&actual-format=18&banner-test-tags=eyI3MzQ1MzcxNjcxIjoiMzI3NzEifQ%3D%3D

Search URL Search Domain Scan URL

URL: https://an.yandex.ru/count/WY8ejI_zO0u2nH00L1j0MbmX0X-RRWK03WCnrG77NW00000u_9iXXeJDmWQ00UFjY0M80RkEZBX6a06kw8lTDfW1jE_Es3sW0PJeYzqsg06axyxOFRW1ZC6T_Ht00GpO0Qoxv1lW0Ow3e1Ve0MRu0QBfuQAngnMW0iBBnHIv0XslGO7vrtoIy0Bxqf35bWRu1EUe4OW5uRmGa0Ndg16W1QYa1QW5pBC4i0NCimIu1Sop1DgB0k05Tzghhj88e0Ri0QW6x06f1vD-T0l-YgGck0U01SBXvQ8AoGhnRRn-LgRf7AeB48wmCVoJVW00Rcgs6p2cw0lXlABfuRu1gGmWJG60fu7Cl-WC0PWDgwTWS3sW3eUE6vFzqRtWtwBI9jaFu0y1W13jtjSMa13V_-Ztm96vzqPajEbZcPdfuyFCaGhW4VZFf07e4RZSi-gAXuJn3V4WP41c5ipQRnhHu1FCimI859cCfRtpsQxQBw0KpBC4g1JdgF3Hy_C5u1G1w1G8q1NmqVFp1TWLmOhsxAEFlFnZy80MbP30W820Lg0Mq8-TzGMm5hq3oHRG5gBfuRu1WHUO5yQRcXgu5m705m7O5y24FHq0DEI0eQJfihb63-ODi02UNNRunaC2Ds0OmwInYY7yDi4QjBWSMRQk3e59y0Z0tKuFqdEsjUNY40rE0kxbcOo7sDZOP4rfZ0On74IfA7zmByST7LZX7MCmMUPYZb7Rn1W0~1?stat-id=14&test-tag=473340179390977&format-type=72&actual-format=18&banner-test-tags=eyI3MzQ1MzcxNjcxIjoiMzI3NzEifQ%3D%3D
Title: Бесплатные уроки

Search URL Search Domain Scan URL

URL: https://an.yandex.ru/count/WYKejI_zO0u2tH00n1j0MbmX1ivdN0K03WCnrG77NW00000u_9iXXeJDmWQ00UFjY0M80RkEZBX6a06kw8lTDfW1jE_Es3sW0PJeYzqsg06axyxOFRW1ZC6T_Ht00H3O0Qoxv1lW0Ow3e1Ve0MRu0QBfuRu1Y08Ec0AYiQiLe0B2oyKKkG8Thq61-TTyal02-zAGnPO6-0Jdg1681U6y4905vwWHe0Mef0Me1Sop1B05pBC4k0NCimJQYmBW1NVQgwxI2A06x06e1km1gGUJVdGB_ega9hW7W0N2uUMY2iaAyMsyVbQcwHog2n2Ei37yatu006vgjXimfkWBuRoYwU6-0QaC84q1WAU1pB_e306O3QkdO70ze0w7ZXkJ_T6zuD-YqYRP3-0F0O0GxTxN5f0Gt__ezy2HkVT6PBJfOvcPwUF3p94Au17upwG1w16utBFgYeU4yGtn86H0PXRCscyQqU0JpBC4Y1IPZAMzyzcksY-W5Cop1AWKvwZmqVFp1U0K0UWK2D0LyD7pymNO5S6AzkoZZxpyO_205fMGm820W5QW5j2FdVK5i1Qz0yaMq1QYwU6-0O4Nc1V6cveQk1S1m1S1s1V0X3qS03JaWA6awRAvHW_c3R00dbrs-CP30ZTW6CEaiOeX_3R16hIu75cshWw1IV08mDrE3z9pjhNbuX0DJWBkvPcCXzZOs6HDQOm6CHn4gIX_S2_77HtQ2kyO9cgRm0C0~1?stat-id=14&test-tag=473340179390977&format-type=72&actual-format=18&banner-test-tags=eyI3MzQ1MzcxNjcxIjoiMzI3NzEifQ%3D%3D
Title: Прокачка голоса

Search URL Search Domain Scan URL

URL: https://an.yandex.ru/count/WY0ejI_zO0u2jH0051j0MbmX1rEOEWK03WCnrG77NW00000u_9iXXeJDmWQ00UFjY0M80RkEZBX6a06kw8lTDfW1jE_Es3sW0PJeYzqsg06axyxOFRW1ZC6T_Qoxv1lW0Ow3e1Ve0MRu0QBfuGwO0gAngnMW0iBBnHIv0XslGO7vrtoIy0Bxqf35bWRu1EUe4OW5uRmGa0Ndg16W1QYa1QW5pBC4i0NCimIu1Sop1DgB0k05Tzghhj88e0Ri0QW6x06f1vD-T0l-YgGck0U01SBXvQB92l5jl7vMfkaSgWiGZh0n_9D-001kQhORCARe2-6yekdXlW6f321D0O2dWSo_w0m1c0shfs1mFQ0EXuuRa_tHlU3Vej8csG_W3m604EtUrnQG4D__wFV0aRdtHcIqwMEPcUdZmyoH2k0H-C-a0UWHkDopweg7XF4DyI1aG6OMpDfl6j7W4yop18WKcOoblVFPhjele1JCimIe5EUeyD7pymNW507e50ZG5V3Hy_C5s1N1YlRieu-y_6FmW1QLaC20W81Me1RGZvtr1R0MlGF95j0MekdXlW615vWNnfkQ6hWN0S0N0TWNm8Gz7W0qv82XfEcokKOFvWsm09vTTlZ6Gm8tO1Z3fB6A8VmsmHgqk1nPjguEWKdm2C3TJW_ISxQrvUBSQSmFo2xFP3p4niOcQqfZD8ZX84f5-ODxEUxee0hl60U4G3Q7CNRKDe47~1?stat-id=14&test-tag=473340179390977&format-type=72&actual-format=18&banner-test-tags=eyI3MzQ1MzcxNjcxIjoiMzI3NzEifQ%3D%3D
Title: Быстрый результат

Search URL Search Domain Scan URL

URL: https://an.yandex.ru/count/WXyejI_zOFS1hH0091j0MbmX9ITCxGK0zm8nrG77NW00000u_9iXrlo6qmA00Ud40OW1WhAkcagG0TZHmeh1W8200fW1sD72Ya6W0TAe0TAu0OxKoU4UeeaUu07wiAqQw04e-07ycD31s1Uv0XslGO7vrtoIy0Bxqf351803rPcHo0680yRGjw04c0EvWGFe1D4N-0IaXWI81Qtw0v05f8O4e0MFdW6e1UA30R05ueC1k0NYWm701QMp0iW5a4xG1Si-fB6PWmIW1km1g0Ri0Qa7atvq2_wAf2Qu1u05WkYWxCaAOLNJ7nNy_Hog2n2Ei37yatu006vgjXimfkWBhVe3y0i6Y0pycDw-0QaCS98nfI1atZ_e306O3TcdOA0Em8Gza_tHlU3Vej8csG-Nzt9TUVpwh_CNa13V_-Ztm96vzqO8uyFCaGhW4VZFf07e4RZSi-gAXuJn3I1aG4XRZ3Vf-x3W4-A30OWKcOoblVFPhjele1JYWm6e5AI61E0K0UWK2DWLmOhsxAEFlFnZy80MbP30W820Lg0Mq8-TzGMm5hq3oHRG5loOthu1WHUO5ycBlnwu5m705m7O5y24FHu0DEIOeAJHPIl0duopuyXlG2FS1iwLJ4ZbGM1k22Vu6zBfR9E49AIg7FzZ0g2tqqFrdErkkJYbGG603N270mU6pRCcVKfZD4gwrK0ezKSfLBCq0PmuusmGXckI5xLDZ040~1?stat-id=14&test-tag=473340179390977&format-type=72&actual-format=18&banner-test-tags=eyI3MjA1NzYwMjc3MzExMTkxNiI6IjMyNzcyIn0%3D

Search URL Search Domain Scan URL

URL: https://an.yandex.ru/count/WY4ejI_zOFS1lH00X1j0MbmXyfWq5WK0zm8nrG77NW00000u_9iXrlo6qmA00Ud40OW1WhAkcagG0TZHmeh1W8200fW1sD72Ya6W0TAe0TAu0OxKoU4Um04Cs06aeeaUu07wiAqQw04e-07ycD31s1Uv0XslGO7vrtoIy0Bxqf351803rPcHo0680yRGjw04c0EvWGFe1D4N-0IaXWI81Qtw0v05f8O4e0MFdW6e1UA30R05ueC1k0NYWm701QMp0iW5a4xG1Si-fB6PWmIW1km1g0Ri0Qa7atvq2_wAf2Qu1u05WkYWxCaAOLNJ7nNy_Hog2n2Ei37yatu006vgjXimfkWBhVe3y0i6Y0pycDw-0QaCS98nfI1atZ_e306O3TcdOA0Em8Gza_tHlU3Vej8csG-Nzt9TUVpwh_CNa13V_-Ztm96vzqO8uyFCaGhW4VZFf07e4RZSi-gAXuJn3I1aG4XRZ3Vf-x3W4-A30OWKcOoblVFPhjele1JYWm6e5AI61E0K0UWK2DWLmOhsxAEFlFnZy80MbP30W820Lg0Mq8-TzGMm5hq3oHRG5loOthu1WHUO5ycBlnwu5m705m7O5y24FHq0DEIOeAJHPIl0duopuyXlG2FS1iwLJ4ZbGM1k22Vu6zBfR9E49AIg7FzZ0g2tqqFrdErkkJYbGG603N270mU6pRCcVKfZD4gwrK0ezKSfgMPfoY0uroGaQfl00m00~1?stat-id=14&test-tag=473340179390977&format-type=72&actual-format=18&banner-test-tags=eyI3MjA1NzYwMjc3MzExMTkxNiI6IjMyNzcyIn0%3D
Title: Видео

Search URL Search Domain Scan URL

URL: https://an.yandex.ru/count/WY4ejI_zOFS1lH00X1j0MbmXXfV3eGK0zm8nrG77NW00000u_9iXrlo6qmA00Ud40OW1WhAkcagG0TZHmeh1W8200fW1sD72Ya6W0TAe0TAu0OxKoU4Um04Gs06aeeaUu07wiAqQw04e-07ycD31s1Uv0XslGO7vrtoIy0Bxqf351803rPcHo0680yRGjw04c0EvWGFe1D4N-0IaXWI81Qtw0v05f8O4e0MFdW6e1UA30R05ueC1k0NYWm701QMp0iW5a4xG1Si-fB6PWmIW1km1g0Ri0Qa7atvq2_wAf2Qu1u05WkYWxCaAOLNJ7nNy_Hog2n2Ei37yatu006vgjXimfkWBhVe3y0i6Y0pycDw-0QaCS98nfI1atZ_e306O3TcdOA0Em8Gza_tHlU3Vej8csG-Nzt9TUVpwh_CNa13V_-Ztm96vzqO8uyFCaGhW4VZFf07e4RZSi-gAXuJn3I1aG4XRZ3Vf-x3W4-A30OWKcOoblVFPhjele1JYWm6e5AI61E0K0UWK2DWLmOhsxAEFlFnZy80MbP30W820Lg0Mq8-TzGMm5hq3oHRG5loOthu1WHUO5ycBlnwu5m705m7O5y24FHq0DEIOeAJHPIl0duoptOite15k0-TA9gJo830tX1Fy3Ubqjab24b9LZlyn0T3RwQ5wpdQtN9pIe0301hZ3WGF3vbcJFgKn6YNTQY2K-gEKLBCqPH2SQn8IjKtW0G00~1?stat-id=14&test-tag=473340179390977&format-type=72&actual-format=18&banner-test-tags=eyI3MjA1NzYwMjc3MzExMTkxNiI6IjMyNzcyIn0%3D
Title: Смотреть

Search URL Search Domain Scan URL

URL: https://a.giraff.io/click/?x=Z5IZXlbEUn-rapc4FDwInoJK3YGR75-qIfST71WJG35_KGMXYY3rzD-kBldPFqqqm1sY41TpNA5GJWvxm5K_QV2f4gTYHNbd7pVY1F5f-GY2D7XDEs3jQ1wvwd_kJ8IGmz-QEE8XFhflGUgsfDCm7Y0aAyruX7zfuCNI6ZfbHjXqx-lrgEhDGyIhLDMzQN6kbVeFXQPqLT9saQQDs_w7NQ6eTNbXElOGc4OnvSINO5npU4ubo9sQHfVoZwxIeNDmuueVYQn3HdxnTZZVCFSsoacXgYLrAX6YijP0f-8gVHLeSMm5_u7gO2zjrUSR_u8D8SY0Pqc-zj9yGO7Thd_kqLczB96CJcdEC-IpyaN33gajB2dECtVZVpfTIXIlPPgK2FhLZPBhpVKAm5_pYO9uy1gIMZUpIs-79L9-MDorqLaLJU5_rbwUoV4cGlAhjYC4yGsZ8etjaFXdwbkzXoyZNP3K9OVdlX4Pa0atkxa3HOJsR7u5mH-KfQBjAhTagNS5goPLEBukRQ-MUuJO7rFwqA3sdxdp4_hAPXYPKOWySHA
Title: Александр Малинин после пластики

Search URL Search Domain Scan URL

URL: https://a.giraff.io/click/?x=3wvrDDRfoIp9OhDzKA_iQI-mf0hdB8JpMEtmjFZbKHLQNYosXVIlTcdy3g0AFeddHAqi7lNo6RXLia5Cnk0j__tppU0gN_vTB0aE5qY8IUyeZlyAXBxOx0sZC3AqUlfp7slRJn0ci4rH67VLmPzAPtTnq1ZYYXjjMfe4juyKh2v-_5CFpH-3F-3GShZ_Sv7y-gBg997J1df2pG4D_scZvNTeQL_IqV8Uy4D-cglkJlystgujFp2bksA5eol2C1Efj5E--s0KT8n3oSfGPf19fayoacrMqyAVFmrmZgbjV-jP02DZLOUc8DahToGvWxLbr57t5UqVVGxoe_wOtrjb35OQ0tUi3UBonUoTSOwKLwk6vsSZlw5TaXRQfghX3yL-NqEW3sizZXP3vTTleSuSF7epXUSnyzQVeiwdcMGU_UjDB5yF4QbdeV37b6lduGi2AM3URDtMAiX-qrrLujPZMLRJEiU-BTWHHsPY2WooPMwGR3H9QYYh7cM6JqweLflr0Jw2a5iNGDjqKClPM6sXPyKGqCT-Hilr
Title: Обхохочетесь. Настоящие имена звёзд

Search URL Search Domain Scan URL

URL: https://a.giraff.io/click/?x=18ytPj4FeeJ4esOYvlsyPY3XzDCbVFbcQsvM6bHTI722o8FS7MUU7xp4s8kTO2sNA7GvW2glq1Vk48W2zRQTQ6dGJjYumTRuGuT0goNaob8kXRo5P8cK1X95SuLtY0b0BGylA-wfY28g6FKblaQqjlyPgdDIXp-kMjf8ec_OBdLLBJIaWI1CM-peZM87llxqayZOQmcjr-d_gHsNG3R28vS266bclYhoHdGt04c-fRrapeBVHkfzkTs70wUZETS5Q2_RSUfNwWwuvki0pP97c1ThxJrIifjpMkgOhbrVeuqS9nSTrDFbHux4puxysCo6KgKsDPYLLmsJwBpxw2PSfTgckjgWcz09wP1A3CraPZWEvdxqDJa_V3FKr8u6Qpojaks8EE5FDATBx7gidEYZZmq5JkvltjCI4JDc6MVjcnA_h6ZpHp6NQDODkLaHMVGdCH1UNCAcL_NfWgsZVzrtiIhlrPYkR6OfaZlPxDv9GDejN6gEBQh2hoawVaizbBTiPCQxtVS9NPuWL9cYGf8RcOFI-A8Ff88zOEHhIPQokXlipt7Laa0dztacJt_p8ZuuKkWAW_wn-1U
Title: Убивала людей пачками, а теперь святая

Search URL Search Domain Scan URL

URL: https://a.giraff.io/click/?x=IiN0PP5q2VQTLvU_JGGXbBEXj2uBTBC792Qyc1HZLDloPbNW361rt08O7_tlm4Qo2PJbi5_ltGJfSv2FUEZVAS5aWjLqtnhnD_gsBx0Pq4Wx5m-8tAmHCoXZq4K2o9ielScxtUiVLlz5WuNgi3qABtVk8jJyvIPBN3lLOiwlXFuOoSXtdVsjkDg3ggseSrGhdcA9J1PmofO4FU4mnc6zVio7tnnMK_ocEoK_2-ihtO307hI-FO4HWSR0p7r5priO93Yo3kHsRJov6dyTaYFOCP8dYE5Uv-_x9lvaxwn0WtUY99TW-6x_Q-y8MChBXTS9zcN3vJoOmPCFvz2vspPl9sMw7J7hrfKoAxUaOPsLlR4AIXg5CDAj5mgD1l2azvOVemOYQtPTFvaK35Ixr2NU8SY2ot2GBHzobE8Uw1q6c3xzlo0_GDuJweVR6cc5JPX0sfJDd3SODixdq99xfN323qavePQWwD_wS6OOmFXlcoWoo-XDyw36ytldrYmgpCQo-cczGHXIar0iIVe6GEXVkCmiLaFo-EUlzIqzgEoTJhY
Title: Экстрасенс сделала предсказание

Search URL Search Domain Scan URL

URL: https://giraff.io/

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=ex-press.by&utm_medium=referral&utm_campaign=widgets&utm_content=400055

Search URL Search Domain Scan URL

URL: https://bitcointrader/Nederlandse_miljonairs_willen_deze_video_verbieden

Search URL Search Domain Scan URL

URL: https://funeralcost/Begrafeniskosten_kunnen_u_verrassen

Search URL Search Domain Scan URL

URL: https://bitcointrader/Opgelet_Check_dit_voor_je_investeert_in_Bitcoin

Search URL Search Domain Scan URL

URL: https://ketoviante/How_To_Lose_31_Kg_In_A_Month_Drink_This_Once_Every_Day

Search URL Search Domain Scan URL

URL: https://bitcoinrevolution/Millionaire_Mum_From_Utrecht_Exposes_Her_Secret_To_Work_From_Home

Search URL Search Domain Scan URL

URL: https://elitefreshluxury.com/zvyozdy-kotorye-ne-umeyut-krasivo-staret/

Search URL Search Domain Scan URL

URL: https://inspiredot.net/lifestyle/8604-13-negative-body-image-sayings-to-avoid/

Search URL Search Domain Scan URL

URL: https://zestradar.com/interesting/9-most-beautiful-transgender-models-you-should-know-about/

Search URL Search Domain Scan URL

URL: https://elitefreshluxury.com/10-rossijskih-aktyorov-chi-nastoyashhie-imena-vy-ne-znali/

Search URL Search Domain Scan URL

URL: https://elitefreshluxury.com/10-samyh-krasivyh-uzbechek

Search URL Search Domain Scan URL

URL: https://flatbelly/1_Cup_of_This_Tonight_Will_Burn_Your_Belly_Fat_Like_Crazy

Search URL Search Domain Scan URL

URL: https://zestradar.com/interesting/ida-lundgren-and-bianca-van-damme-could-easily-kick-your-butt/

Search URL Search Domain Scan URL

URL: https://elitefreshluxury.com/rost-etih-10-znamenitostej-stanet-dlya-vas-otkrytiem

Search URL Search Domain Scan URL

URL: https://bitcoinera/Utrecht_Wife_Horrified_After_Husband_Discovers_3-Year_Secret

Search URL Search Domain Scan URL

URL: https://elitefreshluxury.com/10-stran-s-samymi-krasivymi-devushkami/

Search URL Search Domain Scan URL

URL: http://elitefreshluxury.com/10-evreev-o-kotoryh-mechtayut-vse-svobodnye-zhenshhiny/

Search URL Search Domain Scan URL

URL: https://www.liveinternet.ru/click

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ex-press.by/ HTTP 301
https://ex-press.by/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://ads.adfox.ru/276785/getBulk/v2?dl=https%3A%2F%2Fex-press.by%2F&date=2020-05-22T00%3A33%3A56.837%2B02%3A00&pd=22&pdh=1200&pdw=1600&pr1=1645518935&pr=1770391645&prr=&pv=0&pw=5&extid_loader=&extid_tag_loader=ex-press.by&ylv=0.1713&ybv=0.1712&ytt=378232001005589&is-turbo=0&skip-token=&ad-session-id=8063411590100436840&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22width%22%3A1260%2C%22height%22%3A0%2C%22left%22%3A170%2C%22top%22%3A348%2C%22visible%22%3A1%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=0&p1=cgnek&p2=y&slotNumber=2&bids=W10%3D&grab=dEVYLVBSRVNTLkJZIC0g0J3QvtCy0L7RgdGC0Lgg0JHQvtGA0LjRgdC-0LLQsCDQuCDQltC-0LTQuNC90L4K&utf8=%E2%9C%93 HTTP 302
https://ads.adfox.ru/276785/getBulkTest/v2?dl=https%3A%2F%2Fex-press.by%2F&date=2020-05-22T00%3A33%3A56.837%2B02%3A00&pd=22&pdh=1200&pdw=1600&pr1=1645518935&pr=1770391645&prr=&pv=0&pw=5&extid_loader=&extid_tag_loader=ex-press.by&ylv=0.1713&ybv=0.1712&ytt=378232001005589&is-turbo=0&skip-token=&ad-session-id=8063411590100436840&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22width%22%3A1260%2C%22height%22%3A0%2C%22left%22%3A170%2C%22top%22%3A348%2C%22visible%22%3A1%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=0&p1=cgnek&p2=y&slotNumber=2&bids=W10%3D&grab=dEVYLVBSRVNTLkJZIC0g0J3QvtCy0L7RgdGC0Lgg0JHQvtGA0LjRgdC-0LLQsCDQuCDQltC-0LTQuNC90L4K&utf8=%E2%9C%93

Request Chain 34

https://ads.adfox.ru/239538/getBulk/v2?dl=https%3A%2F%2Fex-press.by%2F&date=2020-05-22T00%3A33%3A56.900%2B02%3A00&pd=22&pdh=1200&pdw=1600&pr1=3962296879&pr=1770391645&prr=&pv=0&pw=5&extid_loader=&extid_tag_loader=ex-press.by&ylv=0.1713&ybv=0.1712&ytt=378232001005589&is-turbo=0&skip-token=&ad-session-id=8063411590100436840&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22width%22%3A0%2C%22height%22%3A0%2C%22left%22%3A0%2C%22top%22%3A0%2C%22visible%22%3A1%2C%22req_no%22%3A3%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=0&p1=cassl&p2=y&slotNumber=3&bids=W10%3D&grab=dEVYLVBSRVNTLkJZIC0g0J3QvtCy0L7RgdGC0Lgg0JHQvtGA0LjRgdC-0LLQsCDQuCDQltC-0LTQuNC90L4K&utf8=%E2%9C%93 HTTP 302
https://ads.adfox.ru/239538/getBulkTest/v2?dl=https%3A%2F%2Fex-press.by%2F&date=2020-05-22T00%3A33%3A56.900%2B02%3A00&pd=22&pdh=1200&pdw=1600&pr1=3962296879&pr=1770391645&prr=&pv=0&pw=5&extid_loader=&extid_tag_loader=ex-press.by&ylv=0.1713&ybv=0.1712&ytt=378232001005589&is-turbo=0&skip-token=&ad-session-id=8063411590100436840&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22width%22%3A0%2C%22height%22%3A0%2C%22left%22%3A0%2C%22top%22%3A0%2C%22visible%22%3A1%2C%22req_no%22%3A3%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=0&p1=cassl&p2=y&slotNumber=3&bids=W10%3D&grab=dEVYLVBSRVNTLkJZIC0g0J3QvtCy0L7RgdGC0Lgg0JHQvtGA0LjRgdC-0LLQsCDQuCDQltC-0LTQuNC90L4K&utf8=%E2%9C%93

Request Chain 82

https://counter.yadro.ru/hit?t53.1;r;s1600*1200*24;uhttps%3A//ex-press.by/;hEX-PRESS.BY%20-%20%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0411%u043E%u0440%u0438%u0441%u043E%u0432%u0430%20%u0438%20%u0416%u043E%u0434%u0438%u043D%u043E;0.5123261592494981 HTTP 302
https://counter.yadro.ru/hit?q;t53.1;r;s1600*1200*24;uhttps%3A//ex-press.by/;hEX-PRESS.BY%20-%20%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0411%u043E%u0440%u0438%u0441%u043E%u0432%u0430%20%u0438%20%u0416%u043E%u0434%u0438%u043D%u043E;0.5123261592494981

Request Chain 89

https://mc.yandex.ru/watch/1852558?wmode=7&page-url=https%3A%2F%2Fex-press.by%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1590100436207%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200522003357%3Aet%3A1590100437%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A295190312171%3Arqn%3A1%3Arn%3A123302391%3Ahid%3A38276192%3Ads%3A0%2C114%2C145%2C5%2C108%2C0%2C0%2C575%2C10%2C%2C%2C%2C945%3Afp%3A630%3Awn%3A36980%3Ahl%3A2%3Agdpr%3A14%3Av%3A1869%3Awv%3A2%3Arqnl%3A1%3Ast%3A1590100437%3Au%3A159010043775748966%3At%3AEX-PRESS.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%BE%D1%80%D0%B8%D1%81%D0%BE%D0%B2%D0%B0%20%D0%B8%20%D0%96%D0%BE%D0%B4%D0%B8%D0%BD%D0%BE HTTP 302
https://mc.yandex.ru/watch/1852558/1?wmode=7&page-url=https%3A%2F%2Fex-press.by%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1590100436207%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200522003357%3Aet%3A1590100437%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A295190312171%3Arqn%3A1%3Arn%3A123302391%3Ahid%3A38276192%3Ads%3A0%2C114%2C145%2C5%2C108%2C0%2C0%2C575%2C10%2C%2C%2C%2C945%3Afp%3A630%3Awn%3A36980%3Ahl%3A2%3Agdpr%3A14%3Av%3A1869%3Awv%3A2%3Arqnl%3A1%3Ast%3A1590100437%3Au%3A159010043775748966%3At%3AEX-PRESS.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%BE%D1%80%D0%B8%D1%81%D0%BE%D0%B2%D0%B0%20%D0%B8%20%D0%96%D0%BE%D0%B4%D0%B8%D0%BD%D0%BE

Request Chain 91

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1612374462&t=pageview&_s=1&dl=https%3A%2F%2Fex-press.by%2F&ul=en-us&de=UTF-8&dt=EX-PRESS.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%BE%D1%80%D0%B8%D1%81%D0%BE%D0%B2%D0%B0%20%D0%B8%20%D0%96%D0%BE%D0%B4%D0%B8%D0%BD%D0%BE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAUAB~&jid=2017124482&gjid=545459778&cid=1429654070.1590100437&tid=UA-65182762-2&_gid=1975995313.1590100437&_r=1&gtm=2ou5e1&z=1769907327 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-65182762-2&cid=1429654070.1590100437&jid=2017124482&_gid=1975995313.1590100437&gjid=545459778&_v=j82&z=1769907327 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-65182762-2&cid=1429654070.1590100437&jid=2017124482&_v=j82&z=1769907327 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-65182762-2&cid=1429654070.1590100437&jid=2017124482&_v=j82&z=1769907327&slf_rd=1&random=1091057713

Request Chain 93

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1612374462&t=pageview&_s=1&dl=https%3A%2F%2Fex-press.by%2F&ul=en-us&de=UTF-8&dt=EX-PRESS.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%BE%D1%80%D0%B8%D1%81%D0%BE%D0%B2%D0%B0%20%D0%B8%20%D0%96%D0%BE%D0%B4%D0%B8%D0%BD%D0%BE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KAjAAUAB~&jid=1599016323&gjid=1660486798&cid=1429654070.1590100437&tid=UA-126033838-1&_gid=1975995313.1590100437&_r=1&gtm=2ou5e1&z=1801992351 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-126033838-1&cid=1429654070.1590100437&jid=1599016323&_gid=1975995313.1590100437&gjid=1660486798&_v=j82&z=1801992351

Request Chain 125

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=40d4d510-f55e-4f6b-a67c-1db1d5e6bf85&ttl=1592692438

Request Chain 126

https://csync.loopme.me/?redirect=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D433143%26c%3D%7Bdevice_id%7D HTTP 307
https://cm.mgid.com/m?cdsp=433143&c=9095781c-ccda-49fe-be96-ceaf4bb50b8b

Request Chain 129

https://creativecdn.com/cm-notify?pi=mgid HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=nq0u47PDgQgbJnwVi0mZ&pi=mgid

Request Chain 130

https://ads.betweendigital.com/match?bidder_id=43263&callback_url=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D501036%26c%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43263&callback_url=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D501036%26c%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
https://cm.mgid.com/m?cdsp=501036&c=e0808ff3-6e85-528f-8de7-5915d32058c3

Request Chain 131

https://x.bidswitch.net/sync?dsp_id=303&user_id=k4lVG4ubz_xf HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=k4lVG4ubz_xf HTTP 302
https://eb2.3lift.com/xuid?mid=2409&xuid=fd189d54-3adc-4e02-bc6c-f0cb51f414e8&dongle=d3d3 HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=2409&xuid=fd189d54-3adc-4e02-bc6c-f0cb51f414e8&dongle=d3d3&gdpr=1&cmp_cs=&us_privacy=

Request Chain 132

https://x.bidswitch.net/sync?ssp=mgid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=mgid HTTP 302
https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=mgid HTTP 302
https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=40068761-ddb4-4f95-abab-f76169c38196&ssp=mgid&user_group=1 HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=fd189d54-3adc-4e02-bc6c-f0cb51f414e8

Request Chain 133

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 302
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

Request Chain 134

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azRsVkc0dWJ6X3hm&muidn=k4lVG4ubz_xf HTTP 302
https://cm.mgid.com/google?muidn=k4lVG4ubz_xf&google_ula={guid},5&google_gid=CAESEK6KWYCwr0CHIhq4LWhZqh0&google_cver=1

Request Chain 135

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=287839&c=73eebba6-20d7-4a9f-b5ff-0046e489f8a7

Request Chain 136

https://udata.mixmarket.biz/tr.php?syncnet=28&cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D311971%26mode%3Dinverse%26c%3D%24UID HTTP 301
https://cm.mgid.com/m?cdsp=311971&mode=inverse&c=0

Request Chain 137

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1590100438302&ns_c=UTF-8&cv=3.5&c8=EX-PRESS.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%BE%D1%80%D0%B8%D1%81%D0%BE%D0%B2%D0%B0%20%D0%B8%20%D0%96%D0%BE%D0%B4%D0%B8%D0%BD%D0%BE&c7=https%3A%2F%2Fex-press.by%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1590100438302&ns_c=UTF-8&cv=3.5&c8=EX-PRESS.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%BE%D1%80%D0%B8%D1%81%D0%BE%D0%B2%D0%B0%20%D0%B8%20%D0%96%D0%BE%D0%B4%D0%B8%D0%BD%D0%BE&c7=https%3A%2F%2Fex-press.by%2F&c9=

166 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
ex-press.by/
Redirect Chain

http://ex-press.by/
https://ex-press.by/

113 KB
31 KB

259ms
145ms

Document
text/html

178.172.173.1
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL

https://ex-press.by/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.172.173.1 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),

Reverse DNS

178-172-173-1.hosterby.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

c13ac6777e60a6c0c8fed4e647fb6911216d8457951b076369e5c2d2cfba1bba

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM *

Request headers

Host: ex-press.by
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx/1.10.3 (Ubuntu)
Date: Thu, 21 May 2020 22:33:56 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: ALLOW-FROM *
ETag: W/"c13ac6777e60a6c0c8fed4e647fb6911"
Cache-Control: max-age=0, private, must-revalidate
Set-Cookie: _ex-press_session=YlExSTJZdi9PcU9TRGJuMDc2aVhhR3FYUWlRNU1aTDhKblFQWXphb0FObXZlSmdzTk9rT0xDWitSZXZyY3U4L3A1QTVpc3d0QjA0Zkh4MTk4djdMMWQrNzRYeUlvajlqZkNIRmk1Q1BTMzc1ZDc5cFpBNmN4b1lRZldrZ1g4Z2J1a1hGcDBSeWZ2dXliYmtwTTI1eDJ3PT0tLVZVVnQxcXNBUnA0YWovK3dWUnBOWEE9PQ%3D%3D--fbd617a3447a5fdf698ab8e2281cedd385a58371; path=/; HttpOnly
X-Request-Id: f15c557a-568b-41bc-9aab-c8be78cf83a9
X-Runtime: 0.041538
Content-Encoding: gzip

Redirect headers

Server: nginx/1.10.3 (Ubuntu)
Date: Thu, 21 May 2020 22:33:56 GMT
Content-Type: text/html
Content-Length: 194
Connection: keep-alive
Location: https://ex-press.by/

GET
H2 200 css
fonts.googleapis.com/ 12 KB
994 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,400i,500,500i,700,&subset=cyrillic

Requested by

Host: ex-press.by
URL: https://ex-press.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

35620797865665a8a8579fe8c738d59a939250b227240e628a93983ac8d68dcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 21 May 2020 22:33:56 GMT
server: ESF
date: Thu, 21 May 2020 22:33:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 May 2020 22:33:56 GMT

GET
H/1.1 200
OK application-7a2912702a85fd908edb7dcc9f6cdcc492fd0a9ede2e039cea24dd154c06250b.css
ex-press.by/assets/ 220 KB
30 KB 67ms
66ms Stylesheet
text/css 178.172.173.1
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://ex-press.by/assets/application-7a2912702a85fd908edb7dcc9f6cdcc492fd0a9ede2e039cea24dd154c06250b.css
Requested by: Host: ex-press.by
URL: https://ex-press.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.172.173.1 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 178-172-173-1.hosterby.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9747c46aba7bd716837748eafc04c3dd16abdb21ea8f12ec0daf66806413695d

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 21 May 2020 22:33:56 GMT
Content-Encoding: gzip
Last-Modified: Sun, 26 Apr 2020 07:20:32 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5ea53640-74ec"
Content-Type: text/css
Cache-Control: max-age=315360000, public
Connection: keep-alive
Content-Length: 29932
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK style-dba3a50f5968547dfb80e04944f303d93f3f1693.css
ex-press.by/th-stylesheet/ 146 KB
147 KB 132ms
61ms Stylesheet
text/css 178.172.173.1
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://ex-press.by/th-stylesheet/style-dba3a50f5968547dfb80e04944f303d93f3f1693.css
Requested by: Host: ex-press.by
URL: https://ex-press.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.172.173.1 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 178-172-173-1.hosterby.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: d9d5465557038e8e0b5f91f8ed95775e44889fad6ad832d3ca3eac176dbee464

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 21 May 2020 22:33:56 GMT
Last-Modified: Fri, 15 May 2020 15:05:08 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5ebeafa4-2496a"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 149866

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 107 KB
38 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ex-press.by
URL: https://ex-press.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c465784ea66e8bfa06ff913a249b12d0c70e483cdb1f6bf81f9ac66d0630b2de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 21 May 2020 22:33:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 39264
x-xss-protection: 0
server: cafe
etag: 16962565607130680607
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 21 May 2020 22:33:56 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 82 KB
32 KB 23ms
20ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-65182762-2

Requested by

Host: ex-press.by
URL: https://ex-press.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

18bfac6f3b2186068e28b29cd2d44f0b146d1e292f374e313f83b6f4b9cca2ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 21 May 2020 22:33:56 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33138
x-xss-protection: 0
last-modified: Thu, 21 May 2020 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 21 May 2020 22:33:56 GMT

GET
H2 200 widget-ex-pressby.js Show response
code.giraff.io/data/ 136 KB
31 KB 336ms
62ms Script
application/javascript 195.161.16.142
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://code.giraff.io/data/widget-ex-pressby.js
Requested by: Host: ex-press.by
URL: https://ex-press.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 195.161.16.142 Ostrovnoy, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: ad33cf92723e1c644d9a329a36c8d8ffdd4e03ad9a72f92de214e87bd04bd1fa

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 21 May 2020 22:33:57 GMT
content-encoding: gzip
last-modified: Thu, 21 May 2020 22:31:53 GMT
server: nginx/1.16.0
status: 200
etag: W/"5ec70159-2202c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *

GET
H2 200 header-bidding.js Show response
yastatic.net/pcode/adfox/ 169 KB
38 KB 141ms
74ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/pcode/adfox/header-bidding.js

Requested by

Host: ex-press.by
URL: https://ex-press.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

cad0d40150eab1e7dccc38ac828459c5ada27f1855cfce5c1502629b4d6d581c

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 21 May 2020 22:33:56 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
status: 200
content-length: 38667
timing-allow-origin: *
last-modified: Tue, 19 May 2020 14:44:18 GMT
server: nginx/1.17.9
etag: "788659cbe3e057208ae808f627487128"
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 21 May 2020 23:32:01 GMT

GET
H2 200 loader.js Show response
yastatic.net/pcode/adfox/ 176 KB
41 KB 100ms
32ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/pcode/adfox/loader.js

Requested by

Host: ex-press.by
URL: https://ex-press.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

925275aa2f7ac76b175dc1bccc05f213317ecac219df3afd144d5e48fdb9c733

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ex-press.by/
Origin: https://ex-press.by

Response headers

date: Thu, 21 May 2020 22:33:56 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
status: 200
content-length: 41355
timing-allow-origin: *
last-modified: Tue, 19 May 2020 14:44:18 GMT
server: nginx/1.17.9
etag: "19b2b01dbf21bbb9ffa488dba554dc81"
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 21 May 2020 23:31:22 GMT

GET
H/1.1 200
OK mvpt.min.js Show response
moevideo.biz/embed/js/ 165 KB
48 KB 219ms
98ms Script
application/x-javascript 92.223.103.176
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://moevideo.biz/embed/js/mvpt.min.js
Requested by: Host: ex-press.by
URL: https://ex-press.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.223.103.176 Moscow, Russian Federation, ASN199524 (GCORE, AT),
Reverse DNS: f1.moevideo.net
Software: nginx /
Resource Hash: 7c629458f65066b807f2ae90d539894176cd33f0d6645a522be2bd0b091d6809

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 21 May 2020 22:33:56 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 May 2020 12:33:36 GMT
Server: nginx
X-My-Name: s2
ETag: W/"5ec3d220-29540"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Connection: keep-alive
X-My-Reqtime: 0.000

GET
H/1.1 200
OK for-header-aa3f6b55667e94aca508a7d878ff4de4d04e2a9773a341cecae28bf829bf074d.png
ex-press.by/assets/logo/ 6 KB
7 KB 63ms
61ms Image
image/png 178.172.173.1
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ex-press.by/assets/logo/for-header-aa3f6b55667e94aca508a7d878ff4de4d04e2a9773a341cecae28bf829bf074d.png
Requested by: Host: ex-press.by
URL: https://ex-press.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.172.173.1 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 178-172-173-1.hosterby.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: aa3f6b55667e94aca508a7d878ff4de4d04e2a9773a341cecae28bf829bf074d

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 21 May 2020 22:33:56 GMT
Last-Modified: Mon, 30 Mar 2020 03:20:24 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5e816578-199d"
Content-Type: image/png
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6557
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK navicon-acaca12e3be0fb4d6af47bd1e0b28390580d25f13b4fe07cf94ad392a898390e.svg
ex-press.by/assets/ 3 KB
1 KB 162ms
54ms Image
image/svg+xml 178.172.173.1
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ex-press.by/assets/navicon-acaca12e3be0fb4d6af47bd1e0b28390580d25f13b4fe07cf94ad392a898390e.svg
Requested by: Host: ex-press.by
URL: https://ex-press.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.172.173.1 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 178-172-173-1.hosterby.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: acaca12e3be0fb4d6af47bd1e0b28390580d25f13b4fe07cf94ad392a898390e

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 21 May 2020 22:33:56 GMT
Content-Encoding: gzip
Last-Modified: Mon, 30 Mar 2020 03:20:24 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5e816578-3f6"
Content-Type: image/svg+xml
Cache-Control: max-age=315360000, public
Connection: keep-alive
Content-Length: 1014
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK for-footer-52d29fc3f8dcce32ab63feb880371517b1d340d8aa0f0cf9b6315e477975800f.png
ex-press.by/assets/logo/ 6 KB
6 KB 171ms
58ms Image
image/png 178.172.173.1
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ex-press.by/assets/logo/for-footer-52d29fc3f8dcce32ab63feb880371517b1d340d8aa0f0cf9b6315e477975800f.png
Requested by: Host: ex-press.by
URL: https://ex-press.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.172.173.1 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 178-172-173-1.hosterby.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 52d29fc3f8dcce32ab63feb880371517b1d340d8aa0f0cf9b6315e477975800f

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 21 May 2020 22:33:56 GMT
Last-Modified: Mon, 30 Mar 2020 03:20:24 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5e816578-162e"
Content-Type: image/png
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5678
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK application-2c40c114a29a94ad60ba553dfcd608f4bad56dfefb8102798140f7447486c134.js Show response
ex-press.by/assets/ 353 KB
110 KB 95ms
95ms Script
application/javascript 178.172.173.1
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://ex-press.by/assets/application-2c40c114a29a94ad60ba553dfcd608f4bad56dfefb8102798140f7447486c134.js
Requested by: Host: ex-press.by
URL: https://ex-press.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.172.173.1 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 178-172-173-1.hosterby.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 2c40c114a29a94ad60ba553dfcd608f4bad56dfefb8102798140f7447486c134

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 21 May 2020 22:33:56 GMT
Content-Encoding: gzip
Last-Modified: Sun, 26 Apr 2020 06:44:45 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5ea52ddd-1b4d0"
Content-Type: application/javascript
Cache-Control: max-age=315360000, public
Connection: keep-alive
Content-Length: 111824
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ex-press.by Show response
unfeaecmhszmsx.com/j/ 14 KB
5 KB 102ms
35ms Script
application/javascript 212.224.112.8
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to

Full URL

https://unfeaecmhszmsx.com/j/ex-press.by

Requested by

Host: ex-press.by
URL: https://ex-press.by/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

212.224.112.8 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),

Reverse DNS

dsde696-17.fornex.org

Software

nginx /

Resource Hash

a17d2f4898d3f91296d282916c9dc6369b90adf1b9f76742d2ac7a71199277f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 21 May 2020 22:33:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf8
status: 200
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 loader2.js Show response
cdn.admixer.net/scripts3/ 27 KB
12 KB 41ms
12ms Script
application/javascript 2a03:90c0:9997::9997
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/loader2.js
Requested by: Host: ex-press.by
URL: https://ex-press.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software: nginx /
Resource Hash: c0cd8d6c8028f7d03fc811c3a9eb4c7fe63b025b1421fe14318c35662dbc404c

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-id: cec-up-gc11
date: Thu, 21 May 2020 22:33:56 GMT
content-encoding: gzip
last-modified: Mon, 20 Apr 2020 11:44:19 GMT
server: nginx
etag: W/"5e9d8b13-6b95"
status: 200
x-cached-since: 2020-05-21T22:32:20+00:00
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
cache: HIT
expires: Fri, 08 May 2020 13:20:17 GMT

GET
H/1.1 200
OK tag.js Show response
mc.yandex.ru/metrika/ 359 KB
91 KB 193ms
95ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: ex-press.by
URL: https://ex-press.by/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

10ad93a3602068c768e39b1a132e9bb748eadbb70f35c6bfd36c08928a9f602c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 21 May 2020 22:33:56 GMT
Content-Encoding: br
Last-Modified: Tue, 19 May 2020 08:28:20 GMT
Server: nginx/1.14.2
ETag: "5ec398a4-16ba9"
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Content-Length: 93097
Expires: Thu, 21 May 2020 23:33:56 GMT

POST
H2 200 getcookie Show response
matchid.adfox.yandex.ru/ 112 B
376 B 134ms
47ms XHR
application/json 2a02:6b8::16b
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://matchid.adfox.yandex.ru/getcookie

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::16b Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

de73dcbd60118079d6b4f93c0af50eb89729f7776cae2ea02c748bf5d27034a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 21 May 2020 22:33:57 GMT
x-content-type-options: nosniff
status: 200
content-type: application/json
access-control-allow-origin: https://ex-press.by
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 112

GET
H2 200 banner_direct.js Show response
yastatic.net/pcode-bundles/0.1712/banner_direct/ 54 KB
13 KB 130ms
61ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/pcode-bundles/0.1712/banner_direct/banner_direct.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

a148cb6d5bc95adc37a52ecb56d5caa172927a2893c9b41d27d4ef0afe70cbe3

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 21 May 2020 22:33:56 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
status: 200
content-length: 13157
timing-allow-origin: *
last-modified: Tue, 19 May 2020 12:02:45 GMT
server: nginx/1.17.9
etag: "1db7729ab05fce92a8c7715c3bf27c46"
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=216013
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 24 May 2020 10:31:18 GMT

GET
H2 200 context.js Show response
an.yandex.ru/system/ 56 KB
17 KB 154ms
53ms Script
text/javascript 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/system/context.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

ffe5365cf019b5512218bbd0e3e9ba9b22abcfb24023bbc424dc6c0e83930c56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 May 2020 22:33:56 GMT
content-encoding: br
server: nginx/1.12.2
status: 200
etag: 3696969979
x-yandex-req-id: 1590100436918219-1035990645979081567100178-production-app-host-sas-pcode-1
strict-transport-security: max-age=31536000
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 21 May 2020 23:33:56 GMT

GET
H/1.1 200
OK code.js Show response
top-fwz1.mail.ru/js/ 20 KB
9 KB 160ms
53ms Script
application/javascript 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/js/code.js

Requested by

Host: ex-press.by
URL: https://ex-press.by/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

a140d036db30cec2b09a1a1cc2fc9b1152017f941577ee119af5dd857b733b1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 21 May 2020 22:33:56 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection: keep-alive
Access-Control-Allow-Headers: *
AMP-Access-Control-Allow-Source-Origin: *
Last-Modified: Mon, 20 Apr 2020 16:50:13 GMT
Server: nginx
ETag: W/"5e9dd2c5-4e77"
Access-Control-Allow-Methods: GET, POST, HEAD, PUT, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Cache-Control: max-age=3600, private
Access-Control-Allow-Credentials: true
Accept-CH-Lifetime: 86400
Accept-CH: DPR, Width, Viewport-Width, Downlink, Device-Memory
Timing-Allow-Origin: *
Keep-Alive: timeout=60
Expires: Thu, 21 May 2020 23:33:56 GMT

GET
H/1.1 200
OK matrac1-fbd2a03b444b8519ed8cfae160a324a17181a937.jpg
hb.bizmrg.com/ex-press/images/mega/original/ 244 KB
245 KB 337ms
228ms Image
image/jpeg 95.163.144.221
CYMRG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hb.bizmrg.com/ex-press/images/mega/original/matrac1-fbd2a03b444b8519ed8cfae160a324a17181a937.jpg
Requested by: Host: ex-press.by
URL: https://ex-press.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.163.144.221 , Russian Federation, ASN205830 (CYMRG-AS, CY),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: a18ae18bb41400d4514a006c91f24d6451609df4003777eab642c692f4359c58

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 21 May 2020 22:33:57 GMT
Last-modified: Fri, 15 May 2020 15:06:03 GMT
Server: nginx/1.12.2
Etag: "c07cc917fb20316089ecd34463b65a1e"
Content-Type: image/jpeg
Connection: keep-alive
X-Host: hotbox6
X-Req-Id: 2TQAVm3Vt
Content-Length: 250123

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: ex-press.by
URL: https://ex-press.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,500i,700,&subset=cyrillic
Origin: https://ex-press.by

Response headers

date: Sat, 16 May 2020 07:48:27 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 485129
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Sun, 16 May 2021 07:48:27 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fABc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/ 7 KB
7 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fABc4AMP6lbBP.woff2

Requested by

Host: ex-press.by
URL: https://ex-press.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af2fdef955568dc79de38bfb097d53586855945811b638d6c41513bd62e25cc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,500i,700,&subset=cyrillic
Origin: https://ex-press.by

Response headers

date: Sun, 17 May 2020 09:32:14 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:37 GMT
server: sffe
age: 392502
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6864
x-xss-protection: 0
expires: Mon, 17 May 2021 09:32:14 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fChc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/ 8 KB
8 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fChc4AMP6lbBP.woff2

Requested by

Host: ex-press.by
URL: https://ex-press.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac4f45c63e7192b1c9fb64be19be7a03084e16dc33b4dcfedabb44cb390c25a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,500i,700,&subset=cyrillic
Origin: https://ex-press.by

Response headers

date: Wed, 20 May 2020 03:56:09 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:45 GMT
server: sffe
age: 153467
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7924
x-xss-protection: 0
expires: Thu, 20 May 2021 03:56:09 GMT

GET
H/1.1 200
OK icons_hero-6bbce0c5c728ef9af45314950ae15bf00f2e7dc393687e29c1151ac3abc7b046.woff2
ex-press.by/assets/ 7 KB
7 KB 92ms
58ms Font
application/octet-stream 178.172.173.1
BELPAK-AS BELPAK

General

Check archive.org

Show headers Download Go to

Full URL: https://ex-press.by/assets/icons_hero-6bbce0c5c728ef9af45314950ae15bf00f2e7dc393687e29c1151ac3abc7b046.woff2
Requested by: Host: ex-press.by
URL: https://ex-press.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.172.173.1 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS: 178-172-173-1.hosterby.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 6bbce0c5c728ef9af45314950ae15bf00f2e7dc393687e29c1151ac3abc7b046

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ex-press.by/assets/application-7a2912702a85fd908edb7dcc9f6cdcc492fd0a9ede2e039cea24dd154c06250b.css
Origin: https://ex-press.by

Response headers

Date: Thu, 21 May 2020 22:33:56 GMT
Last-Modified: Sun, 26 Apr 2020 05:03:48 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5ea51634-1b10"
Content-Type: application/octet-stream
Cache-Control: max-age=315360000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6928
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

v2 Show response
ads.adfox.ru/276785/getBulkTest/
Redirect Chain

https://ads.adfox.ru/276785/getBulk/v2?dl=https%3A%2F%2Fex-press.by%2F&date=2020-05-22T00%3A33%3A56.837%2B02%3A00&pd=22&pdh=1200&pdw=1600&pr1=1645518935&pr=1770391645&prr=&pv=0&pw=5&extid_loader=&e...
https://ads.adfox.ru/276785/getBulkTest/v2?dl=https%3A%2F%2Fex-press.by%2F&date=2020-05-22T00%3A33%3A56.837%2B02%3A00&pd=22&pdh=1200&pdw=1600&pr1=1645518935&pr=1770391645&prr=&pv=0&pw=5&extid_loade...

25 KB
10 KB

182ms
182ms

XHR
application/json

77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adfox.ru/276785/getBulkTest/v2?dl=https%3A%2F%2Fex-press.by%2F&date=2020-05-22T00%3A33%3A56.837%2B02%3A00&pd=22&pdh=1200&pdw=1600&pr1=1645518935&pr=1770391645&prr=&pv=0&pw=5&extid_loader=&extid_tag_loader=ex-press.by&ylv=0.1713&ybv=0.1712&ytt=378232001005589&is-turbo=0&skip-token=&ad-session-id=8063411590100436840&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22width%22%3A1260%2C%22height%22%3A0%2C%22left%22%3A170%2C%22top%22%3A348%2C%22visible%22%3A1%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=0&p1=cgnek&p2=y&slotNumber=2&bids=W10%3D&grab=dEVYLVBSRVNTLkJZIC0g0J3QvtCy0L7RgdGC0Lgg0JHQvtGA0LjRgdC-0LLQsCDQuCDQltC-0LTQuNC90L4K&utf8=%E2%9C%93

Requested by

Host: ex-press.by
URL: https://ex-press.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e13577fdba2dba9187d24a1573737637324b24fd36e9c4710fb2dd6560e00ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 May 2020 22:33:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
status: 200
content-type: application/json
access-control-allow-origin: https://ex-press.by
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 May 2020 22:33:56 GMT
x-content-type-options: nosniff
status: 302
location: /276785/getBulkTest/v2?dl=https%3A%2F%2Fex-press.by%2F&date=2020-05-22T00%3A33%3A56.837%2B02%3A00&pd=22&pdh=1200&pdw=1600&pr1=1645518935&pr=1770391645&prr=&pv=0&pw=5&extid_loader=&extid_tag_loader=ex-press.by&ylv=0.1713&ybv=0.1712&ytt=378232001005589&is-turbo=0&skip-token=&ad-session-id=8063411590100436840&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22width%22%3A1260%2C%22height%22%3A0%2C%22left%22%3A170%2C%22top%22%3A348%2C%22visible%22%3A1%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=0&p1=cgnek&p2=y&slotNumber=2&bids=W10%3D&grab=dEVYLVBSRVNTLkJZIC0g0J3QvtCy0L7RgdGC0Lgg0JHQvtGA0LjRgdC-0LLQsCDQuCDQltC-0LTQuNC90L4K&utf8=%E2%9C%93
p3p: policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
access-control-allow-origin: https://ex-press.by
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 0
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H/1.1 200
OK bsmp_koronavirus_gryaznaya_zona_26042020_mat_tutby_pil_00011-5537a6d06277a2916c236adb8b821e77ce6d3848.jpg
hb.bizmrg.com/ex-press/images/content/x1024x1024/ 276 KB
276 KB 217ms
107ms Image
image/jpeg 95.163.144.221
CYMRG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hb.bizmrg.com/ex-press/images/content/x1024x1024/bsmp_koronavirus_gryaznaya_zona_26042020_mat_tutby_pil_00011-5537a6d06277a2916c236adb8b821e77ce6d3848.jpg
Requested by: Host: ex-press.by
URL: https://ex-press.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.163.144.221 , Russian Federation, ASN205830 (CYMRG-AS, CY),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 82bace4782876f2f6b01ad3fba94dbc55b51fd5f3ddbe8eb66f5f820a8df099d

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 21 May 2020 22:33:57 GMT
Last-modified: Thu, 21 May 2020 08:15:21 GMT
Server: nginx/1.12.2
Etag: "98132e87627244cf9f91a45aaaaca311"
Content-Type: image/jpeg
Connection: keep-alive
X-Host: hb-front11
X-Req-Id: 2n4jrkYaf
Content-Length: 282820

GET
H/1.1 200
OK otpusk4-a82b1854da756c3639e49050d214de53b16c7166.jpg
hb.bizmrg.com/ex-press/images/content/x1024x1024/ 350 KB
350 KB 274ms
165ms Image
image/jpeg 95.163.144.221
CYMRG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hb.bizmrg.com/ex-press/images/content/x1024x1024/otpusk4-a82b1854da756c3639e49050d214de53b16c7166.jpg
Requested by: Host: ex-press.by
URL: https://ex-press.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.163.144.221 , Russian Federation, ASN205830 (CYMRG-AS, CY),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 22d1983024be5b041adb113977c8f37ba9b1a88fad6e7396a932eb1f099f0a11

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 21 May 2020 22:33:57 GMT
Last-modified: Thu, 21 May 2020 08:11:50 GMT
Server: nginx/1.12.2
Etag: "1b513f32dd79c422c07d153fa40a4ea8"
Content-Type: image/jpeg
Connection: keep-alive
X-Host: hb-front14
X-Req-Id: 2sFYduzuB
Content-Length: 358115

GET
H/1.1 200
OK vybory1-1d0401bb07a4da338a9d564dbe98b608536c15c5.jpg
hb.bizmrg.com/ex-press/images/content/x1024x1024/ 212 KB
212 KB 303ms
155ms Image
image/jpeg 95.163.144.221
CYMRG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hb.bizmrg.com/ex-press/images/content/x1024x1024/vybory1-1d0401bb07a4da338a9d564dbe98b608536c15c5.jpg
Requested by: Host: ex-press.by
URL: https://ex-press.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.163.144.221 , Russian Federation, ASN205830 (CYMRG-AS, CY),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 462ce4e2d4aedb456881efd89f707ab04d66febffd4851c9722b6b8c74d58356

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 21 May 2020 22:33:57 GMT
Last-modified: Thu, 21 May 2020 08:37:15 GMT
Server: nginx/1.12.2
Etag: "8ba4c93bd1d05cd334b261344f45ab97"
Content-Type: image/jpeg
Connection: keep-alive
X-Host: hb-front25
X-Req-Id: AXMYpJvN
Content-Length: 217104

GET
H/1.1 200
OK urna2-73ab7ed25193640b0f29112f850209fdfdc00531.jpg
hb.bizmrg.com/ex-press/images/content/x1024x1024/ 366 KB
367 KB 259ms
151ms Image
image/jpeg 95.163.144.221
CYMRG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hb.bizmrg.com/ex-press/images/content/x1024x1024/urna2-73ab7ed25193640b0f29112f850209fdfdc00531.jpg
Requested by: Host: ex-press.by
URL: https://ex-press.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.163.144.221 , Russian Federation, ASN205830 (CYMRG-AS, CY),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: f31d4e668327bb776bb8e71a2ee151cdbaf7e71312f6183c99994d17673cae46

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 21 May 2020 22:33:57 GMT
Last-modified: Thu, 21 May 2020 06:59:46 GMT
Server: nginx/1.12.2
Etag: "69c1344dd8f90945b7d57c76d3e1043f"
Content-Type: image/jpeg
Connection: keep-alive
X-Host: hb-front21
X-Req-Id: 2Kxy57DRr
Content-Length: 375295

GET
H/1.1 200
OK IMG_8107-9d9d862c1c942948e50e4e7fbab19409c434d05c.jpg
hb.bizmrg.com/ex-press/images/content/x1024x1024/ 592 KB
592 KB 190ms
122ms Image
image/jpeg 95.163.144.221
CYMRG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hb.bizmrg.com/ex-press/images/content/x1024x1024/IMG_8107-9d9d862c1c942948e50e4e7fbab19409c434d05c.jpg
Requested by: Host: ex-press.by
URL: https://ex-press.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.163.144.221 , Russian Federation, ASN205830 (CYMRG-AS, CY),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: c5c87ff9b5cefb85b03ec252d02c6423fa5ca49848d9acb34ab28d9d2ccdfd18

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 21 May 2020 22:33:57 GMT
Last-modified: Sat, 28 Mar 2020 06:10:27 GMT
Server: nginx/1.12.2
Etag: "ecd227086793340ac9dabb16210cfbb1"
Content-Type: image/jpeg
Connection: keep-alive
X-Host: hb-front9
X-Req-Id: 2UvW7bKb8
Content-Length: 606146

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/ 7 KB
7 KB 9ms
7ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfABc4AMP6lbBP.woff2

Requested by

Host: ex-press.by
URL: https://ex-press.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4512a0f507a7df3a354a3f552a4b34e2e642ce0e4902c002dfd1ce55e33abce4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,500i,700,&subset=cyrillic
Origin: https://ex-press.by

Response headers

date: Thu, 21 May 2020 08:38:24 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:10 GMT
server: sffe
age: 50132
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6824
x-xss-protection: 0
expires: Fri, 21 May 2021 08:38:24 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 8ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: ex-press.by
URL: https://ex-press.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,500i,700,&subset=cyrillic
Origin: https://ex-press.by

Response headers

date: Wed, 20 May 2020 03:40:44 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 154392
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Thu, 20 May 2021 03:40:44 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 7ms
5ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: ex-press.by
URL: https://ex-press.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,500i,700,&subset=cyrillic
Origin: https://ex-press.by

Response headers

date: Wed, 20 May 2020 11:10:37 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 127399
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Thu, 20 May 2021 11:10:37 GMT

GET
H2

200

v2 Show response
ads.adfox.ru/239538/getBulkTest/
Redirect Chain

https://ads.adfox.ru/239538/getBulk/v2?dl=https%3A%2F%2Fex-press.by%2F&date=2020-05-22T00%3A33%3A56.900%2B02%3A00&pd=22&pdh=1200&pdw=1600&pr1=3962296879&pr=1770391645&prr=&pv=0&pw=5&extid_loader=&e...
https://ads.adfox.ru/239538/getBulkTest/v2?dl=https%3A%2F%2Fex-press.by%2F&date=2020-05-22T00%3A33%3A56.900%2B02%3A00&pd=22&pdh=1200&pdw=1600&pr1=3962296879&pr=1770391645&prr=&pv=0&pw=5&extid_loade...

54 KB
20 KB

226ms
226ms

XHR
application/json

77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adfox.ru/239538/getBulkTest/v2?dl=https%3A%2F%2Fex-press.by%2F&date=2020-05-22T00%3A33%3A56.900%2B02%3A00&pd=22&pdh=1200&pdw=1600&pr1=3962296879&pr=1770391645&prr=&pv=0&pw=5&extid_loader=&extid_tag_loader=ex-press.by&ylv=0.1713&ybv=0.1712&ytt=378232001005589&is-turbo=0&skip-token=&ad-session-id=8063411590100436840&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22width%22%3A0%2C%22height%22%3A0%2C%22left%22%3A0%2C%22top%22%3A0%2C%22visible%22%3A1%2C%22req_no%22%3A3%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=0&p1=cassl&p2=y&slotNumber=3&bids=W10%3D&grab=dEVYLVBSRVNTLkJZIC0g0J3QvtCy0L7RgdGC0Lgg0JHQvtGA0LjRgdC-0LLQsCDQuCDQltC-0LTQuNC90L4K&utf8=%E2%9C%93

Requested by

Host: ex-press.by
URL: https://ex-press.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

8491e358edc10417aba3a10a49fbe1506ae310fa7b5efcb0df94ad651b1cc9c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 May 2020 22:33:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
status: 200
content-type: application/json
access-control-allow-origin: https://ex-press.by
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 May 2020 22:33:57 GMT
x-content-type-options: nosniff
status: 302
location: /239538/getBulkTest/v2?dl=https%3A%2F%2Fex-press.by%2F&date=2020-05-22T00%3A33%3A56.900%2B02%3A00&pd=22&pdh=1200&pdw=1600&pr1=3962296879&pr=1770391645&prr=&pv=0&pw=5&extid_loader=&extid_tag_loader=ex-press.by&ylv=0.1713&ybv=0.1712&ytt=378232001005589&is-turbo=0&skip-token=&ad-session-id=8063411590100436840&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22width%22%3A0%2C%22height%22%3A0%2C%22left%22%3A0%2C%22top%22%3A0%2C%22visible%22%3A1%2C%22req_no%22%3A3%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=0&p1=cassl&p2=y&slotNumber=3&bids=W10%3D&grab=dEVYLVBSRVNTLkJZIC0g0J3QvtCy0L7RgdGC0Lgg0JHQvtGA0LjRgdC-0LLQsCDQuCDQltC-0LTQuNC90L4K&utf8=%E2%9C%93
p3p: policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
access-control-allow-origin: https://ex-press.by
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 0
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
168 B 15ms
14ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ex-press.by

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 May 2020 22:33:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
168 B 15ms
15ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ex-press.by

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 May 2020 22:33:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200519/r20190131/ 218 KB
82 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200519/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

357a40f12fcb7502acb15b75741517330cdd822580ced8cd06f8b38c9a481f4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 21 May 2020 22:33:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 83958
x-xss-protection: 0
server: cafe
etag: 14927078227322710652
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 May 2020 22:33:56 GMT

GET
H/1.1 200
OK dtp_pod_borisovom-088f106968bcd2c1f82cf2912e5049332c0fe1d7.jpg
hb.bizmrg.com/ex-press/images/content/x256x256/ 31 KB
32 KB 77ms
77ms Image
image/jpeg 95.163.144.221
CYMRG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hb.bizmrg.com/ex-press/images/content/x256x256/dtp_pod_borisovom-088f106968bcd2c1f82cf2912e5049332c0fe1d7.jpg
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.163.144.221 , Russian Federation, ASN205830 (CYMRG-AS, CY),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: ca8b8793c0fc7fba23b0480ff8a6c59d1c512088ab16bcc97a16d1f62d525e8e

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 21 May 2020 22:33:57 GMT
Last-modified: Wed, 20 May 2020 10:33:53 GMT
Server: nginx/1.12.2
Etag: "7a9c9a9f71c730a45598d793a99fd3f3"
Content-Type: image/jpeg
Connection: keep-alive
X-Host: hb-front11
X-Req-Id: o8H2wE8L
Content-Length: 32205

GET
H/1.1 200
OK 5f00385d-fd53-44d8-9b92-8671c1732943-32fc438ebeb0f7413c63bb562431dbdb05685af5.jpg
hb.bizmrg.com/ex-press/images/content/x256x256/ 18 KB
18 KB 79ms
78ms Image
image/jpeg 95.163.144.221
CYMRG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hb.bizmrg.com/ex-press/images/content/x256x256/5f00385d-fd53-44d8-9b92-8671c1732943-32fc438ebeb0f7413c63bb562431dbdb05685af5.jpg
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.163.144.221 , Russian Federation, ASN205830 (CYMRG-AS, CY),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: dfd8b30ad1850a56d48416d4a9ebf33db32e92393e087cca98b1c6c6d686c506

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 21 May 2020 22:33:57 GMT
Last-modified: Wed, 20 May 2020 13:16:35 GMT
Server: nginx/1.12.2
Etag: "9d37de7e0577bdb2137645f281604589"
Content-Type: image/jpeg
Connection: keep-alive
X-Host: hb-front25
X-Req-Id: 2ZRVkjd4H
Content-Length: 18639

GET
H/1.1 200
OK %D1%84%D0%BE%D1%82%D0%BE_%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D0%BE%D0%B5_%D1%81_%D0%B1%D0%B0%D1%8F%D0%BD%D0%BE%D0%BC_2-4c0a90b77349feb9830818b4c3ae46e02089c0bd.jpg
hb.bizmrg.com/ex-press/images/content/x1024x1024/ 183 KB
183 KB 115ms
115ms Image
image/jpeg 95.163.144.221
CYMRG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hb.bizmrg.com/ex-press/images/content/x1024x1024/%D1%84%D0%BE%D1%82%D0%BE_%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D0%BE%D0%B5_%D1%81_%D0%B1%D0%B0%D1%8F%D0%BD%D0%BE%D0%BC_2-4c0a90b77349feb9830818b4c3ae46e02089c0bd.jpg
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.163.144.221 , Russian Federation, ASN205830 (CYMRG-AS, CY),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 3f4264e52a620749500b5be7f1d28bc1524b806683be9bc6bca962dd59973813

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 21 May 2020 22:33:57 GMT
Last-modified: Wed, 20 May 2020 07:57:50 GMT
Server: nginx/1.12.2
Etag: "4643b63be7b0c3588075d6b6f3ae1b1a"
Content-Type: image/jpeg
Connection: keep-alive
X-Host: hb-front21
X-Req-Id: 24bFtAJLx
Content-Length: 187602

GET
H/1.1 200
OK apteka1-77cb99accd14904544b3be7b9bca1f918da8aa10.jpg
hb.bizmrg.com/ex-press/images/content/x256x256/ 35 KB
35 KB 66ms
66ms Image
image/jpeg 95.163.144.221
CYMRG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hb.bizmrg.com/ex-press/images/content/x256x256/apteka1-77cb99accd14904544b3be7b9bca1f918da8aa10.jpg
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.163.144.221 , Russian Federation, ASN205830 (CYMRG-AS, CY),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 21e5f922be75438d19e5ea594535b70d89d1a8ef9879df78cd4fdd1c8f530ae6

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 21 May 2020 22:33:57 GMT
Last-modified: Tue, 19 May 2020 11:33:50 GMT
Server: nginx/1.12.2
Etag: "d6a893a1e413c42a05f85142b28d38e7"
Content-Type: image/jpeg
Connection: keep-alive
X-Host: hotbox6
X-Req-Id: 35z93XP8G
Content-Length: 35802

GET
H/1.1 200
OK petrov6-6a51bb857f8a6a28f52211ddf0900dbde81cb6d4.jpg
hb.bizmrg.com/ex-press/images/content/x256x256/ 10 KB
10 KB 102ms
102ms Image
image/jpeg 95.163.144.221
CYMRG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hb.bizmrg.com/ex-press/images/content/x256x256/petrov6-6a51bb857f8a6a28f52211ddf0900dbde81cb6d4.jpg
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.163.144.221 , Russian Federation, ASN205830 (CYMRG-AS, CY),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: d03c6d194d610aa5322ebee5b5085f5d973e8b326a501e85ba9e3cd2c5428bc1

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 21 May 2020 22:33:57 GMT
Last-modified: Tue, 19 May 2020 07:54:47 GMT
Server: nginx/1.12.2
Etag: "070ab6d8f1b078a3d8cf4cc37151f682"
Content-Type: image/jpeg
Connection: keep-alive
X-Host: hb-front14
X-Req-Id: 2dV8azs9j
Content-Length: 9746

GET
H/1.1 200
OK 3-476d12deb5da20ba44b1fa2915497481d8ccc72f.png
hb.bizmrg.com/ex-press/images/content/x256x256/ 145 KB
145 KB 91ms
90ms Image
image/png 95.163.144.221
CYMRG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hb.bizmrg.com/ex-press/images/content/x256x256/3-476d12deb5da20ba44b1fa2915497481d8ccc72f.png
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.163.144.221 , Russian Federation, ASN205830 (CYMRG-AS, CY),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 1dc7696ec8ba40fea77968f5d6152e307fc15c9a4d837bf0d549721558269075

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 21 May 2020 22:33:57 GMT
Last-modified: Tue, 19 May 2020 08:27:55 GMT
Server: nginx/1.12.2
Etag: "bf570507e534e7c94a9d5f00f85f66a6"
Content-Type: image/png
Connection: keep-alive
X-Host: hb-front11
X-Req-Id: uKy3r6Y8
Content-Length: 148475

GET
H/1.1 200
OK c75bc460-bdf9-4975-b4af-03ef51e0c5d7-83a3ff88e6bc7f7b02d153078eee625d4f9f2b0f.jpg
hb.bizmrg.com/ex-press/images/content/x256x256/ 18 KB
19 KB 87ms
87ms Image
image/jpeg 95.163.144.221
CYMRG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hb.bizmrg.com/ex-press/images/content/x256x256/c75bc460-bdf9-4975-b4af-03ef51e0c5d7-83a3ff88e6bc7f7b02d153078eee625d4f9f2b0f.jpg
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.163.144.221 , Russian Federation, ASN205830 (CYMRG-AS, CY),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: f1f2a9155ff584eaf5a543b9f47e1795da45a2b2bf3aafc82471832f2ea5f251

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 21 May 2020 22:33:57 GMT
Last-modified: Wed, 20 May 2020 06:48:01 GMT
Server: nginx/1.12.2
Etag: "e98cdb92f8d296642eef541d3fc557e2"
Content-Type: image/jpeg
Connection: keep-alive
X-Host: hb-front25
X-Req-Id: 2TYf4XvFi
Content-Length: 18753

GET
H/1.1 200
OK derevo1-4af2e669462f9378a6c55714d72ee7de75df295b.jpg
hb.bizmrg.com/ex-press/images/content/x1024x1024/ 675 KB
676 KB 85ms
84ms Image
image/jpeg 95.163.144.221
CYMRG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hb.bizmrg.com/ex-press/images/content/x1024x1024/derevo1-4af2e669462f9378a6c55714d72ee7de75df295b.jpg
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.163.144.221 , Russian Federation, ASN205830 (CYMRG-AS, CY),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 3646ef3fe7c94cd528001f1aca0158f7fdf25a0ef374729bcb84784dbb148a0c

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 21 May 2020 22:33:57 GMT
Last-modified: Tue, 19 May 2020 06:42:02 GMT
Server: nginx/1.12.2
Etag: "80a6a39e055458b6e9482cf26feb3dc2"
Content-Type: image/jpeg
Connection: keep-alive
X-Host: hotbox6
X-Req-Id: 2cTpRxrHX
Content-Length: 691615

GET
H/1.1 200
OK 18ba67bb8fd67a6aa664f40b8aeb7faf_resize_w_1140_h_696-61a87240edfccbbdd86747a1fb69a48580db231d.jpg
hb.bizmrg.com/ex-press/images/content/x1024x1024/ 173 KB
173 KB 66ms
65ms Image
image/jpeg 95.163.144.221
CYMRG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hb.bizmrg.com/ex-press/images/content/x1024x1024/18ba67bb8fd67a6aa664f40b8aeb7faf_resize_w_1140_h_696-61a87240edfccbbdd86747a1fb69a48580db231d.jpg
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.163.144.221 , Russian Federation, ASN205830 (CYMRG-AS, CY),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: c09468dcbdd4d9c762790e47034bfdfe7567fed9d13ece71c9e8d077f22d6315

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 21 May 2020 22:33:57 GMT
Last-modified: Tue, 19 May 2020 13:17:28 GMT
Server: nginx/1.12.2
Etag: "059b10cefd86cf1bb30fcff645871a2f"
Content-Type: image/jpeg
Connection: keep-alive
X-Host: hb-front9
X-Req-Id: 32jbWBa8n
Content-Length: 176694

GET
H/1.1 200
OK holod-949b3c595ee06f821925724b9203f20aab015b1b.JPG
hb.bizmrg.com/ex-press/images/content/x1024x1024/ 198 KB
198 KB 90ms
90ms Image
image/jpeg 95.163.144.221
CYMRG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hb.bizmrg.com/ex-press/images/content/x1024x1024/holod-949b3c595ee06f821925724b9203f20aab015b1b.JPG
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.163.144.221 , Russian Federation, ASN205830 (CYMRG-AS, CY),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 1bf5e538afe47f385ac89069842a824bbcde78f796d050afa72a9edc157ae68e

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 21 May 2020 22:33:57 GMT
Last-modified: Mon, 18 May 2020 07:37:57 GMT
Server: nginx/1.12.2
Etag: "02ca747a87281a73c4e14aee779f6dee"
Content-Type: image/jpeg
Connection: keep-alive
X-Host: hb-front14
X-Req-Id: 8EzBvy2p
Content-Length: 202257

GET
H/1.1 200
OK 4cd26481-a4e2-4548-8c5b-778fc265dd05-e2764c718403335d2ef6b20dfdcb7d469f843341.jpg
hb.bizmrg.com/ex-press/images/content/x1024x1024/ 288 KB
289 KB 103ms
103ms Image
image/jpeg 95.163.144.221
CYMRG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hb.bizmrg.com/ex-press/images/content/x1024x1024/4cd26481-a4e2-4548-8c5b-778fc265dd05-e2764c718403335d2ef6b20dfdcb7d469f843341.jpg
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.163.144.221 , Russian Federation, ASN205830 (CYMRG-AS, CY),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 239f9f0863e6f2a87d6787242957c3ebf5e86df1250a611ab7cd831ca618a47a

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 21 May 2020 22:33:57 GMT
Last-modified: Mon, 18 May 2020 12:32:43 GMT
Server: nginx/1.12.2
Etag: "d965e5916c34e706588c3a40720e1480"
Content-Type: image/jpeg
Connection: keep-alive
X-Host: hb-front21
X-Req-Id: hfkKKzYk
Content-Length: 295307

GET
H/1.1 200
OK 1044097237-b32739e22d2c3f7d6e262847b7df289a2ffb6aab.jpg
hb.bizmrg.com/ex-press/images/content/x1024x1024/ 191 KB
191 KB 90ms
90ms Image
image/jpeg 95.163.144.221
CYMRG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hb.bizmrg.com/ex-press/images/content/x1024x1024/1044097237-b32739e22d2c3f7d6e262847b7df289a2ffb6aab.jpg
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.163.144.221 , Russian Federation, ASN205830 (CYMRG-AS, CY),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 3d2d128eeaf1168539b862af2179cb4111d9eade387640d8e1560b228cf049c6

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 21 May 2020 22:33:57 GMT
Last-modified: Wed, 20 May 2020 10:54:03 GMT
Server: nginx/1.12.2
Etag: "dc3406fb5e62cc43187188bae178bea4"
Content-Type: image/jpeg
Connection: keep-alive
X-Host: hb-front25
X-Req-Id: 24dejjuNZ
Content-Length: 195487

GET
H/1.1 200
OK 00-1ba797ff90bc07bbb843ba3d88ce827d0bf96b2e.jpg
hb.bizmrg.com/ex-press/images/content/x1024x1024/ 253 KB
253 KB 85ms
85ms Image
image/jpeg 95.163.144.221
CYMRG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hb.bizmrg.com/ex-press/images/content/x1024x1024/00-1ba797ff90bc07bbb843ba3d88ce827d0bf96b2e.jpg
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.163.144.221 , Russian Federation, ASN205830 (CYMRG-AS, CY),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: b0b0f193539c4116cea1196c75de39c39a215f87dac01780dd2a8f34d21b7b4e

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 21 May 2020 22:33:57 GMT
Last-modified: Wed, 20 May 2020 19:04:48 GMT
Server: nginx/1.12.2
Etag: "d5993db306fb6870c45ddeb0bf148002"
Content-Type: image/jpeg
Connection: keep-alive
X-Host: hb-front11
X-Req-Id: CQkAr4id
Content-Length: 258618

GET
H/1.1 200
OK soC_CLWCFf8-cf9f0de9d62f937ad792cbf7de4fec95a74f3007.jpg
hb.bizmrg.com/ex-press/images/content/x256x256/ 29 KB
30 KB 94ms
94ms Image
image/jpeg 95.163.144.221
CYMRG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hb.bizmrg.com/ex-press/images/content/x256x256/soC_CLWCFf8-cf9f0de9d62f937ad792cbf7de4fec95a74f3007.jpg
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.163.144.221 , Russian Federation, ASN205830 (CYMRG-AS, CY),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: de9cf2787f487b2505c7fa21856f67b976f79e3ccf384f0de6955e164f20fbe3

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 21 May 2020 22:33:57 GMT
Last-modified: Sun, 22 Mar 2020 14:32:38 GMT
Server: nginx/1.12.2
Etag: "17f0a040a7f153a2f8474eb498e5f914"
Content-Type: image/jpeg
Connection: keep-alive
X-Host: hb-front9
X-Req-Id: oMfShCXA
Content-Length: 30139

GET
H/1.1 200
OK krysy0-2d221a7219b358398a4df79cc0ed6bc03ad4f5da.jpg
hb.bizmrg.com/ex-press/images/content/x256x256/ 29 KB
29 KB 148ms
148ms Image
image/jpeg 95.163.144.221
CYMRG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hb.bizmrg.com/ex-press/images/content/x256x256/krysy0-2d221a7219b358398a4df79cc0ed6bc03ad4f5da.jpg
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.163.144.221 , Russian Federation, ASN205830 (CYMRG-AS, CY),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 1e2ad327cb3a9a978fc0181bb03ed226a5642342780c657f1d171d6372ef24b9

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 21 May 2020 22:33:57 GMT
Last-modified: Mon, 16 Mar 2020 07:40:00 GMT
Server: nginx/1.12.2
Etag: "dbe58c9e647b955688d7bcc421f96bed"
Content-Type: image/jpeg
Connection: keep-alive
X-Host: hb-front21
X-Req-Id: 34tMAMwSY
Content-Length: 29816

GET
H/1.1 200
OK 06-809d94cbeb7c50ade9b8b99933795f26e0bb7c70.jpeg
hb.bizmrg.com/ex-press/images/content/x256x256/ 35 KB
35 KB 67ms
67ms Image
image/jpeg 95.163.144.221
CYMRG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hb.bizmrg.com/ex-press/images/content/x256x256/06-809d94cbeb7c50ade9b8b99933795f26e0bb7c70.jpeg
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.163.144.221 , Russian Federation, ASN205830 (CYMRG-AS, CY),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: db53921fa6f5678ba92bd274bbb66e15487991d0d5eb559ba296b16c516d06df

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 21 May 2020 22:33:57 GMT
Last-modified: Mon, 23 Mar 2020 08:32:06 GMT
Server: nginx/1.12.2
Etag: "03c3a82dc164e58f6b3a3c97c3cd1a4b"
Content-Type: image/jpeg
Connection: keep-alive
X-Host: hb-front25
X-Req-Id: 34TY8GF63
Content-Length: 35813

GET
H/1.1 200
OK virus-06029437041148e7bdb1c0d6b1ccb6f0a260d605.jpg
hb.bizmrg.com/ex-press/images/content/x256x256/ 33 KB
33 KB 119ms
119ms Image
image/jpeg 95.163.144.221
CYMRG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hb.bizmrg.com/ex-press/images/content/x256x256/virus-06029437041148e7bdb1c0d6b1ccb6f0a260d605.jpg
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.163.144.221 , Russian Federation, ASN205830 (CYMRG-AS, CY),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 2cd024c2dd963c8b50b7004ada972ee45d3952dbfab2b47686148cf4c29b0c0b

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 21 May 2020 22:33:57 GMT
Last-modified: Mon, 23 Mar 2020 09:23:25 GMT
Server: nginx/1.12.2
Etag: "ca11af849a35aefa0598b62ac65111d7"
Content-Type: image/jpeg
Connection: keep-alive
X-Host: hb-front14
X-Req-Id: auUEVN2y
Content-Length: 33343

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200519/r20190131/ Frame E544 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200519/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200519/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ex-press.by/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ex-press.by/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Wed, 20 May 2020 02:19:51 GMT
expires: Wed, 03 Jun 2020 02:19:51 GMT
content-type: text/html; charset=UTF-8
etag: 17826495148367054107
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4284
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 159245
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2
fonts.gstatic.com/s/roboto/v20/ 7 KB
7 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2

Requested by

Host: ex-press.by
URL: https://ex-press.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daf6c28c5a080458eba26ba64a95b1fcff823944d429ccb84e8a4f3a0baf05ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,500i,700,&subset=cyrillic
Origin: https://ex-press.by

Response headers

date: Sun, 17 May 2020 09:09:10 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:40 GMT
server: sffe
age: 393886
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6720
x-xss-protection: 0
expires: Mon, 17 May 2021 09:09:10 GMT

GET
H2 200 0edd7dbfd3145011e4ef.b.js Show response
cdn.admixer.net/scripts3/ 63 KB
19 KB 17ms
14ms Script
application/javascript 2a03:90c0:9997::9997
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/0edd7dbfd3145011e4ef.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software: nginx /
Resource Hash: f778b6ba9ce65a96906fd54215dff0f579547bf8c31a08cd518253b08c096832

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-id: cec-up-gc11
date: Thu, 21 May 2020 22:33:56 GMT
content-encoding: gzip
last-modified: Mon, 20 Apr 2020 11:44:06 GMT
server: nginx
status: 200
etag: W/"5e9d8b06-fa2a"
vary: Accept-Encoding
x-cached-since: 2020-05-08T13:10:20+00:00
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31622400
cache: HIT
expires: Sun, 09 May 2021 13:10:20 GMT

GET
H2 200 2e618849ee13451c8cf1.b.js Show response
cdn.admixer.net/scripts3/ 90 KB
25 KB 20ms
17ms Script
application/javascript 2a03:90c0:9997::9997
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/2e618849ee13451c8cf1.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software: nginx /
Resource Hash: 39db1cbb7e0c697d2edc944b73c6ef0ae0db04ff9bf57c3386e4620619c84fb1

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-id: cec-up-gc11
date: Thu, 21 May 2020 22:33:56 GMT
content-encoding: gzip
last-modified: Mon, 20 Apr 2020 11:44:08 GMT
server: nginx
status: 200
etag: W/"5e9d8b08-168f6"
vary: Accept-Encoding
x-cached-since: 2020-05-08T13:10:20+00:00
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31622400
cache: HIT
expires: Sun, 09 May 2021 13:10:20 GMT

GET
H/1.1 200
OK regnum_picture_1454416406475349_big-1-d97a922547d044c82c2f01e8c9550d1376aac0ec.jpg
hb.bizmrg.com/ex-press/images/content/x1024x1024/ 149 KB
149 KB 84ms
84ms Image
image/jpeg 95.163.144.221
CYMRG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hb.bizmrg.com/ex-press/images/content/x1024x1024/regnum_picture_1454416406475349_big-1-d97a922547d044c82c2f01e8c9550d1376aac0ec.jpg
Requested by: Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.163.144.221 , Russian Federation, ASN205830 (CYMRG-AS, CY),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 631d796e12cb4b14671581c87c355b5f5f63766fcddd30219437774fe95f147d

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 21 May 2020 22:33:57 GMT
Last-modified: Thu, 21 May 2020 09:34:59 GMT
Server: nginx/1.12.2
Etag: "1045f1f9d4034e14489e6642dd523d54"
Content-Type: image/jpeg
Connection: keep-alive
X-Host: hb-front9
X-Req-Id: S1QGrTJu
Content-Length: 152801

GET
H/1.1 200
OK otnoshenia-21-d9915a41fa575419306bd34d74964f45fa939e36.jpg
hb.bizmrg.com/ex-press/images/content/x1024x1024/ 191 KB
192 KB 145ms
145ms Image
image/jpeg 95.163.144.221
CYMRG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hb.bizmrg.com/ex-press/images/content/x1024x1024/otnoshenia-21-d9915a41fa575419306bd34d74964f45fa939e36.jpg
Requested by: Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.163.144.221 , Russian Federation, ASN205830 (CYMRG-AS, CY),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: a91e1b514d748fb25127cd1a0b3d5350f5cc64e375523fb2d1eb98e36539ecdf

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 21 May 2020 22:33:57 GMT
Last-modified: Thu, 21 May 2020 07:11:58 GMT
Server: nginx/1.12.2
Etag: "848343c2ae774d687b4981857c59444c"
Content-Type: image/jpeg
Connection: keep-alive
X-Host: hb-front25
X-Req-Id: 41gpuDpt
Content-Length: 195979

GET
H/1.1 200
OK 179689-3e5736803f7e12bf9ec8255b6787875ca9041e23.jpg
hb.bizmrg.com/ex-press/images/content/x256x256/ 18 KB
18 KB 93ms
92ms Image
image/jpeg 95.163.144.221
CYMRG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hb.bizmrg.com/ex-press/images/content/x256x256/179689-3e5736803f7e12bf9ec8255b6787875ca9041e23.jpg
Requested by: Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.163.144.221 , Russian Federation, ASN205830 (CYMRG-AS, CY),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: fabfd5769588a24835b8c23add5cd89b9fdb1f2eeb9fa2de260ad2012fe939ff

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 21 May 2020 22:33:57 GMT
Last-modified: Thu, 30 Apr 2020 08:20:48 GMT
Server: nginx/1.12.2
Etag: "c8e9dd34fad683676fc407dd05965bac"
Content-Type: image/jpeg
Connection: keep-alive
X-Host: hb-front11
X-Req-Id: VPXPJjvb
Content-Length: 17983

GET
H/1.1 200
OK aleh1-6d9e0f40b385e0a6a5fb4f90a3ba87bae6ef3246.jpg
hb.bizmrg.com/ex-press/images/users/x128x128/ 5 KB
5 KB 70ms
69ms Image
image/jpeg 95.163.144.221
CYMRG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hb.bizmrg.com/ex-press/images/users/x128x128/aleh1-6d9e0f40b385e0a6a5fb4f90a3ba87bae6ef3246.jpg?1529266149
Requested by: Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.163.144.221 , Russian Federation, ASN205830 (CYMRG-AS, CY),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 3602e06a0cd04a9b5682b39503f8f972528d0f0914bd8a57d484b8ab43fe8074

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 21 May 2020 22:33:57 GMT
Last-modified: Sun, 17 Jun 2018 20:09:10 GMT
Server: nginx/1.12.2
Etag: "4f1565bef5bb0aed9396a04aa4ba304b"
Content-Type: image/jpeg
Connection: keep-alive
X-Host: hb-front14
X-Req-Id: sfq5aNxS
Content-Length: 4623

GET
H/1.1 200
OK 222-cfebfb955a321469edaaaf2f44e3cd46bba67e69.jpg
hb.bizmrg.com/ex-press/images/content/x256x256/ 17 KB
17 KB 70ms
70ms Image
image/jpeg 95.163.144.221
CYMRG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hb.bizmrg.com/ex-press/images/content/x256x256/222-cfebfb955a321469edaaaf2f44e3cd46bba67e69.jpg
Requested by: Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.163.144.221 , Russian Federation, ASN205830 (CYMRG-AS, CY),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 665eeee1e9e9646daf7443c71cb72776d8bfabac7c84de62f74cc332e8619282

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 21 May 2020 22:33:57 GMT
Last-modified: Wed, 29 Apr 2020 18:38:53 GMT
Server: nginx/1.12.2
Etag: "67ec70ee5575b5f0ff45c7793ed25b4b"
Content-Type: image/jpeg
Connection: keep-alive
X-Host: hb-front21
X-Req-Id: 2T95AXxjD
Content-Length: 17603

GET
H/1.1 200
OK pavel-9204c2bb7db49d08c44c4d98db5bd30dbdafbd9e.jpg
hb.bizmrg.com/ex-press/images/users/x128x128/ 4 KB
4 KB 117ms
115ms Image
image/jpeg 95.163.144.221
CYMRG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hb.bizmrg.com/ex-press/images/users/x128x128/pavel-9204c2bb7db49d08c44c4d98db5bd30dbdafbd9e.jpg?1575297435
Requested by: Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.163.144.221 , Russian Federation, ASN205830 (CYMRG-AS, CY),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: fa7e491f62220efbaf437ccacf3748b8ae2c07da659e0ed34c3e9609f81b513c

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 21 May 2020 22:33:57 GMT
Last-modified: Mon, 02 Dec 2019 14:37:18 GMT
Server: nginx/1.12.2
Etag: "23e7a789b91249a71ed676ad3aa9dfe1"
Content-Type: image/jpeg
Connection: keep-alive
X-Host: hb-front9
X-Req-Id: 25yd5Psv9
Content-Length: 4093

GET
H/1.1 200
OK 1111-12a1377532ac5756080b6e4ea9c4b0cbfcf6216f.jpg
hb.bizmrg.com/ex-press/images/content/x256x256/ 21 KB
21 KB 65ms
64ms Image
image/jpeg 95.163.144.221
CYMRG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hb.bizmrg.com/ex-press/images/content/x256x256/1111-12a1377532ac5756080b6e4ea9c4b0cbfcf6216f.jpg
Requested by: Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.163.144.221 , Russian Federation, ASN205830 (CYMRG-AS, CY),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 07eae48ea1d76aaa9d3af8e0ef24a6132634c506b770af3a4040db0b2d0a1fb3

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 21 May 2020 22:33:57 GMT
Last-modified: Thu, 20 Feb 2020 20:59:20 GMT
Server: nginx/1.12.2
Etag: "0b48633c522be0eb2d7a5472eddbe993"
Content-Type: image/jpeg
Connection: keep-alive
X-Host: hb-front11
X-Req-Id: 2rLEACTTT
Content-Length: 21469

GET
H/1.1 200
OK nasta-193f1784ac5dd6f312b0b30d3a0a255c4fc7a3f2.jpg
hb.bizmrg.com/ex-press/images/users/x128x128/ 7 KB
7 KB 70ms
69ms Image
image/jpeg 95.163.144.221
CYMRG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hb.bizmrg.com/ex-press/images/users/x128x128/nasta-193f1784ac5dd6f312b0b30d3a0a255c4fc7a3f2.jpg?1529239067
Requested by: Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.163.144.221 , Russian Federation, ASN205830 (CYMRG-AS, CY),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 16babe7e9f55e329cf94c48c2425d5f593b234870947c8edc5d71518bf0301c2

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 21 May 2020 22:33:57 GMT
Last-modified: Sun, 17 Jun 2018 12:37:49 GMT
Server: nginx/1.12.2
Etag: "241fff48cd8bec5b1dbc93c3d067a6d7"
Content-Type: image/jpeg
Connection: keep-alive
X-Host: hotbox6
X-Req-Id: rgvUprox
Content-Length: 6676

GET
H/1.1 200
OK 111-68393549ca1e2c1243aab70e3f14e8b4d8d7a05c.jpg
hb.bizmrg.com/ex-press/images/content/x256x256/ 30 KB
30 KB 97ms
97ms Image
image/jpeg 95.163.144.221
CYMRG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hb.bizmrg.com/ex-press/images/content/x256x256/111-68393549ca1e2c1243aab70e3f14e8b4d8d7a05c.jpg
Requested by: Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.163.144.221 , Russian Federation, ASN205830 (CYMRG-AS, CY),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: bb83bb11dcf380fb8740d802a1dbf05b7616b6d38b53f5a4471fd84fe9b32778

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 21 May 2020 22:33:57 GMT
Last-modified: Wed, 29 Jan 2020 17:59:32 GMT
Server: nginx/1.12.2
Etag: "aecd57ef2a311b5323e472e839ab8aa8"
Content-Type: image/jpeg
Connection: keep-alive
X-Host: hb-front14
X-Req-Id: vgWo5Z2Z
Content-Length: 30724

GET
H/1.1 200
OK picture-d80d1dd59f1aad04ad572a8d87e1b072b3a0c071.
hb.bizmrg.com/ex-press/images/users/x128x128/ 4 KB
4 KB 114ms
114ms Image
image/jpeg 95.163.144.221
CYMRG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hb.bizmrg.com/ex-press/images/users/x128x128/picture-d80d1dd59f1aad04ad572a8d87e1b072b3a0c071.?1541434046
Requested by: Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.163.144.221 , Russian Federation, ASN205830 (CYMRG-AS, CY),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 039ebed4b317407de26936cda56d98979f801ab1a2bc80fbf43a041da48f1876

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 21 May 2020 22:33:57 GMT
Last-modified: Mon, 05 Nov 2018 16:07:27 GMT
Server: nginx/1.12.2
Etag: "1085217b8ca79fbb5c0f0b8909bdb959"
Content-Type: image/jpeg
Connection: keep-alive
X-Host: hb-front21
X-Req-Id: UeNitmzR
Content-Length: 3660

GET
H/1.1 200
OK image_2020_05_18T05_18_26_920Z-a22962e7957d3eab7ed61bb029dc3bd3e7555fb4.png
hb.bizmrg.com/ex-press/images/content/x256x256/ 210 KB
210 KB 132ms
131ms Image
image/png 95.163.144.221
CYMRG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hb.bizmrg.com/ex-press/images/content/x256x256/image_2020_05_18T05_18_26_920Z-a22962e7957d3eab7ed61bb029dc3bd3e7555fb4.png
Requested by: Host: ex-press.by
URL: https://ex-press.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.163.144.221 , Russian Federation, ASN205830 (CYMRG-AS, CY),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 64bd5a43dc423d07a067e63277b69884266d276bc229f506ffc6c7d002ac6252

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 21 May 2020 22:33:57 GMT
Last-modified: Mon, 18 May 2020 13:18:37 GMT
Server: nginx/1.12.2
Etag: "c33d586adeffcd98aad7c488549917f4"
Content-Type: image/png
Connection: keep-alive
X-Host: hb-front25
X-Req-Id: kc2J2JJ7
Content-Length: 214685

GET
H/1.1 200
OK ukraina-2005-a5ef49110de7a34a82d5a6b080c9422126e91033.jpg
hb.bizmrg.com/ex-press/images/content/x1024x1024/ 198 KB
199 KB 71ms
70ms Image
image/jpeg 95.163.144.221
CYMRG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hb.bizmrg.com/ex-press/images/content/x1024x1024/ukraina-2005-a5ef49110de7a34a82d5a6b080c9422126e91033.jpg
Requested by: Host: ex-press.by
URL: https://ex-press.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.163.144.221 , Russian Federation, ASN205830 (CYMRG-AS, CY),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: f289dd51ba9ade5f2f4c31faab458aac1a281c3b1885fde36de8588be567abb8

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 21 May 2020 22:33:57 GMT
Last-modified: Wed, 20 May 2020 20:08:04 GMT
Server: nginx/1.12.2
Etag: "aec9cf4c82cc15c79e2fd98dfd0bba65"
Content-Type: image/jpeg
Connection: keep-alive
X-Host: hb-front11
X-Req-Id: 1c8mUCrj
Content-Length: 203010

GET
H/1.1 200
OK B058D390-6D47-4B44-8158-200F2D739B6C_w1023_r1_s_%281%29-e540d9138637c9edbfb2ac9a05d91e07e12c7ca7.jpg
hb.bizmrg.com/ex-press/images/content/x256x256/ 32 KB
32 KB 106ms
106ms Image
image/jpeg 95.163.144.221
CYMRG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hb.bizmrg.com/ex-press/images/content/x256x256/B058D390-6D47-4B44-8158-200F2D739B6C_w1023_r1_s_%281%29-e540d9138637c9edbfb2ac9a05d91e07e12c7ca7.jpg
Requested by: Host: ex-press.by
URL: https://ex-press.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.163.144.221 , Russian Federation, ASN205830 (CYMRG-AS, CY),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 2a62ea6f1cca201ea8da3bcca664b3c28ca5927b62332a1dcadcf8c06de84910

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 21 May 2020 22:33:57 GMT
Last-modified: Mon, 18 May 2020 14:42:05 GMT
Server: nginx/1.12.2
Etag: "3f9fc0654ed4d5e709e7dc27f82d1174"
Content-Type: image/jpeg
Connection: keep-alive
X-Host: hotbox6
X-Req-Id: B26Ae2qY
Content-Length: 32428

GET
H/1.1 200
OK 555-e51e8e664ea3833f0f26d611bd93ce4308b43fbb.png
hb.bizmrg.com/ex-press/images/content/x1024x1024/ 3 MB
3 MB 150ms
150ms Image
image/png 95.163.144.221
CYMRG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hb.bizmrg.com/ex-press/images/content/x1024x1024/555-e51e8e664ea3833f0f26d611bd93ce4308b43fbb.png
Requested by: Host: ex-press.by
URL: https://ex-press.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.163.144.221 , Russian Federation, ASN205830 (CYMRG-AS, CY),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: d8b37c6bf64268c51107a50c0b8a4308a638f75718f9e5a068ef96711fc678c7

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 21 May 2020 22:33:57 GMT
Last-modified: Tue, 26 Nov 2019 17:07:23 GMT
Server: nginx/1.12.2
Etag: "b2a9d8af15fd72e9730a197087290129"
Content-Type: image/png
Connection: keep-alive
X-Host: hb-front9
X-Req-Id: 21c31hGcN
Content-Length: 3029899

GET
H/1.1 200
OK Foto_internet_dlia_doma_MTS-6cd02df813474b81909723d98f34a42709c0402b.png
hb.bizmrg.com/ex-press/images/mega/original/ 487 KB
487 KB 79ms
79ms Image
image/png 95.163.144.221
CYMRG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hb.bizmrg.com/ex-press/images/mega/original/Foto_internet_dlia_doma_MTS-6cd02df813474b81909723d98f34a42709c0402b.png
Requested by: Host: ex-press.by
URL: https://ex-press.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.163.144.221 , Russian Federation, ASN205830 (CYMRG-AS, CY),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 1fcf6de011157c59a5a6b3d683e1600b923cda09746624de60f8e97729bbddb8

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 21 May 2020 22:33:57 GMT
Last-modified: Tue, 05 May 2020 11:53:31 GMT
Server: nginx/1.12.2
Etag: "6d346138bbddcf4f5192fd87dd435673"
Content-Type: image/png
Connection: keep-alive
X-Host: hb-front14
X-Req-Id: s2PhfkbS
Content-Length: 498234

GET
H/1.1 200
OK _MG_8974-c41e7070b8194b8d979fc8bf2f4d900134125315.JPG
hb.bizmrg.com/ex-press/images/content/x1024x1024/ 258 KB
258 KB 118ms
117ms Image
image/jpeg 95.163.144.221
CYMRG-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hb.bizmrg.com/ex-press/images/content/x1024x1024/_MG_8974-c41e7070b8194b8d979fc8bf2f4d900134125315.JPG
Requested by: Host: ex-press.by
URL: https://ex-press.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.163.144.221 , Russian Federation, ASN205830 (CYMRG-AS, CY),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 0ac82973c0a4a347732209860a33f90699a22a1f1ee8dca27573af49ad8fa784

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 21 May 2020 22:33:57 GMT
Last-modified: Tue, 10 Dec 2019 06:38:18 GMT
Server: nginx/1.12.2
Etag: "5f93c366907ed4285f7440b2b5c252c1"
Content-Type: image/jpeg
Connection: keep-alive
X-Host: hb-front21
X-Req-Id: 25eWjrW1Y
Content-Length: 264183

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-65182762-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 21:54:13 GMT
server: Golfe2
age: 5858
date: Thu, 21 May 2020 20:56:19 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18433
expires: Thu, 21 May 2020 22:56:19 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 82 KB
32 KB 21ms
21ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-126033838-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-65182762-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3385463060d3934220c2f0e78d8b163fa0c499a26d6e01691ffd32c87a6eb322

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 21 May 2020 22:33:57 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33147
x-xss-protection: 0
last-modified: Thu, 21 May 2020 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 21 May 2020 22:33:57 GMT

GET
H2 200 ex-press.by.400055.js Show response
jsc.mgid.com/e/x/ Frame 145B 145 KB
38 KB 59ms
26ms Script
text/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/e/x/ex-press.by.400055.js?t=202042122
Requested by: Host: ex-press.by
URL: https://ex-press.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2c2bd5201491dd2f819ab4ba8dd9466b4d187c77ab12c014ffaedf35671f8d3

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 21 May 2020 22:33:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 5191
cf-polished: origSize=148783
status: 200
last-modified: Tue, 14 Apr 2020 10:36:51 GMT
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-amz-request-id: 9CE623D9A1276F67
x-amz-id-2: cez3o5gSnb1iR9tPK68frFQyCwmyY8PBTsFI+GahfKDN3IKiP1DZNgByfMNtQlpzldmSztWNSxk=
cf-bgj: minify
server: cloudflare
etag: W/"0ca1a1f60102a50521016ec6f26245a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cf-request-id: 02daf840630000c7656db4e200000001
cf-ray: 5971c313db85c765-AMS
expires: Thu, 21 May 2020 23:33:57 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 97 KB
30 KB 18ms
18ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 01793dfe25a8daa227696e0d8630591f4b774fcac7f257eba7296f081cb4dbaa

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 21 May 2020 22:33:57 GMT
content-encoding: gzip
last-modified: Thu, 23 Apr 2020 08:37:28 GMT
server: nginx
etag: W/"5ea153c8-18582"
status: 200
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Fri, 22 May 2020 22:33:57 GMT

POST
H/1.1 200
OK / Show response
ad.mail.ru/hbid_yandex/ 11 B
334 B 133ms
46ms XHR
application/json 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/hbid_yandex/
Requested by: Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 21 May 2020 22:33:57 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://ex-press.by
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 80DB 0
0 58ms
58ms Document
text/html 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9813867482838331&output=html&adk=1812271804&adf=3025194257&lmt=1590100437&plat=1%3A32776%2C2%3A32776%2C8%3A32768%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fex-press.by%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1590100436913&bpp=20&bdt=336&idt=187&shv=r20200519&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4877061839492&frm=20&pv=2&ga_vid=1429654070.1590100437&ga_sid=1590100437&ga_hid=1612374462&ga_fc=0&iag=0&icsg=538968704&dssz=34&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066004%2C21066085&oid=3&pvsid=325195282189403&pem=210&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=0&uci=a!0&fsb=1&dtd=210

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200519/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9813867482838331&output=html&adk=1812271804&adf=3025194257&lmt=1590100437&plat=1%3A32776%2C2%3A32776%2C8%3A32768%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fex-press.by%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1590100436913&bpp=20&bdt=336&idt=187&shv=r20200519&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4877061839492&frm=20&pv=2&ga_vid=1429654070.1590100437&ga_sid=1590100437&ga_hid=1612374462&ga_fc=0&iag=0&icsg=538968704&dssz=34&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066004%2C21066085&oid=3&pvsid=325195282189403&pem=210&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=0&uci=a!0&fsb=1&dtd=210
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ex-press.by/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ex-press.by/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 21 May 2020 22:33:57 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 21-May-2020 22:48:57 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Thu, 21 May 2020 22:33:57 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200519/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

656716137d4e28b0da293f471affb65b1beb1a6c2d9fe2fa9c3640a592754b1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 21 May 2020 22:33:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1589974910160429"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27764
x-xss-protection: 0
expires: Thu, 21 May 2020 22:33:57 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t53.1;r;s1600*1200*24;uhttps%3A//ex-press.by/;hEX-PRESS.BY%20-%20%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0411%u043E%u0440%u0438%u0441%u043E%u0432%u0430%20%u0438%...
https://counter.yadro.ru/hit?q;t53.1;r;s1600*1200*24;uhttps%3A//ex-press.by/;hEX-PRESS.BY%20-%20%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0411%u043E%u0440%u0438%u0441%u043E%u0432%u0430%20%u043...

446 B
825 B

51ms
50ms

Image
image/gif

88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://counter.yadro.ru/hit?q;t53.1;r;s1600*1200*24;uhttps%3A//ex-press.by/;hEX-PRESS.BY%20-%20%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0411%u043E%u0440%u0438%u0441%u043E%u0432%u0430%20%u0438%20%u0416%u043E%u0434%u0438%u043D%u043E;0.5123261592494981
Requested by: Host: ex-press.by
URL: https://ex-press.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS: host198.rax.ru
Software: nginx/1.17.9 /
Resource Hash: e948f17828a289ece01762be1c6dc428658c12b48a0e7de1333b874390528869

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 21 May 2020 22:33:57 GMT
Server: nginx/1.17.9
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 446
Expires: Wed, 22 May 2019 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 21 May 2020 22:33:57 GMT
Server: nginx/1.17.9
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;t53.1;r;s1600*1200*24;uhttps%3A//ex-press.by/;hEX-PRESS.BY%20-%20%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0411%u043E%u0440%u0438%u0441%u043E%u0432%u0430%20%u0438%20%u0416%u043E%u0434%u0438%u043D%u043E;0.5123261592494981
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Wed, 22 May 2019 21:00:00 GMT

POST
H/1.1 200
OK counter
top-fwz1.mail.ru/ 43 B
1 KB 52ms
52ms Other
image/gif 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/counter?js=13;id=2082208;u=https%3A//ex-press.by/;st=1590100437152;title=EX-PRESS.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%BE%D1%80%D0%B8%D1%81%D0%BE%D0%B2%D0%B0%20%D0%B8%20%D0%96%D0%BE%D0%B4%D0%B8%D0%BD%D0%BE;s=1600*1200;vp=1600*1200;touch=0;hds=1;flash=;sid=90c3fd0e492cfde2;ver=60.2.0;tz=-120%2FEurope%2FBerlin;ni=9.9//4g/0/0/;lvid=1590100437168%3A1590100437201%3A1%3Ab700f9cf66aafe015e05fe5cdedd8d52;opts=dl;_=0.008027612252076377

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 21 May 2020 22:33:57 GMT
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Access-Control-Allow-Headers: *
AMP-Access-Control-Allow-Source-Origin: https://ex-press.by
Server: nginx
Access-Control-Allow-Methods: GET, POST, HEAD, PUT, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://ex-press.by
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Cache-Control: private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials: true
Accept-CH-Lifetime: 86400
Accept-CH: DPR, Width, Viewport-Width, Downlink, Device-Memory
Timing-Allow-Origin: https://ex-press.by
Keep-Alive: timeout=60

GET
H2 200 24a92d51334b923b3ff0.js Show response
an.yandex.ru/partner-code-bundles/11101/ 60 KB
16 KB 97ms
97ms Script
text/javascript 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/partner-code-bundles/11101/24a92d51334b923b3ff0.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

06721ed65a81ddab7fd51063563ae3cdba1fbed3f2afb5f7cf88dc4fa2125b2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;, max-age=31536000

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 21 May 2020 22:33:57 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
status: 200
content-length: 15715
timing-allow-origin: *
last-modified: Tue, 12 May 2020 08:27:19 GMT
server: nginx/1.12.2
etag: "7f7a9cd09e1b86eb628b75df5d626e9d"
strict-transport-security: max-age=43200000; includeSubDomains;, max-age=31536000
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=216013
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nofollow
expires: Fri, 22 May 2020 12:29:19 GMT

GET
H2 200 context_static.js Show response
an.yandex.ru/partner-code-bundles/11101/ 1 MB
186 KB 145ms
48ms Script
text/javascript 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/partner-code-bundles/11101/context_static.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

e3e561d1f826228ffa2f100751ceb3a9215f881b23e3ac3fb0a19af39ed5ad37

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;, max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ex-press.by/
Origin: https://ex-press.by

Response headers

date: Thu, 21 May 2020 22:33:57 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
status: 200
content-length: 189293
timing-allow-origin: *
last-modified: Tue, 12 May 2020 08:27:22 GMT
server: nginx/1.12.2
etag: "1b6e06a5751b6896a3630e6b6a3b4a06"
strict-transport-security: max-age=43200000; includeSubDomains;, max-age=31536000
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=216013
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nofollow
expires: Fri, 22 May 2020 01:07:41 GMT

GET
H2 200 tagging Show response
pubs2-eu.creativecdn.com/bidder/pubs/ 12 B
700 B 44ms
16ms XHR
application/json 185.184.8.30
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://pubs2-eu.creativecdn.com/bidder/pubs/tagging?type=json&group=f6b3325441bf147b0b36
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/2e618849ee13451c8cf1.b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.30 , Poland, ASN204995 (RTB-HOUSE-AMS, NL),
Reverse DNS: ip-185-184-8-30.rtbhouse.net
Software: /
Resource Hash: 681a33d230441a97b097286ab1305d86179ef9d4c1a38df03a080cedc34be93d

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 May 2020 22:33:57 GMT, Thu, 21 May 2020 22:33:57 GMT
status: 200
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
access-control-allow-origin: https://ex-press.by
access-control-max-age: 3600
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 12
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ce067 Show response
unfeaecmhszmsx.com/p/5e5e0e7fb11120227c421044/ 1 KB
2 KB 51ms
51ms XHR
application/json 212.224.112.8
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to

Full URL

https://unfeaecmhszmsx.com/p/5e5e0e7fb11120227c421044/ce067

Requested by

Host: unfeaecmhszmsx.com
URL: https://unfeaecmhszmsx.com/j/ex-press.by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

212.224.112.8 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),

Reverse DNS

dsde696-17.fornex.org

Software

nginx /

Resource Hash

64cb3b26d453361871e829fd98ee6422932cb0797ba9b08f80c5303ac37f7721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Viztrom-Token: 5d199fc3925b75e77884d121cdd983d8_tdtEOKosumFAmOLqKKPzJawj_b94dca4aed9fee76abc04cd11a5009da
Ref: https://ex-press.by/
Content-Type: application/json; charset=UTF-8

Response headers

date: Thu, 21 May 2020 22:33:57 GMT
x-content-type-options: nosniff
server: nginx
status: 200
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type, Viztrom-Token, Ref
strict-transport-security: max-age=31536000
access-control-allow-headers: Content-Type, Viztrom-Token, Ref
content-length: 1516

GET
H/1.1 200
OK version Show response
moevideo.biz/embed/core/ 45 B
219 B 164ms
163ms Script
application/javascript 92.223.103.176
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://moevideo.biz/embed/core/version?jsonp=&jsonpCallback=jsonp_1590100437276_66222
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/js/mvpt.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.223.103.176 Moscow, Russian Federation, ASN199524 (GCORE, AT),
Reverse DNS: f1.moevideo.net
Software: nginx /
Resource Hash: 9d466c5911e5d1263c2b91ad39d9871790b91f7454ce5d338b9a9f3eb37b2251

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 21 May 2020 22:33:57 GMT
Server: nginx
Connection: keep-alive
Content-Length: 45
X-My-Reqtime: 0.099
Content-Type: application/javascript

GET
H/1.1

200
OK

1 Show response
mc.yandex.ru/watch/1852558/
Redirect Chain

https://mc.yandex.ru/watch/1852558?wmode=7&page-url=https%3A%2F%2Fex-press.by%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1590100436207%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3...
https://mc.yandex.ru/watch/1852558/1?wmode=7&page-url=https%3A%2F%2Fex-press.by%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1590100436207%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101...

206 B
1001 B

49ms
49ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/1852558/1?wmode=7&page-url=https%3A%2F%2Fex-press.by%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1590100436207%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200522003357%3Aet%3A1590100437%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A295190312171%3Arqn%3A1%3Arn%3A123302391%3Ahid%3A38276192%3Ads%3A0%2C114%2C145%2C5%2C108%2C0%2C0%2C575%2C10%2C%2C%2C%2C945%3Afp%3A630%3Awn%3A36980%3Ahl%3A2%3Agdpr%3A14%3Av%3A1869%3Awv%3A2%3Arqnl%3A1%3Ast%3A1590100437%3Au%3A159010043775748966%3At%3AEX-PRESS.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%BE%D1%80%D0%B8%D1%81%D0%BE%D0%B2%D0%B0%20%D0%B8%20%D0%96%D0%BE%D0%B4%D0%B8%D0%BD%D0%BE

Requested by

Host: ex-press.by
URL: https://ex-press.by/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

dbc1c9c2a49351bd99d736b8dd33bfc3d2119f52a54f0d33c6f2f5e38e6117b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 21 May 2020 22:33:57 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 21-May-2020 22:33:57 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=31536000
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://ex-press.by
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 206
X-XSS-Protection: 1; mode=block
Expires: Thu, 21-May-2020 22:33:57 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 21 May 2020 22:33:57 GMT
Last-Modified: Thu, 21-May-2020 22:33:57 GMT
Server: nginx/1.14.2
Access-Control-Allow-Origin: https://ex-press.by
Strict-Transport-Security: max-age=31536000
Location: /watch/1852558/1?wmode=7&page-url=https%3A%2F%2Fex-press.by%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1590100436207%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200522003357%3Aet%3A1590100437%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A295190312171%3Arqn%3A1%3Arn%3A123302391%3Ahid%3A38276192%3Ads%3A0%2C114%2C145%2C5%2C108%2C0%2C0%2C575%2C10%2C%2C%2C%2C945%3Afp%3A630%3Awn%3A36980%3Ahl%3A2%3Agdpr%3A14%3Av%3A1869%3Awv%3A2%3Arqnl%3A1%3Ast%3A1590100437%3Au%3A159010043775748966%3At%3AEX-PRESS.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%BE%D1%80%D0%B8%D1%81%D0%BE%D0%B2%D0%B0%20%D0%B8%20%D0%96%D0%BE%D0%B4%D0%B8%D0%BD%D0%BE
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Thu, 21-May-2020 22:33:57 GMT

GET
H2 200 banner_direct.js Show response
yastatic.net/pcode-bundles/0.1712/banner_direct/ 54 KB
13 KB 38ms
38ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/pcode-bundles/0.1712/banner_direct/banner_direct.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

a148cb6d5bc95adc37a52ecb56d5caa172927a2893c9b41d27d4ef0afe70cbe3

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ex-press.by/
Origin: https://ex-press.by

Response headers

date: Thu, 21 May 2020 22:33:57 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
status: 200
content-length: 13157
timing-allow-origin: *
last-modified: Tue, 19 May 2020 12:02:45 GMT
server: nginx/1.17.9
etag: "1db7729ab05fce92a8c7715c3bf27c46"
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=216013
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 24 May 2020 10:31:18 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1612374462&t=pageview&_s=1&dl=https%3A%2F%2Fex-press.by%2F&ul=en-us&de=UTF-8&dt=EX-PRESS.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-65182762-2&cid=1429654070.1590100437&jid=2017124482&_gid=1975995313.1590100437&gjid=545459778&_v=j82&z=1769907327
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-65182762-2&cid=1429654070.1590100437&jid=2017124482&_v=j82&z=1769907327
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-65182762-2&cid=1429654070.1590100437&jid=2017124482&_v=j82&z=1769907327&slf_rd=1&random=1091057713

42 B
106 B

18ms
17ms

Image
image/gif

2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-65182762-2&cid=1429654070.1590100437&jid=2017124482&_v=j82&z=1769907327&slf_rd=1&random=1091057713

Requested by

Host: ex-press.by
URL: https://ex-press.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 May 2020 22:33:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 May 2020 22:33:57 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-65182762-2&cid=1429654070.1590100437&jid=2017124482&_v=j82&z=1769907327&slf_rd=1&random=1091057713
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK advert.gif
mc.yandex.ru/metrika/ 43 B
425 B 134ms
44ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: ex-press.by
URL: https://ex-press.by/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 21 May 2020 22:33:57 GMT
Last-Modified: Fri, 17 Jan 2020 08:05:01 GMT
Server: nginx/1.14.2
ETag: "5e216aad-2b"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Thu, 21 May 2020 23:33:57 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1612374462&t=pageview&_s=1&dl=https%3A%2F%2Fex-press.by%2F&ul=en-us&de=UTF-8&dt=EX-PRESS.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-126033838-1&cid=1429654070.1590100437&jid=1599016323&_gid=1975995313.1590100437&gjid=1660486798&_v=j82&z=1801992351

35 B
99 B

24ms
23ms

Image
image/gif

2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-126033838-1&cid=1429654070.1590100437&jid=1599016323&_gid=1975995313.1590100437&gjid=1660486798&_v=j82&z=1801992351

Requested by

Host: ex-press.by
URL: https://ex-press.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 21 May 2020 22:33:57 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 May 2020 22:33:57 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 302
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-126033838-1&cid=1429654070.1590100437&jid=1599016323&_gid=1975995313.1590100437&gjid=1660486798&_v=j82&z=1801992351
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 421
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
141 B 51ms
15ms XHR
text/plain 178.250.2.152
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=89&profileId=184&cb=63217285339
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.152 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

status: 204
date: Thu, 21 May 2020 22:33:57 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://ex-press.by
timing-allow-origin: *
vary: Origin

GET
DATA 200
OK truncated
/ 303 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c81a8b0d07b80c04c346c51a7e3a978d99b18c89c57b23dedc5aba33680e7504

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 pfdindisplaypro-regular-webfont.woff
cdn.mgid.com/fonts/ 143 KB
144 KB 56ms
19ms Font
binary/octet-stream 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mgid.com/fonts/pfdindisplaypro-regular-webfont.woff
Requested by: Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00d2f6cdc8935a366367038ae0c41970fb8179484bd7826fee8889adde33d887

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ex-press.by/
Origin: https://ex-press.by

Response headers

date: Thu, 21 May 2020 22:33:57 GMT
cf-cache-status: HIT
age: 6161
cf-ray: 5971c3168ddbd915-AMS
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 146832
x-amz-id-2: RvU5oOa8/Je8RHZc9fDp7aEQ91PXYcVPgyve9cj3Musg425qShnkAGXC1c18q6/ZpVu2rg/k+z8=
last-modified: Wed, 07 Aug 2019 13:46:10 GMT
server: cloudflare
etag: "eb96f10c2dc30d06d0969ff9c2ecfff0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
x-amz-request-id: 3BC9234C32601129
access-control-allow-origin: *
cf-request-id: 02daf842170000d915549c4200000001
accept-ranges: bytes
content-type: binary/octet-stream
cf-bgj: h2pri

GET
H2 200 advert.gif
code.giraff.io/data/ 43 B
190 B 64ms
64ms Image
image/gif 195.161.16.142
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://code.giraff.io/data/advert.gif
Requested by: Host: ex-press.by
URL: https://ex-press.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 195.161.16.142 Ostrovnoy, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 21 May 2020 22:33:57 GMT
last-modified: Thu, 21 May 2020 22:31:55 GMT
server: nginx/1.16.0
etag: "5ec7015b-2b"
status: 200
content-type: image/gif
access-control-allow-origin: *
accept-ranges: bytes
content-length: 43

GET
H2 200 v2 Show response
ads.adfox.ru/239538/getBulk/ 99 KB
32 KB 260ms
259ms XHR
application/json 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adfox.ru/239538/getBulk/v2?dl=https%3A%2F%2Fex-press.by%2F&date=2020-05-22T00%3A33%3A57.567%2B02%3A00&pd=22&pdh=1200&pdw=1600&pr1=2913448376&pr=1770391645&prr=&pv=0&pw=5&extid_loader=MTU5MDEwMDQzNzc1NzQ4OTY2&extid_tag_loader=ex-press.by&ylv=0.1713&ybv=0.1712&ytt=378232001529877&is-turbo=0&skip-token=&ad-session-id=8063411590100436840&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22width%22%3A1260%2C%22height%22%3A0%2C%22left%22%3A170%2C%22top%22%3A6953%2C%22visible%22%3A0%2C%22req_no%22%3A5%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=0&matchid-cookies=fEO4cFbeMKDuFZ8gzkHTk1N4qfHf1Dya3l4yFljlz4OIjj7lOzNM4A%3D%3D&matchid-cookies-sign=E8WuuE7oiVxEii7-c-a7Rw%3D%3D&p1=casqw&p2=y&slotNumber=6&matchid-direct=1&bids=W3siY2FtcGFpZ25faWQiOjc3MTAwNSwicmVzcG9uc2VfdGltZSI6NDg3LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMTMwNzU2OSJ9XQ%3D%3D&grab=dEVYLVBSRVNTLkJZIC0g0J3QvtCy0L7RgdGC0Lgg0JHQvtGA0LjRgdC-0LLQsCDQuCDQltC-0LTQuNC90L4KM9Cd0LXQvtCx0YXQvtC00LjQvNCwINCw0LLRgtC-0YDQuNC30LDRhtC40Y8gCg%3D%3D&utf8=%E2%9C%93

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

4549415ec541d7c210404b31b86239ef421befa2dbe2c6112e9be6566cc97bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 May 2020 22:33:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
status: 200
content-type: application/json
access-control-allow-origin: https://ex-press.by
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
260 B 16ms
15ms Image
image/gif 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=1
Requested by: Host: ex-press.by
URL: https://ex-press.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 21 May 2020 22:33:57 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sun, 16 May 2021 22:33:57 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
260 B 16ms
15ms Image
image/gif 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=2
Requested by: Host: ex-press.by
URL: https://ex-press.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 21 May 2020 22:33:57 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sun, 16 May 2021 22:33:57 GMT

GET
H2 200 1 Show response
servicer.mgid.com/400055/ 14 KB
5 KB 71ms
64ms Script
application/x-javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/400055/1?w=1260&h=433&cols=8&pv=5&cbuster=1590100437576509342698&cxurl=https%3A%2F%2Fex-press.by%2F&uniqId=01179&niet=4g&nisd=false&ref=&lu=https%3A%2F%2Fex-press.by%2F&pageView=1&pvid=172395f2a48b07ffef3&implVersion=10&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/e/x/ex-press.by.400055.js?t=202042122
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae391dafe45a7f9c3651ae1ecb18d4284e0b83f0d59a34e32635fbf7c1a8ea99

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 May 2020 22:33:57 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5971c3170856c765-AMS
content-type: application/x-javascript; charset=utf-8
cf-request-id: 02daf842620000c7656db70200000001

GET
H2 200 272126 Show response
an.yandex.ru/meta/ 26 KB
8 KB 149ms
149ms XHR
application/x-javascript 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/meta/272126?grab=dEVYLVBSRVNTLkJZIC0g0J3QvtCy0L7RgdGC0Lgg0JHQvtGA0LjRgdC-0LLQsCDQuCDQltC-0LTQuNC90L4KM9Cd0LXQvtCx0YXQvtC00LjQvNCwINCw0LLRgtC-0YDQuNC30LDRhtC40Y8gCg%3D%3D&target-ref=https%3A%2F%2Fex-press.by%2F&charset=utf-8&duid=MTU5MDEwMDQzNzc1NzQ4OTY2&imp-id=19&enable-flat-highlight=1&test-tag=473339755757570&ad-session-id=8063411590100436840&target-id=55454290&pcode-version=11101&flash-ver=0&available-width=1260&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22width%22%3A1260%2C%22height%22%3A0%2C%22left%22%3A170%2C%22top%22%3A3922%2C%22visible%22%3A0%2C%22ad_no%22%3A0%2C%22req_no%22%3A0%7D&callback=Ya%5B3298544297718%5D

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

8169373d81303348cc590685d1673813806eff6558c195ade45b702d38a5a35a

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 21 May 2020 22:33:57 GMT
content-encoding: gzip
last-modified: Thu, 21 May 2020 22:33:57 GMT
server: nginx/1.12.2
timing-allow-origin: *
status: 200
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://ex-press.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-type: application/x-javascript; charset=utf-8
x-xss-protection: 1; mode=block
expires: Thu, 21 May 2020 22:33:57 GMT

POST
H/1.1 200
OK 1
mc.yandex.ru/watch/1852558/ 43 B
534 B 48ms
48ms Other
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/1852558/1?page-url=https%3A%2F%2Fex-press.by%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Ans%3A1590100436207%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Az%3A120%3Ai%3A20200522003357%3Aet%3A1590100437%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Apa%3A1%3Als%3A295190312171%3Arqn%3A2%3Arn%3A536974270%3Ahid%3A38276192%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%3Agdpr%3A14%3Av%3A1869%3Awv%3A2%3Arqnl%3A1%3Ast%3A1590100438%3Au%3A159010043775748966

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 21 May 2020 22:33:57 GMT
Last-Modified: Thu, 21-May-2020 22:33:57 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Access-Control-Allow-Origin: https://ex-press.by
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: Thu, 21-May-2020 22:33:57 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.69/ 29 KB
8 KB 36ms
36ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.69/host.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/partner-code-bundles/11101/context_static.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

9fa8c2bb49f0e9e391d87f70459663c0e3898f32d4506c81239151b9c0b870d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ex-press.by/
Origin: https://ex-press.by

Response headers

date: Thu, 21 May 2020 22:33:57 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
status: 200
content-length: 8104
timing-allow-origin: *
last-modified: Tue, 20 Aug 2019 11:55:41 GMT
server: nginx/1.17.9
etag: "901e860c36afb614c88b40352db2214f"
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=216013
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 24 May 2020 10:31:25 GMT

POST
H/1.1 200
OK 351867 Show response
mc.yandex.ru/watch/ 35 B
581 B 48ms
48ms XHR
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/351867?wmode=7&cnt-class=1&nohit=1&page-url=https%3A%2F%2Fex-press.by%2F&charset=utf-8&browser-info=ti%3A10%3Adp%3A1%3Ans%3A1590100436207%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A2%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200522003357%3Aet%3A1590100438%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aad%3A1%3Apv%3A1%3Als%3A124152515329%3Arn%3A169232329%3Ahid%3A38276192%3Agdpr%3A14%3Aeu%3A1%3Av%3A1869%3Awv%3A2%3Arqnl%3A1%3Ast%3A1590100438%3Au%3A159010043775748966%3At%3AEX-PRESS.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%BE%D1%80%D0%B8%D1%81%D0%BE%D0%B2%D0%B0%20%D0%B8%20%D0%96%D0%BE%D0%B4%D0%B8%D0%BD%D0%BE

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Thu, 21 May 2020 22:33:57 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 21-May-2020 22:33:57 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=31536000
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://ex-press.by
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 35
X-XSS-Protection: 1; mode=block
Expires: Thu, 21-May-2020 22:33:57 GMT

POST
H/1.1 200
OK 1
mc.yandex.ru/watch/351867/ 43 B
534 B 45ms
45ms Other
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/351867/1?cnt-class=1&page-url=https%3A%2F%2Fex-press.by%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1590100436207%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A2%3Az%3A120%3Ai%3A20200522003357%3Aet%3A1590100438%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Apa%3A1%3Als%3A124152515329%3Arqn%3A1%3Arn%3A1045868685%3Ahid%3A38276192%3Ads%3A0%2C114%2C145%2C5%2C108%2C0%2C0%2C575%2C10%2C%2C%2C%2C945%3Afp%3A630%3Agdpr%3A14%3Aeu%3A1%3Av%3A1869%3Awv%3A2%3Arqnl%3A1%3Ast%3A1590100438%3Au%3A159010043775748966

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 21 May 2020 22:33:57 GMT
Last-Modified: Thu, 21-May-2020 22:33:57 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Access-Control-Allow-Origin: https://ex-press.by
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: Thu, 21-May-2020 22:33:57 GMT

POST
H/1.1 200
OK 351867
mc.yandex.ru/watch/ 43 B
534 B 94ms
48ms Other
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/351867?cnt-class=1&page-url=https%3A%2F%2Fex-press.by%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1590100436207%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A2%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200522003357%3Aet%3A1590100438%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Apv%3A1%3Als%3A124152515329%3Arqn%3A2%3Arn%3A922597644%3Ahid%3A38276192%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1869%3Awv%3A2%3Arqnl%3A1%3Ast%3A1590100438%3Au%3A159010043775748966%3At%3AEX-PRESS.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%BE%D1%80%D0%B8%D1%81%D0%BE%D0%B2%D0%B0%20%D0%B8%20%D0%96%D0%BE%D0%B4%D0%B8%D0%BD%D0%BE

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 21 May 2020 22:33:57 GMT
Last-Modified: Thu, 21-May-2020 22:33:57 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Access-Control-Allow-Origin: https://ex-press.by
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: Thu, 21-May-2020 22:33:57 GMT

POST
H/1.1 200
OK 272126 Show response
mc.yandex.ru/watch/ 35 B
581 B 55ms
45ms XHR
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/272126?wmode=7&cnt-class=1&nohit=1&page-url=https%3A%2F%2Fex-press.by%2F&charset=utf-8&browser-info=ti%3A10%3Adp%3A1%3Ans%3A1590100436207%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A3%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200522003357%3Aet%3A1590100438%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aad%3A1%3Apv%3A1%3Als%3A1467448779314%3Arn%3A409822194%3Ahid%3A38276192%3Agdpr%3A14%3Aeu%3A1%3Av%3A1869%3Awv%3A2%3Arqnl%3A1%3Ast%3A1590100438%3Au%3A159010043775748966%3At%3AEX-PRESS.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%BE%D1%80%D0%B8%D1%81%D0%BE%D0%B2%D0%B0%20%D0%B8%20%D0%96%D0%BE%D0%B4%D0%B8%D0%BD%D0%BE

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Thu, 21 May 2020 22:33:57 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 21-May-2020 22:33:57 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=31536000
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://ex-press.by
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 35
X-XSS-Protection: 1; mode=block
Expires: Thu, 21-May-2020 22:33:57 GMT

POST
H/1.1 200
OK 1
mc.yandex.ru/watch/272126/ 43 B
534 B 96ms
45ms Other
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/272126/1?cnt-class=1&page-url=https%3A%2F%2Fex-press.by%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1590100436207%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A3%3Az%3A120%3Ai%3A20200522003357%3Aet%3A1590100438%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Apa%3A1%3Als%3A1467448779314%3Arqn%3A1%3Arn%3A776324529%3Ahid%3A38276192%3Ads%3A0%2C114%2C145%2C5%2C108%2C0%2C0%2C575%2C10%2C%2C%2C%2C945%3Afp%3A630%3Agdpr%3A14%3Aeu%3A1%3Av%3A1869%3Awv%3A2%3Arqnl%3A1%3Ast%3A1590100438%3Au%3A159010043775748966

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 21 May 2020 22:33:58 GMT
Last-Modified: Thu, 21-May-2020 22:33:58 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Access-Control-Allow-Origin: https://ex-press.by
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: Thu, 21-May-2020 22:33:58 GMT

POST
H/1.1 200
OK 272126
mc.yandex.ru/watch/ 43 B
534 B 95ms
45ms Other
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/272126?cnt-class=1&page-url=https%3A%2F%2Fex-press.by%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1590100436207%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A3%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200522003357%3Aet%3A1590100438%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Apv%3A1%3Als%3A1467448779314%3Arqn%3A2%3Arn%3A589101598%3Ahid%3A38276192%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1869%3Awv%3A2%3Arqnl%3A1%3Ast%3A1590100438%3Au%3A159010043775748966%3At%3AEX-PRESS.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%BE%D1%80%D0%B8%D1%81%D0%BE%D0%B2%D0%B0%20%D0%B8%20%D0%96%D0%BE%D0%B4%D0%B8%D0%BD%D0%BE

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Thu, 21 May 2020 22:33:58 GMT
Last-Modified: Thu, 21-May-2020 22:33:58 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Access-Control-Allow-Origin: https://ex-press.by
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: Thu, 21-May-2020 22:33:58 GMT

GET
H2 200 wy150
avatars.mds.yandex.net/get-direct/95202/399vNCRJNsZcM-1bGzjwag/ 9 KB
9 KB 127ms
41ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/95202/399vNCRJNsZcM-1bGzjwag/wy150
Requested by: Host: ex-press.by
URL: https://ex-press.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 3a1cd7e92e260abdc38a79e761c6d624ec5995e8a4d5ab95cb84fdcb10ce2187

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 21 May 2020 22:33:58 GMT
last-modified: Thu, 07 Feb 2019 18:27:38 GMT
server: nginx
status: 200
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 8722
x-request-id: 8f0eaa05bd7e4c46

GET
H2 200 ex-pressby.js Show response
data.giraff.io/track/ 53 B
333 B 64ms
62ms Script
application/javascript 195.161.16.142
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://data.giraff.io/track/ex-pressby.js?r=&u=https%3A%2F%2Fex-press.by%2F&rand=0.6626207913540587&v=20200522013013&vis=1&callback=cbGeo117005540&sp=h
Requested by: Host: code.giraff.io
URL: https://code.giraff.io/data/widget-ex-pressby.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 195.161.16.142 Ostrovnoy, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: be09924f0b767ca9eb32c832d158968b6998ec5a38e9cfae8bc88675e867417d

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Thu, 21 May 2020 22:33:58 GMT
content-encoding: gzip
server: nginx/1.16.0
content-type: application/javascript, application/javascript
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"

POST
H2 200 jstracer Show response
an.yandex.ru/ 2 B
251 B 76ms
76ms XHR
application/json 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/jstracer

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 21 May 2020 22:33:58 GMT
server: nginx/1.12.2
status: 200
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 2
x-xss-protection: 1; mode=block

GET
H2 200 k3k702ZOKiLJc3WVjuplzOXREeHhJi4GEUJI9ob_ak4.woff2
fonts.gstatic.com/s/opensans/v10/ 21 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v10/k3k702ZOKiLJc3WVjuplzOXREeHhJi4GEUJI9ob_ak4.woff2

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/e/x/ex-press.by.400055.js?t=202042122

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8da489bfe3ba801f5e650f477a160e9a0bad62c872558d07573f4ca9e0e05e12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ex-press.by/
Origin: https://ex-press.by

Response headers

date: Mon, 18 May 2020 18:23:43 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Aug 2014 18:06:33 GMT
server: sffe
age: 274215
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21820
x-xss-protection: 0
expires: Tue, 18 May 2021 18:23:43 GMT

GET
H2 200 k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v10/ 16 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v10/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/e/x/ex-press.by.400055.js?t=202042122

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ex-press.by/
Origin: https://ex-press.by

Response headers

date: Sun, 17 May 2020 09:38:34 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Aug 2014 18:08:16 GMT
server: sffe
age: 392124
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16224
x-xss-protection: 0
expires: Mon, 17 May 2021 09:38:34 GMT

GET
H2 200 i.js Show response
cm.mgid.com/ 1 KB
663 B 63ms
62ms Script
application/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?cbuster=1590100438127375824952
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/e/x/ex-press.by.400055.js?t=202042122
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afd7515e692d3663ffddf24deaec03a5bbf4d8413e0dc2e8062a09a7943a987a

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 May 2020 22:33:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5971c31a5dbdc765-AMS
content-type: application/javascript
cf-request-id: 02daf844780000c7656db92200000001

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame AE99 186 B
372 B 63ms
63ms Script
application/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1590100438132887160579
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/e/x/ex-press.by.400055.js?t=202042122
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e83fc3dc542e7be4f58dea74a3d729956bf590acec4c8521de9dc8a74b276c6

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 May 2020 22:33:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5971c31a6dd5c765-AMS
content-type: application/javascript
cf-request-id: 02daf8447d0000c7656db93200000001

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 60ms
21ms Script
application/x-javascript 104.111.214.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/e/x/ex-press.by.400055.js?t=202042122
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.214.103 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-103.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 21 May 2020 22:33:58 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Fri, 22 May 2020 22:33:58 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ 144 B
352 B 17ms
17ms XHR
application/json 178.250.2.152
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=89&profileId=206&cb=4361887936
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.152 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: ec503c4b61cddbb716f84ac612b0e4ca744f24536f6347d3c1c3c538d219a517

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 21 May 2020 22:33:58 GMT
content-encoding: gzip
server: Finatra
status: 200
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ex-press.by
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 149

GET
H2 200 by_mgid_adc_logo_mini.svg
cdn.mgid.com/images/ 2 KB
1 KB 19ms
18ms Image
image/svg+xml 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/by_mgid_adc_logo_mini.svg
Requested by: Host: ex-press.by
URL: https://ex-press.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed09341e9cf6bbb14bd17e6a28e4d1c53c63826aec2f79fa598c475f86e02f1e

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 21 May 2020 22:33:58 GMT
content-encoding: br
cf-cache-status: HIT
age: 5959
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-amz-request-id: 43E8A76C70DE9CA3
x-amz-id-2: DS0ZaIbktyeNfd+5h2ft5SqOjIQKennfkXuAQqsm1Syg6FEVDVlE3Phf4Vzlyoyk9cAqamLsEiI=
last-modified: Wed, 29 Apr 2020 06:59:41 GMT
server: cloudflare
etag: W/"5f3390adb0b6aeb988c5d7415b31cbe1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cf-request-id: 02daf844840000c7656db94200000001
cf-ray: 5971c31a6de1c765-AMS
cf-bgj: h2pri

GET
H2 200 render.html
yastatic.net/safeframe-bundles/0.69/1-1-0/ Frame A129 0
0 34ms
34ms Document
text/html 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.69/1-1-0/render.html

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.69/host.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

:method: GET
:authority: yastatic.net
:scheme: https
:path: /safeframe-bundles/0.69/1-1-0/render.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ex-press.by/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ex-press.by/

Response headers

status: 200
server: nginx/1.17.9
date: Thu, 21 May 2020 22:33:58 GMT
content-type: text/html
content-length: 6026
content-encoding: br
x-robots-tag: noindex, noarchive, nofollow
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
access-control-allow-origin: *
cache-control: public, max-age=216013
last-modified: Tue, 20 Aug 2019 11:55:41 GMT
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
vary: Accept-Encoding
etag: "f883bd7781c332870c9968db60e89349"
timing-allow-origin: *
strict-transport-security: max-age=43200000; includeSubDomains;
expires: Sun, 24 May 2020 10:31:26 GMT
accept-ranges: bytes

GET
H2 200 / Show response
graph.facebook.com/ 64 B
468 B 52ms
35ms Script
text/javascript 2a03:2880:f01c:800e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=https%3A%2F%2Fex-press.by%2F&callback=_grf_5417090808565392

Requested by

Host: code.giraff.io
URL: https://code.giraff.io/data/widget-ex-pressby.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:800e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f514c8d05bebd533496fd040610b2f0c12a86b910e4536e0537a48542a07e9a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
etag: "150531ea26b929fc5af7bfa9dac2ed115cb128bf"
status: 200
x-fb-rev: 1002157926
alt-svc: h3-27=":443"; ma=3600
content-length: 64
pragma: no-cache
x-fb-debug: xQCog/MJScbPtyd0NuphTxMtcleHbnFplgf/MPhG4xz+lL+EtfESfVCiUGs1AtyhWa7pRzqBDZvu+cRzVn+nzw==
x-fb-trace-id: HsDO47kzrbv
date: Thu, 21 May 2020 22:33:58 GMT, Thu, 21 May 2020 22:33:58 GMT
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: A0viywYou3njrOaNcEFGYuC
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v3.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 share.php Show response
vk.com/ 22 B
321 B 253ms
74ms Script
text/html 87.240.190.78
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vk.com/share.php?act=count&url=https%3A%2F%2Fex-press.by%2F&index=0

Requested by

Host: code.giraff.io
URL: https://code.giraff.io/data/widget-ex-pressby.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.190.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),

Reverse DNS

srv78-190-240-87.vk.com

Software

VK / PHP/3.24515

Resource Hash

fd7dde841db613cdfef3e05385b10bb558d94f646227122d8a924b8e4fcb5142

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 21 May 2020 22:33:58 GMT
content-encoding: gzip
x-frontend: front213210
server: VK
x-powered-by: PHP/3.24515
strict-transport-security: max-age=15768000
content-type: text/html; charset=windows-1251
status: 200
access-control-expose-headers: X-Frontend
cache-control: no-store
content-length: 42

GET
H2 200 dk Show response
connect.ok.ru/ 34 B
2 KB 162ms
55ms Script
application/javascript 217.20.147.3
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ok.ru/dk?st.cmd=extLike&uid=odklcnt0&ref=https%3A%2F%2Fex-press.by%2F

Requested by

Host: code.giraff.io
URL: https://code.giraff.io/data/widget-ex-pressby.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

217.20.147.3 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

ip3.147.odnoklassniki.ru

Software

apache /

Resource Hash

73a02d9c62a576e3ca4987bde0b6fc625854ba53268ab300cb18e9b32c5c8658

Security Headers

Name

Value

Content-Security-Policy

default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adsafeprotected.com *.serving-sys.com https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org; worker-src blob: 'self'; connect-src * wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 21 May 2020 22:33:58 GMT
content-encoding: br
content-security-policy-report-only: default-src data: blob: about: 'self' 'unsafe-inline' 'unsafe-eval' https: wss:; report-uri /csp/report?always;
server: apache
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
status: 200
content-security-policy: default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adsafeprotected.com *.serving-sys.com https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org; worker-src blob: 'self'; connect-src * wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=40d4d510-f55e-4f6b-a67c-1db1d5e6bf85&ttl=1592692438

43 B
197 B

64ms
64ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=40d4d510-f55e-4f6b-a67c-1db1d5e6bf85&ttl=1592692438
Requested by: Host: ex-press.by
URL: https://ex-press.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 May 2020 22:33:58 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5971c31c4868c765-AMS
content-type: image/gif
cf-request-id: 02daf845aa0000c7656dba4200000001

Redirect headers

pragma: no-cache
date: Thu, 21 May 2020 22:33:58 GMT
x-aspnet-version: 4.0.30319
status: 302
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=40d4d510-f55e-4f6b-a67c-1db1d5e6bf85&ttl=1592692438
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D433143%26c%3D%7Bdevice_id%7D
https://cm.mgid.com/m?cdsp=433143&c=9095781c-ccda-49fe-be96-ceaf4bb50b8b

43 B
197 B

65ms
65ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433143&c=9095781c-ccda-49fe-be96-ceaf4bb50b8b
Requested by: Host: ex-press.by
URL: https://ex-press.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 May 2020 22:33:58 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5971c31befcac765-AMS
content-type: image/gif
cf-request-id: 02daf845740000c7656dba0200000001

Redirect headers

status: 307
date: Thu, 21 May 2020 22:33:58 GMT
content-length: 0
location: https://cm.mgid.com/m?cdsp=433143&c=9095781c-ccda-49fe-be96-ceaf4bb50b8b

GET
H2 200 /
cm.lentainform.com/setmuidn/ 0
329 B 177ms
57ms Image
image/gif 23.105.245.5
SERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lentainform.com/setmuidn/?muidf=k4lVG4ubz_xf
Requested by: Host: ex-press.by
URL: https://ex-press.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.105.245.5 , Russian Federation, ASN7979 (SERVERS, US),
Reverse DNS
Software: nginx/1.15.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 May 2020 22:33:58 GMT
server: nginx/1.15.10
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif

GET
H2 200 /
cm.idealmedia.io/setmuidn/ 0
556 B 109ms
71ms Image
image/gif 104.16.221.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=k4lVG4ubz_xf
Requested by: Host: ex-press.by
URL: https://ex-press.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.221.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 May 2020 22:33:58 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5971c31ba8b02bbc-AMS
content-type: image/gif
cf-request-id: 02daf8454900002bbc010d6200000001

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid
https://cm.mgid.com/m?cdsp=501037&c=nq0u47PDgQgbJnwVi0mZ&pi=mgid

43 B
189 B

59ms
59ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501037&c=nq0u47PDgQgbJnwVi0mZ&pi=mgid
Requested by: Host: ex-press.by
URL: https://ex-press.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 May 2020 22:33:58 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5971c31b8f44c765-AMS
content-type: image/gif
cf-request-id: 02daf845370000c7656db9d200000001

Redirect headers

status: 302
pragma: no-cache
date: Thu, 21 May 2020 22:33:58 GMT, Thu, 21 May 2020 22:33:58 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
location: https://cm.mgid.com/m?cdsp=501037&c=nq0u47PDgQgbJnwVi0mZ&pi=mgid
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43263&callback_url=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D501036%26c%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=43263&callback_url=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D501036%26c%3D%24%7BUSER_ID%7D&crf=1
https://cm.mgid.com/m?cdsp=501036&c=e0808ff3-6e85-528f-8de7-5915d32058c3

43 B
197 B

66ms
66ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501036&c=e0808ff3-6e85-528f-8de7-5915d32058c3
Requested by: Host: ex-press.by
URL: https://ex-press.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 May 2020 22:33:58 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5971c31bffedc765-AMS
content-type: image/gif
cf-request-id: 02daf8457d0000c7656dba1200000001

Redirect headers

status: 302
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
location: https://cm.mgid.com/m?cdsp=501036&c=e0808ff3-6e85-528f-8de7-5915d32058c3

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=k4lVG4ubz_xf
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=k4lVG4ubz_xf
https://eb2.3lift.com/xuid?mid=2409&xuid=fd189d54-3adc-4e02-bc6c-f0cb51f414e8&dongle=d3d3
https://eb2.3lift.com/xuid?ld=1&mid=2409&xuid=fd189d54-3adc-4e02-bc6c-f0cb51f414e8&dongle=d3d3&gdpr=1&cmp_cs=&us_privacy=

37 B
352 B

25ms
24ms

Image
image/gif

52.59.15.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=2409&xuid=fd189d54-3adc-4e02-bc6c-f0cb51f414e8&dongle=d3d3&gdpr=1&cmp_cs=&us_privacy=
Requested by: Host: ex-press.by
URL: https://ex-press.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.15.106 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-15-106.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Thu, 21 May 2020 22:33:58 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

status: 302
date: Thu, 21 May 2020 22:33:58 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: /xuid?ld=1&mid=2409&xuid=fd189d54-3adc-4e02-bc6c-f0cb51f414e8&dongle=d3d3&gdpr=1&cmp_cs=&us_privacy=
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=mgid
https://x.bidswitch.net/ul_cb/sync?ssp=mgid
https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=mgid
https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=mgid
https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=40068761-ddb4-4f95-abab-f76169c38196&ssp=mgid&user_group=1
https://cm.mgid.com/m?cdsp=433145&c=fd189d54-3adc-4e02-bc6c-f0cb51f414e8

43 B
302 B

79ms
79ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=fd189d54-3adc-4e02-bc6c-f0cb51f414e8
Requested by: Host: ex-press.by
URL: https://ex-press.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 May 2020 22:33:58 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5971c31d5a19c765-AMS
content-type: image/gif
cf-request-id: 02daf846540000c7656dba8200000001

Redirect headers

status: 302
date: Thu, 21 May 2020 22:33:58 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: //cm.mgid.com/m?cdsp=433145&c=fd189d54-3adc-4e02-bc6c-f0cb51f414e8
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

usync.html
eus.rubiconproject.com/
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

0
0

192ms
28ms

Image
text/html

104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by: Host: ex-press.by
URL: https://ex-press.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

Location: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date: Thu, 21 May 2020 22:33:58 GMT
Access-Control-Allow-Credentials: true
Server: AkamaiGHost
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 0

GET
H2

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azRsVkc0dWJ6X3hm&muidn=k4lVG4ubz_xf
https://cm.mgid.com/google?muidn=k4lVG4ubz_xf&google_ula={guid},5&google_gid=CAESEK6KWYCwr0CHIhq4LWhZqh0&google_cver=1

0
166 B

59ms
59ms

Image
text/plain

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=k4lVG4ubz_xf&google_ula={guid},5&google_gid=CAESEK6KWYCwr0CHIhq4LWhZqh0&google_cver=1
Requested by: Host: ex-press.by
URL: https://ex-press.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 May 2020 22:33:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5971c31cc954c765-AMS
content-type: text/plain
cf-request-id: 02daf845ff0000c7656dba7200000001

Redirect headers

pragma: no-cache
date: Thu, 21 May 2020 22:33:58 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.mgid.com/google?muidn=k4lVG4ubz_xf&google_ula={guid},5&google_gid=CAESEK6KWYCwr0CHIhq4LWhZqh0&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
https://cm.mgid.com/m?cdsp=287839&c=73eebba6-20d7-4a9f-b5ff-0046e489f8a7

43 B
434 B

72ms
70ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=287839&c=73eebba6-20d7-4a9f-b5ff-0046e489f8a7
Requested by: Host: ex-press.by
URL: https://ex-press.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 May 2020 22:33:59 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5971c3206e47c765-AMS
content-type: image/gif
cf-request-id: 02daf848420000c7656dbc7200000001

Redirect headers

date: Thu, 21 May 2020 22:33:58 GMT
via: 1.1 google
status: 302
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: //cm.mgid.com/m?cdsp=287839&c=73eebba6-20d7-4a9f-b5ff-0046e489f8a7
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0

GET
H2

200

m
cm.mgid.com/ Frame AE99
Redirect Chain

https://udata.mixmarket.biz/tr.php?syncnet=28&cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D311971%26mode%3Dinverse%26c%3D%24UID
https://cm.mgid.com/m?cdsp=311971&mode=inverse&c=0

43 B
328 B

66ms
66ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=311971&mode=inverse&c=0
Requested by: Host: ex-press.by
URL: https://ex-press.by/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 May 2020 22:33:58 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5971c31ddad3c765-AMS
content-type: image/gif
cf-request-id: 02daf846aa0000c7656dbaf200000001

Redirect headers

Location: https://cm.mgid.com/m?cdsp=311971&mode=inverse&c=0
Date: Thu, 21 May 2020 22:33:58 GMT
Server: nginx/1.14.2
Connection: keep-alive
Transfer-Encoding: chunked

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1590100438302&ns_c=UTF-8&cv=3.5&c8=EX-PRESS.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%BE%D1%80%D0%B8%D1%81%D0%...
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1590100438302&ns_c=UTF-8&cv=3.5&c8=EX-PRESS.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%BE%D1%80%D0%B8%D1%81%D0...

0
248 B

21ms
20ms

Image
text/plain

104.111.214.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1590100438302&ns_c=UTF-8&cv=3.5&c8=EX-PRESS.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%BE%D1%80%D0%B8%D1%81%D0%BE%D0%B2%D0%B0%20%D0%B8%20%D0%96%D0%BE%D0%B4%D0%B8%D0%BD%D0%BE&c7=https%3A%2F%2Fex-press.by%2F&c9=
Requested by: Host: ex-press.by
URL: https://ex-press.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.214.103 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-103.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 21 May 2020 22:33:58 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1590100438302&ns_c=UTF-8&cv=3.5&c8=EX-PRESS.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%BE%D1%80%D0%B8%D1%81%D0%BE%D0%B2%D0%B0%20%D0%B8%20%D0%96%D0%BE%D0%B4%D0%B8%D0%BD%D0%BE&c7=https%3A%2F%2Fex-press.by%2F&c9=
Pragma: no-cache
Date: Thu, 21 May 2020 22:33:58 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2023333.js Show response
a.giraff.io/data/ 5 KB
4 KB 204ms
63ms Script
application/json 195.161.16.132
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.giraff.io/data/2023333.js?json=1&async=1&cs=utf-8&rand=0.6686585800732152&num=4&as=&callback=callback28186171206517274
Requested by: Host: code.giraff.io
URL: https://code.giraff.io/data/widget-ex-pressby.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 195.161.16.132 Ostrovnoy, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: f1ebdb061d4db1439efbca60dd890870fc75da588aa0beb13fb2fe2e5caf5177

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 21 May 2020 22:33:58 GMT
content-encoding: gzip
server: nginx/1.16.0
status: 200
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR", policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
access-control-max-age: 1728000
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

POST
H2 200 giraffjs Show response
a.giraff.io/bidder/ 6 KB
3 KB 70ms
70ms XHR
application/json 195.161.16.132
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.giraff.io/bidder/giraffjs
Requested by: Host: code.giraff.io
URL: https://code.giraff.io/data/widget-ex-pressby.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 195.161.16.132 Ostrovnoy, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 9df4c8c41e2d2a7e428503bc84a97aabd466a0b99559bf9db1d8b88b730694c0

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 21 May 2020 22:33:58 GMT
content-encoding: gzip
server: nginx/1.16.0
status: 200
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://ex-press.by
access-control-max-age: 1728000
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
141 B 15ms
15ms XHR
text/plain 178.250.2.152
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=89&profileId=184&cb=35667056017
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.152 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

status: 204
date: Thu, 21 May 2020 22:33:58 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://ex-press.by
timing-allow-origin: *
vary: Origin

GET
H/1.1 200
OK / Show response
ad.mail.ru/adq/ 87 B
450 B 50ms
49ms Script
application/x-javascript 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/adq/?q=204300&sitename=rv2023335&count=4&callback=callback8089652090902255
Requested by: Host: code.giraff.io
URL: https://code.giraff.io/data/widget-ex-pressby.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: be3750a8775a90e5609de09442b8af8612f7434a0f86586ea6b2bc273aa6320a

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 21 May 2020 22:33:58 GMT
Content-Encoding: gzip
Server: nginx
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: private, no-cache, no-store
Connection: keep-alive
Timing-Allow-Origin: *

GET
H2 200 /
data.giraff.io/cpmlog/ex-pressby/ 0
261 B 66ms
65ms Image
application/javascript 195.161.16.142
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.giraff.io/cpmlog/ex-pressby/?ac=4&da=6.386
Requested by: Host: ex-press.by
URL: https://ex-press.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 195.161.16.142 Ostrovnoy, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 21 May 2020 22:33:58 GMT
server: nginx/1.16.0
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream, application/javascript
status: 200
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 0

GET
H2 200 /
data.giraff.io/mtlog/ex-pressby/ 0
261 B 66ms
66ms Image
application/javascript 195.161.16.142
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.giraff.io/mtlog/ex-pressby/?win1=10.696&win2=8.861&win3=7.982&win4=6.386
Requested by: Host: ex-press.by
URL: https://ex-press.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 195.161.16.142 Ostrovnoy, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 21 May 2020 22:33:58 GMT
server: nginx/1.16.0
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream, application/javascript
status: 200
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 0

GET
H2 200 /
a.giraff.io/winnotice/ 0
586 B 62ms
61ms Image
image/gif 195.161.16.132
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.giraff.io/winnotice/?imp_id=63AD6017F09F&ssp_id=giraffjs&ip=185.217.171.12&adp_id=2023335:ex_press.by&ad_id=d-10326595;&wp=10.696&bp=10.696&hash=15b7f0f6d28fe34fc267cb4bc2d8bc6d
Requested by: Host: ex-press.by
URL: https://ex-press.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 195.161.16.132 Ostrovnoy, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 21 May 2020 22:33:58 GMT
server: nginx/1.16.0
status: 200
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR", policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
access-control-allow-credentials: true
content-type: image/gif
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 0

GET
H2 200 /
a.giraff.io/winnotice/ 0
593 B 63ms
63ms Image
image/gif 195.161.16.132
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.giraff.io/winnotice/?imp_id=63AD6017F09F&ssp_id=giraffjs&ip=185.217.171.12&adp_id=2023335:ex_press.by&ad_id=d-10326147;&wp=8.861&bp=8.861&hash=c294f78de77bb4039ee2b690b7d9ed22
Requested by: Host: ex-press.by
URL: https://ex-press.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 195.161.16.132 Ostrovnoy, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 21 May 2020 22:33:58 GMT
server: nginx/1.16.0
status: 200
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR", policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
access-control-allow-credentials: true
content-type: image/gif
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 0

GET
H2 200 /
a.giraff.io/winnotice/ 0
599 B 62ms
61ms Image
image/gif 195.161.16.132
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.giraff.io/winnotice/?imp_id=63AD6017F09F&ssp_id=giraffjs&ip=185.217.171.12&adp_id=2023335:ex_press.by&ad_id=d-10326220;&wp=7.982&bp=7.982&hash=11d80633781de27627c46023943fb247
Requested by: Host: ex-press.by
URL: https://ex-press.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 195.161.16.132 Ostrovnoy, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 21 May 2020 22:33:58 GMT
server: nginx/1.16.0
status: 200
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR", policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
access-control-allow-credentials: true
content-type: image/gif
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 0

GET
H2 200 /
a.giraff.io/winnotice/ 0
604 B 62ms
62ms Image
image/gif 195.161.16.132
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.giraff.io/winnotice/?imp_id=63AD6017F09F&ssp_id=giraffjs&ip=185.217.171.12&adp_id=2023335:ex_press.by&ad_id=d-10326270;&wp=6.386&bp=6.386&hash=105ae8363cdbffa36d7e23959018be29
Requested by: Host: ex-press.by
URL: https://ex-press.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 195.161.16.132 Ostrovnoy, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 21 May 2020 22:33:59 GMT
server: nginx/1.16.0
status: 200
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR", policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
access-control-allow-credentials: true
content-type: image/gif
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 0

GET
H2 200 logo.svg
code.giraff.io/data/ 6 KB
7 KB 64ms
63ms Image
image/svg+xml 195.161.16.142
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://code.giraff.io/data/logo.svg
Requested by: Host: code.giraff.io
URL: https://code.giraff.io/data/widget-ex-pressby.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 195.161.16.142 Ostrovnoy, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 257fc426aac930f235dfdce8d6624910af7d0d125819410a1f64f7e7905a4d5b

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 21 May 2020 22:33:59 GMT
last-modified: Thu, 21 May 2020 22:31:54 GMT
server: nginx/1.16.0
etag: "5ec7015a-1999"
status: 200
content-type: image/svg+xml
access-control-allow-origin: *
accept-ranges: bytes
content-length: 6553

GET
H2 200 7519579.jpg
a.giraff.io/images/300x186/79/ 24 KB
24 KB 111ms
107ms Image
image/jpeg 195.161.16.132
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.giraff.io/images/300x186/79/7519579.jpg
Requested by: Host: ex-press.by
URL: https://ex-press.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 195.161.16.132 Ostrovnoy, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 432e2db9ad500263b4b50db97d9bb244345df37cf4384cf3b1874136f0d983bf

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 21 May 2020 22:33:59 GMT
last-modified: Fri, 15 May 2020 12:31:02 GMT
server: nginx/1.16.0
status: 200
etag: "5ebe8b86-5f77"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/jpeg
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 24439

GET
H2 200 7544459.jpg
a.giraff.io/images/300x186/59/ 18 KB
19 KB 117ms
114ms Image
image/jpeg 195.161.16.132
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.giraff.io/images/300x186/59/7544459.jpg
Requested by: Host: ex-press.by
URL: https://ex-press.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 195.161.16.132 Ostrovnoy, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 165460deadcf076fd356b56167f5ac9208a7632c8d02dfca08cb875a4f21b3ad

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 21 May 2020 22:33:59 GMT
last-modified: Thu, 21 May 2020 08:28:31 GMT
server: nginx/1.16.0
status: 200
etag: "5ec63baf-49ee"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/jpeg
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 18926

GET
H2 200 7542061.jpg
a.giraff.io/images/300x186/61/ 30 KB
30 KB 161ms
158ms Image
image/jpeg 195.161.16.132
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.giraff.io/images/300x186/61/7542061.jpg
Requested by: Host: ex-press.by
URL: https://ex-press.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 195.161.16.132 Ostrovnoy, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 6e3e69ea28dd93fab97573289c49c331197fb257b81808a6552c6c7ec2c5c57c

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 21 May 2020 22:33:59 GMT
last-modified: Wed, 20 May 2020 16:12:47 GMT
server: nginx/1.16.0
status: 200
etag: "5ec556ff-775e"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/jpeg
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 30558

GET
H2 200 7543999.jpg
a.giraff.io/images/300x186/99/ 22 KB
23 KB 164ms
161ms Image
image/jpeg 195.161.16.132
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.giraff.io/images/300x186/99/7543999.jpg
Requested by: Host: ex-press.by
URL: https://ex-press.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 195.161.16.132 Ostrovnoy, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: bf14dbf7dfcdbeb5ebb2213d42a048086b002b8c981509161851b579832345a9

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 21 May 2020 22:33:59 GMT
last-modified: Thu, 21 May 2020 06:51:50 GMT
server: nginx/1.16.0
status: 200
etag: "5ec62506-583e"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/jpeg
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 22590

GET
H2 200 7544074.jpg
a.giraff.io/images/300x186/74/ 47 KB
48 KB 164ms
161ms Image
image/jpeg 195.161.16.132
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.giraff.io/images/300x186/74/7544074.jpg
Requested by: Host: ex-press.by
URL: https://ex-press.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 195.161.16.132 Ostrovnoy, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 5352b28dd15621c1f299fd9cc10a7f791eb474916776f0b9a0af455f36ade832

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 21 May 2020 22:33:59 GMT
last-modified: Thu, 21 May 2020 07:21:37 GMT
server: nginx/1.16.0
status: 200
etag: "5ec62c01-bca4"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/jpeg
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 48292

GET
H2 200 7526594.jpg
a.giraff.io/images/300x186/94/ 24 KB
24 KB 164ms
162ms Image
image/jpeg 195.161.16.132
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.giraff.io/images/300x186/94/7526594.jpg
Requested by: Host: ex-press.by
URL: https://ex-press.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 195.161.16.132 Ostrovnoy, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 63bbabeb9b7dfb9633a12e24a4639db90c49061b773a1432b7bb23dc37cffdff

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 21 May 2020 22:33:59 GMT
last-modified: Sun, 17 May 2020 16:11:02 GMT
server: nginx/1.16.0
status: 200
etag: "5ec16216-5f16"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/jpeg
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 24342

GET
H2 200 7544128.jpg
a.giraff.io/images/300x186/28/ 45 KB
45 KB 166ms
164ms Image
image/jpeg 195.161.16.132
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.giraff.io/images/300x186/28/7544128.jpg
Requested by: Host: ex-press.by
URL: https://ex-press.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 195.161.16.132 Ostrovnoy, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 7a3993ed0e1a84e5f1d7e76fa411407e62beac1d353c48e6fc2f4fb674483730

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 21 May 2020 22:33:59 GMT
last-modified: Thu, 21 May 2020 07:01:33 GMT
server: nginx/1.16.0
status: 200
etag: "5ec6274d-b310"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/jpeg
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 45840

GET
H2 200 7528183.jpg
a.giraff.io/images/300x186/83/ 24 KB
25 KB 166ms
164ms Image
image/jpeg 195.161.16.132
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.giraff.io/images/300x186/83/7528183.jpg
Requested by: Host: ex-press.by
URL: https://ex-press.by/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 195.161.16.132 Ostrovnoy, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 5132a89298debe53d9a2127b7d7471ae47d46efedafca2af7df48298a57680f7

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 21 May 2020 22:33:59 GMT
last-modified: Mon, 18 May 2020 06:23:57 GMT
server: nginx/1.16.0
status: 200
etag: "5ec229fd-60a9"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/jpeg
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 24745

GET
H2 200 ex-pressby Show response
data.giraff.io/hit/ 0
297 B 63ms
62ms XHR
application/javascript 195.161.16.142
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://data.giraff.io/hit/ex-pressby?u=https%3A%2F%2Fex-press.by%2F&tag=pv_ae&tag=pv_rtb&tag=ws_ae_3&tag=ws_rtb_3&ht=1554&rand=0.3282621352099393
Requested by: Host: code.giraff.io
URL: https://code.giraff.io/data/widget-ex-pressby.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 195.161.16.142 Ostrovnoy, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 21 May 2020 22:33:59 GMT
server: nginx/1.16.0
status: 200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream, application/javascript
access-control-allow-origin: https://ex-press.by
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
5 KB 16ms
16ms XHR
application/json 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200519&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200519/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ed3849d3dc8bea9f76fab3d73678ffad93d809a6dbde52278c67c05924fa85b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 May 2020 22:33:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5561
x-xss-protection: 0

POST
H/1.1 200
OK tracker
top-fwz1.mail.ru/ 43 B
1 KB 52ms
52ms Other
image/gif 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=2082208;u=https%3A//ex-press.by/;st=1590100437152;s=1600*1200;vp=1600*1200;touch=0;hds=1;flash=;sid=90c3fd0e492cfde2;ver=60.2.0;tz=-120%2FEurope%2FBerlin;nt=0/0/1590100436207/////108/108/108/108/222/120/222/367/372/370/945/945/955/3131/3131/;ni=9.9//4g/0/0/;lvid=1590100437168%3A1590100439341%3A2%3Ab700f9cf66aafe015e05fe5cdedd8d52;opts=dl;_=0.7767454201496176;e=RT/load;et=1590100439340

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 21 May 2020 22:33:59 GMT
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Access-Control-Allow-Headers: *
AMP-Access-Control-Allow-Source-Origin: https://ex-press.by
Server: nginx
Access-Control-Allow-Methods: GET, POST, HEAD, PUT, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://ex-press.by
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Cache-Control: private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials: true
Accept-CH-Lifetime: 86400
Accept-CH: DPR, Width, Viewport-Width, Downlink, Device-Memory
Timing-Allow-Origin: https://ex-press.by
Keep-Alive: timeout=60

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
5 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200519/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 21 May 2020 22:33:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5456
x-xss-protection: 0
expires: Thu, 21 May 2020 22:33:59 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 53BD 0
0 7ms
6ms Document
text/html 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ex-press.by/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://ex-press.by/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Thu, 21 May 2020 22:27:25 GMT
expires: Fri, 21 May 2021 22:27:25 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 394
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
55 B 39ms
39ms Image
image/gif 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200519&jk=325195282189403&bg=!XF-lX0dYoR5eCw-dEDsCAAAARFIAAAANmQFzifM4jViZzcMzo7XiJQ9kMPrAnh_ikKWTLaTJhO3U-XXzjtdFnof6CiJkJogOizozTF-_r0Q2pDtIW4hr9vfhusj02s5G2nRR023dTLGP9-Af0BS8lWiydtrJGuuLJwpPwyQp2noTppvBjwTJnxGl1RCtk8MLrIcN91bwKDk0Taiq3xJbPViLFb_sNtZF0V_xNMwoa_mbzLGcTvNnTbP4SOPhes8TmKkKJhOSyvMAbDKILEymzo-FjiLHtFG6fKh8Zriw3gM7pdNve0pV6AGXcwj6dwO1qDq2tRWIPxXbAXmWs4sXk6tF49-mUEnVY-q0gw3CrztyZDiy6tS_S4wt8RWf1Ls0hxiCHimzUOred3mmR3lFVJhZXm3a4HcksVty-Q8tBsR-MA09c8KsVOjdiv-yC_bTw5txfOqcI4ctkJlpnpFh8SbWNVDsO5YMGpPlGlviqKpnWsswiT4W7DMUkLJIEGdq7T3esOwvDEU8-DhXeUg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 May 2020 22:33:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csm
bidder.criteo.com/ 0
141 B 14ms
14ms Other
text/plain 178.250.2.152
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm?ptv=89&profileId=184
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.152 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

status: 204
date: Thu, 21 May 2020 22:33:59 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://ex-press.by
timing-allow-origin: *
vary: Origin

GET
H2 200 1Vbqj5WY0N0100000000U9mpd5ndyFnlrn8rowkCn-COWC0J9X8gSRkz9BOwZfKXbH4edZcvxi8Ra7WfAv1NMmOaMXb1v4n6Lb46C5Z8oCCBOQraD6Q3iFOooirXPpWAvbzb11bqbv71Xe7XB-Ci9WQ6kKmWaQLCBvWP6DOoLG3PPvd-0y5JiCWh9W6LZnxca-iO6...
an.yandex.ru/rtbcount/ 43 B
318 B 69ms
69ms Image
image/gif 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/rtbcount/1Vbqj5WY0N0100000000U9mpd5ndyFnlrn8rowkCn-COWC0J9X8gSRkz9BOwZfKXbH4edZcvxi8Ra7WfAv1NMmOaMXb1v4n6Lb46C5Z8oCCBOQraD6Q3iFOooirXPpWAvbzb11bqbv71Xe7XB-Ci9WQ6kKmWaQLCBvWP6DOoLG3PPvd-0y5JiCWh9W6LZnxca-iO63nkR9KsMCRAy9S9P7ihCuZiPHO0abEPGKRCPMO2MGia5S3MRcJESDyoKUxVi_ohOFcxOF8diuCJFrX-5ek28nouX3acfwHcUkP7fQMvcNfOP3ccXhiMBMJPq680Lho2fLLh0yj_663SWSG-WCI-oGBnymVxXonfO73F_YqBoESJMATEED3Gq10605UgS-S0?confirmTime=2100000&confirmRatio=1000000&test-tag=473339755757570&format-type=54&actual-format=40&rnd=5507743080221&renderWidth=1260&renderHeight=90

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 May 2020 22:34:00 GMT
content-type: image/gif
last-modified: Thu, 21 May 2020 22:34:00 GMT
server: nginx/1.12.2
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
status: 200
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 21 May 2020 22:34:00 GMT

GET
H2 200 WD0ejI_zO0a0DGO0T0fqXziOiOFRkGK02G4nrG77NW00000uzlagY085kG8Thq61-TTyal02aBQXnWpm1G6W1km1gGUJVj3i_Oga9j070j08We20W0A02W682Wce2kW7of3-CfD-003uKxORCARm2mQe3vFzmRdUtwBI9k0F0P0Gt__ezy2HkVT6jSdgZU0K0V0Lm...
an.yandex.ru/count/ 0
265 B 78ms
78ms Image
text/plain 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/count/WD0ejI_zO0a0DGO0T0fqXziOiOFRkGK02G4nrG77NW00000uzlagY085kG8Thq61-TTyal02aBQXnWpm1G6W1km1gGUJVj3i_Oga9j070j08We20W0A02W682Wce2kW7of3-CfD-003uKxORCARm2mQe3vFzmRdUtwBI9k0F0P0Gt__ezy2HkVT6jSdgZU0K0V0LmOhsxAEFlFnZW1QLaC20W81MoHO00F0_WHS00000003mFmW0WM3WofnjBYaIsfrpGM5B3XKovahQEIf5QO1c~1=WRCejI_zO2W1JGq0D1PwDmeHA0A6XCt21e01mxG3Y06hZeouHf01fEYBtJQO0RZlpjWze06Ww8lTDgW1gE_Es3su0Op1dVqTs06ik-GRu06EWw0Nw05c-06YwU6-0PW2eh6h5Q02mil559W3m8Gzi0Eb1eW5lgaQa0NWcYAm1P_P2BW5dza8vP04u0Ltc0RQgwxI2AW6x06u1u05yGS00CBXvQ8AoGeviVZ1ql_o-0g0jHZP2vD-qEpzYgGcw0k-gHg83ABfuRu1gGp069ftkB6iF-WC0PWDdyfPFw0EXuuRsG-04EtUrnRG4CANhr-X4MIqwMEPcUdW4R29mW7e4UYtsipRhyUDKWMrGBQ_C_j8ODC_c1C1u1EVsGY85C6OffgBiA7a3Q0Kdza8g1JWcl3Hy_C5w1G8q1NmqVFp1TWLmOhsxAEFlFnZe1RGZvtr1R0MlGF95j0MekdXlW615vWNnfkQ6hWN0S0N0TWNm8Gz5G1JGyu1yOZEeVqhDf1HcEPbrrnK6T8X64WR8_Q19bf1gCjPkP3W9CZOYybu8oD6wugDdOUJnh1itGVl3bPAPnDi4t00~1?stat-id=5&test-tag=473340179437569&format-type=54&actual-format=40&banner-test-tags=eyI3MzQ1MzcxNjY2IjoiMzI3NjkifQ%3D%3D&renderWidth=1260&renderHeight=90&confirmTime=2100000&confirmRatio=1000000&wmode

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ex-press.by/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 May 2020 22:34:00 GMT
last-modified: Thu, 21 May 2020 22:34:00 GMT
server: nginx/1.12.2
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
status: 200
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 0
x-xss-protection: 1; mode=block
expires: Thu, 21 May 2020 22:34:00 GMT

Verdicts & Comments Add Verdict or Comment

137 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
yastatic.net/safeframe-bundles/0.69/1-1-0	1970-01-19 10:01:50	Name: pcssspb Value: 1
.doubleclick.net/	1970-01-19 19:03:16	Name: IDE Value: AHWqTUndy-EAS1C-RNJYxlwESmpPOkY6LkE7xMHmhiFxfp5ZHbp04n7GrmOg-GtU
.ex-press.by/	1970-01-19 17:41:11	Name: tmr_reqNum Value: 2
ex-press.by/	1969-12-31 23:59:59	Name: MarketGidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%2C%22TejndEEDj%22%3A%22Mbs_6w79*%22%7D%2C%22C400055%22%3A%7B%22page%22%3A1%2C%22time%22%3A1590100438114%7D%7D
.ex-press.by/	1970-01-19 09:41:42	Name: _ym_visorc_272126 Value: w
.ex-press.by/	1970-01-19 18:27:16	Name: _ym_uid Value: 159010043775748966
.ex-press.by/	1970-01-19 09:41:40	Name: _gat_gtag_UA_65182762_2 Value: 1
yastatic.net/safeframe-bundles/0.69/1-1-0	1970-01-19 09:43:06	Name: afpix Value: 1
.ex-press.by/	1970-01-19 09:41:42	Name: _ym_visorc_351867 Value: w
.ex-press.by/	1970-01-19 09:43:06	Name: _gid Value: GA1.2.1975995313.1590100437
.ex-press.by/	1970-01-19 09:42:52	Name: _ym_isad Value: 2
.ex-press.by/	1970-01-19 09:41:42	Name: _ym_visorc_1852558 Value: b
.ex-press.by/	1970-01-20 03:12:52	Name: _ga Value: GA1.2.1429654070.1590100437
.ex-press.by/	1970-01-19 18:27:16	Name: _ym_d Value: 1590100437
ex-press.by/	1969-12-31 23:59:59	Name: _grf_vis Value: 1
.ex-press.by/	1970-01-19 17:41:11	Name: tmr_lvid Value: b700f9cf66aafe015e05fe5cdedd8d52
.ex-press.by/	1970-01-19 09:41:40	Name: _gat_gtag_UA_126033838_1 Value: 1
.ex-press.by/	1970-01-19 17:41:11	Name: tmr_lvidTS Value: 1590100437168
ex-press.by/	1969-12-31 23:59:59	Name: _ex-press_session Value: YlExSTJZdi9PcU9TRGJuMDc2aVhhR3FYUWlRNU1aTDhKblFQWXphb0FObXZlSmdzTk9rT0xDWitSZXZyY3U4L3A1QTVpc3d0QjA0Zkh4MTk4djdMMWQrNzRYeUlvajlqZkNIRmk1Q1BTMzc1ZDc5cFpBNmN4b1lRZldrZ1g4Z2J1a1hGcDBSeWZ2dXliYmtwTTI1eDJ3PT0tLVZVVnQxcXNBUnA0YWovK3dWUnBOWEE9PQ%3D%3D--fbd617a3447a5fdf698ab8e2281cedd385a58371

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.admixer.net/scripts3/2e618849ee13451c8cf1.b.js(Line 1) Message: Chrome
console-api	log	URL: https://cdn.admixer.net/scripts3/2e618849ee13451c8cf1.b.js(Line 1) Message: Mraid Ready false
console-api	error	URL: https://cdn.admixer.net/scripts3/loader2.js(Line 1) Message: TypeError: Cannot read property 'slots' of undefined
console-api	debug	URL: https://jsc.mgid.com/e/x/ex-press.by.400055.js?t=202042122(Line 9) Message: [object HTMLImageElement]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	ALLOW-FROM *

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.giraff.io
ad.mail.ru
ads.adfox.ru
ads.betweendigital.com
adservice.google.com
adservice.google.de
an.yandex.ru
avatars.mds.yandex.net
bidder.criteo.com
cdn.admixer.net
cdn.mgid.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
code.giraff.io
connect.ok.ru
counter.yadro.ru
creativecdn.com
csync.loopme.me
data.giraff.io
eb2.3lift.com
eus.rubiconproject.com
ex-press.by
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
graph.facebook.com
hb.bizmrg.com
jsc.mgid.com
match.adsrvr.org
matchid.adfox.yandex.ru
mc.yandex.ru
moevideo.biz
pagead2.googlesyndication.com
prod.perf-serving.com
pubs2-eu.creativecdn.com
rtb-usw.mfadsrvr.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
servicer.mgid.com
static.criteo.net
stats.g.doubleclick.net
top-fwz1.mail.ru
tpc.googlesyndication.com
udata.mixmarket.biz
unfeaecmhszmsx.com
vk.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
yastatic.net
104.111.214.103
104.111.230.142
104.16.221.74
104.19.135.78
104.19.136.78
138.201.86.121
172.217.18.162
178.172.173.1
178.250.2.152
18.185.190.97
185.184.8.30
188.42.196.115
195.161.16.132
195.161.16.142
212.224.112.8
217.20.147.3
217.69.133.145
23.105.245.5
23.105.254.60
2a00:1148:db00::17
2a00:1450:4001:800::2003
2a00:1450:4001:801::2002
2a00:1450:4001:801::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:81a::2001
2a00:1450:4001:81b::2002
2a00:1450:4001:81b::200e
2a00:1450:4001:81c::2008
2a00:1450:4001:81e::2002
2a00:1450:4001:81e::2004
2a00:1450:4001:821::200a
2a00:1450:400c:c00::9d
2a02:2638::3
2a02:6b8:20::215
2a02:6b8::16b
2a02:6b8::184
2a02:6b8::1:119
2a02:6b8::90
2a03:2880:f01c:800e:face:b00c:0:2
2a03:90c0:9997::9997
35.157.107.235
35.212.212.222
52.208.84.65
52.59.15.106
77.88.21.179
87.240.190.78
88.212.201.198
92.223.103.176
95.163.144.221
00d2f6cdc8935a366367038ae0c41970fb8179484bd7826fee8889adde33d887
01793dfe25a8daa227696e0d8630591f4b774fcac7f257eba7296f081cb4dbaa
039ebed4b317407de26936cda56d98979f801ab1a2bc80fbf43a041da48f1876
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06721ed65a81ddab7fd51063563ae3cdba1fbed3f2afb5f7cf88dc4fa2125b2e
07eae48ea1d76aaa9d3af8e0ef24a6132634c506b770af3a4040db0b2d0a1fb3
0ac82973c0a4a347732209860a33f90699a22a1f1ee8dca27573af49ad8fa784
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
10ad93a3602068c768e39b1a132e9bb748eadbb70f35c6bfd36c08928a9f602c
165460deadcf076fd356b56167f5ac9208a7632c8d02dfca08cb875a4f21b3ad
16babe7e9f55e329cf94c48c2425d5f593b234870947c8edc5d71518bf0301c2
18bfac6f3b2186068e28b29cd2d44f0b146d1e292f374e313f83b6f4b9cca2ee
1bf5e538afe47f385ac89069842a824bbcde78f796d050afa72a9edc157ae68e
1dc7696ec8ba40fea77968f5d6152e307fc15c9a4d837bf0d549721558269075
1e2ad327cb3a9a978fc0181bb03ed226a5642342780c657f1d171d6372ef24b9
1fcf6de011157c59a5a6b3d683e1600b923cda09746624de60f8e97729bbddb8
21e5f922be75438d19e5ea594535b70d89d1a8ef9879df78cd4fdd1c8f530ae6
22d1983024be5b041adb113977c8f37ba9b1a88fad6e7396a932eb1f099f0a11
239f9f0863e6f2a87d6787242957c3ebf5e86df1250a611ab7cd831ca618a47a
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
257fc426aac930f235dfdce8d6624910af7d0d125819410a1f64f7e7905a4d5b
2a62ea6f1cca201ea8da3bcca664b3c28ca5927b62332a1dcadcf8c06de84910
2c40c114a29a94ad60ba553dfcd608f4bad56dfefb8102798140f7447486c134
2cd024c2dd963c8b50b7004ada972ee45d3952dbfab2b47686148cf4c29b0c0b
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
3385463060d3934220c2f0e78d8b163fa0c499a26d6e01691ffd32c87a6eb322
35620797865665a8a8579fe8c738d59a939250b227240e628a93983ac8d68dcc
357a40f12fcb7502acb15b75741517330cdd822580ced8cd06f8b38c9a481f4d
3602e06a0cd04a9b5682b39503f8f972528d0f0914bd8a57d484b8ab43fe8074
3646ef3fe7c94cd528001f1aca0158f7fdf25a0ef374729bcb84784dbb148a0c
39db1cbb7e0c697d2edc944b73c6ef0ae0db04ff9bf57c3386e4620619c84fb1
3a1cd7e92e260abdc38a79e761c6d624ec5995e8a4d5ab95cb84fdcb10ce2187
3d2d128eeaf1168539b862af2179cb4111d9eade387640d8e1560b228cf049c6
3f4264e52a620749500b5be7f1d28bc1524b806683be9bc6bca962dd59973813
432e2db9ad500263b4b50db97d9bb244345df37cf4384cf3b1874136f0d983bf
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4512a0f507a7df3a354a3f552a4b34e2e642ce0e4902c002dfd1ce55e33abce4
4549415ec541d7c210404b31b86239ef421befa2dbe2c6112e9be6566cc97bda
462ce4e2d4aedb456881efd89f707ab04d66febffd4851c9722b6b8c74d58356
5132a89298debe53d9a2127b7d7471ae47d46efedafca2af7df48298a57680f7
52d29fc3f8dcce32ab63feb880371517b1d340d8aa0f0cf9b6315e477975800f
5352b28dd15621c1f299fd9cc10a7f791eb474916776f0b9a0af455f36ade832
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
631d796e12cb4b14671581c87c355b5f5f63766fcddd30219437774fe95f147d
63bbabeb9b7dfb9633a12e24a4639db90c49061b773a1432b7bb23dc37cffdff
64bd5a43dc423d07a067e63277b69884266d276bc229f506ffc6c7d002ac6252
64cb3b26d453361871e829fd98ee6422932cb0797ba9b08f80c5303ac37f7721
656716137d4e28b0da293f471affb65b1beb1a6c2d9fe2fa9c3640a592754b1f
665eeee1e9e9646daf7443c71cb72776d8bfabac7c84de62f74cc332e8619282
681a33d230441a97b097286ab1305d86179ef9d4c1a38df03a080cedc34be93d
6bbce0c5c728ef9af45314950ae15bf00f2e7dc393687e29c1151ac3abc7b046
6e3e69ea28dd93fab97573289c49c331197fb257b81808a6552c6c7ec2c5c57c
73a02d9c62a576e3ca4987bde0b6fc625854ba53268ab300cb18e9b32c5c8658
7a3993ed0e1a84e5f1d7e76fa411407e62beac1d353c48e6fc2f4fb674483730
7c629458f65066b807f2ae90d539894176cd33f0d6645a522be2bd0b091d6809
7e83fc3dc542e7be4f58dea74a3d729956bf590acec4c8521de9dc8a74b276c6
7ed3849d3dc8bea9f76fab3d73678ffad93d809a6dbde52278c67c05924fa85b
8169373d81303348cc590685d1673813806eff6558c195ade45b702d38a5a35a
82bace4782876f2f6b01ad3fba94dbc55b51fd5f3ddbe8eb66f5f820a8df099d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
8491e358edc10417aba3a10a49fbe1506ae310fa7b5efcb0df94ad651b1cc9c5
8da489bfe3ba801f5e650f477a160e9a0bad62c872558d07573f4ca9e0e05e12
925275aa2f7ac76b175dc1bccc05f213317ecac219df3afd144d5e48fdb9c733
9747c46aba7bd716837748eafc04c3dd16abdb21ea8f12ec0daf66806413695d
9d466c5911e5d1263c2b91ad39d9871790b91f7454ce5d338b9a9f3eb37b2251
9df4c8c41e2d2a7e428503bc84a97aabd466a0b99559bf9db1d8b88b730694c0
9fa8c2bb49f0e9e391d87f70459663c0e3898f32d4506c81239151b9c0b870d6
a140d036db30cec2b09a1a1cc2fc9b1152017f941577ee119af5dd857b733b1a
a148cb6d5bc95adc37a52ecb56d5caa172927a2893c9b41d27d4ef0afe70cbe3
a17d2f4898d3f91296d282916c9dc6369b90adf1b9f76742d2ac7a71199277f2
a18ae18bb41400d4514a006c91f24d6451609df4003777eab642c692f4359c58
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2c2bd5201491dd2f819ab4ba8dd9466b4d187c77ab12c014ffaedf35671f8d3
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a91e1b514d748fb25127cd1a0b3d5350f5cc64e375523fb2d1eb98e36539ecdf
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa3f6b55667e94aca508a7d878ff4de4d04e2a9773a341cecae28bf829bf074d
abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1
ac4f45c63e7192b1c9fb64be19be7a03084e16dc33b4dcfedabb44cb390c25a2
acaca12e3be0fb4d6af47bd1e0b28390580d25f13b4fe07cf94ad392a898390e
ad33cf92723e1c644d9a329a36c8d8ffdd4e03ad9a72f92de214e87bd04bd1fa
ae391dafe45a7f9c3651ae1ecb18d4284e0b83f0d59a34e32635fbf7c1a8ea99
af2fdef955568dc79de38bfb097d53586855945811b638d6c41513bd62e25cc4
afd7515e692d3663ffddf24deaec03a5bbf4d8413e0dc2e8062a09a7943a987a
b0b0f193539c4116cea1196c75de39c39a215f87dac01780dd2a8f34d21b7b4e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb83bb11dcf380fb8740d802a1dbf05b7616b6d38b53f5a4471fd84fe9b32778
be09924f0b767ca9eb32c832d158968b6998ec5a38e9cfae8bc88675e867417d
be3750a8775a90e5609de09442b8af8612f7434a0f86586ea6b2bc273aa6320a
bf14dbf7dfcdbeb5ebb2213d42a048086b002b8c981509161851b579832345a9
c09468dcbdd4d9c762790e47034bfdfe7567fed9d13ece71c9e8d077f22d6315
c0cd8d6c8028f7d03fc811c3a9eb4c7fe63b025b1421fe14318c35662dbc404c
c13ac6777e60a6c0c8fed4e647fb6911216d8457951b076369e5c2d2cfba1bba
c465784ea66e8bfa06ff913a249b12d0c70e483cdb1f6bf81f9ac66d0630b2de
c5c87ff9b5cefb85b03ec252d02c6423fa5ca49848d9acb34ab28d9d2ccdfd18
c81a8b0d07b80c04c346c51a7e3a978d99b18c89c57b23dedc5aba33680e7504
ca8b8793c0fc7fba23b0480ff8a6c59d1c512088ab16bcc97a16d1f62d525e8e
cad0d40150eab1e7dccc38ac828459c5ada27f1855cfce5c1502629b4d6d581c
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
d03c6d194d610aa5322ebee5b5085f5d973e8b326a501e85ba9e3cd2c5428bc1
d8b37c6bf64268c51107a50c0b8a4308a638f75718f9e5a068ef96711fc678c7
d9d5465557038e8e0b5f91f8ed95775e44889fad6ad832d3ca3eac176dbee464
daf6c28c5a080458eba26ba64a95b1fcff823944d429ccb84e8a4f3a0baf05ca
db53921fa6f5678ba92bd274bbb66e15487991d0d5eb559ba296b16c516d06df
dbc1c9c2a49351bd99d736b8dd33bfc3d2119f52a54f0d33c6f2f5e38e6117b9
de73dcbd60118079d6b4f93c0af50eb89729f7776cae2ea02c748bf5d27034a3
de9cf2787f487b2505c7fa21856f67b976f79e3ccf384f0de6955e164f20fbe3
dfd8b30ad1850a56d48416d4a9ebf33db32e92393e087cca98b1c6c6d686c506
e13577fdba2dba9187d24a1573737637324b24fd36e9c4710fb2dd6560e00ec4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e561d1f826228ffa2f100751ceb3a9215f881b23e3ac3fb0a19af39ed5ad37
e948f17828a289ece01762be1c6dc428658c12b48a0e7de1333b874390528869
ec503c4b61cddbb716f84ac612b0e4ca744f24536f6347d3c1c3c538d219a517
ed09341e9cf6bbb14bd17e6a28e4d1c53c63826aec2f79fa598c475f86e02f1e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b
f1ebdb061d4db1439efbca60dd890870fc75da588aa0beb13fb2fe2e5caf5177
f1f2a9155ff584eaf5a543b9f47e1795da45a2b2bf3aafc82471832f2ea5f251
f289dd51ba9ade5f2f4c31faab458aac1a281c3b1885fde36de8588be567abb8
f31d4e668327bb776bb8e71a2ee151cdbaf7e71312f6183c99994d17673cae46
f514c8d05bebd533496fd040610b2f0c12a86b910e4536e0537a48542a07e9a8
f778b6ba9ce65a96906fd54215dff0f579547bf8c31a08cd518253b08c096832
fa7e491f62220efbaf437ccacf3748b8ae2c07da659e0ed34c3e9609f81b513c
fabfd5769588a24835b8c23add5cd89b9fdb1f2eeb9fa2de260ad2012fe939ff
fd7dde841db613cdfef3e05385b10bb558d94f646227122d8a924b8e4fcb5142
ffe5365cf019b5512218bbd0e3e9ba9b22abcfb24023bbc424dc6c0e83930c56

ex-press.by Open in urlscan Pro 178.172.173.1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

166 Requests

100 %HTTPS

43 %IPv6

40 Domains

55 Subdomains

41 IPs

10 Countries

10810 kBTransfer

14048 kBSize

19 Cookies

61 Outgoing links

Page URL History

Redirected requests

166 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

ex-press.by Open in urlscan Pro
178.172.173.1 Public Scan

Screenshot
Live screenshot

Full Image

166
Requests

100 %
HTTPS

43 %
IPv6

40
Domains

55
Subdomains

41
IPs

10
Countries

10810 kB
Transfer

14048 kB
Size

19
Cookies

166 HTTP transactions
1 data transactions