URL: http://afn.by/
Submission: On February 10 via manual from BY

Summary

This website contacted 20 IPs in 8 countries across 28 domains to perform 81 HTTP transactions. The main IP is 178.124.223.65, located in Minsk, Belarus and belongs to BELPAK-AS BELPAK, BY. The main domain is afn.by.
This is the only time afn.by was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 178.124.223.65 6697 (BELPAK-AS...)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 3 137.74.0.153 16276 (OVH)
8 2a03:90c0:999... 199524 (GCORE)
1 6 195.201.243.71 24940 (HETZNER-AS)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 12 146.0.227.110 29066 (VELIANET-...)
1 11 2a02:6b8::90 13238 (YANDEX)
3 13 2a02:6b8::1:119 13238 (YANDEX)
3 2a00:1450:400... 15169 (GOOGLE)
1 185.184.8.30 204995 (RTB-HOUSE...)
3 3 188.42.196.115 7979 (SERVERS)
3 3 83.222.114.190 42632 (MNOGOBYTE...)
6 6 172.217.18.98 15169 (GOOGLE)
1 1 193.106.93.124 48614 (ITSOFT-AS)
1 1 88.212.201.210 39134 (UNITEDNET)
2 2 144.76.85.254 24940 (HETZNER-AS)
2 2 185.15.175.146 43226 (SAFEDATA ...)
2 2 95.216.101.186 24940 (HETZNER-AS)
2 2 138.201.139.144 24940 (HETZNER-AS)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 81.222.128.213 20597 (ELTEL-AS)
1 31.220.27.134 39572 (ADVANCEDH...)
1 193.200.65.5 6681 (UPLOAD-NET)
4 4 3.122.47.160 16509 (AMAZON-02)
3 2a02:6b8::184 13238 (YANDEX)
3 2a02:6b8:20::215 13238 (YANDEX)
81 20
Domain Requested by
13 mc.yandex.ru 3 redirects afn.by
mc.yandex.ru
12 afn.by afn.by
11 an.yandex.ru 1 redirects afn.by
an.yandex.ru
10 inv-nets.admixer.net 4 redirects cdn.admixer.net
afn.by
8 cdn.admixer.net afn.by
cdn.admixer.net
6 cm.g.doubleclick.net 6 redirects
6 www.acint.net 1 redirects afn.by
www.acint.net
4 x.bidswitch.net 4 redirects
4 pagead2.googlesyndication.com afn.by
pagead2.googlesyndication.com
cdn.admixer.net
3 yastatic.net an.yandex.ru
yastatic.net
3 avatars.mds.yandex.net afn.by
3 rtb.com.ru 3 redirects
3 ads.betweendigital.com 3 redirects
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
3 gaby.hit.gemius.pl 2 redirects afn.by
2 inv-nets-eu.admixer.net afn.by
2 cm.p.altergeo.ru 2 redirects
2 sync.1dmp.io 2 redirects
2 dmg.digitaltarget.ru 2 redirects
2 x01.aidata.io 2 redirects
2 www.googletagservices.com pagead2.googlesyndication.com
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 www.google-analytics.com afn.by
1 t.trafmag.com afn.by
1 s.uuidksinc.net afn.by
1 ssp.adriver.ru afn.by
1 ads.adsinspidsp.com afn.by
1 counter.yadro.ru 1 redirects
1 prodmp.ru 1 redirects
1 pubs2-eu.creativecdn.com cdn.admixer.net
0 ws1.rqtrk.eu Failed afn.by
81 32

This site contains links to these domains. Also see Links.

Domain
an.yandex.ru
direct.yandex.ru
zen.yandex.ru
www.facebook.com
twitter.com
orgtorg.org
Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1O1
2020-01-21 -
2020-04-14
3 months crt.sh
*.hit.gemius.pl
Sectigo ECC Domain Validation Secure Server CA
2019-09-11 -
2021-09-24
2 years crt.sh
*.google.com
GTS CA 1O1
2020-01-21 -
2020-04-14
3 months crt.sh
*.admixer.net
Sectigo ECC Domain Validation Secure Server CA
2019-08-28 -
2020-08-27
a year crt.sh
mc.yandex.ru
Yandex CA
2019-09-23 -
2020-09-22
a year crt.sh
*.creativecdn.com
RapidSSL RSA CA 2018
2019-01-11 -
2021-04-11
2 years crt.sh
bs.yandex.ru
Yandex CA
2019-09-24 -
2020-09-23
a year crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2
2019-09-18 -
2020-09-17
a year crt.sh
*.adriver.ru
RapidSSL RSA CA 2018
2018-01-23 -
2020-04-23
2 years crt.sh
s.uuidksinc.net
COMODO RSA Domain Validation Secure Server CA
2017-08-31 -
2020-08-31
3 years crt.sh
*.trafmag.com
Sectigo RSA Domain Validation Secure Server CA
2019-06-04 -
2020-06-19
a year crt.sh
static.yandex.net
Yandex CA
2019-09-06 -
2020-09-05
a year crt.sh

This page contains 9 frames:

Primary Page: http://afn.by/
Frame ID: AA700551D79129C50014A09C8A9D87C7
Requests: 70 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200205/r20190131/zrt_lookup.html
Frame ID: 8C39A05F54EE4D4A7A8AA273E8E50AA5
Requests: 1 HTTP requests in this frame

Frame: https://inv-nets.admixer.net/c.html
Frame ID: 9AA3EFA748CDEE8DF08B81D5E26DE0E4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271363197717881&output=html&adk=1812271804&adf=3025194257&lmt=1581337245&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fafn.by%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1581337245566&bpp=18&bdt=131&fdt=110&idt=110&shv=r20200205&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3707054420045&frm=20&pv=2&ga_vid=1613456113.1581337246&ga_sid=1581337246&ga_hid=1449260793&ga_fc=0&iag=0&icsg=8448527&dssz=30&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1374206874843221&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=0&uci=a!0&fsb=1&dtd=127
Frame ID: DCB8019D7CD8F29F3B57AB1A2E670DC4
Requests: 1 HTTP requests in this frame

Frame: http://www.acint.net/mc/?dp=10&tc=1
Frame ID: 49C95CC477333CEDEA32CB70754F9F1F
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 4C1F222C9719EDFB0359BA424F8DBCA4
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1191230850516122&output=html&h=90&slotname=2820635487&adk=804009641&adf=3279755403&w=970&lmt=1581337246&psa=0&guci=1.2.0.0.2.2.0.0&format=970x90&url=http%3A%2F%2Fafn.by%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1581337245986&bpp=15&bdt=84&fdt=49&idt=49&shv=r20200205&cbv=r20190131&ptt=9&saldr=aa&correlator=3707054420045&frm=23&ife=5&pv=2&ga_vid=1613456113.1581337246&ga_sid=1581337246&ga_hid=1700497702&ga_fc=0&iag=3&icsg=170&nhd=1&dssz=7&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=308&ady=10&biw=1585&bih=1200&isw=970&ish=90&ifk=2344694012&scr_x=0&scr_y=0&eid=21065345%2C21065533&oid=3&pvsid=37012307343481&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=20&bc=23&ifi=1&uci=1.qyhr7ugetpkg&fsb=1&dtd=54
Frame ID: 0721894054C436ED366CB708EA585F4A
Requests: 1 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.69/1-1-0/render.html
Frame ID: 02CB180D5259E05296987DFD076023A2
Requests: 1 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.69/1-1-0/render.html
Frame ID: F3382094AB1D59AF7D9C5D0D90CB2FB5
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • script /https?:\/\/an\.yandex\.ru\//i

Overall confidence: 100%
Detected patterns
  • script /mc\.yandex\.ru\/metrika\/watch\.js/i

Overall confidence: 0.3%
Detected patterns
  • script /xgemius\.js/i

Page Statistics

81
Requests

59 %
HTTPS

38 %
IPv6

28
Domains

32
Subdomains

20
IPs

8
Countries

883 kB
Transfer

3058 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • http://gaby.hit.gemius.pl/_1581337245554/rexdot.gif?l=30&id=chuaoc_Qf5oBaF0jf1u_J5PaDqti6EO9B3Q0cN4cczz.H7&fr=1&fv=-&tz=-60&href=http%3A//afn.by/&ref=&screen=1600x1200&col=24 HTTP 301
  • https://gaby.hit.gemius.pl/_sslredir/_1581337245554/rexdot.gif?l=30&id=chuaoc_Qf5oBaF0jf1u_J5PaDqti6EO9B3Q0cN4cczz.H7&fr=1&fv=-&tz=-60&href=http%3A//afn.by/&ref=&screen=1600x1200&col=24 HTTP 301
  • https://gaby.hit.gemius.pl/__/_sslredir/_1581337245554/rexdot.gif?l=30&id=chuaoc_Qf5oBaF0jf1u_J5PaDqti6EO9B3Q0cN4cczz.H7&fr=1&fv=-&tz=-60&href=http%3A//afn.by/&ref=&screen=1600x1200&col=24
Request Chain 24
  • http://mc.yandex.ru/metrika/watch.js HTTP 301
  • https://mc.yandex.ru/metrika/watch.js
Request Chain 28
  • http://www.acint.net/mc/?dp=10 HTTP 302
  • http://www.acint.net/mc/?dp=10&tc=1
Request Chain 39
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID} HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}&crf=1 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=a6fd4f3d-cdd5-49e6-ab6c-d9fb17650508
Request Chain 40
  • https://rtb.com.ru/admixer-sync?uid=bf46fa0cfb0444789e67728a3f12b7bb HTTP 302
  • https://rtb.com.ru/sync?sspKey=36&sspUserID=bf46fa0cfb0444789e67728a3f12b7bb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adspend&google_cm&google_hm=5e414a9da62fbd3db54f6ffd&r=%2F%2Fprodmp.ru%2Frefocus.gif%3Fdsp_provider_id%3D2%26uid%3D5e414a9da62fbd3db54f6ffd%26r%3D%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D6472613%2526id%253D5e414a9da62fbd3db54f6ffd%2526dest%253D%25252F%25252Fdmg.digitaltarget.ru%25252F1%25252F224%25252Fi%25252Fi%25253Fa%25253D224%252526e%25253D5e414a9da62fbd3db54f6ffd%252526i%25253D947016421780609922%252526r%25253D%2525252F%2525252Fsync.1dmp.io%2525252Fpixel.gif%2525253Fcid%2525253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%25252526pid%2525253Dw%25252526uid%2525253D5e414a9da62fbd3db54f6ffd%25252526ru%2525253D%252525252F%252525252Fcm.p.altergeo.ru%252525252Fspnd%252525253Faid%252525253D5e414a9da62fbd3db54f6ffd%2525252526nc%252525253D1370711554325671351%2525252526url%252525253D%25252525252F%25252525252Fan.yandex.ru%25252525252Fsetud%25252525252Fadspend%25252525252F5tspqTjVHyxTTiTRzw78fH%25252525253Fsign%25252525253D2014963227%252525252526location%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Ftop-fwz1.mail.ru%2525252525252Fcounter%2525252525253Fid%2525252525253D3138228%2525252525253Bpid%2525252525253D5e414a9da62fbd3db54f6ffd HTTP 302
  • https://rtb.com.ru/adx-sync?r=%2F%2Fprodmp.ru%2Frefocus.gif%3Fdsp_provider_id%3D2%26uid%3D5e414a9da62fbd3db54f6ffd%26r%3D%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D6472613%2526id%253D5e414a9da62fbd3db54f6ffd%2526dest%253D%25252F%25252Fdmg.digitaltarget.ru%25252F1%25252F224%25252Fi%25252Fi%25253Fa%25253D224%252526e%25253D5e414a9da62fbd3db54f6ffd%252526i%25253D947016421780609922%252526r%25253D%2525252F%2525252Fsync.1dmp.io%2525252Fpixel.gif%2525253Fcid%2525253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%25252526pid%2525253Dw%25252526uid%2525253D5e414a9da62fbd3db54f6ffd%25252526ru%2525253D%252525252F%252525252Fcm.p.altergeo.ru%252525252Fspnd%252525253Faid%252525253D5e414a9da62fbd3db54f6ffd%2525252526nc%252525253D1370711554325671351%2525252526url%252525253D%25252525252F%25252525252Fan.yandex.ru%25252525252Fsetud%25252525252Fadspend%25252525252F5tspqTjVHyxTTiTRzw78fH%25252525253Fsign%25252525253D2014963227%252525252526location%25252525253Dhttps%2525252525253A%2525252525252F%2525252525252Ftop-fwz1.mail.ru%2525252525252Fcounter%2525252525253Fid%2525252525253D3138228%2525252525253Bpid%2525252525253D5e414a9da62fbd3db54f6ffd&google_gid=CAESEIv1aVFdoJO1G0esoeAuiM8&google_cver=1 HTTP 302
  • https://prodmp.ru/refocus.gif?dsp_provider_id=2&uid=5e414a9da62fbd3db54f6ffd&r=%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D5e414a9da62fbd3db54f6ffd%26dest%3D%252F%252Fdmg.digitaltarget.ru%252F1%252F224%252Fi%252Fi%253Fa%253D224%2526e%253D5e414a9da62fbd3db54f6ffd%2526i%253D947016421780609922%2526r%253D%25252F%25252Fsync.1dmp.io%25252Fpixel.gif%25253Fcid%25253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%252526pid%25253Dw%252526uid%25253D5e414a9da62fbd3db54f6ffd%252526ru%25253D%2525252F%2525252Fcm.p.altergeo.ru%2525252Fspnd%2525253Faid%2525253D5e414a9da62fbd3db54f6ffd%25252526nc%2525253D1370711554325671351%25252526url%2525253D%252525252F%252525252Fan.yandex.ru%252525252Fsetud%252525252Fadspend%252525252F5tspqTjVHyxTTiTRzw78fH%252525253Fsign%252525253D2014963227%2525252526location%252525253Dhttps%25252525253A%25252525252F%25252525252Ftop-fwz1.mail.ru%25252525252Fcounter%25252525253Fid%25252525253D3138228%25252525253Bpid%25252525253D5e414a9da62fbd3db54f6ffd HTTP 302
  • https://counter.yadro.ru/id127/refocusdmp-id.gif?uid=5e414a9da62fbd3db54f6ffd&r=%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D5e414a9da62fbd3db54f6ffd%26dest%3D%252F%252Fdmg.digitaltarget.ru%252F1%252F224%252Fi%252Fi%253Fa%253D224%2526e%253D5e414a9da62fbd3db54f6ffd%2526i%253D947016421780609922%2526r%253D%25252F%25252Fsync.1dmp.io%25252Fpixel.gif%25253Fcid%25253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%252526pid%25253Dw%252526uid%25253D5e414a9da62fbd3db54f6ffd%252526ru%25253D%2525252F%2525252Fcm.p.altergeo.ru%2525252Fspnd%2525253Faid%2525253D5e414a9da62fbd3db54f6ffd%25252526nc%2525253D1370711554325671351%25252526url%2525253D%252525252F%252525252Fan.yandex.ru%252525252Fsetud%252525252Fadspend%252525252F5tspqTjVHyxTTiTRzw78fH%252525253Fsign%252525253D2014963227%2525252526location%252525253Dhttps%25252525253A%25252525252F%25252525252Ftop-fwz1.mail.ru%25252525252Fcounter%25252525253Fid%25252525253D3138228%25252525253Bpid%25252525253D5e414a9da62fbd3db54f6ffd&dsp_provider_id=2 HTTP 302
  • https://x01.aidata.io/0.gif?pid=6472613&id=5e414a9da62fbd3db54f6ffd&dest=%2F%2Fdmg.digitaltarget.ru%2F1%2F224%2Fi%2Fi%3Fa%3D224%26e%3D5e414a9da62fbd3db54f6ffd%26i%3D947016421780609922%26r%3D%252F%252Fsync.1dmp.io%252Fpixel.gif%253Fcid%253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%2526pid%253Dw%2526uid%253D5e414a9da62fbd3db54f6ffd%2526ru%253D%25252F%25252Fcm.p.altergeo.ru%25252Fspnd%25253Faid%25253D5e414a9da62fbd3db54f6ffd%252526nc%25253D1370711554325671351%252526url%25253D%2525252F%2525252Fan.yandex.ru%2525252Fsetud%2525252Fadspend%2525252F5tspqTjVHyxTTiTRzw78fH%2525253Fsign%2525253D2014963227%25252526location%2525253Dhttps%252525253A%252525252F%252525252Ftop-fwz1.mail.ru%252525252Fcounter%252525253Fid%252525253D3138228%252525253Bpid%252525253D5e414a9da62fbd3db54f6ffd HTTP 302
  • https://x01.aidata.io/0.gif?pid=6472613&id=5e414a9da62fbd3db54f6ffd&dest=%2F%2Fdmg.digitaltarget.ru%2F1%2F224%2Fi%2Fi%3Fa%3D224%26e%3D5e414a9da62fbd3db54f6ffd%26i%3D947016421780609922%26r%3D%252F%252Fsync.1dmp.io%252Fpixel.gif%253Fcid%253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%2526pid%253Dw%2526uid%253D5e414a9da62fbd3db54f6ffd%2526ru%253D%25252F%25252Fcm.p.altergeo.ru%25252Fspnd%25253Faid%25253D5e414a9da62fbd3db54f6ffd%252526nc%25253D1370711554325671351%252526url%25253D%2525252F%2525252Fan.yandex.ru%2525252Fsetud%2525252Fadspend%2525252F5tspqTjVHyxTTiTRzw78fH%2525253Fsign%2525253D2014963227%25252526location%2525253Dhttps%252525253A%252525252F%252525252Ftop-fwz1.mail.ru%252525252Fcounter%252525253Fid%252525253D3138228%252525253Bpid%252525253D5e414a9da62fbd3db54f6ffd&bounce=1 HTTP 302
  • https://dmg.digitaltarget.ru/1/224/i/i?a=224&e=5e414a9da62fbd3db54f6ffd&i=947016421780609922&r=%2F%2Fsync.1dmp.io%2Fpixel.gif%3Fcid%3Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%26pid%3Dw%26uid%3D5e414a9da62fbd3db54f6ffd%26ru%3D%252F%252Fcm.p.altergeo.ru%252Fspnd%253Faid%253D5e414a9da62fbd3db54f6ffd%2526nc%253D1370711554325671351%2526url%253D%25252F%25252Fan.yandex.ru%25252Fsetud%25252Fadspend%25252F5tspqTjVHyxTTiTRzw78fH%25253Fsign%25253D2014963227%252526location%25253Dhttps%2525253A%2525252F%2525252Ftop-fwz1.mail.ru%2525252Fcounter%2525253Fid%2525253D3138228%2525253Bpid%2525253D5e414a9da62fbd3db54f6ffd HTTP 302
  • https://dmg.digitaltarget.ru/1/224/i/i?a=224&e=5e414a9da62fbd3db54f6ffd&i=947016421780609922&r=%2F%2Fsync.1dmp.io%2Fpixel.gif%3Fcid%3Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%26pid%3Dw%26uid%3D5e414a9da62fbd3db54f6ffd%26ru%3D%252F%252Fcm.p.altergeo.ru%252Fspnd%253Faid%253D5e414a9da62fbd3db54f6ffd%2526nc%253D1370711554325671351%2526url%253D%25252F%25252Fan.yandex.ru%25252Fsetud%25252Fadspend%25252F5tspqTjVHyxTTiTRzw78fH%25253Fsign%25253D2014963227%252526location%25253Dhttps%2525253A%2525252F%2525252Ftop-fwz1.mail.ru%2525252Fcounter%2525253Fid%2525253D3138228%2525253Bpid%2525253D5e414a9da62fbd3db54f6ffd&q=scc HTTP 302
  • https://sync.1dmp.io/pixel.gif?cid=fe2375b0-c617-4a6d-ab2d-f9f457ba8100&pid=w&uid=5e414a9da62fbd3db54f6ffd&ru=%2F%2Fcm.p.altergeo.ru%2Fspnd%3Faid%3D5e414a9da62fbd3db54f6ffd%26nc%3D1370711554325671351%26url%3D%252F%252Fan.yandex.ru%252Fsetud%252Fadspend%252F5tspqTjVHyxTTiTRzw78fH%253Fsign%253D2014963227%2526location%253Dhttps%25253A%25252F%25252Ftop-fwz1.mail.ru%25252Fcounter%25253Fid%25253D3138228%25253Bpid%25253D5e414a9da62fbd3db54f6ffd HTTP 302
  • https://sync.1dmp.io/pixel.gif?cid=fe2375b0-c617-4a6d-ab2d-f9f457ba8100&pid=w&uid=5e414a9da62fbd3db54f6ffd&ru=%2F%2Fcm.p.altergeo.ru%2Fspnd%3Faid%3D5e414a9da62fbd3db54f6ffd%26nc%3D1370711554325671351%26url%3D%252F%252Fan.yandex.ru%252Fsetud%252Fadspend%252F5tspqTjVHyxTTiTRzw78fH%253Fsign%253D2014963227%2526location%253Dhttps%25253A%25252F%25252Ftop-fwz1.mail.ru%25252Fcounter%25253Fid%25253D3138228%25253Bpid%25253D5e414a9da62fbd3db54f6ffd&cs=1 HTTP 302
  • https://cm.p.altergeo.ru/spnd?aid=5e414a9da62fbd3db54f6ffd&nc=1370711554325671351&url=%2F%2Fan.yandex.ru%2Fsetud%2Fadspend%2F5tspqTjVHyxTTiTRzw78fH%3Fsign%3D2014963227%26location%3Dhttps%253A%252F%252Ftop-fwz1.mail.ru%252Fcounter%253Fid%253D3138228%253Bpid%253D5e414a9da62fbd3db54f6ffd HTTP 302
  • https://cm.p.altergeo.ru/spnd?aid=5e414a9da62fbd3db54f6ffd&nc=1370711554325671351&url=%2F%2Fan.yandex.ru%2Fsetud%2Fadspend%2F5tspqTjVHyxTTiTRzw78fH%3Fsign%3D2014963227%26location%3Dhttps%253A%252F%252Ftop-fwz1.mail.ru%252Fcounter%253Fid%253D3138228%253Bpid%253D5e414a9da62fbd3db54f6ffd&cc=1 HTTP 302
  • https://an.yandex.ru/setud/adspend/5tspqTjVHyxTTiTRzw78fH?sign=2014963227&location=https%3A%2F%2Ftop-fwz1.mail.ru%2Fcounter%3Fid%3D3138228%3Bpid%3D5e414a9da62fbd3db54f6ffd
Request Chain 44
  • https://x.bidswitch.net/sync?ssp=admixer&user_id=bf46fa0cfb0444789e67728a3f12b7bb HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=bf46fa0cfb0444789e67728a3f12b7bb HTTP 302
  • https://ws1.rqtrk.eu/pull?redirect=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=admixer&g=1
Request Chain 46
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_dmp&google_cm HTTP 302
  • https://inv-nets.admixer.net/gadx/cm.aspx?google_gid=CAESEO4eQfNVSz73hEYD84bHc78&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=YmY0NmZhMGNmYjA0NDQ3ODllNjc3MjhhM2YxMmI3YmI&google_cm HTTP 302
  • https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESELmR2ELGwRhL97ui-iG9-2A&google_cver=1 HTTP 302
  • https://x.bidswitch.net/sync?ssp=admixer&user_id=bf46fa0cfb0444789e67728a3f12b7bb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=admixer&bsw_param=1794aa6d-f2c5-49f4-a7c1-b97d5a55b7d5 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESENAegKRodQMAPgQgzNk6cYI&google_cver=1&ssp=admixer&bsw_param=1794aa6d-f2c5-49f4-a7c1-b97d5a55b7d5 HTTP 302
  • https://inv-nets.admixer.net/bs/cm.aspx?id=1794aa6d-f2c5-49f4-a7c1-b97d5a55b7d5
Request Chain 47
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=YmY0NmZhMGNmYjA0NDQ3ODllNjc3MjhhM2YxMmI3YmI&google_cm HTTP 302
  • https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESELmR2ELGwRhL97ui-iG9-2A&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=YmY0NmZhMGNmYjA0NDQ3ODllNjc3MjhhM2YxMmI3YmI&google_cm HTTP 302
  • https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESELmR2ELGwRhL97ui-iG9-2A&google_cver=1 HTTP 302
  • https://x.bidswitch.net/sync?ssp=admixer&user_id=bf46fa0cfb0444789e67728a3f12b7bb HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadmixer%26expires%3D30 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=c726119a-6b58-4173-a0b2-9ccbc2b68f23&ssp=admixer&expires=30 HTTP 302
  • https://inv-nets.admixer.net/bs/cm.aspx?id=1794aa6d-f2c5-49f4-a7c1-b97d5a55b7d5
Request Chain 50
  • https://mc.yandex.ru/watch/421539?wmode=7&page-url=http%3A%2F%2Fafn.by%2F&charset=utf-8&site-info=%7B%7D&browser-info=ti%3A10%3Ans%3A1581337245289%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20200210132045%3Aet%3A1581337246%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Arn%3A965241519%3Ahid%3A94088387%3Ads%3A6%2C11%2C119%2C42%2C1%2C0%2C0%2C191%2C0%2C%2C%2C%2C336%3Afp%3A418%3Awn%3A48854%3Ahl%3A2%3Agdpr%3A14%3Av%3A1808%3Ast%3A1581337246%3Au%3A1581337246515577553%3At%3AAFN.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%D0%9F%D0%BE%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D1%8D%D0%BA%D0%BE%D0%BD%D0%BE%D0%BC%D0%B8%D0%BA%D0%B0%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D1%8B%20%D1%8D%D0%BD%D0%B5%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BE%D0%B1%D1%89%D0%B5%D1%81%D1%82%D0%B2%D0%BE HTTP 302
  • https://mc.yandex.ru/watch/421539/1?wmode=7&page-url=http%3A%2F%2Fafn.by%2F&charset=utf-8&site-info=%7B%7D&browser-info=ti%3A10%3Ans%3A1581337245289%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20200210132045%3Aet%3A1581337246%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Arn%3A965241519%3Ahid%3A94088387%3Ads%3A6%2C11%2C119%2C42%2C1%2C0%2C0%2C191%2C0%2C%2C%2C%2C336%3Afp%3A418%3Awn%3A48854%3Ahl%3A2%3Agdpr%3A14%3Av%3A1808%3Ast%3A1581337246%3Au%3A1581337246515577553%3At%3AAFN.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%D0%9F%D0%BE%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D1%8D%D0%BA%D0%BE%D0%BD%D0%BE%D0%BC%D0%B8%D0%BA%D0%B0%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D1%8B%20%D1%8D%D0%BD%D0%B5%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BE%D0%B1%D1%89%D0%B5%D1%81%D1%82%D0%B2%D0%BE
Request Chain 74
  • https://an.yandex.ru/count/Ke3IQGpOSzu504W14820W04ndaf1NW00000ueEauY081kGBHaT1HB0ZAS_02v83OaWdu0eA0W820a0Nm1G6W1i01oGQTtZUxnoaS2z46dN9jCiWf70lP1W000E3y0000gGSVZ631Ro_31j070j08We20W0A02W682WM82mAg2n18wQ1T7um004dGqiGtdWK0m0k0emN82u3Kam7m2mRW3OA0W06O3fsztzdxk8gE2wWFdvYIbFljo-46u0y1a13HthZAegF6l1pu4F____y7W17_____1wWHm8Gzo164gi-h4VeH6Gq000005G00000T000002K00000BG00003m4l____y7-1B_____1u0J_____mU84_____y7a1F_____1y0J____________0TeJ2WW0400O0200A03W507m5S6AzkoZZxpyOm00=JsHi5-C1G0980c2y26W4S9xLY9CDW077qvxC1uW1lgxOwogG0RQba98hc07CtUxdAA01jAMGaYke0SJTxkSek06Uo9375jW1uD6T2-01iEZ41kW1wW7u0U2Xuxu1e0AiqvOLc0F0X3sm0mAm106u1Fm1w0I628W5vwmSa0MJu26m1QpA2BW5hCe8m0MLe1t81VIt1z05sua4u0Ltc0RYYBog1wW6m06m1u20a3JG1mBO1m7W1uOAyGS0000000000FW70O080T08keg0WSA0W8Q00U08rgdB2e0A0S4A_ep6i1bsyZ_O2WBW2e29UlWAWBKOsGiVZ631Ro_31kWBvwmSY0pWeUE-0UWC6vWDkOmyYGu00000003mFv0Em8Gze0x0X3sX3m0000000F0_sGy00000003mFu0GkOFL2feG2H400000003mFyWGmA8Gq13jfAzVeH400000003mFwWHm8Gzi141u16ihyu1w16cze73YDt0YNJn4G000000jyj0Y181a181gH8412pZE6BSFvWJ0QWJqOMVXO-xWlaLu1EioWY859ol-u7ogAQnDw0KhCe8g1IJu270582gwbN8507G58FBu1NO5E3IqV05q1NWqj7m1TWLmOhsxAEFlFnZ?stat-id=1&test-tag=22540386837505&format-type=9&actual-format=40&banner-test-tags=eyI1NzkwMzcwMTM5IjoiMjI4MTczNDE0NSJ9&renderWidth=1180&renderHeight=90&confirmTime=1581337246584000&confirmRatio=1000000&wmode HTTP 302
  • https://an.yandex.ru/count/Ke3IQSOwI68504W14C60W04ndaf1NW00000ueEauY081kGBHaT1HB0ZAS_02v83OaWdu0eA0W820a0Nm1G6W1i01oGQTtZUxnoaS2z46dN9jCiWf70lP1W000E3y0000gGSVZ631Ro_31j070j08We20W0A02W682WM82mAg2n18wQ1T7um004dGqiGtdWK0m0k0emN82u3Kam7m2mRW3OA0W06O3fsztzdxk8gE2wWFdvYIbFljo-46u0y1a13HthZAegF6l1pu4F____y7W17_____1wWHm8Gzo164gi-h4VeH6Gq000005G00000T000002K00000BG00003m4l____y7-1B_____1u0J_____mU84_____y7a1F_____1y0J____________0TeJ2WW0400O0200A03W507m5S6AzkoZZxpyOm00=wShYWUW14820W0500aW2OBm8Q0HmdjM8ams00SVJdim7Y06-hjZhAf01jgMGaYkO0SpTxkSee06qfP2IAwW1nDtkvoYu0Px8aCSMs07WqPqBu06mwCG6w07g0VW1uA7ZlW6W0gpJbXMO0y24FR030h040RW4_07e18O8Y0Ndh1oG1PFW8R05hCe8k0MioWZ01PMW7SW5zBS7q0NRYGJW1NUO1kA8lAe7g0R00R07W82GDD070jW70U07XWhn1m0000000000-0S1W0W1q0YwYe21me20Xe01u0ZMgSiAW0e1mGh-ZCQm6NRoFzWA0k0AW8bw-0g0jHZP2n-COC5lByC6w0ldh1o83E2Xuxu1w0mRc0svZ3o93W0000000F0_a0x0X3sW3i24FQ4F00000000y3_P3m0000000F0_W12vWzKAcX094G0000000F0_o130eX3G4Esahr-X4G0000000F0_g170X3sm4G7W4QolpW7e4QRsWSE8tS29TF4H0000002toq284W6G4W6f4WG4BECuOjm_c1C1g1FHXP-5Zxk2-HNW4wpA28WKdA_xWVAefh4te1IioWYe59FW8S0KWAhgLSWK0T0KWylW5TWKuDBHy0NG5U3IqV05s1N1YlRieu-y_6C0?stat-id=1&test-tag=22540386837505&format-type=9&actual-format=40&banner-test-tags=eyI1NzkwMzcwMTM5IjoiMjI4MTczNDE0NSJ9&renderWidth=1180&renderHeight=90&confirmTime=1581337246584000&confirmRatio=1000000&wmode
Request Chain 78
  • https://mc.yandex.ru/watch/421539?page-url=http%3A%2F%2Fafn.by%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1581337245289%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20200210132100%3Aet%3A1581337261%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Aar%3A1%3Anb%3A1%3Acl%3A-145%3Arn%3A825240554%3Ahid%3A94088387%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1808%3Ast%3A1581337261%3Au%3A1581337246515577553 HTTP 302
  • https://mc.yandex.ru/watch/421539/1?page-url=http%3A%2F%2Fafn.by%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1581337245289%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20200210132100%3Aet%3A1581337261%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Aar%3A1%3Anb%3A1%3Acl%3A-145%3Arn%3A825240554%3Ahid%3A94088387%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1808%3Ast%3A1581337261%3Au%3A1581337246515577553

81 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set /
afn.by/
42 KB
14 KB
Document
General
Full URL
http://afn.by/
Protocol
HTTP/1.1
Server
178.124.223.65 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
afn.by
Software
Microsoft-IIS/8.5 /
Resource Hash
5b2ccd514e72bb567b44409dafa08244bc1b336bb9d8bdd54ea67736ab3ea2f2

Request headers

Host
afn.by
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
Set-Cookie
ASP.NET_SessionId=14yicsfmyogp1145zktqng45; path=/; HttpOnly
X-AspNet-Version
2.0.50727
Date
Mon, 10 Feb 2020 12:20:44 GMT
Content-Length
13554
cocss.css
afn.by/styles/
12 KB
3 KB
Stylesheet
General
Full URL
http://afn.by/styles/cocss.css?v=2015-08-06T0014
Requested by
Host: afn.by
URL: http://afn.by/
Protocol
HTTP/1.1
Server
178.124.223.65 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
afn.by
Software
Microsoft-IIS/8.5 /
Resource Hash
cc470627862ef6dea2e0eaf324eedf7689eb4bd2a14d0c13814750532a4d075d

Request headers

Referer
http://afn.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 10 Feb 2020 12:20:44 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Aug 2015 21:12:20 GMT
Server
Microsoft-IIS/8.5
ETag
"012236ac3cfd01:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
3098
xgemius.js
afn.by/scripts/
4 KB
2 KB
Script
General
Full URL
http://afn.by/scripts/xgemius.js
Requested by
Host: afn.by
URL: http://afn.by/
Protocol
HTTP/1.1
Server
178.124.223.65 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
afn.by
Software
Microsoft-IIS/8.5 /
Resource Hash
addbd0082697a941e7ae5798c7985b54c785fa90aa5f398dd35447b60eb7965d

Request headers

Referer
http://afn.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 10 Feb 2020 12:20:44 GMT
Content-Encoding
gzip
Last-Modified
Mon, 10 Aug 1744 03:14:09 GMT
Server
Microsoft-IIS/8.5
ETag
"80961d0480a10:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
1323
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
107 KB
38 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: afn.by
URL: http://afn.by/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6520fd5d1fb513ef7b6e91dbb7e3ee219d03ef4aa8277c86dea8abc00832d7cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://afn.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 10 Feb 2020 12:20:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
38773
x-xss-protection
0
server
cafe
etag
13447335102043903564
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 10 Feb 2020 12:20:45 GMT
WebResource.axd
afn.by/
20 KB
5 KB
Script
General
Full URL
http://afn.by/WebResource.axd?d=hgRiS-kCvojTnWJvgKUzzuVc_DO6G_5z0PSmpjUAkI3AZ5uwea-TlRVBGEU4Gc8fWCAAMZY7e2A1GKifeeVtoOaieqA1&t=636284741271971599
Requested by
Host: afn.by
URL: http://afn.by/
Protocol
HTTP/1.1
Server
178.124.223.65 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
afn.by
Software
Microsoft-IIS/8.5 /
Resource Hash
0ba2f6756001669bdf934f9d79e8fd1ccf2028130c33a0510279581ec9dfd73a

Request headers

Referer
http://afn.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 10 Feb 2020 12:20:44 GMT
Content-Encoding
gzip
Last-Modified
Sat, 22 Apr 2017 13:08:47 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
2.0.50727
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public
Content-Length
5224
Expires
Tue, 09 Feb 2021 12:02:29 GMT
WebResource.axd
afn.by/
21 KB
6 KB
Script
General
Full URL
http://afn.by/WebResource.axd?d=jGkCPi26EyLxVznnafky21GaX3RquLjPrTRmxdvAKKzXmG3VLn2CB9gLfAWjAbBwXautih_Yakuxg5UoDo-UZa4qLVY1&t=636284741271971599
Requested by
Host: afn.by
URL: http://afn.by/
Protocol
HTTP/1.1
Server
178.124.223.65 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
afn.by
Software
Microsoft-IIS/8.5 /
Resource Hash
aeaa9e7c8c70d2ce5431cfdf5387e4a96fd55ff14fadd4420cf7cfe6adf01aa1

Request headers

Referer
http://afn.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 10 Feb 2020 12:20:44 GMT
Content-Encoding
gzip
Last-Modified
Sat, 22 Apr 2017 13:08:47 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
2.0.50727
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public
Content-Length
5840
Expires
Tue, 09 Feb 2021 12:04:37 GMT
logo.gif
afn.by/images/
2 KB
2 KB
Image
General
Full URL
http://afn.by/images/logo.gif
Requested by
Host: afn.by
URL: http://afn.by/
Protocol
HTTP/1.1
Server
178.124.223.65 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
afn.by
Software
Microsoft-IIS/8.5 /
Resource Hash
3d8799c171813adffb4105be1ee07dfd2e7716ba4a5fdd8b785736285a3bf677

Request headers

Referer
http://afn.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 10 Feb 2020 12:20:44 GMT
Last-Modified
Sat, 22 Apr 2006 08:31:52 GMT
Server
Microsoft-IIS/8.5
Accept-Ranges
bytes
ETag
"0cc8a34e765c61:0"
Content-Length
2072
Content-Type
image/gif
zen-128x128.png
afn.by/images/
8 KB
9 KB
Image
General
Full URL
http://afn.by/images/zen-128x128.png
Requested by
Host: afn.by
URL: http://afn.by/
Protocol
HTTP/1.1
Server
178.124.223.65 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
afn.by
Software
Microsoft-IIS/8.5 /
Resource Hash
c5c553ada8936a3a89d422bb7b789c1f2aeec71612f1731311b39aae2bbf3243

Request headers

Referer
http://afn.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 10 Feb 2020 12:20:44 GMT
Last-Modified
Sun, 26 Jan 2020 04:01:56 GMT
Server
Microsoft-IIS/8.5
Accept-Ranges
bytes
ETag
"5753ba59fdd3d51:0"
Content-Length
8671
Content-Type
image/png
facebook-icon-28x28.png
afn.by/images/
1 KB
2 KB
Image
General
Full URL
http://afn.by/images/facebook-icon-28x28.png
Requested by
Host: afn.by
URL: http://afn.by/
Protocol
HTTP/1.1
Server
178.124.223.65 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
afn.by
Software
Microsoft-IIS/8.5 /
Resource Hash
a2108bb3f86caf930d09e8a85ae0eccf3a11a5d51296a620201e8a76a9b030c7

Request headers

Referer
http://afn.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 10 Feb 2020 12:20:44 GMT
Last-Modified
Wed, 20 Nov 2019 20:28:42 GMT
Server
Microsoft-IIS/8.5
Accept-Ranges
bytes
ETag
"91d37219e19fd51:0"
Content-Length
1482
Content-Type
image/png
twitter-icon-28x28.png
afn.by/images/
1 KB
1 KB
Image
General
Full URL
http://afn.by/images/twitter-icon-28x28.png
Requested by
Host: afn.by
URL: http://afn.by/
Protocol
HTTP/1.1
Server
178.124.223.65 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
afn.by
Software
Microsoft-IIS/8.5 /
Resource Hash
75bb660f0c38697ed9be3b33be8e5a24365708ee94922da9dd44875efc3776e0

Request headers

Referer
http://afn.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 10 Feb 2020 12:20:44 GMT
Last-Modified
Wed, 20 Nov 2019 20:34:16 GMT
Server
Microsoft-IIS/8.5
Accept-Ranges
bytes
ETag
"c7dd92e0e19fd51:0"
Content-Length
1157
Content-Type
image/png
feed-icon-28x28.png
afn.by/images/
2 KB
2 KB
Image
General
Full URL
http://afn.by/images/feed-icon-28x28.png
Requested by
Host: afn.by
URL: http://afn.by/
Protocol
HTTP/1.1
Server
178.124.223.65 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
afn.by
Software
Microsoft-IIS/8.5 /
Resource Hash
473feba11f89b4d197a2263ebb6567e53b75a969cff0679ccf50f6634fa3a4f5

Request headers

Referer
http://afn.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 10 Feb 2020 12:20:44 GMT
Last-Modified
Thu, 27 Jul 2006 11:33:24 GMT
Server
Microsoft-IIS/8.5
Accept-Ranges
bytes
ETag
"01a567870b1c61:0"
Content-Length
1737
Content-Type
image/png
mail-icon-28x28.png
afn.by/images/
1 KB
1 KB
Image
General
Full URL
http://afn.by/images/mail-icon-28x28.png
Requested by
Host: afn.by
URL: http://afn.by/
Protocol
HTTP/1.1
Server
178.124.223.65 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
afn.by
Software
Microsoft-IIS/8.5 /
Resource Hash
1ddb0b820dec7b14a548cd751c4a24db01dec9d0716daa5724ee5c65d3c347ec

Request headers

Referer
http://afn.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 10 Feb 2020 12:20:44 GMT
Last-Modified
Tue, 27 May 2014 16:44:49 GMT
Server
Microsoft-IIS/8.5
Accept-Ranges
bytes
ETag
"18b1c1f9ca79cf1:0"
Content-Length
1262
Content-Type
image/png
analytics.js
www.google-analytics.com/
44 KB
18 KB
Script
General
Full URL
http://www.google-analytics.com/analytics.js
Requested by
Host: afn.by
URL: http://afn.by/
Protocol
HTTP/1.1
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7edf06d6436ec9420c26e56bd02ef5f5c93a9fb189ed16b1db402e57a0ea796
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://afn.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=10886400; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 24 Jan 2020 01:10:36 GMT
Server
Golfe2
Age
2288
Date
Mon, 10 Feb 2020 11:42:37 GMT
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
public, max-age=7200
Content-Length
17926
Expires
Mon, 10 Feb 2020 13:42:37 GMT
rexdot.gif
gaby.hit.gemius.pl/__/_sslredir/_1581337245554/
Redirect Chain
  • http://gaby.hit.gemius.pl/_1581337245554/rexdot.gif?l=30&id=chuaoc_Qf5oBaF0jf1u_J5PaDqti6EO9B3Q0cN4cczz.H7&fr=1&fv=-&tz=-60&href=http%3A//afn.by/&ref=&screen=1600x1200&col=24
  • https://gaby.hit.gemius.pl/_sslredir/_1581337245554/rexdot.gif?l=30&id=chuaoc_Qf5oBaF0jf1u_J5PaDqti6EO9B3Q0cN4cczz.H7&fr=1&fv=-&tz=-60&href=http%3A//afn.by/&ref=&screen=1600x1200&col=24
  • https://gaby.hit.gemius.pl/__/_sslredir/_1581337245554/rexdot.gif?l=30&id=chuaoc_Qf5oBaF0jf1u_J5PaDqti6EO9B3Q0cN4cczz.H7&fr=1&fv=-&tz=-60&href=http%3A//afn.by/&ref=&screen=1600x1200&col=24
43 B
214 B
Image
General
Full URL
https://gaby.hit.gemius.pl/__/_sslredir/_1581337245554/rexdot.gif?l=30&id=chuaoc_Qf5oBaF0jf1u_J5PaDqti6EO9B3Q0cN4cczz.H7&fr=1&fv=-&tz=-60&href=http%3A//afn.by/&ref=&screen=1600x1200&col=24
Requested by
Host: afn.by
URL: http://afn.by/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
137.74.0.153 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
ovhpl4.host.hit.gemius.pl
Software
GHC /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
http://afn.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Feb 2020 12:20:46 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
status
200
cache-control
no-store, no-cache, must-revalidate, max-age=0
accept-ranges
none
content-type
image/gif
content-length
43
expires
Sun, 09 Feb 2020 12:20:46 GMT

Redirect headers

pragma
no-cache
date
Mon, 10 Feb 2020 12:20:46 GMT
server
GHC
location
/__/_sslredir/_1581337245554/rexdot.gif?l=30&id=chuaoc_Qf5oBaF0jf1u_J5PaDqti6EO9B3Q0cN4cczz.H7&fr=1&fv=-&tz=-60&href=http%3A//afn.by/&ref=&screen=1600x1200&col=24
p3p
CP="NOI DSP COR NID PSAo OUR IND"
status
301
cache-control
no-store, no-cache, must-revalidate, max-age=0
accept-ranges
none
content-length
0
expires
Sun, 09 Feb 2020 12:20:46 GMT
loader2.js
cdn.admixer.net/scripts3/
26 KB
12 KB
Script
General
Full URL
http://cdn.admixer.net/scripts3/loader2.js
Requested by
Host: afn.by
URL: http://afn.by/
Protocol
HTTP/1.1
Server
2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
0dde7fdde11faabee9672b04f9edf53e982b34f1b21f090edac1ca6618a54820

Request headers

Referer
http://afn.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-ID
cec-up-gc11
Date
Mon, 10 Feb 2020 12:20:45 GMT
Content-Encoding
gzip
Last-Modified
Wed, 04 Dec 2019 10:53:33 GMT
Server
nginx
ETag
W/"5de7902d-6668"
Transfer-Encoding
chunked
X-Cached-Since
2020-02-10T12:11:06+00:00
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=600
Cache
HIT
Connection
keep-alive
Expires
Fri, 17 Jan 2020 23:35:42 GMT
aci.js
www.acint.net/
19 KB
6 KB
Script
General
Full URL
http://www.acint.net/aci.js
Requested by
Host: afn.by
URL: http://afn.by/
Protocol
HTTP/1.1
Server
195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ingolstadt.aucourant.info
Software
nginx /
Resource Hash
b4543e0a3b847b39a5caa7f37288ecf8719a547881d6d076ca8112f3d3c7940d

Request headers

Referer
http://afn.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 10 Feb 2020 12:20:45 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Aug 2019 10:52:49 GMT
Server
nginx
ETag
"5d5d2281-189c"
Content-Type
application/x-javascript
Cache-Control
max-age=43200
Connection
keep-alive
Content-Length
6300
Expires
Tue, 11 Feb 2020 00:20:45 GMT
integrator.js
adservice.google.de/adsid/
109 B
778 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=afn.by
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://afn.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 10 Feb 2020 12:20:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
109 B
171 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=afn.by
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://afn.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 10 Feb 2020 12:20:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20200205/r20190131/
221 KB
83 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20200205/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
33046f3ce25fbe69f34146452f47d763efd56cf867a39bfb45e19a8ee3be6df0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://afn.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 10 Feb 2020 12:20:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
84412
x-xss-protection
0
server
cafe
etag
16062341375620736720
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 Feb 2020 12:20:45 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200205/r20190131/ Frame 8C39
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20200205/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20200205/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
http://afn.by/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://afn.by/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Wed, 05 Feb 2020 22:31:14 GMT
expires
Wed, 19 Feb 2020 22:31:14 GMT
content-type
text/html; charset=UTF-8
etag
6310935918814213997
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4495
x-xss-protection
0
cache-control
public, max-age=1209600
age
395371
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
collect
www.google-analytics.com/r/
35 B
373 B
Image
General
Full URL
http://www.google-analytics.com/r/collect?v=1&_v=j80&a=1449260793&t=pageview&_s=1&dl=http%3A%2F%2Fafn.by%2F&ul=en-us&de=UTF-8&dt=AFN.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%D0%9F%D0%BE%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D1%8D%D0%BA%D0%BE%D0%BD%D0%BE%D0%BC%D0%B8%D0%BA%D0%B0%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D1%8B%20%D1%8D%D0%BD%D0%B5%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BE%D0%B1%D1%89%D0%B5%D1%81%D1%82%D0%B2%D0%BE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1866513659&gjid=221132648&cid=1613456113.1581337246&tid=UA-261460-1&_gid=1252920390.1581337246&_r=1&z=206991584
Requested by
Host: afn.by
URL: http://afn.by/
Protocol
HTTP/1.1
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://afn.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Feb 2020 12:20:45 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 17 May 1998 03:00:00 GMT
Server
Golfe2
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
35
Expires
Fri, 01 Jan 1990 00:00:00 GMT
c.html
inv-nets.admixer.net/ Frame 9AA3
0
0
Document
General
Full URL
https://inv-nets.admixer.net/c.html
Requested by
Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Host
inv-nets.admixer.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
http://afn.by/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://afn.by/

Response headers

Server
nginx
Date
Mon, 10 Feb 2020 12:20:45 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
ETag
W/"bf46fa0cfb0444789e67728a3f12b7bb"
Keep-Alive
timeout=25
cebec279de0c8c2fc7a8.b.js
cdn.admixer.net/scripts3/
63 KB
19 KB
Script
General
Full URL
http://cdn.admixer.net/scripts3/cebec279de0c8c2fc7a8.b.js
Requested by
Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/loader2.js
Protocol
HTTP/1.1
Server
2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
96666fc8046fd02b6a09e7787514b41696f8bf20462376d9aec550c2c6bc4152

Request headers

Referer
http://afn.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-ID
cec-up-gc11
Date
Mon, 10 Feb 2020 12:20:45 GMT
Content-Encoding
gzip
Last-Modified
Wed, 04 Dec 2019 10:53:30 GMT
Server
nginx
ETag
W/"5de7902a-fa2a"
Vary
Accept-Encoding
X-Cached-Since
2020-02-09T21:37:41+00:00
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=172800
Transfer-Encoding
chunked
Connection
keep-alive
Cache
HIT
Expires
Mon, 27 Jan 2020 04:25:47 GMT
2d4e15e1d13c42a18167.b.js
cdn.admixer.net/scripts3/
87 KB
24 KB
Script
General
Full URL
http://cdn.admixer.net/scripts3/2d4e15e1d13c42a18167.b.js
Requested by
Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/loader2.js
Protocol
HTTP/1.1
Server
2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
dea442bc99d0164b4b8d5c8a4173990b2b1e798de9843cd593ff047425dcd2d8

Request headers

Referer
http://afn.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-ID
cec-up-gc11
Date
Mon, 10 Feb 2020 12:20:45 GMT
Content-Encoding
gzip
Last-Modified
Wed, 04 Dec 2019 10:53:21 GMT
Server
nginx
ETag
W/"5de79021-15d5b"
Vary
Accept-Encoding
X-Cached-Since
2020-02-08T20:32:53+00:00
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=172800
Transfer-Encoding
chunked
Connection
keep-alive
Cache
HIT
Expires
Sun, 09 Feb 2020 03:23:58 GMT
context.js
an.yandex.ru/system/
57 KB
20 KB
Script
General
Full URL
http://an.yandex.ru/system/context.js
Requested by
Host: afn.by
URL: http://afn.by/
Protocol
HTTP/1.1
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
ec4272a9b86c0a4d029a4dde119f4725ee92afe8bc2e4b9144d491dbfb6de38b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://afn.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 10 Feb 2020 12:20:45 GMT
Content-Encoding
gzip
Last-Modified
Fri, 07 Feb 2020 12:16:45 GMT
Server
nginx/1.12.2
ETag
W/"E29E-5E3D552D"
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
Timing-Allow-Origin
*
X-XSS-Protection
1; mode=block
Expires
Mon, 10 Feb 2020 13:20:45 GMT
watch.js
mc.yandex.ru/metrika/
Redirect Chain
  • http://mc.yandex.ru/metrika/watch.js
  • https://mc.yandex.ru/metrika/watch.js
135 KB
40 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: afn.by
URL: http://afn.by/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
2d68887e2799241fe3750d08139277e3b10a5eaf69906d64ac861cbaef34ff71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://afn.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 10 Feb 2020 12:20:45 GMT
Content-Encoding
br
Last-Modified
Thu, 06 Feb 2020 10:55:44 GMT
Server
nginx/1.14.2
ETag
"5e3bf0b0-9e76"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
40566
Expires
Mon, 10 Feb 2020 13:20:45 GMT

Redirect headers

Location
https://mc.yandex.ru/metrika/watch.js
Date
Mon, 10 Feb 2020 12:20:45 GMT
Server
nginx/1.14.2
Connection
keep-alive
Content-Length
185
Content-Type
text/html
icons.png
afn.by/images/
3 KB
3 KB
Image
General
Full URL
http://afn.by/images/icons.png
Requested by
Host: afn.by
URL: http://afn.by/
Protocol
HTTP/1.1
Server
178.124.223.65 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
afn.by
Software
Microsoft-IIS/8.5 /
Resource Hash
ebb3597f3a327fe00b7b1b766dd19e454e3f8b34ad5d45505439b42bf1c24d42

Request headers

Referer
http://afn.by/styles/cocss.css?v=2015-08-06T0014
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 10 Feb 2020 12:20:44 GMT
Last-Modified
Sat, 02 Aug 2008 10:28:49 GMT
Server
Microsoft-IIS/8.5
Accept-Ranges
bytes
ETag
"10b0818d8af4c81:0"
Content-Length
2939
Content-Type
image/png
ads
googleads.g.doubleclick.net/pagead/ Frame DCB8
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5271363197717881&output=html&adk=1812271804&adf=3025194257&lmt=1581337245&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fafn.by%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1581337245566&bpp=18&bdt=131&fdt=110&idt=110&shv=r20200205&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3707054420045&frm=20&pv=2&ga_vid=1613456113.1581337246&ga_sid=1581337246&ga_hid=1449260793&ga_fc=0&iag=0&icsg=8448527&dssz=30&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1374206874843221&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=0&uci=a!0&fsb=1&dtd=127
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200205/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5271363197717881&output=html&adk=1812271804&adf=3025194257&lmt=1581337245&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fafn.by%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1581337245566&bpp=18&bdt=131&fdt=110&idt=110&shv=r20200205&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3707054420045&frm=20&pv=2&ga_vid=1613456113.1581337246&ga_sid=1581337246&ga_hid=1449260793&ga_fc=0&iag=0&icsg=8448527&dssz=30&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=1374206874843221&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=0&uci=a!0&fsb=1&dtd=127
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
http://afn.by/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://afn.by/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 10 Feb 2020 12:20:45 GMT
server
cafe
content-length
34
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 10-Feb-2020 12:35:45 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Mon, 10 Feb 2020 12:20:45 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/
74 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200205/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ad581d1623a2af4d58ed30c5dc142276657e6659971bac0e5eccd1f9fb9a790
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://afn.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 10 Feb 2020 12:20:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1581078619841287"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27883
x-xss-protection
0
expires
Mon, 10 Feb 2020 12:20:45 GMT
Cookie set /
www.acint.net/mc/ Frame 49C9
Redirect Chain
  • http://www.acint.net/mc/?dp=10
  • http://www.acint.net/mc/?dp=10&tc=1
0
0
Document
General
Full URL
http://www.acint.net/mc/?dp=10&tc=1
Requested by
Host: www.acint.net
URL: http://www.acint.net/aci.js
Protocol
HTTP/1.1
Server
195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ingolstadt.aucourant.info
Software
nginx /
Resource Hash

Request headers

Host
www.acint.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://afn.by/
Accept-Encoding
gzip, deflate
Cookie
test_cookie=CheckForPermission; aid=fwAAAV5BSp14FgW+NIHLAnH5fRxz+DlJXJrQyKELuGzJEZWQ
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://afn.by/

Response headers

Server
nginx
Date
Mon, 10 Feb 2020 12:20:45 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
cSyncDp7v2=1581337245; expires=Wed, 11-Mar-20 12:20:45 GMT; path=/; domain=.acint.net cSyncDp14v2=1581337245; expires=Wed, 11-Mar-20 12:20:45 GMT; path=/; domain=.acint.net cSyncDp17=1581337245; expires=Wed, 11-Mar-20 12:20:45 GMT; path=/; domain=.acint.net cSyncDp23=1581337245; expires=Wed, 11-Mar-20 12:20:45 GMT; path=/; domain=.acint.net cSyncDp24=1581337245; expires=Wed, 11-Mar-20 12:20:45 GMT; path=/; domain=.acint.net cSyncDp32=1581337245; expires=Wed, 11-Mar-20 12:20:45 GMT; path=/; domain=.acint.net cSyncDp37=1581337245; expires=Wed, 11-Mar-20 12:20:45 GMT; path=/; domain=.acint.net cSyncDp40=1581337245; expires=Wed, 11-Mar-20 12:20:45 GMT; path=/; domain=.acint.net cSyncDp45v2=1581337245; expires=Fri, 14-Feb-20 06:20:45 GMT; path=/; domain=.acint.net cSyncDp54v2=1581337245; expires=Wed, 11-Mar-20 12:20:45 GMT; path=/; domain=.acint.net cSyncDp62=1581337245; expires=Wed, 11-Mar-20 12:20:45 GMT; path=/; domain=.acint.net cSyncDp67v2=1581337245; expires=Wed, 11-Mar-20 12:20:45 GMT; path=/; domain=.acint.net cSyncDp68=1581337245; expires=Wed, 11-Mar-20 12:20:45 GMT; path=/; domain=.acint.net cSyncDp71=1581337245; expires=Wed, 11-Mar-20 12:20:45 GMT; path=/; domain=.acint.net cSyncDp74=1581337245; expires=Wed, 11-Mar-20 12:20:45 GMT; path=/; domain=.acint.net cSyncDp75=1581337245; expires=Wed, 11-Mar-20 12:20:45 GMT; path=/; domain=.acint.net cSyncDp77=1581337245; expires=Fri, 28-Feb-20 00:20:45 GMT; path=/; domain=.acint.net cSyncDp79=1581337245; expires=Wed, 11-Mar-20 12:20:45 GMT; path=/; domain=.acint.net cSyncDp84=1581337245; expires=Wed, 11-Mar-20 12:20:45 GMT; path=/; domain=.acint.net cSyncDp88=1581337245; expires=Wed, 11-Mar-20 12:20:45 GMT; path=/; domain=.acint.net cSyncDp92=1581337245; expires=Wed, 11-Mar-20 12:20:45 GMT; path=/; domain=.acint.net cSyncDp101=1581337245; expires=Wed, 11-Mar-20 12:20:45 GMT; path=/; domain=.acint.net cSyncDp104=1581337245; expires=Wed, 11-Mar-20 12:20:45 GMT; path=/; domain=.acint.net cSyncDp111=1581337245; expires=Wed, 11-Mar-20 12:20:45 GMT; path=/; domain=.acint.net cSyncDp112=1581337245; expires=Wed, 11-Mar-20 12:20:45 GMT; path=/; domain=.acint.net cSyncDp124=1581337245; expires=Wed, 11-Mar-20 12:20:45 GMT; path=/; domain=.acint.net cSyncDp125=1581337245; expires=Wed, 11-Mar-20 12:20:45 GMT; path=/; domain=.acint.net cSyncDp127=1581337245; expires=Wed, 11-Mar-20 12:20:45 GMT; path=/; domain=.acint.net
P3P
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Mon, 10 Feb 2020 12:20:45 GMT
Content-Type
text/html
Content-Length
154
Connection
keep-alive
Set-Cookie
test_cookie=CheckForPermission; path=/; domain=.acint.net; expires=Mon, 10-Feb-20 12:30:45 GMT aid=fwAAAV5BSp14FgW+NIHLAnH5fRxz+DlJXJrQyKELuGzJEZWQ; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/
Location
/mc/?dp=10&tc=1
/
www.acint.net/hit/
43 B
471 B
Image
General
Full URL
http://www.acint.net/hit/?v=0.2.1&uid=65f85548-f6e0-4754-a6ff-8fe4d7170f35&dp=10&tz=%2B01%3A00&nc=64032251&u=http%3A%2F%2Fafn.by%2F&r=&rs=1600x1200&t=AFN.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%D0%9F%D0%BE%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D1%8D%D0%BA%D0%BE%D0%BD%D0%BE%D0%BC%D0%B8%D0%BA%D0%B0%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D1%8B%20%D1%8D%D0%BD%D0%B5%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BE%D0%B1%D1%89%D0%B5%D1%81%D1%82%D0%B2%D0%BE&oE=1&oP=1&dT=2020-02-10T13%3A20%3A45.730&fu=99da3b00-d03d-415b-aa12-a46388cfabed
Requested by
Host: afn.by
URL: http://afn.by/
Protocol
HTTP/1.1
Server
195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ingolstadt.aucourant.info
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://afn.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 10 Feb 2020 12:20:45 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
43
Expires
Wed, 19 Apr 2000 11:43:00 GMT
tagging
pubs2-eu.creativecdn.com/bidder/pubs/
12 B
748 B
XHR
General
Full URL
https://pubs2-eu.creativecdn.com/bidder/pubs/tagging?type=json&group=f6b3325441bf147b0b36
Requested by
Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/2d4e15e1d13c42a18167.b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.30 , Poland, ASN204995 (RTB-HOUSE-AMS, NL),
Reverse DNS
ip-185-184-8-30.rtbhouse.net
Software
/
Resource Hash
681a33d230441a97b097286ab1305d86179ef9d4c1a38df03a080cedc34be93d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://afn.by/
Origin
http://afn.by

Response headers

pragma
no-cache
date
Mon, 10 Feb 2020 12:20:45 GMT, Mon, 10 Feb 2020 12:20:45 GMT
status
200
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
access-control-allow-origin
http://afn.by
access-control-max-age
3600
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
12
expires
Thu, 01 Jan 1970 00:00:00 GMT
dsp.aspx
inv-nets.admixer.net/
3 KB
4 KB
Script
General
Full URL
https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&data=%7B%22id%22%3A%221056f8d6-74e9-718e-df1a-4177399d6724%22%2C%22site%22%3A%7B%22page%22%3A%22http%253A%252F%252Fafn.by%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%22rtb_rta%22%3A%22%22%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22efbf4612-ba5e-b4d8-6802-667bc7fe522b%22%2C%22tagid%22%3A%222febba63-69cc-42a7-8be2-e10bcbe63cd5%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_2febba6369cc42a78be2e10bcbe63cd5_zone_16334_sect_4740_site_4170%22%7D%2C%22i%22%3A%22inv-nets%22%7D%5D%2C%22allimps%22%3A1%7D&rnd=2616172940565366.5&cpv=1f952935-34cd-f6d3-eea6-ed8b5c86b10d&am-uid=bf46fa0cfb0444789e67728a3f12b7bb&3rd=false
Requested by
Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/2d4e15e1d13c42a18167.b.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
cc3964c9f304b05b7afee116bdf415cb110c24fc678ad75a58271453ed090923
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://afn.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 10 Feb 2020 12:20:45 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Keep-Alive
timeout=25
X-XSS-Protection
0
context_static.js
an.yandex.ru/partner-code-bundles/10281/
1 MB
189 KB
Script
General
Full URL
https://an.yandex.ru/partner-code-bundles/10281/context_static.js
Requested by
Host: an.yandex.ru
URL: http://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
93947d4d034e55d486f35e96bb0ddabc138ac4d09adbac8662e7f07bdbba99dc
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;, max-age=31536000

Request headers

Referer
http://afn.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 10 Feb 2020 12:20:45 GMT
content-encoding
br
status
200
strict-transport-security
max-age=43200000; includeSubDomains;, max-age=31536000
content-length
193079
timing-allow-origin
*
last-modified
Wed, 05 Feb 2020 09:15:20 GMT
server
nginx/1.12.2
etag
"2c07530e50c24b2782986c1456b4784d"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
x-robots-tag
noindex, noarchive, nofollow
expires
Wed, 30 May 2040 12:14:40 GMT
63833243b9056b0c130b.js
an.yandex.ru/partner-code-bundles/10311/
62 KB
16 KB
Script
General
Full URL
https://an.yandex.ru/partner-code-bundles/10311/63833243b9056b0c130b.js
Requested by
Host: an.yandex.ru
URL: http://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
cc560f009da2cf699fe2fb596dc1b1e0c13e713f5bb586be4c292b1650919178
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;, max-age=31536000

Request headers

Referer
http://afn.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 10 Feb 2020 12:20:45 GMT
content-encoding
br
status
200
strict-transport-security
max-age=43200000; includeSubDomains;, max-age=31536000
content-length
16381
last-modified
Fri, 07 Feb 2020 11:31:47 GMT
server
nginx/1.12.2
etag
"b9e88f042257f66addf07ec08093466d"
x-robots-tag
noindex, noarchive, nofollow
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
67e459ff59f2df92cfb3.b.js
cdn.admixer.net/scripts3/
65 KB
17 KB
Script
General
Full URL
http://cdn.admixer.net/scripts3/67e459ff59f2df92cfb3.b.js
Requested by
Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/loader2.js
Protocol
HTTP/1.1
Server
2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
17c471d6bdf270617af12cafe1072d6662dabb4be463df5735d15e670165334a

Request headers

Referer
http://afn.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-ID
cec-up-gc11
Date
Mon, 10 Feb 2020 12:20:45 GMT
Content-Encoding
gzip
Last-Modified
Wed, 04 Dec 2019 10:53:24 GMT
Server
nginx
ETag
W/"5de79024-104a1"
Vary
Accept-Encoding
X-Cached-Since
2020-02-09T11:16:12+00:00
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=172800
Transfer-Encoding
chunked
Connection
keep-alive
Cache
HIT
Expires
Sun, 26 Jan 2020 18:05:23 GMT
ceac1311d2a04df6520c.b.js
cdn.admixer.net/scripts3/
28 KB
12 KB
Script
General
Full URL
http://cdn.admixer.net/scripts3/ceac1311d2a04df6520c.b.js
Requested by
Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/loader2.js
Protocol
HTTP/1.1
Server
2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
affe4902222459204295a8a64a6d426cedbaf930ed079ca4fc23a773e40dbeb0

Request headers

Referer
http://afn.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-ID
cec-up-gc11
Date
Mon, 10 Feb 2020 12:20:45 GMT
Content-Encoding
gzip
Last-Modified
Wed, 04 Dec 2019 10:53:30 GMT
Server
nginx
ETag
W/"5de7902a-7029"
Vary
Accept-Encoding
X-Cached-Since
2020-02-08T15:51:26+00:00
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=172800
Transfer-Encoding
chunked
Connection
keep-alive
Cache
HIT
Expires
Sat, 25 Jan 2020 22:39:59 GMT
8b7e9c5f120afd8d6b07.b.js
cdn.admixer.net/scripts3/
42 KB
19 KB
Script
General
Full URL
http://cdn.admixer.net/scripts3/8b7e9c5f120afd8d6b07.b.js
Requested by
Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/loader2.js
Protocol
HTTP/1.1
Server
2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
18798bf8186b0cd653aa3e70ba16ace71442a65e0bf9a05ab703d10bff381c17

Request headers

Referer
http://afn.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-ID
cec-up-gc11
Date
Mon, 10 Feb 2020 12:20:45 GMT
Content-Encoding
gzip
Last-Modified
Wed, 04 Dec 2019 10:53:26 GMT
Server
nginx
ETag
W/"5de79026-a7af"
Vary
Accept-Encoding
X-Cached-Since
2020-02-09T16:36:43+00:00
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=172800
Transfer-Encoding
chunked
Connection
keep-alive
Cache
HIT
Expires
Sun, 26 Jan 2020 23:24:45 GMT
690ee024abc075ed3862.b.js
cdn.admixer.net/scripts3/
13 KB
5 KB
Script
General
Full URL
http://cdn.admixer.net/scripts3/690ee024abc075ed3862.b.js
Requested by
Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/loader2.js
Protocol
HTTP/1.1
Server
2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
5691c4ca8973c2c7bff18d520aebe7e4d06e5e23640b7cab08072c6a032d4fa3

Request headers

Referer
http://afn.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-ID
cec-up-gc11
Date
Mon, 10 Feb 2020 12:20:45 GMT
Content-Encoding
gzip
Last-Modified
Wed, 04 Dec 2019 10:53:24 GMT
Server
nginx
ETag
W/"5de79024-326c"
Vary
Accept-Encoding
X-Cached-Since
2020-02-08T19:44:00+00:00
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=172800
Transfer-Encoding
chunked
Connection
keep-alive
Cache
HIT
Expires
Tue, 31 Dec 2019 02:26:22 GMT
73d48bebe986b4a0ec73.b.js
cdn.admixer.net/scripts3/
220 KB
76 KB
Script
General
Full URL
http://cdn.admixer.net/scripts3/73d48bebe986b4a0ec73.b.js
Requested by
Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/loader2.js
Protocol
HTTP/1.1
Server
2a03:90c0:9997::9997 , Germany, ASN199524 (GCORE, AT),
Reverse DNS
Software
nginx /
Resource Hash
c4c229ac69ef1163058336a2cf218ff099e74d6d5339eade8b1ec466d44e1067

Request headers

Referer
http://afn.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-ID
cec-up-gc11
Date
Mon, 10 Feb 2020 12:20:45 GMT
Content-Encoding
gzip
Last-Modified
Wed, 04 Dec 2019 10:53:25 GMT
Server
nginx
ETag
W/"5de79025-3701d"
Vary
Accept-Encoding
X-Cached-Since
2020-02-10T11:04:12+00:00
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=172800
Transfer-Encoding
chunked
Connection
keep-alive
Cache
HIT
Expires
Mon, 27 Jan 2020 17:53:40 GMT
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}
  • https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}&crf=1
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=a6fd4f3d-cdd5-49e6-ab6c-d9fb17650508
43 B
491 B
Image
General
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=a6fd4f3d-cdd5-49e6-ab6c-d9fb17650508
Requested by
Host: afn.by
URL: http://afn.by/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://afn.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 10 Feb 2020 12:20:46 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
X-Server
172.16.0.62:5002
Connection
keep-alive
Access-Control-Allow-Credentials
true
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

location
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=a6fd4f3d-cdd5-49e6-ab6c-d9fb17650508
cache-control
no-cache, no-store, max-age=0, must-revalidate
Content-Length
0
5tspqTjVHyxTTiTRzw78fH
an.yandex.ru/setud/adspend/
Redirect Chain
  • https://rtb.com.ru/admixer-sync?uid=bf46fa0cfb0444789e67728a3f12b7bb
  • https://rtb.com.ru/sync?sspKey=36&sspUserID=bf46fa0cfb0444789e67728a3f12b7bb
  • https://cm.g.doubleclick.net/pixel?google_nid=adspend&google_cm&google_hm=5e414a9da62fbd3db54f6ffd&r=%2F%2Fprodmp.ru%2Frefocus.gif%3Fdsp_provider_id%3D2%26uid%3D5e414a9da62fbd3db54f6ffd%26r%3D%252F...
  • https://rtb.com.ru/adx-sync?r=%2F%2Fprodmp.ru%2Frefocus.gif%3Fdsp_provider_id%3D2%26uid%3D5e414a9da62fbd3db54f6ffd%26r%3D%252F%252Fx01.aidata.io%252F0.gif%253Fpid%253D6472613%2526id%253D5e414a9da62...
  • https://prodmp.ru/refocus.gif?dsp_provider_id=2&uid=5e414a9da62fbd3db54f6ffd&r=%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D5e414a9da62fbd3db54f6ffd%26dest%3D%252F%252Fdmg.digitaltarget.ru%25...
  • https://counter.yadro.ru/id127/refocusdmp-id.gif?uid=5e414a9da62fbd3db54f6ffd&r=%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D5e414a9da62fbd3db54f6ffd%26dest%3D%252F%252Fdmg.digitaltarget.ru%2...
  • https://x01.aidata.io/0.gif?pid=6472613&id=5e414a9da62fbd3db54f6ffd&dest=%2F%2Fdmg.digitaltarget.ru%2F1%2F224%2Fi%2Fi%3Fa%3D224%26e%3D5e414a9da62fbd3db54f6ffd%26i%3D947016421780609922%26r%3D%252F%2...
  • https://x01.aidata.io/0.gif?pid=6472613&id=5e414a9da62fbd3db54f6ffd&dest=%2F%2Fdmg.digitaltarget.ru%2F1%2F224%2Fi%2Fi%3Fa%3D224%26e%3D5e414a9da62fbd3db54f6ffd%26i%3D947016421780609922%26r%3D%252F%2...
  • https://dmg.digitaltarget.ru/1/224/i/i?a=224&e=5e414a9da62fbd3db54f6ffd&i=947016421780609922&r=%2F%2Fsync.1dmp.io%2Fpixel.gif%3Fcid%3Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%26pid%3Dw%26uid%3D5e414a9d...
  • https://dmg.digitaltarget.ru/1/224/i/i?a=224&e=5e414a9da62fbd3db54f6ffd&i=947016421780609922&r=%2F%2Fsync.1dmp.io%2Fpixel.gif%3Fcid%3Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%26pid%3Dw%26uid%3D5e414a9d...
  • https://sync.1dmp.io/pixel.gif?cid=fe2375b0-c617-4a6d-ab2d-f9f457ba8100&pid=w&uid=5e414a9da62fbd3db54f6ffd&ru=%2F%2Fcm.p.altergeo.ru%2Fspnd%3Faid%3D5e414a9da62fbd3db54f6ffd%26nc%3D13707115543256713...
  • https://sync.1dmp.io/pixel.gif?cid=fe2375b0-c617-4a6d-ab2d-f9f457ba8100&pid=w&uid=5e414a9da62fbd3db54f6ffd&ru=%2F%2Fcm.p.altergeo.ru%2Fspnd%3Faid%3D5e414a9da62fbd3db54f6ffd%26nc%3D13707115543256713...
  • https://cm.p.altergeo.ru/spnd?aid=5e414a9da62fbd3db54f6ffd&nc=1370711554325671351&url=%2F%2Fan.yandex.ru%2Fsetud%2Fadspend%2F5tspqTjVHyxTTiTRzw78fH%3Fsign%3D2014963227%26location%3Dhttps%253A%252F%...
  • https://cm.p.altergeo.ru/spnd?aid=5e414a9da62fbd3db54f6ffd&nc=1370711554325671351&url=%2F%2Fan.yandex.ru%2Fsetud%2Fadspend%2F5tspqTjVHyxTTiTRzw78fH%3Fsign%3D2014963227%26location%3Dhttps%253A%252F%...
  • https://an.yandex.ru/setud/adspend/5tspqTjVHyxTTiTRzw78fH?sign=2014963227&location=https%3A%2F%2Ftop-fwz1.mail.ru%2Fcounter%3Fid%3D3138228%3Bpid%3D5e414a9da62fbd3db54f6ffd
43 B
290 B
Image
General
Full URL
https://an.yandex.ru/setud/adspend/5tspqTjVHyxTTiTRzw78fH?sign=2014963227&location=https%3A%2F%2Ftop-fwz1.mail.ru%2Fcounter%3Fid%3D3138228%3Bpid%3D5e414a9da62fbd3db54f6ffd
Requested by
Host: afn.by
URL: http://afn.by/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64

Request headers

Referer
http://afn.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Feb 2020 12:21:06 GMT
last-modified
Mon, 10 Feb 2020 12:21:06 GMT
server
nginx/1.12.2
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
status
404
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
image/gif; charset=windows-1251
content-length
43
expires
Mon, 10 Feb 2020 12:21:06 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 10 Feb 2020 12:21:06 GMT
Server
nginx/1.16.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://an.yandex.ru/setud/adspend/5tspqTjVHyxTTiTRzw78fH?sign=2014963227&location=https%3A%2F%2Ftop-fwz1.mail.ru%2Fcounter%3Fid%3D3138228%3Bpid%3D5e414a9da62fbd3db54f6ffd
Cache-Control
max-age=0, no-cache, no-store
Connection
close
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ads.adsinspidsp.com/
0
312 B
Image
General
Full URL
https://ads.adsinspidsp.com/?cmid=18&sid=136&user_id=bf46fa0cfb0444789e67728a3f12b7bb
Requested by
Host: afn.by
URL: http://afn.by/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6818:61f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://afn.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 10 Feb 2020 12:20:45 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/html; charset=UTF-8
status
200
cf-ray
562e09fabb43974e-FRA
sync.cgi
ssp.adriver.ru/cgi-bin/
42 B
201 B
Image
General
Full URL
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=66&external_id=bf46fa0cfb0444789e67728a3f12b7bb
Requested by
Host: afn.by
URL: http://afn.by/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.222.128.213 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS
ad13.adriver.ru
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://afn.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 10 Feb 2020 12:20:46 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif
bf46fa0cfb0444789e67728a3f12b7bb
s.uuidksinc.net/match/71/
0
267 B
Image
General
Full URL
https://s.uuidksinc.net/match/71/bf46fa0cfb0444789e67728a3f12b7bb
Requested by
Host: afn.by
URL: http://afn.by/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://afn.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 10 Feb 2020 12:20:45 GMT
server
nginx/1.17.3
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
status
200
access-control-allow-headers
Content-Type
content-length
0
pull
ws1.rqtrk.eu/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admixer&user_id=bf46fa0cfb0444789e67728a3f12b7bb
  • https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=bf46fa0cfb0444789e67728a3f12b7bb
  • https://ws1.rqtrk.eu/pull?redirect=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=admixer&g=1
0
0

1px-matching-admixer.gif
t.trafmag.com/images/
0
135 B
Image
General
Full URL
https://t.trafmag.com/images/1px-matching-admixer.gif?id=bf46fa0cfb0444789e67728a3f12b7bb
Requested by
Host: afn.by
URL: http://afn.by/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.200.65.5 Amsterdam, Netherlands, ASN6681 (UPLOAD-NET, UA),
Reverse DNS
t.trafmag.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://afn.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 10 Feb 2020 12:20:45 GMT
Server
nginx
Connection
keep-alive
P3P
CP="NON DSP COR CURa TIA"
cm.aspx
inv-nets.admixer.net/bs/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_dmp&google_cm
  • https://inv-nets.admixer.net/gadx/cm.aspx?google_gid=CAESEO4eQfNVSz73hEYD84bHc78&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=YmY0NmZhMGNmYjA0NDQ3ODllNjc3MjhhM2YxMmI3YmI&google_cm
  • https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESELmR2ELGwRhL97ui-iG9-2A&google_cver=1
  • https://x.bidswitch.net/sync?ssp=admixer&user_id=bf46fa0cfb0444789e67728a3f12b7bb
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=admixer&bsw_param=1794aa6d-f2c5-49f4-a7c1-b97d5a55b7d5
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESENAegKRodQMAPgQgzNk6cYI&google_cver=1&ssp=admixer&bsw_param=1794aa6d-f2c5-49f4-a7c1-b97d5a55b7d5
  • https://inv-nets.admixer.net/bs/cm.aspx?id=1794aa6d-f2c5-49f4-a7c1-b97d5a55b7d5
43 B
492 B
Image
General
Full URL
https://inv-nets.admixer.net/bs/cm.aspx?id=1794aa6d-f2c5-49f4-a7c1-b97d5a55b7d5
Requested by
Host: afn.by
URL: http://afn.by/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://afn.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 10 Feb 2020 12:20:46 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
X-Server
172.16.0.111:5002
Connection
keep-alive
Access-Control-Allow-Credentials
true
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

status
302
date
Mon, 10 Feb 2020 12:20:46 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
location
//inv-nets.admixer.net/bs/cm.aspx?id=1794aa6d-f2c5-49f4-a7c1-b97d5a55b7d5
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cm.aspx
inv-nets.admixer.net/bs/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=YmY0NmZhMGNmYjA0NDQ3ODllNjc3MjhhM2YxMmI3YmI&google_cm
  • https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESELmR2ELGwRhL97ui-iG9-2A&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=YmY0NmZhMGNmYjA0NDQ3ODllNjc3MjhhM2YxMmI3YmI&google_cm
  • https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESELmR2ELGwRhL97ui-iG9-2A&google_cver=1
  • https://x.bidswitch.net/sync?ssp=admixer&user_id=bf46fa0cfb0444789e67728a3f12b7bb
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadmixer%26expires%3D30
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=c726119a-6b58-4173-a0b2-9ccbc2b68f23&ssp=admixer&expires=30
  • https://inv-nets.admixer.net/bs/cm.aspx?id=1794aa6d-f2c5-49f4-a7c1-b97d5a55b7d5
43 B
491 B
Image
General
Full URL
https://inv-nets.admixer.net/bs/cm.aspx?id=1794aa6d-f2c5-49f4-a7c1-b97d5a55b7d5
Requested by
Host: afn.by
URL: http://afn.by/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://afn.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 10 Feb 2020 12:20:50 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
X-Server
172.16.0.62:5002
Connection
keep-alive
Access-Control-Allow-Credentials
true
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

status
302
date
Mon, 10 Feb 2020 12:20:47 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
location
//inv-nets.admixer.net/bs/cm.aspx?id=1794aa6d-f2c5-49f4-a7c1-b97d5a55b7d5
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 4C1F
107 KB
38 KB
Script
General
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: cdn.admixer.net
URL: http://cdn.admixer.net/scripts3/2d4e15e1d13c42a18167.b.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1169a3f993d718456932d9f12e1a67ed03006a186289405dff998ee4f947b7ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://afn.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 10 Feb 2020 12:20:45 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript; charset=UTF-8
Server
cafe
ETag
17737322717327389685
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
38773
X-XSS-Protection
0
Expires
Mon, 10 Feb 2020 12:20:45 GMT
ev_view.aspx
inv-nets-eu.admixer.net/
0
220 B
Image
General
Full URL
https://inv-nets-eu.admixer.net/ev_view.aspx?cc=NL/UT/2753557&am-uid=bf46fa0cfb0444789e67728a3f12b7bb&cet=4&zone=2febba63-69cc-42a7-8be2-e10bcbe63cd5&rule=2a065265-12f0-40c0-9e56-9106b83926dd&requestId=82c32acd-a5b8-436c-9877-fb438dc50330&page=afn.by%2F&pvid=32d4094d-003d-4941-abe8-c09134871912&ts=637169340457550971&sf=0
Requested by
Host: afn.by
URL: http://afn.by/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://afn.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 10 Feb 2020 12:20:54 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-XSS-Protection
0
1
mc.yandex.ru/watch/421539/
Redirect Chain
  • https://mc.yandex.ru/watch/421539?wmode=7&page-url=http%3A%2F%2Fafn.by%2F&charset=utf-8&site-info=%7B%7D&browser-info=ti%3A10%3Ans%3A1581337245289%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A2166...
  • https://mc.yandex.ru/watch/421539/1?wmode=7&page-url=http%3A%2F%2Fafn.by%2F&charset=utf-8&site-info=%7B%7D&browser-info=ti%3A10%3Ans%3A1581337245289%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A21...
0
-1 B
XHR
General
Full URL
https://mc.yandex.ru/watch/421539/1?wmode=7&page-url=http%3A%2F%2Fafn.by%2F&charset=utf-8&site-info=%7B%7D&browser-info=ti%3A10%3Ans%3A1581337245289%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20200210132045%3Aet%3A1581337246%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Arn%3A965241519%3Ahid%3A94088387%3Ads%3A6%2C11%2C119%2C42%2C1%2C0%2C0%2C191%2C0%2C%2C%2C%2C336%3Afp%3A418%3Awn%3A48854%3Ahl%3A2%3Agdpr%3A14%3Av%3A1808%3Ast%3A1581337246%3Au%3A1581337246515577553%3At%3AAFN.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%D0%9F%D0%BE%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D1%8D%D0%BA%D0%BE%D0%BD%D0%BE%D0%BC%D0%B8%D0%BA%D0%B0%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D1%8B%20%D1%8D%D0%BD%D0%B5%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BE%D0%B1%D1%89%D0%B5%D1%81%D1%82%D0%B2%D0%BE
Requested by
Host: afn.by
URL: http://afn.by/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://afn.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Feb 2020 12:20:45 GMT
Last-Modified
Mon, 10-Feb-2020 12:20:45 GMT
Server
nginx/1.14.2
Location
/watch/421539/1?wmode=7&page-url=http%3A%2F%2Fafn.by%2F&charset=utf-8&site-info=%7B%7D&browser-info=ti%3A10%3Ans%3A1581337245289%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20200210132045%3Aet%3A1581337246%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Arn%3A965241519%3Ahid%3A94088387%3Ads%3A6%2C11%2C119%2C42%2C1%2C0%2C0%2C191%2C0%2C%2C%2C%2C336%3Afp%3A418%3Awn%3A48854%3Ahl%3A2%3Agdpr%3A14%3Av%3A1808%3Ast%3A1581337246%3Au%3A1581337246515577553%3At%3AAFN.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%D0%9F%D0%BE%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D1%8D%D0%BA%D0%BE%D0%BD%D0%BE%D0%BC%D0%B8%D0%BA%D0%B0%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D1%8B%20%D1%8D%D0%BD%D0%B5%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BE%D0%B1%D1%89%D0%B5%D1%81%D1%82%D0%B2%D0%BE
Strict-Transport-Security
max-age=31536000
Access-Control-Allow-Origin
http://afn.by
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Mon, 10-Feb-2020 12:20:45 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 10 Feb 2020 12:20:45 GMT
Last-Modified
Mon, 10-Feb-2020 12:20:45 GMT
Server
nginx/1.14.2
Access-Control-Allow-Origin
http://afn.by
Strict-Transport-Security
max-age=31536000
Location
/watch/421539/1?wmode=7&page-url=http%3A%2F%2Fafn.by%2F&charset=utf-8&site-info=%7B%7D&browser-info=ti%3A10%3Ans%3A1581337245289%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20200210132045%3Aet%3A1581337246%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Arn%3A965241519%3Ahid%3A94088387%3Ads%3A6%2C11%2C119%2C42%2C1%2C0%2C0%2C191%2C0%2C%2C%2C%2C336%3Afp%3A418%3Awn%3A48854%3Ahl%3A2%3Agdpr%3A14%3Av%3A1808%3Ast%3A1581337246%3Au%3A1581337246515577553%3At%3AAFN.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%D0%9F%D0%BE%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D1%8D%D0%BA%D0%BE%D0%BD%D0%BE%D0%BC%D0%B8%D0%BA%D0%B0%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D1%8B%20%D1%8D%D0%BD%D0%B5%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BE%D0%B1%D1%89%D0%B5%D1%81%D1%82%D0%B2%D0%BE
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Mon, 10-Feb-2020 12:20:45 GMT
advert.gif
mc.yandex.ru/metrika/
43 B
425 B
Image
General
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: afn.by
URL: http://afn.by/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://afn.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 10 Feb 2020 12:20:46 GMT
Last-Modified
Fri, 17 Jan 2020 08:05:01 GMT
Server
nginx/1.14.2
ETag
"5e216aad-2b"
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Mon, 10 Feb 2020 13:20:46 GMT
integrator.js
adservice.google.de/adsid/ Frame 4C1F
109 B
171 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=afn.by
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://afn.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 10 Feb 2020 12:20:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 4C1F
109 B
171 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=afn.by
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://afn.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 10 Feb 2020 12:20:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20200205/r20190131/ Frame 4C1F
221 KB
83 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20200205/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
33046f3ce25fbe69f34146452f47d763efd56cf867a39bfb45e19a8ee3be6df0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://afn.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 10 Feb 2020 12:20:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
84412
x-xss-protection
0
server
cafe
etag
16062341375620736720
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 Feb 2020 12:20:45 GMT
465488
an.yandex.ru/meta/
20 KB
6 KB
XHR
General
Full URL
https://an.yandex.ru/meta/465488?grab=dEFGTi5CWSAtINCd0L7QstC-0YHRgtC4INCR0LXQu9Cw0YDRg9GB0Lgg0J_QvtC70LjRgtC40LrQsCDRjdC60L7QvdC-0LzQuNC60LAg0YTQuNC90LDQvdGB0Ysg0Y3QvdC10YDQs9C10YLQuNC60LAg0L7QsdGJ0LXRgdGC0LLQvgoy0JPQu9Cw0LLQvdC-0LUgCjLQn9C-0LvQuNGC0LjQutCwIAoy0K3QutC-0L3QvtC80LjQutCwIAoy0K3QvdC10YDQs9C10YLQuNC60LAgCjLQntCx0YnQtdGB0YLQstC-IAoz0J7Qv9C_0L7Qt9C40YbQuNGPINCz0L7RgtC-0LLQsCDQstGL0LnRgtC4INC90LAg0LDQutGG0LjRjiDQsiDQv9C-0LTQtNC10YDQttC60YMg0JvRg9C60LDRiNC10L3QutC-INC_0L7QtCDQutGA0LDRgdC90L4t0LfQtdC70LXQvdGL0Lwg0YTQu9Cw0LPQvtC8IAoz0JvRg9C60LDRiNC10L3QutC-INCyINCh0L7Rh9C4INC90LDQv9C-0LzQvdC40LvQuCDQviDRgdGD0LTRjNCx0LUg0K_QvdGD0LrQvtCy0LjRh9CwIAoz0J3QsNGB0LXQu9C10L3QuNC1INCR0LXQu9Cw0YDRg9GB0Lgg0L3QtSDRgdGC0LDQu9C-INCyINGP0L3QstCw0YDQtSDRg9GB0YLRgNCw0LjQstCw0YLRjCDQstCw0LvRjtGC0L3Ri9C5INCw0LbQuNC-0YLQsNC2INC40Lct0LfQsCDQvdC10YTRgtC4IAoz0JHQtdC70LDRgNGD0YHRjCDQv9C-0LvRg9GH0LjQu9CwINC90LXRhNGC0Ywg0LHQtdC3INC_0YDQtdC80LjQuCDQuCDQtNC-0YHRgtGD0L8g0Log0YLRgNGD0LHQtSDQtNC70Y8g0LLRgdC10YUgCjPQotGA0LDQvNC_INC90LDQvNC10YDQtdC9INCy0LLQtdGB0YLQuCDQvtCz0YDQsNC90LjRh9C10L3QuNGPINC90LAg0LLRitC10LfQtCDQsiDQodCo0JAg0LTQu9GPINCz0YDQsNC20LTQsNC9INCR0LXQu9Cw0YDRg9GB0LggCg%3D%3D&target-ref=http%3A%2F%2Fafn.by%2F&charset=utf-8&duid=MTU4MTMzNzI0NjUxNTU3NzU1Mw%3D%3D&imp-id=1&enable-flat-highlight=1&test-tag=22539988369410&ad-session-id=7819641581337245812&target-id=82341535&pcode-version=10281&flash-ver=0&available-width=1180&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22width%22%3A1180%2C%22height%22%3A0%2C%22left%22%3A195%2C%22top%22%3A215%2C%22visible%22%3A1%2C%22ad_no%22%3A0%2C%22req_no%22%3A0%7D&callback=Ya%5B2598495476995%5D
Requested by
Host: an.yandex.ru
URL: http://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
f7c7169d76762b90233de7fd13d0ced8a51a563904508fd01c21a897f5c405c2
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://afn.by/
Origin
http://afn.by
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 10 Feb 2020 12:20:46 GMT
content-encoding
gzip
last-modified
Mon, 10 Feb 2020 12:20:46 GMT
server
nginx/1.12.2
timing-allow-origin
*
status
200
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
http://afn.by
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/x-javascript; charset=utf-8
x-xss-protection
1; mode=block
expires
Mon, 10 Feb 2020 12:20:46 GMT
1
mc.yandex.ru/watch/421539/
187 B
728 B
XHR
General
Full URL
https://mc.yandex.ru/watch/421539/1?wmode=7&page-url=http%3A%2F%2Fafn.by%2F&charset=utf-8&site-info=%7B%7D&browser-info=ti%3A10%3Ans%3A1581337245289%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20200210132045%3Aet%3A1581337246%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Arn%3A965241519%3Ahid%3A94088387%3Ads%3A6%2C11%2C119%2C42%2C1%2C0%2C0%2C191%2C0%2C%2C%2C%2C336%3Afp%3A418%3Awn%3A48854%3Ahl%3A2%3Agdpr%3A14%3Av%3A1808%3Ast%3A1581337246%3Au%3A1581337246515577553%3At%3AAFN.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%D0%9F%D0%BE%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D1%8D%D0%BA%D0%BE%D0%BD%D0%BE%D0%BC%D0%B8%D0%BA%D0%B0%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D1%8B%20%D1%8D%D0%BD%D0%B5%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BE%D0%B1%D1%89%D0%B5%D1%81%D1%82%D0%B2%D0%BE
Requested by
Host: afn.by
URL: http://afn.by/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
82ef46b61b774897f08ac938355fb5779cdf93946ca514980034f61fd2e95d17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://afn.by/
Origin
http://afn.by
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Mon, 10 Feb 2020 12:20:46 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 10-Feb-2020 12:20:46 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://afn.by
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
187
X-XSS-Protection
1; mode=block
Expires
Mon, 10-Feb-2020 12:20:46 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 0721
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1191230850516122&output=html&h=90&slotname=2820635487&adk=804009641&adf=3279755403&w=970&lmt=1581337246&psa=0&guci=1.2.0.0.2.2.0.0&format=970x90&url=http%3A%2F%2Fafn.by%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1581337245986&bpp=15&bdt=84&fdt=49&idt=49&shv=r20200205&cbv=r20190131&ptt=9&saldr=aa&correlator=3707054420045&frm=23&ife=5&pv=2&ga_vid=1613456113.1581337246&ga_sid=1581337246&ga_hid=1700497702&ga_fc=0&iag=3&icsg=170&nhd=1&dssz=7&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=308&ady=10&biw=1585&bih=1200&isw=970&ish=90&ifk=2344694012&scr_x=0&scr_y=0&eid=21065345%2C21065533&oid=3&pvsid=37012307343481&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=20&bc=23&ifi=1&uci=1.qyhr7ugetpkg&fsb=1&dtd=54
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200205/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-1191230850516122&output=html&h=90&slotname=2820635487&adk=804009641&adf=3279755403&w=970&lmt=1581337246&psa=0&guci=1.2.0.0.2.2.0.0&format=970x90&url=http%3A%2F%2Fafn.by%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1581337245986&bpp=15&bdt=84&fdt=49&idt=49&shv=r20200205&cbv=r20190131&ptt=9&saldr=aa&correlator=3707054420045&frm=23&ife=5&pv=2&ga_vid=1613456113.1581337246&ga_sid=1581337246&ga_hid=1700497702&ga_fc=0&iag=3&icsg=170&nhd=1&dssz=7&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=308&ady=10&biw=1585&bih=1200&isw=970&ish=90&ifk=2344694012&scr_x=0&scr_y=0&eid=21065345%2C21065533&oid=3&pvsid=37012307343481&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=20&bc=23&ifi=1&uci=1.qyhr7ugetpkg&fsb=1&dtd=54
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
http://afn.by/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUmsfOzKTLtSWKOMlocCXfyfcW4e4pzcTRicgbR3nzMIXrNxUBHDg37uP4DN
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://afn.by/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 10 Feb 2020 12:20:46 GMT
server
cafe
content-length
27265
x-xss-protection
0
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
osd.js
www.googletagservices.com/activeview/js/current/ Frame 4C1F
74 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200205/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ad581d1623a2af4d58ed30c5dc142276657e6659971bac0e5eccd1f9fb9a790
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://afn.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 10 Feb 2020 12:20:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1581078619841287"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27883
x-xss-protection
0
expires
Mon, 10 Feb 2020 12:20:46 GMT
1
mc.yandex.ru/watch/421539/
43 B
528 B
Other
General
Full URL
https://mc.yandex.ru/watch/421539/1?page-url=http%3A%2F%2Fafn.by%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Ans%3A1581337245289%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Az%3A60%3Ai%3A20200210132045%3Aet%3A1581337246%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Aar%3A1%3Apa%3A1%3Arn%3A243951614%3Ahid%3A94088387%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%3Agdpr%3A14%3Av%3A1808%3Ast%3A1581337246%3Au%3A1581337246515577553%3App%3A3629563401
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://afn.by/
Origin
http://afn.by
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 10 Feb 2020 12:20:46 GMT
Last-Modified
Mon, 10-Feb-2020 12:20:46 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
http://afn.by
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
Mon, 10-Feb-2020 12:20:46 GMT
465488
mc.yandex.ru/watch/
35 B
575 B
XHR
General
Full URL
https://mc.yandex.ru/watch/465488?wmode=7&cnt-class=1&nohit=1&page-url=http%3A%2F%2Fafn.by%2F&charset=utf-8&browser-info=ti%3A10%3Adp%3A1%3Ans%3A1581337245289%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A2%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20200210132045%3Aet%3A1581337246%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aad%3A1%3Apv%3A1%3Arn%3A206762734%3Ahid%3A94088387%3Agdpr%3A14%3Aeu%3A1%3Av%3A1808%3Ast%3A1581337246%3Au%3A1581337246515577553%3At%3AAFN.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%D0%9F%D0%BE%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D1%8D%D0%BA%D0%BE%D0%BD%D0%BE%D0%BC%D0%B8%D0%BA%D0%B0%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D1%8B%20%D1%8D%D0%BD%D0%B5%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BE%D0%B1%D1%89%D0%B5%D1%81%D1%82%D0%B2%D0%BE
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://afn.by/
Origin
http://afn.by
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Mon, 10 Feb 2020 12:20:46 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 10-Feb-2020 12:20:46 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://afn.by
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
35
X-XSS-Protection
1; mode=block
Expires
Mon, 10-Feb-2020 12:20:46 GMT
1
mc.yandex.ru/watch/465488/
43 B
528 B
Other
General
Full URL
https://mc.yandex.ru/watch/465488/1?cnt-class=1&page-url=http%3A%2F%2Fafn.by%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1581337245289%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A2%3Az%3A60%3Ai%3A20200210132046%3Aet%3A1581337246%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Apa%3A1%3Arn%3A608668373%3Ahid%3A94088387%3Ads%3A6%2C11%2C119%2C42%2C1%2C0%2C0%2C191%2C0%2C%2C%2C%2C336%3Afp%3A418%3Agdpr%3A14%3Aeu%3A1%3Av%3A1808%3Ast%3A1581337246%3Au%3A1581337246515577553
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://afn.by/
Origin
http://afn.by
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 10 Feb 2020 12:20:46 GMT
Last-Modified
Mon, 10-Feb-2020 12:20:46 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
http://afn.by
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
Mon, 10-Feb-2020 12:20:46 GMT
465488
mc.yandex.ru/watch/
43 B
528 B
Other
General
Full URL
https://mc.yandex.ru/watch/465488?cnt-class=1&page-url=http%3A%2F%2Fafn.by%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1581337245289%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A2%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20200210132046%3Aet%3A1581337246%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Apv%3A1%3Arn%3A989507226%3Ahid%3A94088387%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1808%3Ast%3A1581337246%3Au%3A1581337246515577553%3At%3AAFN.BY%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%D0%9F%D0%BE%D0%BB%D0%B8%D1%82%D0%B8%D0%BA%D0%B0%20%D1%8D%D0%BA%D0%BE%D0%BD%D0%BE%D0%BC%D0%B8%D0%BA%D0%B0%20%D1%84%D0%B8%D0%BD%D0%B0%D0%BD%D1%81%D1%8B%20%D1%8D%D0%BD%D0%B5%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D0%BA%D0%B0%20%D0%BE%D0%B1%D1%89%D0%B5%D1%81%D1%82%D0%B2%D0%BE
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://afn.by/
Origin
http://afn.by
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 10 Feb 2020 12:20:46 GMT
Last-Modified
Mon, 10-Feb-2020 12:20:46 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
http://afn.by
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
Mon, 10-Feb-2020 12:20:46 GMT
465488
an.yandex.ru/meta/
26 KB
8 KB
XHR
General
Full URL
https://an.yandex.ru/meta/465488?grab=dEFGTi5CWSAtINCd0L7QstC-0YHRgtC4INCR0LXQu9Cw0YDRg9GB0Lgg0J_QvtC70LjRgtC40LrQsCDRjdC60L7QvdC-0LzQuNC60LAg0YTQuNC90LDQvdGB0Ysg0Y3QvdC10YDQs9C10YLQuNC60LAg0L7QsdGJ0LXRgdGC0LLQvgoy0JPQu9Cw0LLQvdC-0LUgCjLQn9C-0LvQuNGC0LjQutCwIAoy0K3QutC-0L3QvtC80LjQutCwIAoy0K3QvdC10YDQs9C10YLQuNC60LAgCjLQntCx0YnQtdGB0YLQstC-IAoz0J7Qv9C_0L7Qt9C40YbQuNGPINCz0L7RgtC-0LLQsCDQstGL0LnRgtC4INC90LAg0LDQutGG0LjRjiDQsiDQv9C-0LTQtNC10YDQttC60YMg0JvRg9C60LDRiNC10L3QutC-INC_0L7QtCDQutGA0LDRgdC90L4t0LfQtdC70LXQvdGL0Lwg0YTQu9Cw0LPQvtC8IAoz0JvRg9C60LDRiNC10L3QutC-INCyINCh0L7Rh9C4INC90LDQv9C-0LzQvdC40LvQuCDQviDRgdGD0LTRjNCx0LUg0K_QvdGD0LrQvtCy0LjRh9CwIAoz0J3QsNGB0LXQu9C10L3QuNC1INCR0LXQu9Cw0YDRg9GB0Lgg0L3QtSDRgdGC0LDQu9C-INCyINGP0L3QstCw0YDQtSDRg9GB0YLRgNCw0LjQstCw0YLRjCDQstCw0LvRjtGC0L3Ri9C5INCw0LbQuNC-0YLQsNC2INC40Lct0LfQsCDQvdC10YTRgtC4IAoz0JHQtdC70LDRgNGD0YHRjCDQv9C-0LvRg9GH0LjQu9CwINC90LXRhNGC0Ywg0LHQtdC3INC_0YDQtdC80LjQuCDQuCDQtNC-0YHRgtGD0L8g0Log0YLRgNGD0LHQtSDQtNC70Y8g0LLRgdC10YUgCjPQotGA0LDQvNC_INC90LDQvNC10YDQtdC9INCy0LLQtdGB0YLQuCDQvtCz0YDQsNC90LjRh9C10L3QuNGPINC90LAg0LLRitC10LfQtCDQsiDQodCo0JAg0LTQu9GPINCz0YDQsNC20LTQsNC9INCR0LXQu9Cw0YDRg9GB0LggCg%3D%3D&target-ref=http%3A%2F%2Fafn.by%2F&charset=utf-8&duid=MTU4MTMzNzI0NjUxNTU3NzU1Mw%3D%3D&imp-id=2&enable-flat-highlight=1&test-tag=22539988369410&ad-session-id=7819641581337245812&target-id=95168535&pcode-version=10281&flash-ver=0&available-width=170&skip-token=yabs.NTc5MDM3MDEzOQ%3D%3D&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22width%22%3A170%2C%22height%22%3A0%2C%22left%22%3A1395%2C%22top%22%3A558%2C%22visible%22%3A1%2C%22ad_no%22%3A0%2C%22req_no%22%3A1%7D&callback=Ya%5B8137218526358%5D
Requested by
Host: an.yandex.ru
URL: http://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
5e67b35c40986744d4228beb73b2fbe3270b9bcb67907dc070fd2e31633d9664
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://afn.by/
Origin
http://afn.by
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 10 Feb 2020 12:20:46 GMT
content-encoding
gzip
last-modified
Mon, 10 Feb 2020 12:20:46 GMT
server
nginx/1.12.2
timing-allow-origin
*
status
200
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
http://afn.by
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/x-javascript; charset=utf-8
x-xss-protection
1; mode=block
expires
Mon, 10 Feb 2020 12:20:46 GMT
x160
avatars.mds.yandex.net/get-direct/114553/J4V_TftypfkLLfrJg_6iCA/
5 KB
6 KB
Image
General
Full URL
http://avatars.mds.yandex.net/get-direct/114553/J4V_TftypfkLLfrJg_6iCA/x160
Requested by
Host: afn.by
URL: http://afn.by/
Protocol
HTTP/1.1
Server
2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx /
Resource Hash
c1c8e2b295b74b33c30e95ddf899bf3ff14d361148ece04cc22ae916d1ff9edb

Request headers

Referer
http://afn.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 10 Feb 2020 12:20:46 GMT
Last-Modified
Mon, 04 Dec 2017 01:07:10 GMT
Server
nginx
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800,immutable
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Keep-Alive
timeout=60
Content-Length
5252
X-Request-Id
c4f8b281ddcd357f
host.js
yastatic.net/safeframe-bundles/0.69/
29 KB
8 KB
Script
General
Full URL
https://yastatic.net/safeframe-bundles/0.69/host.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/partner-code-bundles/10281/context_static.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.8 /
Resource Hash
9fa8c2bb49f0e9e391d87f70459663c0e3898f32d4506c81239151b9c0b870d6
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://afn.by/
Origin
http://afn.by

Response headers

date
Mon, 10 Feb 2020 12:20:46 GMT
content-encoding
br
status
200
strict-transport-security
max-age=43200000; includeSubDomains;
content-length
8104
timing-allow-origin
*
last-modified
Tue, 20 Aug 2019 11:55:41 GMT
server
nginx/1.17.8
etag
"901e860c36afb614c88b40352db2214f"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
x-robots-tag
noindex, noarchive, nofollow
expires
Mon, 04 Jun 2040 12:17:11 GMT
render.html
yastatic.net/safeframe-bundles/0.69/1-1-0/ Frame 02CB
0
0
Document
General
Full URL
https://yastatic.net/safeframe-bundles/0.69/1-1-0/render.html
Requested by
Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.69/host.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.8 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

:method
GET
:authority
yastatic.net
:scheme
https
:path
/safeframe-bundles/0.69/1-1-0/render.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
http://afn.by/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://afn.by/

Response headers

status
200
server
nginx/1.17.8
date
Mon, 10 Feb 2020 12:20:46 GMT
content-type
text/html
content-length
6026
timing-allow-origin
*
vary
Accept-Encoding
access-control-allow-origin
*
etag
"f883bd7781c332870c9968db60e89349"
expires
Mon, 04 Jun 2040 12:16:18 GMT
last-modified
Tue, 20 Aug 2019 11:55:41 GMT
cache-control
public
content-encoding
br
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
accept-ranges
bytes
truncated
/
333 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f1e572871055c1d0e152936f664d5fb075f505b99b412a4776f65a7abe80b505

Request headers

Referer
http://afn.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
x180
avatars.mds.yandex.net/get-direct/2396344/e4HU-Tp2vxV2PUW34_XWSw/
15 KB
15 KB
Image
General
Full URL
http://avatars.mds.yandex.net/get-direct/2396344/e4HU-Tp2vxV2PUW34_XWSw/x180
Requested by
Host: afn.by
URL: http://afn.by/
Protocol
HTTP/1.1
Server
2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx /
Resource Hash
74b171733955fda032fe5409c2a92a23667100709b037e86502eb2d35822f2b3

Request headers

Referer
http://afn.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 10 Feb 2020 12:20:46 GMT
Last-Modified
Fri, 20 Dec 2019 23:15:35 GMT
Server
nginx
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800,immutable
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Keep-Alive
timeout=60
Content-Length
15224
X-Request-Id
8734f8798e964d10
y180
avatars.mds.yandex.net/get-direct/2398261/9k6QKLtkIF4vqKcANhC0GQ/
4 KB
4 KB
Image
General
Full URL
http://avatars.mds.yandex.net/get-direct/2398261/9k6QKLtkIF4vqKcANhC0GQ/y180
Requested by
Host: afn.by
URL: http://afn.by/
Protocol
HTTP/1.1
Server
2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx /
Resource Hash
09c14d175315722085de5f040ce73601ba0421754b6a5ee6360d4141e76169f9

Request headers

Referer
http://afn.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 10 Feb 2020 12:20:46 GMT
Last-Modified
Wed, 30 Oct 2019 12:32:58 GMT
Server
nginx
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800,immutable
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Keep-Alive
timeout=60
Content-Length
3982
X-Request-Id
1195b800b5535fa9
render.html
yastatic.net/safeframe-bundles/0.69/1-1-0/ Frame F338
0
0
Document
General
Full URL
https://yastatic.net/safeframe-bundles/0.69/1-1-0/render.html
Requested by
Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.69/host.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.8 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

:method
GET
:authority
yastatic.net
:scheme
https
:path
/safeframe-bundles/0.69/1-1-0/render.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
http://afn.by/
accept-encoding
gzip, deflate, br
cookie
pcs3=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://afn.by/

Response headers

status
200
server
nginx/1.17.8
date
Mon, 10 Feb 2020 12:20:46 GMT
content-type
text/html
content-length
6026
timing-allow-origin
*
vary
Accept-Encoding
access-control-allow-origin
*
etag
"f883bd7781c332870c9968db60e89349"
expires
Mon, 04 Jun 2040 12:16:18 GMT
last-modified
Tue, 20 Aug 2019 11:55:41 GMT
cache-control
public
content-encoding
br
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
accept-ranges
bytes
ev_view.aspx
inv-nets-eu.admixer.net/
0
220 B
Image
General
Full URL
https://inv-nets-eu.admixer.net/ev_view.aspx?cc=NL/UT/2753557&am-uid=bf46fa0cfb0444789e67728a3f12b7bb&cet=9&zone=2febba63-69cc-42a7-8be2-e10bcbe63cd5&rule=2a065265-12f0-40c0-9e56-9106b83926dd&requestId=82c32acd-a5b8-436c-9877-fb438dc50330&page=afn.by%2F&pvid=32d4094d-003d-4941-abe8-c09134871912&ts=637169340457550971&sf=0
Requested by
Host: afn.by
URL: http://afn.by/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://afn.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 10 Feb 2020 12:20:54 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-XSS-Protection
0
logcz.aspx
inv-nets.admixer.net//
0
127 B
Image
General
Full URL
https://inv-nets.admixer.net//logcz.aspx?zone=2febba63-69cc-42a7-8be2-e10bcbe63cd5
Requested by
Host: afn.by
URL: http://afn.by/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://afn.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 10 Feb 2020 12:20:46 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
1RYH5i4Z0NO100000000U9nJd7lFVFTnJHbkG_cUbatv-eVPBETvESOn084dJ2Gqyr93K6o053j3AYDGF5E-9-4WIBmKnAjD01AjZ21oAf2lm32JCS-S0GmMClvHWx1MChOAGLWRGNeU_04IUndPqhGOZe9bhZA2XEyoCiWmCFnbdCN4m32N2IIobEa6aBsMAGgaa...
an.yandex.ru/rtbcount/
43 B
318 B
Image
General
Full URL
https://an.yandex.ru/rtbcount/1RYH5i4Z0NO100000000U9nJd7lFVFTnJHbkG_cUbatv-eVPBETvESOn084dJ2Gqyr93K6o053j3AYDGF5E-9-4WIBmKnAjD01AjZ21oAf2lm32JCS-S0GmMClvHWx1MChOAGLWRGNeU_04IUndPqhGOZe9bhZA2XEyoCiWmCFnbdCN4m32N2IIobEa6aBsMAGgaasbkKQxH2Q1JppBz1u9NJ0BRbhmDbkzXO13sldJ4V1uhmrycLf1Zc45aBxC0o4dC86FcCZE1704a5I2EO2xvKTKsxLDBpabccF-lWbNU1PC_cHsS-25UO5aptHZCMi7oBcy3otyOODo1n3w0nBx0Sh5rVcl_xgQVeZTP87x-OF-G9GqCxjc_PG7v5m0tadR6?confirmTime=1581337246384000&confirmRatio=1000000&test-tag=22539988369410&format-type=9&actual-format=40&rnd=8228932097341&renderWidth=1180&renderHeight=90
Requested by
Host: afn.by
URL: http://afn.by/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://afn.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Feb 2020 12:20:48 GMT
last-modified
Mon, 10 Feb 2020 12:20:48 GMT
server
nginx/1.12.2
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif
status
200
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
43
x-xss-protection
1; mode=block
expires
Mon, 10 Feb 2020 12:20:48 GMT
Ke3IQSOwI68504W14C60W04ndaf1NW00000ueEauY081kGBHaT1HB0ZAS_02v83OaWdu0eA0W820a0Nm1G6W1i01oGQTtZUxnoaS2z46dN9jCiWf70lP1W000E3y0000gGSVZ631Ro_31j070j08We20W0A02W682WM82mAg2n18wQ1T7um004dGqiGtdWK0m0k0e...
an.yandex.ru/count/
Redirect Chain
  • https://an.yandex.ru/count/Ke3IQGpOSzu504W14820W04ndaf1NW00000ueEauY081kGBHaT1HB0ZAS_02v83OaWdu0eA0W820a0Nm1G6W1i01oGQTtZUxnoaS2z46dN9jCiWf70lP1W000E3y0000gGSVZ631Ro_31j070j08We20W0A02W682WM82mAg2n...
  • https://an.yandex.ru/count/Ke3IQSOwI68504W14C60W04ndaf1NW00000ueEauY081kGBHaT1HB0ZAS_02v83OaWdu0eA0W820a0Nm1G6W1i01oGQTtZUxnoaS2z46dN9jCiWf70lP1W000E3y0000gGSVZ631Ro_31j070j08We20W0A02W682WM82mAg2n...
0
265 B
Image
General
Full URL
https://an.yandex.ru/count/Ke3IQSOwI68504W14C60W04ndaf1NW00000ueEauY081kGBHaT1HB0ZAS_02v83OaWdu0eA0W820a0Nm1G6W1i01oGQTtZUxnoaS2z46dN9jCiWf70lP1W000E3y0000gGSVZ631Ro_31j070j08We20W0A02W682WM82mAg2n18wQ1T7um004dGqiGtdWK0m0k0emN82u3Kam7m2mRW3OA0W06O3fsztzdxk8gE2wWFdvYIbFljo-46u0y1a13HthZAegF6l1pu4F____y7W17_____1wWHm8Gzo164gi-h4VeH6Gq000005G00000T000002K00000BG00003m4l____y7-1B_____1u0J_____mU84_____y7a1F_____1y0J____________0TeJ2WW0400O0200A03W507m5S6AzkoZZxpyOm00=wShYWUW14820W0500aW2OBm8Q0HmdjM8ams00SVJdim7Y06-hjZhAf01jgMGaYkO0SpTxkSee06qfP2IAwW1nDtkvoYu0Px8aCSMs07WqPqBu06mwCG6w07g0VW1uA7ZlW6W0gpJbXMO0y24FR030h040RW4_07e18O8Y0Ndh1oG1PFW8R05hCe8k0MioWZ01PMW7SW5zBS7q0NRYGJW1NUO1kA8lAe7g0R00R07W82GDD070jW70U07XWhn1m0000000000-0S1W0W1q0YwYe21me20Xe01u0ZMgSiAW0e1mGh-ZCQm6NRoFzWA0k0AW8bw-0g0jHZP2n-COC5lByC6w0ldh1o83E2Xuxu1w0mRc0svZ3o93W0000000F0_a0x0X3sW3i24FQ4F00000000y3_P3m0000000F0_W12vWzKAcX094G0000000F0_o130eX3G4Esahr-X4G0000000F0_g170X3sm4G7W4QolpW7e4QRsWSE8tS29TF4H0000002toq284W6G4W6f4WG4BECuOjm_c1C1g1FHXP-5Zxk2-HNW4wpA28WKdA_xWVAefh4te1IioWYe59FW8S0KWAhgLSWK0T0KWylW5TWKuDBHy0NG5U3IqV05s1N1YlRieu-y_6C0?stat-id=1&test-tag=22540386837505&format-type=9&actual-format=40&banner-test-tags=eyI1NzkwMzcwMTM5IjoiMjI4MTczNDE0NSJ9&renderWidth=1180&renderHeight=90&confirmTime=1581337246584000&confirmRatio=1000000&wmode
Requested by
Host: afn.by
URL: http://afn.by/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://afn.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Feb 2020 12:20:48 GMT
last-modified
Mon, 10 Feb 2020 12:20:48 GMT
server
nginx/1.12.2
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
status
200
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
0
x-xss-protection
1; mode=block
expires
Mon, 10 Feb 2020 12:20:48 GMT

Redirect headers

pragma
no-cache
date
Mon, 10 Feb 2020 12:20:48 GMT
last-modified
Mon, 10 Feb 2020 12:20:48 GMT
server
nginx/1.12.2
location
https://an.yandex.ru/count/Ke3IQSOwI68504W14C60W04ndaf1NW00000ueEauY081kGBHaT1HB0ZAS_02v83OaWdu0eA0W820a0Nm1G6W1i01oGQTtZUxnoaS2z46dN9jCiWf70lP1W000E3y0000gGSVZ631Ro_31j070j08We20W0A02W682WM82mAg2n18wQ1T7um004dGqiGtdWK0m0k0emN82u3Kam7m2mRW3OA0W06O3fsztzdxk8gE2wWFdvYIbFljo-46u0y1a13HthZAegF6l1pu4F____y7W17_____1wWHm8Gzo164gi-h4VeH6Gq000005G00000T000002K00000BG00003m4l____y7-1B_____1u0J_____mU84_____y7a1F_____1y0J____________0TeJ2WW0400O0200A03W507m5S6AzkoZZxpyOm00=wShYWUW14820W0500aW2OBm8Q0HmdjM8ams00SVJdim7Y06-hjZhAf01jgMGaYkO0SpTxkSee06qfP2IAwW1nDtkvoYu0Px8aCSMs07WqPqBu06mwCG6w07g0VW1uA7ZlW6W0gpJbXMO0y24FR030h040RW4_07e18O8Y0Ndh1oG1PFW8R05hCe8k0MioWZ01PMW7SW5zBS7q0NRYGJW1NUO1kA8lAe7g0R00R07W82GDD070jW70U07XWhn1m0000000000-0S1W0W1q0YwYe21me20Xe01u0ZMgSiAW0e1mGh-ZCQm6NRoFzWA0k0AW8bw-0g0jHZP2n-COC5lByC6w0ldh1o83E2Xuxu1w0mRc0svZ3o93W0000000F0_a0x0X3sW3i24FQ4F00000000y3_P3m0000000F0_W12vWzKAcX094G0000000F0_o130eX3G4Esahr-X4G0000000F0_g170X3sm4G7W4QolpW7e4QRsWSE8tS29TF4H0000002toq284W6G4W6f4WG4BECuOjm_c1C1g1FHXP-5Zxk2-HNW4wpA28WKdA_xWVAefh4te1IioWYe59FW8S0KWAhgLSWK0T0KWylW5TWKuDBHy0NG5U3IqV05s1N1YlRieu-y_6C0?stat-id=1&test-tag=22540386837505&format-type=9&actual-format=40&banner-test-tags=eyI1NzkwMzcwMTM5IjoiMjI4MTczNDE0NSJ9&renderWidth=1180&renderHeight=90&confirmTime=1581337246584000&confirmRatio=1000000&wmode
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
status
302
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
0
x-xss-protection
1; mode=block
expires
Mon, 10 Feb 2020 12:20:48 GMT
1P9RySia0NO100000000U9nJd7lFVFTnJHbkG_aUcIrr-eVPBETvESOn084dJ2HKkKBABpP0YfqXbH4edYdVet4A95xA1EJL9W29LaOGEHKegy0max51Y04C5ZAMy45OAndliK5O6q4cFFW39FOokd4fC1m5ornb10dVPMIGOM3uopWBQEvS9f38KgO5G78jKmHGP...
an.yandex.ru/rtbcount/
43 B
318 B
Image
General
Full URL
https://an.yandex.ru/rtbcount/1P9RySia0NO100000000U9nJd7lFVFTnJHbkG_aUcIrr-eVPBETvESOn084dJ2HKkKBABpP0YfqXbH4edYdVet4A95xA1EJL9W29LaOGEHKegy0max51Y04C5ZAMy45OAndliK5O6q4cFFW39FOokd4fC1m5ornb10dVPMIGOM3uopWBQEvS9f38KgO5G78jKmHGP2FJtA9SenD0fvvb-Wy4hvW48iIgUULx61YESbyxOZwFbU4l4ol8CSmWifTP0EGaPf0nSvb1Bbq991KWZc0k-L7LDkrJIyv9PfZ_hu9LtWMJFvaTdFWXNc39cc4CPgrWQL3TmF8V1XXt8B4F8B4li5nidT_Qlxlff-XD5eYVFzW_P4a3WtlsRrb0_WK07sTodG00?confirmTime=1581337246612000&confirmRatio=1000000&test-tag=22539988369410&format-type=24&actual-format=40&rnd=9034130813580&renderWidth=170&renderHeight=600
Requested by
Host: afn.by
URL: http://afn.by/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://afn.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Feb 2020 12:20:48 GMT
last-modified
Mon, 10 Feb 2020 12:20:48 GMT
server
nginx/1.12.2
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif
status
200
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
43
x-xss-protection
1; mode=block
expires
Mon, 10 Feb 2020 12:20:48 GMT
/
www.acint.net/ping/
43 B
471 B
Image
General
Full URL
http://www.acint.net/ping/?v=0.2.1&uid=65f85548-f6e0-4754-a6ff-8fe4d7170f35&dp=10&tz=%2B01%3A00&nc=26793687&dT=2020-02-10T13%3A20%3A48.732
Requested by
Host: afn.by
URL: http://afn.by/
Protocol
HTTP/1.1
Server
195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ingolstadt.aucourant.info
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://afn.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 10 Feb 2020 12:20:49 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
43
Expires
Wed, 19 Apr 2000 11:43:00 GMT
JXfu8pQviHG504W14820W04ndaf1NW00000ueEauY082kGBHaT1HB0ZAS_02gh7l_0Ju0eA0W820a0Nm1G6W1i01oGQTtZUxnoaS2z46dN9jCiWf70lP1W000E3y0000gGSVZ2ZAVY_31j070j08We20W0A02W682W682mIg2n0_tsgA7um00AoariGtdWK0m0k0e...
an.yandex.ru/count/
0
265 B
Image
General
Full URL
https://an.yandex.ru/count/JXfu8pQviHG504W14820W04ndaf1NW00000ueEauY082kGBHaT1HB0ZAS_02gh7l_0Ju0eA0W820a0Nm1G6W1i01oGQTtZUxnoaS2z46dN9jCiWf70lP1W000E3y0000gGSVZ2ZAVY_31j070j08We20W0A02W682W682mIg2n0_tsgA7um00AoariGtdWK0m0k0emN82u3Kam7m2mRW3OA0W06O3fsztzdxk8gE2wWFdvZoeEllo-46u0y1a13HthZAegF6l1pu4F____y7W17_____1wWHm8Gzo164gi-h4VeH6Gq000005G00000T000002K00000BG00003m4l____y7-1B_____1u0J_____mU84_____y7a1F_____1y0J____________0TeJ2WW0400O0200A03W507m5S6AzkoZZxpyOm00=qPY1Qxe1G0980c2y26W4S9A-ww83W06idGc80O_RY899a07m-j_lDvW1gFN0-Z-W0PIJZ-ytg068zS3wFxW1fBUmmHxO0UhYfnpW0OIfwmBe0JBu0UB6thu1c0BgZeSNe0BiZeSNc0F0X3sm0mAu1Fy1w0JD7uW5pwS2a0NCpmAm1QbLk0MfLS05o9G2o0MeHj05moZW1NUO1fY2oum4g0R00R07W82GDD070jW70U07XWhn1m0000000000-0S1W0W1q0YwYeI1We20Xe01u0YsnyCBW0e1mGe00000003mFzWA0k0AW8bw-0g0jHZP2n-CACf-ByC6w0lFfmA83EB6thu1w0mRc0svZ3o93W0000000F0_a0x0X3sW3i24FQ4F00000000y3_P3nHlH7TTQlC_W12frfKNcX094G0000000F0_o108eH400000003mFwWHm8Gzi141u17giCu1w17Ym_hhySFixAm1yH400000082oG8WI0P0I0QaIdb26xk7Tf3-O4m6e4z65duMFkuBv5U0JgLM85FkzoT7dYRVtw06W5AbLg1JCpmBO5S6AzkoZZxpyOm00=zYB6sUG1G0980c2y26W4S9B1mV88W073YaA80PwOu_v5a06sYQ-uDfW1pfAG-3oW0RI9hxWsg07A-i_tFBW1j9IDvXtO0UAqm1lW0SgIfXle0Om1-06yaTw-0Q02dedc5u03oEYcimk80vkbcSy1c0F0kWIW0mIm0mAm106u1Fm1w0II1eW5svWCa0M0oGsm1Pxw1BW5dle4m0NVsGl81V2Y1D05uT41u0LQc0Q2qApp3gW6m06m1u20a3JG1mBW1wGFyGS0000000000FW70O080T08keg0WSA0W8Q00U08puJp2u0A0S4A00000000y3_O2WBW2e29UjaB7umeodulmmRe2zkO38WCglFUlW7e31kO3RcCF8aE00000000i3wG3i24FQ0EvPuWeGy00000003mFzaFQ55pMaoEyZ-04Co8i1QQ40aH00000000y3_840oX4G0000000F0_g170X3sm4G7W4UgmpW7e4UB3-klnm-pih07n4G000000WB90Y181a181gH9Q9PGO50RHFvWJ0QWJqOMVXO-xWlaLu1EU-WI85FkzoT7dYRVtw06W59xw1AWKWCaDo1G4q1J___________y1s1IGojVm1T0LaChNy0NO5S6AzkoZZxpyOm00?stat-id=2&test-tag=22540386852865&format-type=24&actual-format=40&banner-test-tags=eyI3NDk5MTUzMDgwIjoiMTM0MjUwNDk3IiwiNzMwNjg2MzE5NSI6IjIyODE3MzQxNDYifQ%3D%3D&renderWidth=170&renderHeight=600&confirmTime=1581337246813000&confirmRatio=1000000&wmode
Requested by
Host: afn.by
URL: http://afn.by/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://afn.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Feb 2020 12:20:48 GMT
last-modified
Mon, 10 Feb 2020 12:20:48 GMT
server
nginx/1.12.2
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
status
200
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
0
x-xss-protection
1; mode=block
expires
Mon, 10 Feb 2020 12:20:48 GMT
1
mc.yandex.ru/watch/421539/
Redirect Chain
  • https://mc.yandex.ru/watch/421539?page-url=http%3A%2F%2Fafn.by%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1581337245289%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%...
  • https://mc.yandex.ru/watch/421539/1?page-url=http%3A%2F%2Fafn.by%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1581337245289%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A...
43 B
444 B
Other
General
Full URL
https://mc.yandex.ru/watch/421539/1?page-url=http%3A%2F%2Fafn.by%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1581337245289%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20200210132100%3Aet%3A1581337261%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Aar%3A1%3Anb%3A1%3Acl%3A-145%3Arn%3A825240554%3Ahid%3A94088387%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1808%3Ast%3A1581337261%3Au%3A1581337246515577553
Requested by
Host: afn.by
URL: http://afn.by/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://afn.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 10 Feb 2020 12:21:01 GMT
Last-Modified
Mon, 10-Feb-2020 12:21:01 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
Mon, 10-Feb-2020 12:21:01 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 10 Feb 2020 12:21:00 GMT
Last-Modified
Mon, 10-Feb-2020 12:21:00 GMT
Server
nginx/1.14.2
Location
/watch/421539/1?page-url=http%3A%2F%2Fafn.by%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1581337245289%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A60%3Ai%3A20200210132100%3Aet%3A1581337261%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Aar%3A1%3Anb%3A1%3Acl%3A-145%3Arn%3A825240554%3Ahid%3A94088387%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1808%3Ast%3A1581337261%3Au%3A1581337246515577553
Strict-Transport-Security
max-age=31536000
Access-Control-Allow-Origin
http://afn.by
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Mon, 10-Feb-2020 12:21:00 GMT
/
www.acint.net/ping/
43 B
471 B
Image
General
Full URL
http://www.acint.net/ping/?v=0.2.1&uid=65f85548-f6e0-4754-a6ff-8fe4d7170f35&dp=10&tz=%2B01%3A00&nc=47544275&dT=2020-02-10T13%3A21%3A08.733
Requested by
Host: afn.by
URL: http://afn.by/
Protocol
HTTP/1.1
Server
195.201.243.71 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ingolstadt.aucourant.info
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://afn.by/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 10 Feb 2020 12:21:08 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
43
Expires
Wed, 19 Apr 2000 11:43:00 GMT
421539
mc.yandex.ru/webvisor/
43 B
528 B
Other
General
Full URL
https://mc.yandex.ru/webvisor/421539?wmode=0&rn=461997545&page-url=http%3A%2F%2Fafn.by%2F&wv-type=0&wv-hit=94088387&wv-part=1&wv-check=16901&force-urlencoded=1&browser-info=ti%3A1%3Av%3A1808%3Az%3A60%3Ai%3A20200210132045%3Ast%3A1581337276%3Au%3A1581337246515577553
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://afn.by/
Origin
http://afn.by
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 10 Feb 2020 12:21:16 GMT
Last-Modified
Mon, 10-Feb-2020 12:21:16 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
http://afn.by
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
Mon, 10-Feb-2020 12:21:16 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ws1.rqtrk.eu
URL
https://ws1.rqtrk.eu/pull?redirect=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=admixer&g=1

Verdicts & Comments Add Verdict or Comment

161 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate string| GoogleAnalyticsObject function| ga string| pp_gemius_identifier string| pp_gemius_hitcollector function| gemius_parameters function| gemius_add_onload_event function| gemius_append_script function| gemius_obj_loaded string| pp_gemius_proto string| pp_gemius_host undefined| gemius_l function| pp_gemius_hit_int function| pp_gemius_hit number| pp_gemius_loaded string| pp_gemius_script object| pp_gemius_image number| pp_gemius_cnt function| gemius_hit object| admixerML object| _acic object| theForm function| __doPostBack object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd object| google_sv_map object| google_t12n_vars function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions object| __pendingCallbacks number| __synchronousCallBackIndex function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback object| __disabledControlArray function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| admixerJSONP object| __core-js_shared__ object| core object| admixerAds object| admixerLoad string| Page_ValidationVer boolean| Page_IsValid boolean| Page_BlockSubmit object| Page_InvalidControlToBeFocused function| ValidatorUpdateDisplay function| ValidatorUpdateIsValid function| AllValidatorsValid function| ValidatorHookupControlID function| ValidatorHookupControl function| ValidatorHookupEvent function| ValidatorGetValue function| ValidatorGetValueRecursive function| Page_ClientValidate function| ValidatorCommonOnSubmit function| ValidatorEnable function| ValidatorOnChange function| ValidatedTextBoxOnKeyPress function| ValidatedControlOnBlur function| ValidatorValidate function| ValidatorSetFocus function| IsInVisibleContainer function| IsValidationGroupMatch function| ValidatorOnLoad function| ValidatorConvert function| ValidatorCompare function| CompareValidatorEvaluateIsValid function| CustomValidatorEvaluateIsValid function| RegularExpressionValidatorEvaluateIsValid function| ValidatorTrim function| RequiredFieldValidatorEvaluateIsValid function| RangeValidatorEvaluateIsValid function| ValidationSummaryOnSubmit function| WebForm_OnSubmit undefined| yandexContextAsyncCallbacks object| Page_Validators object| ctl00_ctl00_C_N_L_L_LC_UserNameRequired object| ctl00_ctl00_C_N_L_L_LC_PasswordRequired boolean| Page_ValidationActive function| ValidatorOnSubmit object| yaParams function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_jobrunner object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_iframe_oncopy boolean| google_osd_loaded boolean| google_onload_fired object| _acil function| HELPER object| hb_dmx_res function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb function| pcodeLoaderJsonp10311 object| Ya undefined| yandex_context_callbacks function| html2canvas function| _open object| yaCounter421539 undefined| script function| pcodeStaticJsonp10281 object| yaSafeFrameCallbacksStorage object| yaCounter465488 boolean| isLoadingSafeframeStarted object| yaSafeFrameAsyncCallbacks object| $sf

0 Cookies

7 Console Messages

Source Level URL
Text
console-api log URL: http://cdn.admixer.net/scripts3/2d4e15e1d13c42a18167.b.js(Line 1)
Message:
Chrome
console-api log URL: http://cdn.admixer.net/scripts3/2d4e15e1d13c42a18167.b.js(Line 1)
Message:
Mraid Ready false
console-api log URL: http://cdn.admixer.net/scripts3/2d4e15e1d13c42a18167.b.js(Line 1)
Message:
Chrome
console-api log URL: http://cdn.admixer.net/scripts3/2d4e15e1d13c42a18167.b.js(Line 1)
Message:
Chrome
console-api log URL: http://cdn.admixer.net/scripts3/2d4e15e1d13c42a18167.b.js(Line 1)
Message:
Event view http://inv-nets-eu.admixer.net/ev_view.aspx?cc=NL/UT/2753557&am-uid=bf46fa0cfb0444789e67728a3f12b7bb&cet=4&zone=2febba63-69cc-42a7-8be2-e10bcbe63cd5&rule=2a065265-12f0-40c0-9e56-9106b83926dd&requestId=82c32acd-a5b8-436c-9877-fb438dc50330&page=afn.by%2F&pvid=32d4094d-003d-4941-abe8-c09134871912&ts=637169340457550971&sf=0
console-api log URL: http://cdn.admixer.net/scripts3/2d4e15e1d13c42a18167.b.js(Line 1)
Message:
Event confirmview http://inv-nets-eu.admixer.net/ev_view.aspx?cc=NL/UT/2753557&am-uid=bf46fa0cfb0444789e67728a3f12b7bb&cet=9&zone=2febba63-69cc-42a7-8be2-e10bcbe63cd5&rule=2a065265-12f0-40c0-9e56-9106b83926dd&requestId=82c32acd-a5b8-436c-9877-fb438dc50330&page=afn.by%2F&pvid=32d4094d-003d-4941-abe8-c09134871912&ts=637169340457550971&sf=0
console-api log URL: http://cdn.admixer.net/scripts3/2d4e15e1d13c42a18167.b.js(Line 1)
Message:
Event confirmview http://inv-nets.admixer.net//logcz.aspx?zone=2febba63-69cc-42a7-8be2-e10bcbe63cd5

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.adsinspidsp.com
ads.betweendigital.com
adservice.google.com
adservice.google.de
afn.by
an.yandex.ru
avatars.mds.yandex.net
cdn.admixer.net
cm.g.doubleclick.net
cm.p.altergeo.ru
counter.yadro.ru
dmg.digitaltarget.ru
gaby.hit.gemius.pl
googleads.g.doubleclick.net
inv-nets-eu.admixer.net
inv-nets.admixer.net
mc.yandex.ru
pagead2.googlesyndication.com
prodmp.ru
pubs2-eu.creativecdn.com
rtb.com.ru
s.uuidksinc.net
ssp.adriver.ru
sync.1dmp.io
t.trafmag.com
ws1.rqtrk.eu
www.acint.net
www.google-analytics.com
www.googletagservices.com
x.bidswitch.net
x01.aidata.io
yastatic.net
ws1.rqtrk.eu
137.74.0.153
138.201.139.144
144.76.85.254
146.0.227.110
172.217.18.98
178.124.223.65
185.15.175.146
185.184.8.30
188.42.196.115
193.106.93.124
193.200.65.5
195.201.243.71
2606:4700:3031::6818:61f6
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:819::2002
2a00:1450:4001:821::2002
2a02:6b8:20::215
2a02:6b8::184
2a02:6b8::1:119
2a02:6b8::90
2a03:90c0:9997::9997
3.122.47.160
31.220.27.134
81.222.128.213
83.222.114.190
88.212.201.210
95.216.101.186
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
09c14d175315722085de5f040ce73601ba0421754b6a5ee6360d4141e76169f9
0ba2f6756001669bdf934f9d79e8fd1ccf2028130c33a0510279581ec9dfd73a
0dde7fdde11faabee9672b04f9edf53e982b34f1b21f090edac1ca6618a54820
1169a3f993d718456932d9f12e1a67ed03006a186289405dff998ee4f947b7ed
17c471d6bdf270617af12cafe1072d6662dabb4be463df5735d15e670165334a
18798bf8186b0cd653aa3e70ba16ace71442a65e0bf9a05ab703d10bff381c17
1ddb0b820dec7b14a548cd751c4a24db01dec9d0716daa5724ee5c65d3c347ec
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
2d68887e2799241fe3750d08139277e3b10a5eaf69906d64ac861cbaef34ff71
33046f3ce25fbe69f34146452f47d763efd56cf867a39bfb45e19a8ee3be6df0
3ad581d1623a2af4d58ed30c5dc142276657e6659971bac0e5eccd1f9fb9a790
3d8799c171813adffb4105be1ee07dfd2e7716ba4a5fdd8b785736285a3bf677
473feba11f89b4d197a2263ebb6567e53b75a969cff0679ccf50f6634fa3a4f5
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5691c4ca8973c2c7bff18d520aebe7e4d06e5e23640b7cab08072c6a032d4fa3
5b2ccd514e72bb567b44409dafa08244bc1b336bb9d8bdd54ea67736ab3ea2f2
5e67b35c40986744d4228beb73b2fbe3270b9bcb67907dc070fd2e31633d9664
6520fd5d1fb513ef7b6e91dbb7e3ee219d03ef4aa8277c86dea8abc00832d7cc
681a33d230441a97b097286ab1305d86179ef9d4c1a38df03a080cedc34be93d
74b171733955fda032fe5409c2a92a23667100709b037e86502eb2d35822f2b3
75bb660f0c38697ed9be3b33be8e5a24365708ee94922da9dd44875efc3776e0
82ef46b61b774897f08ac938355fb5779cdf93946ca514980034f61fd2e95d17
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
93947d4d034e55d486f35e96bb0ddabc138ac4d09adbac8662e7f07bdbba99dc
96666fc8046fd02b6a09e7787514b41696f8bf20462376d9aec550c2c6bc4152
9fa8c2bb49f0e9e391d87f70459663c0e3898f32d4506c81239151b9c0b870d6
a2108bb3f86caf930d09e8a85ae0eccf3a11a5d51296a620201e8a76a9b030c7
addbd0082697a941e7ae5798c7985b54c785fa90aa5f398dd35447b60eb7965d
aeaa9e7c8c70d2ce5431cfdf5387e4a96fd55ff14fadd4420cf7cfe6adf01aa1
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
affe4902222459204295a8a64a6d426cedbaf930ed079ca4fc23a773e40dbeb0
b4543e0a3b847b39a5caa7f37288ecf8719a547881d6d076ca8112f3d3c7940d
c1c8e2b295b74b33c30e95ddf899bf3ff14d361148ece04cc22ae916d1ff9edb
c4c229ac69ef1163058336a2cf218ff099e74d6d5339eade8b1ec466d44e1067
c5c553ada8936a3a89d422bb7b789c1f2aeec71612f1731311b39aae2bbf3243
cc3964c9f304b05b7afee116bdf415cb110c24fc678ad75a58271453ed090923
cc470627862ef6dea2e0eaf324eedf7689eb4bd2a14d0c13814750532a4d075d
cc560f009da2cf699fe2fb596dc1b1e0c13e713f5bb586be4c292b1650919178
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
dea442bc99d0164b4b8d5c8a4173990b2b1e798de9843cd593ff047425dcd2d8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7edf06d6436ec9420c26e56bd02ef5f5c93a9fb189ed16b1db402e57a0ea796
ebb3597f3a327fe00b7b1b766dd19e454e3f8b34ad5d45505439b42bf1c24d42
ec4272a9b86c0a4d029a4dde119f4725ee92afe8bc2e4b9144d491dbfb6de38b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b
f1e572871055c1d0e152936f664d5fb075f505b99b412a4776f65a7abe80b505
f7c7169d76762b90233de7fd13d0ced8a51a563904508fd01c21a897f5c405c2