urlscan.io logo urlscan.io
SecurityTrails logo

www.tut.by Open in urlscan Pro
2a0a:7d80::b  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.tut.by/
Submission: On March 11 via manual from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 42 IPs in 7 countries across 33 domains to perform 218 HTTP transactions. The main IP is 2a0a:7d80::b, located in Minsk, Belarus and belongs to BELPAK-AS BELPAK, BY. The main domain is www.tut.by.
This is the only time www.tut.by was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 2a0a:7d80::b 6697 (BELPAK-AS...)
9 2a02:6b8:20::215 13238 (YANDEX)
17 2a0a:7d80::c:2:0 6697 (BELPAK-AS...)
12 2a00:1450:400... 15169 (GOOGLE)
37 2a03:90c0:41:... 199524 (GCORE)
4 2a0a:7d80::a 6697 (BELPAK-AS...)
1 93.125.48.149 6697 (BELPAK-AS...)
1 4 54.37.238.28 16276 (OVH)
1 2a02:6b8::16b 13238 (YANDEX)
6 2a02:6b8::90 13238 (YANDEX)
1 195.209.111.20 52007 (ADRIVER-AS)
6 172.217.18.98 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 15 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
16 2a00:1450:400... 15169 (GOOGLE)
3 2a02:6b8::184 13238 (YANDEX)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a04:4e42:400... 54113 (FASTLY)
1 2a02:6b8::2:158 13238 (YANDEX)
1 2a00:1450:400... 15169 (GOOGLE)
2 18 2a02:6b8::1:119 13238 (YANDEX)
1 93.186.225.208 47541 (VKONTAKTE...)
2 2a03:2880:f02... 32934 (FACEBOOK)
3 93.125.48.34 6697 (BELPAK-AS...)
1 142.250.185.194 15169 (GOOGLE)
4 2a03:2880:f12... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a02:6b8::5:114 13238 (YANDEX)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 7 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2620:116:800d... 16509 (AMAZON-02)
1 1 18.195.77.165 16509 (AMAZON-02)
2 10 172.217.16.130 15169 (GOOGLE)
2 2 52.39.207.175 16509 (AMAZON-02)
2 2 35.227.252.103 15169 (GOOGLE)
2 2 185.64.190.78 62713 (AS-PUBMATIC)
1 1 69.173.144.138 26667 (RUBICONPR...)
2 2 184.30.20.241 16625 (AKAMAI-AS)
2 77.88.21.179 13238 (YANDEX)
1 2a02:6b8:a::a 13238 (YANDEX)
6 2a00:1450:400... 15169 (GOOGLE)
218 42
13    2a0a:7d80::b (Minsk, Belarus)

ASN6697 (BELPAK-AS BELPAK, BY)
www.tut.by
img.afisha.tut.by
img.tyt.by
9    2a02:6b8:20::215 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
yastatic.net
17    2a0a:7d80::c:2:0 (Minsk, Belarus)

ASN6697 (BELPAK-AS BELPAK, BY)
s1r.tut.by
bugaga.tut.by
c1hit.tut.by
c2hit.tut.by
12    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
pagead2.googlesyndication.com
37    2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)
tutby.gcdn.co
4    2a0a:7d80::a (Minsk, Belarus)

ASN6697 (BELPAK-AS BELPAK, BY)
img.tam.by
news.tut.by
www.tut.by
1    93.125.48.149 (Belarus)

ASN6697 (BELPAK-AS BELPAK, BY)
api.rabota.by
4    54.37.238.28 (France)

ASN16276 (OVH, FR)
PTR: ip28.ip-54-37-238.eu
gaby1.hit.gemius.pl
1    2a02:6b8::16b (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
matchid.adfox.yandex.ru
6    2a02:6b8::90 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
an.yandex.ru
1    195.209.111.20 (Russian Federation)

ASN52007 (ADRIVER-AS, RU)
expert-pb.adriver.ru
6    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
15    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
adservice.google.de
googleads.g.doubleclick.net
1    2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
93ebfc16cb32d39b0b1843be3bc18155.safeframe.googlesyndication.com
16    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
cdn.ampproject.org
3    2a02:6b8::184 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
avatars.mds.yandex.net
1    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a04:4e42:400::621 (United States)

ASN54113 (FASTLY, US)
polyfill.io
1    2a02:6b8::2:158 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
banners.adfox.ru
1    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
18    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
1    93.186.225.208 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU)
vk.com
2    2a03:2880:f02d:12:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    93.125.48.34 (Belarus)

ASN6697 (BELPAK-AS BELPAK, BY)
PTR: 93-125-48-34.hoster.by
ad.tam.by
1    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
partner.googleadservices.com
4    2a03:2880:f12d:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.com
5    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.de
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
1    2a02:6b8::5:114 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
ysa-static.passport.yandex.ru
5    2a00:1450:400a:801::2003 (Zurich, Switzerland)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
fonts.gstatic.com
1    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn0.gstatic.com
1    2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    18.195.77.165 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-77-165.eu-central-1.compute.amazonaws.com
d.agkn.com
10    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
cm.g.doubleclick.net
www.googleadservices.com
2    52.39.207.175 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-39-207-175.us-west-2.compute.amazonaws.com
e.dlx.addthis.com
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    184.30.20.241 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-241.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
2    77.88.21.179 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: adfox-external-l3-engine.stable.qloud-b.yandex.net
ads.adfox.ru
1    2a02:6b8:a::a (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
yandex.ru
6    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
Apex Domain
Subdomains		 Transfer
37 gcdn.co
tutby.gcdn.co
2 MB
31 tut.by
www.tut.by
s1r.tut.by
bugaga.tut.by
c1hit.tut.by
c2hit.tut.by
img.afisha.tut.by
news.tut.by
529 KB
27 yandex.ru
matchid.adfox.yandex.ru
an.yandex.ru
mc.yandex.ru
ysa-static.passport.yandex.ru
yandex.ru
221 KB
24 doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
191 KB
21 googlesyndication.com
93ebfc16cb32d39b0b1843be3bc18155.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
228 KB
12 gstatic.com
csi.gstatic.com
www.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn0.gstatic.com
fonts.gstatic.com
153 KB
12 google.com
adservice.google.com
www.google.com
ampcid.google.com
3 KB
10 google.de
adservice.google.de
ampcid.google.de
www.google.de
3 KB
9 yastatic.net
yastatic.net
321 KB
5 ampproject.org
cdn.ampproject.org
99 KB
4 facebook.com
www.facebook.com
942 B
4 googleadservices.com
partner.googleadservices.com
www.googleadservices.com
14 KB
4 gemius.pl
gaby1.hit.gemius.pl
12 KB
4 tam.by
img.tam.by
ad.tam.by
34 KB
3 adfox.ru
banners.adfox.ru
ads.adfox.ru
54 KB
3 yandex.net
avatars.mds.yandex.net
77 KB
3 googletagservices.com
www.googletagservices.com
81 KB
2 casalemedia.com
ssum-sec.casalemedia.com
2 KB
2 pubmatic.com
image6.pubmatic.com
2 KB
2 openx.net
rtb.openx.net
763 B
2 addthis.com
e.dlx.addthis.com
2 KB
2 facebook.net
connect.facebook.net
94 KB
2 tyt.by
img.tyt.by
5 KB
1 rubiconproject.com
pixel.rubiconproject.com
457 B
1 agkn.com
d.agkn.com
663 B
1 quantserve.com
cms.quantserve.com
464 B
1 googleapis.com
fonts.googleapis.com
627 B
1 google-analytics.com
www.google-analytics.com
19 KB
1 vk.com
vk.com
446 B
1 polyfill.io
polyfill.io
613 B
1 cloudflare.com
cdnjs.cloudflare.com
4 KB
1 adriver.ru
expert-pb.adriver.ru
297 B
1 rabota.by
api.rabota.by
1 KB
218 33
Domain Requested by
37 tutby.gcdn.co www.tut.by
18 mc.yandex.ru 2 redirects www.tut.by
an.yandex.ru
mc.yandex.ru
yastatic.net
11 googleads.g.doubleclick.net 2 redirects pagead2.googlesyndication.com
www.tut.by
googleads.g.doubleclick.net
www.googleadservices.com
11 tpc.googlesyndication.com securepubads.g.doubleclick.net
www.tut.by
googleads.g.doubleclick.net
tpc.googlesyndication.com
11 www.tut.by www.tut.by
10 c2hit.tut.by www.tut.by
9 pagead2.googlesyndication.com yastatic.net
pagead2.googlesyndication.com
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
9 yastatic.net www.tut.by
yastatic.net
an.yandex.ru
8 www.google.com 3 redirects googleads.g.doubleclick.net
7 cm.g.doubleclick.net googleads.g.doubleclick.net
6 www.google.de
6 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.tut.by
googleads.g.doubleclick.net
6 an.yandex.ru yastatic.net
5 csi.gstatic.com cdn.ampproject.org
securepubads.g.doubleclick.net
5 cdn.ampproject.org securepubads.g.doubleclick.net
4 www.facebook.com www.tut.by
connect.facebook.net
4 gaby1.hit.gemius.pl 1 redirects www.tut.by
gaby1.hit.gemius.pl
4 bugaga.tut.by www.tut.by
3 www.googleadservices.com 2 redirects yastatic.net
3 encrypted-tbn2.gstatic.com googleads.g.doubleclick.net
3 ad.tam.by www.tut.by
ad.tam.by
3 avatars.mds.yandex.net www.tut.by
3 adservice.google.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
3 adservice.google.de securepubads.g.doubleclick.net
pagead2.googlesyndication.com
3 www.googletagservices.com www.tut.by
pagead2.googlesyndication.com
googleads.g.doubleclick.net
2 ads.adfox.ru
2 ssum-sec.casalemedia.com 2 redirects
2 image6.pubmatic.com 2 redirects
2 rtb.openx.net 2 redirects
2 e.dlx.addthis.com 2 redirects
2 connect.facebook.net www.tut.by
connect.facebook.net
2 news.tut.by www.tut.by
2 img.tyt.by www.tut.by
2 s1r.tut.by www.tut.by
1 yandex.ru yastatic.net
1 fonts.gstatic.com fonts.googleapis.com
1 pixel.rubiconproject.com 1 redirects
1 d.agkn.com 1 redirects
1 cms.quantserve.com googleads.g.doubleclick.net
1 encrypted-tbn0.gstatic.com googleads.g.doubleclick.net
1 encrypted-tbn1.gstatic.com googleads.g.doubleclick.net
1 www.gstatic.com googleads.g.doubleclick.net
1 fonts.googleapis.com googleads.g.doubleclick.net
1 ysa-static.passport.yandex.ru www.tut.by
1 ampcid.google.de www.google-analytics.com
1 ampcid.google.com www.google-analytics.com
1 www.google-analytics.com www.tut.by
1 partner.googleadservices.com pagead2.googlesyndication.com
1 vk.com www.tut.by
1 banners.adfox.ru yastatic.net
1 polyfill.io yastatic.net
1 cdnjs.cloudflare.com yastatic.net
1 img.afisha.tut.by www.tut.by
1 c1hit.tut.by www.tut.by
1 93ebfc16cb32d39b0b1843be3bc18155.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 expert-pb.adriver.ru bugaga.tut.by
1 matchid.adfox.yandex.ru yastatic.net
1 api.rabota.by www.tut.by
1 img.tam.by www.tut.by
218 59
Subject Issuer Validity Valid
*.tut.by
RapidSSL RSA CA 2018		 2020-01-22 -
2021-04-22		 a year crt.sh
*.yastatic.net
Yandex CA		 2021-03-03 -
2021-09-01		 6 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.gcdn.co
DigiCert SHA2 Secure Server CA		 2020-05-12 -
2022-07-27		 2 years crt.sh
img.tam.by
R3		 2021-01-11 -
2021-04-11		 3 months crt.sh
*.rabota.by
GeoTrust RSA CA 2018		 2021-02-19 -
2022-02-23		 a year crt.sh
*.hit.gemius.pl
Sectigo ECC Domain Validation Secure Server CA		 2019-09-11 -
2021-09-24		 2 years crt.sh
matchid.adfox.yandex.ru
Yandex CA		 2020-09-29 -
2021-03-24		 6 months crt.sh
bs.yandex.ru
Yandex CA		 2020-12-17 -
2021-06-17		 6 months crt.sh
*.adriver.ru
RapidSSL RSA CA 2018		 2020-04-03 -
2022-04-24		 2 years crt.sh
*.google.de
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
img.afisha.tut.by
R3		 2021-02-03 -
2021-05-04		 3 months crt.sh
*.avatars.mds.yandex.net
Yandex CA		 2020-09-29 -
2021-03-30		 6 months crt.sh
img.tyt.by
R3		 2021-01-11 -
2021-04-11		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-10-21 -
2021-10-20		 a year crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2021-03-09 -
2021-04-17		 a month crt.sh
*.games.s3.yandex.net
Yandex CA		 2020-09-29 -
2021-03-30		 6 months crt.sh
mc.yandex.ru
Yandex CA		 2021-02-27 -
2021-08-09		 5 months crt.sh
*.vk.com
GlobalSign Organization Validation CA - SHA256 - G2		 2020-06-09 -
2022-06-10		 2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-02-10 -
2021-05-10		 3 months crt.sh
*.tam.by
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2020-12-24 -
2022-01-14		 a year crt.sh
*.googleadservices.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
misc-sni.google.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
ysa-static.passport.yandex.net
Yandex CA		 2020-09-30 -
2021-03-31		 6 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
*.adfox.ru
Yandex CA		 2021-02-26 -
2021-08-08		 5 months crt.sh
*.xn--d1acpjx3f.xn--p1ai
Yandex CA		 2020-10-01 -
2021-04-01		 6 months crt.sh
www.google.de
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh

This page contains 11 frames:

Primary Page: http://www.tut.by/
Frame ID: 1EA48F6C4EA8F55D0172FFCFC580E36D
Requests: 149 HTTP requests in this frame

Frame: https://www.tut.by/api/store.html
Frame ID: A7BFC75EEF06F28E747F63CBC5F4E967
Requests: 1 HTTP requests in this frame

Frame: https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.7.0/animate.min.css
Frame ID: 6E80239E08C8CA689EF0FA57CF8B1BC9
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210309/r20190131/zrt_lookup.html
Frame ID: B81E464DC908E2730F726E023EAC7BF2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4262459596704413&output=html&h=253&slotname=2783279852&adk=1045486368&adf=4037928039&pi=t.ma~as.2783279852&w=300&lmt=1615451692&rafmt=11&psa=0&format=300x253&url=http%3A%2F%2Fwww.tut.by%2F&flash=0&wgl=1&dt=1615451692710&bpp=10&bdt=2681&idt=108&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1323417b6a2f9b9c-22cd222cc0ba0009%3AT%3D1615451692%3AS%3DALNI_MZxt7utreoYvhdp9pzQVYaL-BLHSA&correlator=6964909445216&rume=1&frm=20&pv=2&ga_vid=1319103873.1615451692&ga_sid=1615451692&ga_hid=1104419952&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1180&ady=3740&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21066431%2C21066923%2C21068084%2C21068786%2C21066613%2C21066614%2C21067088&oid=3&pvsid=2883581063428105&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CoeEbr%7C&abl=NS&pfx=0&fu=8320&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Y6GozkO40i&p=http%3A//www.tut.by&dtd=124
Frame ID: 6C7DB9DCB339F100C95FDD920C2729A3
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4262459596704413&output=html&adk=1812271804&adf=3025194257&lmt=1615451692&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.tut.by%2F&ea=0&flash=0&pra=7&wgl=1&dt=1615451692779&bpp=2&bdt=2751&idt=134&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1323417b6a2f9b9c-22cd222cc0ba0009%3AT%3D1615451692%3AS%3DALNI_MZxt7utreoYvhdp9pzQVYaL-BLHSA&prev_fmts=300x253&nras=1&correlator=6964909445216&rume=1&frm=20&pv=1&ga_vid=1319103873.1615451692&ga_sid=1615451692&ga_hid=1104419952&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21066431%2C21066923%2C21068084%2C21068786%2C21066613%2C21066614%2C21067088&oid=3&pvsid=2883581063428105&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=4&uci=a!4&fsb=1&dtd=142
Frame ID: DEB5EA46B5B2BDF4B672AE815CD317A7
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Frame ID: 38F68009A4F3C95D48BD1D4C5F298812
Requests: 13 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.80/1-1-0/render.html
Frame ID: 0D760308C9D63C7BE17670363885465C
Requests: 23 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 74863087064ACB7AF681195CE0E1BE99
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KT7npM2pC4VPAEc6AEIcwWkjK4LR7Yu_WhYO7ltjsYQ.js
Frame ID: 6DF83CE8352520F82AA378ADE8658465
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: C2F6735EDECFDBEE09320D0CD9455FBB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /tracker\.js/i
Overall confidence: 100%
Detected patterns
  • script /https?:\/\/an\.yandex\.ru\//i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Overall confidence: %
Detected patterns
  • script /hit\.gemius\.pl\/xgemius\.js/i
  • script /hit\.gemius\.pl/i
  • script /xgemius\.js/i

Page Statistics

218
Requests

98 %
HTTPS

69 %
IPv6

33
Domains

59
Subdomains

42
IPs

7
Countries

4055 kB
Transfer

8070 kB
Size

18
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35
  • https://gaby1.hit.gemius.pl/_1615451692131/rexdot.js?l=100&id=ApuaduN8tygYeYEDIglPDJYUPzNpmG_wR5t8sIdtU4L.B7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=http%3A%2F%2Fwww.tut.by%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=4unKG4pwcqWk3YvN9Wa_6ngcVnE0mrW4RAZCNXNSYQ..K7&vis=1 HTTP 301
  • https://gaby1.hit.gemius.pl/__/_1615451692131/rexdot.js?l=100&id=ApuaduN8tygYeYEDIglPDJYUPzNpmG_wR5t8sIdtU4L.B7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=http%3A%2F%2Fwww.tut.by%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=4unKG4pwcqWk3YvN9Wa_6ngcVnE0mrW4RAZCNXNSYQ..K7&vis=1
Request Chain 143
  • https://mc.yandex.ru/watch/46086984?wmode=7&page-url=http%3A%2F%2Fwww.tut.by%2F&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1d7r6afuymvj624d%3Afp%3A2314%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A451%3Acn%3A1%3Adp%3A0%3Als%3A652349869043%3Ahid%3A109910971%3Az%3A60%3Ai%3A20210311093453%3Aet%3A1615451693%3Ac%3A1%3Arn%3A462353930%3Au%3A1615451693671730666%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1615451689878%3Awv%3A2%3Ads%3A5%2C33%2C109%2C66%2C0%2C0%2C%2C2744%2C8%2C%2C%2C%2C2895%3Adsn%3A6%2C32%2C109%2C65%2C0%2C0%2C%2C2681%2C9%2C%2C%2C%2C2895%3Arqnl%3A1%3Ati%3A2%3Ast%3A1615451693%3At%3A%D0%91%D0%B5%D0%BB%D0%BE%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20TUT.BY.%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%D0%B8%20%D0%BC%D0%B8%D1%80%D0%B0 HTTP 302
  • https://mc.yandex.ru/watch/46086984/1?wmode=7&page-url=http%3A%2F%2Fwww.tut.by%2F&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1d7r6afuymvj624d%3Afp%3A2314%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A451%3Acn%3A1%3Adp%3A0%3Als%3A652349869043%3Ahid%3A109910971%3Az%3A60%3Ai%3A20210311093453%3Aet%3A1615451693%3Ac%3A1%3Arn%3A462353930%3Au%3A1615451693671730666%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1615451689878%3Awv%3A2%3Ads%3A5%2C33%2C109%2C66%2C0%2C0%2C%2C2744%2C8%2C%2C%2C%2C2895%3Adsn%3A6%2C32%2C109%2C65%2C0%2C0%2C%2C2681%2C9%2C%2C%2C%2C2895%3Arqnl%3A1%3Ati%3A2%3Ast%3A1615451693%3At%3A%D0%91%D0%B5%D0%BB%D0%BE%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20TUT.BY.%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%D0%B8%20%D0%BC%D0%B8%D1%80%D0%B0
Request Chain 144
  • https://mc.yandex.ru/watch/17863687?wmode=7&page-url=http%3A%2F%2Fwww.tut.by%2F&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1d7r6afuymvj624d%3Afp%3A2314%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A451%3Acn%3A2%3Adp%3A0%3Als%3A103703039246%3Ahid%3A109910971%3Az%3A60%3Ai%3A20210311093453%3Aet%3A1615451693%3Ac%3A1%3Arn%3A506485657%3Au%3A1615451693923476314%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1615451689878%3Awv%3A2%3Ads%3A5%2C33%2C109%2C66%2C0%2C0%2C%2C2744%2C8%2C%2C%2C%2C2895%3Adsn%3A6%2C32%2C109%2C65%2C0%2C0%2C%2C2681%2C9%2C%2C%2C%2C2895%3Arqnl%3A1%3Ati%3A2%3Ast%3A1615451693%3At%3A%D0%91%D0%B5%D0%BB%D0%BE%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20TUT.BY.%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%D0%B8%20%D0%BC%D0%B8%D1%80%D0%B0 HTTP 302
  • https://mc.yandex.ru/watch/17863687/1?wmode=7&page-url=http%3A%2F%2Fwww.tut.by%2F&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1d7r6afuymvj624d%3Afp%3A2314%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A451%3Acn%3A2%3Adp%3A0%3Als%3A103703039246%3Ahid%3A109910971%3Az%3A60%3Ai%3A20210311093453%3Aet%3A1615451693%3Ac%3A1%3Arn%3A506485657%3Au%3A1615451693923476314%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1615451689878%3Awv%3A2%3Ads%3A5%2C33%2C109%2C66%2C0%2C0%2C%2C2744%2C8%2C%2C%2C%2C2895%3Adsn%3A6%2C32%2C109%2C65%2C0%2C0%2C%2C2681%2C9%2C%2C%2C%2C2895%3Arqnl%3A1%3Ati%3A2%3Ast%3A1615451693%3At%3A%D0%91%D0%B5%D0%BB%D0%BE%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20TUT.BY.%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%D0%B8%20%D0%BC%D0%B8%D1%80%D0%B0
Request Chain 145
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 178
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEJoPdv4b7GwH6ww-WkuuxFc&google_cver=1&google_push=AQvitUK5glehmAZv7aWqjMbLDtkHAp6R1N6iGSOLFQ65SgZVKLK5-tP71b6mRQlwZVUqU_-kbnrxUe_3ooPlHZY4z_iZqatuWeJm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=akneustar_dmp&google_cm&google_hm=Q0FFU0VKb1BkdjRiN0d3SDZ3dy1Xa3V1eEZj
Request Chain 179
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUKYz4e90hxiSDVfu7Can9MJnXj-yjVkYvJTrHWWe9tvkzvJRQl4gJ_EXaJe0nq0zJuNLj31S98ALnQlnpfkBJ8WwpctOxrC&google_gid=CAESEBiLr9pl7ogB51Tl7XJEToE&google_cver=1 HTTP 302
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUKYz4e90hxiSDVfu7Can9MJnXj-yjVkYvJTrHWWe9tvkzvJRQl4gJ_EXaJe0nq0zJuNLj31S98ALnQlnpfkBJ8WwpctOxrC&google_gid=CAESEBiLr9pl7ogB51Tl7XJEToE&google_cver=1&rd=Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMTEwODM0NTQ1MzY4MDUxNDYyMjM4NQ%3D%3D&google_push=AQvitUKYz4e90hxiSDVfu7Can9MJnXj-yjVkYvJTrHWWe9tvkzvJRQl4gJ_EXaJe0nq0zJuNLj31S98ALnQlnpfkBJ8WwpctOxrC
Request Chain 180
  • https://rtb.openx.net/sync/dds?google_gid=CAESEGsOTAkov5Toj29k2_kCBro&google_cver=1&google_push=AQvitUKGOsr6b9VO-Od-moo7IquBxO6zlr74RffMFqY0zGfXvU5C99nXh4QXmL2yiWRw2eEY4k5lydF86SRzfnxYVxmT_t3_et7M HTTP 302
  • https://rtb.openx.net/sync/dds?google_gid=CAESEGsOTAkov5Toj29k2_kCBro&google_cver=1&google_push=AQvitUKGOsr6b9VO-Od-moo7IquBxO6zlr74RffMFqY0zGfXvU5C99nXh4QXmL2yiWRw2eEY4k5lydF86SRzfnxYVxmT_t3_et7M&ox_sc=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKGOsr6b9VO-Od-moo7IquBxO6zlr74RffMFqY0zGfXvU5C99nXh4QXmL2yiWRw2eEY4k5lydF86SRzfnxYVxmT_t3_et7M&google_hm=fvUDP4BCwS0oGqYqjeODXg==
Request Chain 181
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEF2UubdSeLKnMLPwr136cvk&google_cver=1&google_push=AQvitUK0SKumcj7fKOybes0Td9YHaW0-LXE2wsz-Zh9M4jd0t1QRgxhd4_y5wPQ_Cy71YvQchgexSSWo1WXXpG4IPd1Q1UEEa2Vc HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEF2UubdSeLKnMLPwr136cvk&google_cver=1&google_push=AQvitUK0SKumcj7fKOybes0Td9YHaW0-LXE2wsz-Zh9M4jd0t1QRgxhd4_y5wPQ_Cy71YvQchgexSSWo1WXXpG4IPd1Q1UEEa2Vc&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=EvFyAOaUQYmGiFHgDHxJCA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUK0SKumcj7fKOybes0Td9YHaW0-LXE2wsz-Zh9M4jd0t1QRgxhd4_y5wPQ_Cy71YvQchgexSSWo1WXXpG4IPd1Q1UEEa2Vc
Request Chain 182
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECuWVfNt5n9aqACKDzM6xgM&google_cver=1&google_push=AQvitULSFx-VQpD0NBdXfUhK0P42BV1L0XY3Kg9TRDaGHeesoKrCwWG1BlgTnUDaOLDyB6LqWB_B9nGsQtrxBt41Y6uw5Aie4QLo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S000TTg4RlctUC03MlJY&google_push=AQvitULSFx-VQpD0NBdXfUhK0P42BV1L0XY3Kg9TRDaGHeesoKrCwWG1BlgTnUDaOLDyB6LqWB_B9nGsQtrxBt41Y6uw5Aie4QLo
Request Chain 183
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEGblvhZ2LfteHSX8CUuz50&google_cver=1&google_push=AQvitUKDzASIsmfaMJPFpwYKjsEr3cO-je0u9WYqJlZP42nTQDaElZ99yXEWIuYWyHFQWZzTRQWTLn4CgR2cwr6QDhpA_HyfgdIS HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEGblvhZ2LfteHSX8CUuz50&google_cver=1&google_push=AQvitUKDzASIsmfaMJPFpwYKjsEr3cO-je0u9WYqJlZP42nTQDaElZ99yXEWIuYWyHFQWZzTRQWTLn4CgR2cwr6QDhpA_HyfgdIS&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YEnWLV9FenTlgZLP0FOHHwAABGYAAAAB&google_push=AQvitUKDzASIsmfaMJPFpwYKjsEr3cO-je0u9WYqJlZP42nTQDaElZ99yXEWIuYWyHFQWZzTRQWTLn4CgR2cwr6QDhpA_HyfgdIS&google_cver=1&google_gid=CAESEEGblvhZ2LfteHSX8CUuz50
Request Chain 205
  • https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=L9ZJYPedENjSgQf0-6GgCw&random=2138917056&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2138917056&crd=&is_vtc=1&random=4248839681 HTTP 302
  • https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2138917056&crd=&is_vtc=1&random=4248839681&ipr=y
Request Chain 206
  • https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=L9ZJYKGdEPuBx_AP3MyCwAE&random=79956307&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=79956307&crd=&is_vtc=1&random=3174817141 HTTP 302
  • https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=79956307&crd=&is_vtc=1&random=3174817141&ipr=y

218 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
www.tut.by/ 		236 KB
49 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.tut.by/
Protocol
HTTP/1.1
Server
2a0a:7d80::b Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software
nginx /
Resource Hash
bd192b151a60c727e65e0457581cd174517470b015bb67ec44488dfa1ee9a960
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=15768000

Request headers

Host
www.tut.by
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx
Date
Thu, 11 Mar 2021 08:34:50 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
close
Vary
Accept-Encoding Accept-Encoding Cookie, Accept-Language
Set-Cookie
__utsid=a4cf3480-8244-11eb-9d70-0cc47ac956c1; Expires=Thu, 11-Mar-21 09:04:49 GMT; Max-Age=1800; Domain=.tut.by; Path=/; Secure; SameSite=None __uruid=bwtvypwk-8m1vg6rl-a31ri958-42w4olvi-cjcsep8u; Expires=Fri, 11-Mar-2022 11:34:49 +03; Max-Age=31535995; Path=/; Domain=.tut.by; SameSite=None; Secure
Strict-Transport-Security
max-age=15768000
Referrer-Policy
unsafe-url
Content-Security-Policy
upgrade-insecure-requests
Content-Encoding
gzip
v5.2.4~r29646.css
www.tut.by/css/by5/ 		344 KB
42 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.tut.by/css/by5/v5.2.4~r29646.css?M2YwMWNxMjNlNTN0kTNkdDOjNmM3cDZ5cjZkBDZ0ADZ
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a0a:7d80::b Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software
nginx /
Resource Hash
2e3d37d8c591a57edc33ae51b69322398e8fd661abc593b58ea076a6ca3dc668
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:50 GMT
content-encoding
gzip
referrer-policy
unsafe-url
server
nginx
etag
W/"6048dd5e-55cf0"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
cache-control
max-age=432000
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=15768000
expires
Tue, 16 Mar 2021 08:34:50 GMT
jquery-2.2.4~modernizr~bootstrap~jquery.touchSwipe~bootstrap-ext~core~v4~ext~topbar~search~auth~resource~hint~geo~geo-ext~tut_ads~handlebars~r29644.js
www.tut.by/scripts/by4/ 		1 MB
354 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tut.by/scripts/by4/jquery-2.2.4~modernizr~bootstrap~jquery.touchSwipe~bootstrap-ext~core~v4~ext~topbar~search~auth~resource~hint~geo~geo-ext~tut_ads~handlebars~r29644.js
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a0a:7d80::b Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software
nginx /
Resource Hash
bde058da7fb6299afb029760feb2b457daa2e334d650989110bcae95e758bdda
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:50 GMT
content-encoding
gzip
referrer-policy
unsafe-url
last-modified
Wed, 10 Mar 2021 14:52:17 GMT
server
nginx
etag
W/"6048dd21-104604"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf8
cache-control
max-age=432000
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=15768000
expires
Tue, 16 Mar 2021 08:34:50 GMT
loader.js
yastatic.net/pcode/adfox/ 		181 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/pcode/adfox/loader.js
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
e71b547e5aeb68c09efa99a45eb970459fb64a1a888656ff5bd4557446ec63f2
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Origin
http://www.tut.by
Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:50 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
41642
last-modified
Wed, 03 Mar 2021 15:22:05 GMT
server
nginx/1.17.9
etag
"02836a52560f9815ef98a7b63a594ed4"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 Mar 2021 09:32:49 GMT
api
s1r.tut.by/ 		96 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1r.tut.by/api?rev=r0~r2375~r0~r0
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a0a:7d80::c:2:0 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software
nginx /
Resource Hash
31697d4d66425d89d7fd18d49398d684e70656568ed4ecc64761840f7b4e2724

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:50 GMT
content-encoding
gzip
last-modified
Fri, 10 May 2019 13:17:30 GMT
server
nginx
etag
W/"5cd579ea-1805c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf8
cache-control
max-age=600
x-robots-tag
noindex, nofollow
expires
Thu, 11 Mar 2021 08:44:50 GMT
prebid.js
bugaga.tut.by/attachments/52523/ 		72 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bugaga.tut.by/attachments/52523/prebid.js
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a0a:7d80::c:2:0 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software
nginx /
Resource Hash
81bcfc12dba18088d6d409a998a70a3f47da9e4580ef3b371da0d77f1638083b

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:50 GMT
content-encoding
gzip
last-modified
Sat, 22 Dec 2018 13:23:35 GMT
server
nginx
etag
W/"5c1e3ad7-11ed9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf8
access-control-allow-origin
*
cache-control
max-age=432000
expires
Tue, 16 Mar 2021 08:34:50 GMT
gpt.js
www.googletagservices.com/tag/js/ 		58 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e856c3ed40b2d47b65889016d55572828c52353f70a856ef2bcd25950d4059e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"808 / 759 of 1000 / last-modified: 1615418075"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19887
x-xss-protection
0
expires
Thu, 11 Mar 2021 08:34:50 GMT
1px.gif
s1r.tut.by/ 		43 B
207 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1r.tut.by/1px.gif
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a0a:7d80::c:2:0 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:50 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
content-type
image/gif
cache-control
max-age=5184000
x-robots-tag
noindex, nofollow
content-length
43
expires
Mon, 10 May 2021 08:34:50 GMT
6.png
tutby.gcdn.co/i/by5/weather/d/ 		538 B
782 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tutby.gcdn.co/i/by5/weather/d/6.png
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
30d51cc114c1a5dfe8c5cc2a31b3b46217e4e4aecc8035fe402ab7cf8d9889c2
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id
fr5-up-gc38
date
Thu, 11 Mar 2021 08:34:50 GMT
last-modified
Mon, 05 Feb 2018 08:37:50 GMT
server
nginx
etag
"5a7817de-21a"
strict-transport-security
max-age=15768000
x-cached-since
2021-03-08T12:59:29+00:00
content-type
image/png
cache-control
max-age=1209600
cache
HIT
accept-ranges
bytes
content-length
538
x-vhost-ver
14330921091485934966
expires
Mon, 22 Mar 2021 12:59:29 GMT
tr.gif
tutby.gcdn.co/i/ 		43 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tutby.gcdn.co/i/tr.gif
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=86400;

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id
fr5-up-gc38
date
Thu, 11 Mar 2021 08:34:50 GMT
last-modified
Mon, 05 Feb 2018 08:37:44 GMT
server
nginx
etag
"5a7817d8-2b"
strict-transport-security
max-age=86400;
x-cached-since
2021-03-09T12:08:25+00:00
content-type
image/gif
cache-control
max-age=1209600
cache
HIT
accept-ranges
bytes
content-length
43
x-vhost-ver
14330921091485934966
expires
Thu, 19 Nov 2020 10:41:55 GMT
style.css
bugaga.tut.by/attachments/40201// 		396 B
591 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bugaga.tut.by/attachments/40201//style.css?erwr=1
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a0a:7d80::c:2:0 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software
nginx /
Resource Hash
62b830a36415befe8347a44998a4fdef7d71a3d1504c16a5df9779efb5f5586c

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:50 GMT
last-modified
Fri, 23 Nov 2018 08:06:51 GMT
server
nginx
etag
"5bf7b51b-18c"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=432000
accept-ranges
bytes
content-length
396
expires
Tue, 16 Mar 2021 08:34:50 GMT
davlenie_title_logo_1x_rus.png
tutby.gcdn.co/n/it/kartinki_logo/0b/8/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tutby.gcdn.co/n/it/kartinki_logo/0b/8/davlenie_title_logo_1x_rus.png
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
fc14fac6d4596a5b19bd83e92dbf5a3f9b8685fbd65413c4c29a9d0a7fea2463
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id
fr5-up-gc38
date
Thu, 11 Mar 2021 08:34:50 GMT
last-modified
Thu, 03 Sep 2020 20:08:58 GMT
server
nginx
etag
"5f514d5a-16a969"
strict-transport-security
max-age=15768000
x-cached-since
2021-03-09T14:43:19+00:00
content-type
image/png
cache-control
max-age=1209600
cache
HIT
accept-ranges
bytes
content-length
1485161
x-vhost-ver
14330921091485934966
expires
Mon, 18 Jan 2021 13:02:10 GMT
53477_1.png
bugaga.tut.by/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bugaga.tut.by/53477_1.png
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a0a:7d80::c:2:0 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software
nginx /
Resource Hash
daaed978fa526a1ebc670771ec5b53e614bc4ff5c1fa6d4e92293dec62e45222

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:50 GMT
last-modified
Thu, 11 Apr 2019 07:43:21 GMT
server
nginx
etag
"5caef019-10c9"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=432000
accept-ranges
bytes
content-length
4297
expires
Tue, 16 Mar 2021 08:34:50 GMT
logo-tam.png
tutby.gcdn.co/i/by5/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tutby.gcdn.co/i/by5/logo-tam.png
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
77ccda026863a6feb42264c111a1f6c5b9b340bd6d53926c57fa2eab02935406
Security Headers
Name Value
Strict-Transport-Security max-age=86400;

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id
fr5-up-gc38
date
Thu, 11 Mar 2021 08:34:50 GMT
last-modified
Mon, 05 Feb 2018 08:37:49 GMT
server
nginx
etag
"5a7817dd-59a"
strict-transport-security
max-age=86400;
x-cached-since
2021-03-09T18:26:32+00:00
content-type
image/png
cache-control
max-age=1209600
cache
HIT
accept-ranges
bytes
content-length
1434
x-vhost-ver
14330921091485934966
expires
Thu, 19 Nov 2020 10:49:16 GMT
ec08afe77b648627650f450431695c38ebfd2a66-1.jpg
img.tam.by/420x280c/offers/0e/4/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.tam.by/420x280c/offers/0e/4/ec08afe77b648627650f450431695c38ebfd2a66-1.jpg
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a0a:7d80::a Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software
nginx /
Resource Hash
073b934e236a73cd305cb235b5fd9aa06109a5d30bc2e5ab6e4710c462a442e3

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:50 GMT
last-modified
Mon, 01 Mar 2021 09:00:10 GMT
server
nginx
etag
"603cad1a-4f62"
content-type
image/jpeg
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
20322
expires
Thu, 18 Mar 2021 08:34:50 GMT
icon-gift.png
tutby.gcdn.co/catalog/icons/ 		268 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tutby.gcdn.co/catalog/icons/icon-gift.png
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6f79476df3093af3ab73e5e938479c8e2158615b010f010bc9f2f1a504976356
Security Headers
Name Value
Strict-Transport-Security max-age=86400;

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id
fr5-up-gc38
date
Thu, 11 Mar 2021 08:34:50 GMT
last-modified
Tue, 16 Oct 2018 11:32:39 GMT
server
nginx
etag
"5bc5cc57-10c"
strict-transport-security
max-age=86400;
x-cached-since
2021-03-09T19:46:02+00:00
content-type
image/png
cache-control
max-age=1209600
cache
HIT
accept-ranges
bytes
content-length
268
x-vhost-ver
14330921091485934966
expires
Thu, 19 Nov 2020 10:49:16 GMT
suitable
api.rabota.by/widgets/vacancies/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.rabota.by/widgets/vacancies/suitable?area=1002
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.125.48.149 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
d79248a733f97b06080df1eeb8f0e08aa3fc1b278a5171dc770ed7d2bd5e58a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.16.1
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Location, ETag, Date, Expires, Cache-Control, Content-Type, X-Request-ID
cache-control
max-age=0, private, must-revalidate
x-request-id
161545169214848ad9d59ae921eb796b, 161545169214848ad9d59ae921eb796b
expires
Thu, 28 Jan 2021 08:34:52 GMT
jquery.touchSwipe~respond~r29644.js
www.tut.by/scripts/by4/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tut.by/scripts/by4/jquery.touchSwipe~respond~r29644.js
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a0a:7d80::b Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software
nginx /
Resource Hash
66903ba0ed680143be8fe40565b06d98628cca24e1b37df2440ed5f93ab29cb7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:50 GMT
content-encoding
gzip
referrer-policy
unsafe-url
last-modified
Wed, 10 Mar 2021 14:52:23 GMT
server
nginx
etag
W/"6048dd27-3cc3"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf8
cache-control
max-age=432000
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=15768000
expires
Tue, 16 Mar 2021 08:34:50 GMT
addon~r29644.js
www.tut.by/scripts/by5/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tut.by/scripts/by5/addon~r29644.js
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a0a:7d80::b Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software
nginx /
Resource Hash
1cee0ab34eeba9d55c5c321dc6f9616c85740fdbede1885439db172f950470c2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:50 GMT
content-encoding
gzip
referrer-policy
unsafe-url
last-modified
Wed, 10 Mar 2021 14:52:20 GMT
server
nginx
etag
W/"6048dd24-ae4"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf8
cache-control
max-age=432000
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=15768000
expires
Tue, 16 Mar 2021 08:34:50 GMT
ga~r29644.js
www.tut.by/scripts/BY/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tut.by/scripts/BY/ga~r29644.js
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a0a:7d80::b Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software
nginx /
Resource Hash
e6ffe1d73e3559a6412f6bff751376acab1ed13ecda054d3385f09425ffd5a59
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:50 GMT
content-encoding
gzip
referrer-policy
unsafe-url
last-modified
Wed, 10 Mar 2021 14:52:57 GMT
server
nginx
etag
W/"6048dd49-15c7"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf8
cache-control
max-age=432000
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=15768000
expires
Tue, 16 Mar 2021 08:34:50 GMT
app.js
www.tut.by/push/fe8daf4c-ea96-11e5-8de3-00215ae090fb/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tut.by/push/fe8daf4c-ea96-11e5-8de3-00215ae090fb/app.js?20201026
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a0a:7d80::b Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software
nginx /
Resource Hash
cac61a8963d3d8315a7ff0f3c304733fda887888b786d5fe88d89a65f428ae1e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:50 GMT
content-encoding
gzip
referrer-policy
unsafe-url
last-modified
Mon, 26 Oct 2020 14:11:11 GMT
server
nginx
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=3600
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=15768000
expires
Thu, 11 Mar 2021 09:34:50 GMT
13944_1px.png
bugaga.tut.by/ 		110 B
305 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bugaga.tut.by/13944_1px.png
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a0a:7d80::c:2:0 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software
nginx /
Resource Hash
6f064b11007507ecebb88b25c6b21a41e51189b079c5a30342c8dc8950019c0c

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:50 GMT
last-modified
Fri, 09 Oct 2015 14:49:05 GMT
server
nginx
etag
"5617d3e1-6e"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=432000
accept-ranges
bytes
content-length
110
expires
Tue, 16 Mar 2021 08:34:50 GMT
truncated
/ 		82 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		90 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		38 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		44 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
xgemius.js
gaby1.hit.gemius.pl/ 		39 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gaby1.hit.gemius.pl/xgemius.js
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS
ip28.ip-54-37-238.eu
Software
GHC /
Resource Hash
2a766aa00b1b9a69b1e3c59c5f65b0760616b0b83ad15309704d6b2e66b3e958

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:52 GMT
content-encoding
gzip
last-modified
Fri, 12 Feb 2021 13:31:51 GMT
server
GHC
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
max-age=43200
accept-ranges
none
content-type
application/x-javascript
content-length
10550
expires
Thu, 11 Mar 2021 20:34:52 GMT
getcookie
matchid.adfox.yandex.ru/ 		88 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://matchid.adfox.yandex.ru/getcookie
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::16b Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
bcdb44143efd34383d1f59e3212c34a9bd6c4c6d6838447a7343d674b1de0682
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
http://www.tut.by
date
Thu, 11 Mar 2021 08:34:50 GMT
access-control-allow-credentials
true
timing-allow-origin
*
content-length
88
x-content-type-options
nosniff
content-type
application/json
banners.js
yastatic.net/pcode-bundles/0.1.3044/ 		116 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/pcode-bundles/0.1.3044/banners.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
64b392ea06b8b0939cdeed93df8821268d535216bb141a03a8ccc2590682443c
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Origin
http://www.tut.by
Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:50 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
27591
last-modified
Wed, 03 Mar 2021 13:30:10 GMT
server
nginx/1.17.9
etag
"0733c815a868f40762c3829b05593233"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Mar 2051 15:09:37 GMT
context.js
an.yandex.ru/system/ 		127 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/system/context.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
fb7da801394365bcfafe34635417459d8e4dc21e9605e66d08c066b06fb74231
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
strict-transport-security
max-age=31536000
content-encoding
br
etag
2120326938
x-yandex-req-id
1615451690495046-810856126791997723600134-production-app-host-sas-pcode-85
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=3600
x-robots-tag
noindex, noarchive, nofollow
expires
Thu, 11 Mar 2021 09:34:50 GMT
bid.cgi
expert-pb.adriver.ru/cgi-bin/ 		0
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://expert-pb.adriver.ru/cgi-bin/bid.cgi
Requested by
Host: bugaga.tut.by
URL: https://bugaga.tut.by/attachments/52523/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.209.111.20 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
http://www.tut.by
Pragma
no-cache
Date
Thu, 11 Mar 2021 08:34:52 GMT
Cache-control
no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pubads_impl_2021030401.js
securepubads.g.doubleclick.net/gpt/ 		283 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
sffe /
Resource Hash
1b6ddd3072f67cdb7e9884779bddc6779ec3fcb66496f3276dc0eab78d842cce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Thu, 11 Mar 2021 08:34:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Mar 2021 09:38:04 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
101872
x-xss-protection
0
expires
Thu, 11 Mar 2021 08:34:52 GMT
decbbde402d9b8c41f14.js
yastatic.net/partner-code-bundles/14103/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/14103/decbbde402d9b8c41f14.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
236a0f5fc80b647e938ef60e0de4bd1975af4f829d6fb3e2156516dd90a79968
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Origin
http://www.tut.by
Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:50 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
4197
last-modified
Tue, 09 Mar 2021 15:58:27 GMT
server
nginx/1.17.9
etag
"8bb83a0d5a1d58d6eea6cb4f20581561"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Mar 2051 15:05:52 GMT
756e8666a783f8286d6e.js
yastatic.net/partner-code-bundles/14103/ 		391 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/14103/756e8666a783f8286d6e.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
c901e1f52e83dad6cf78978114ed54a23ebfd380684132db32d376798d977b40
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Origin
http://www.tut.by
Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:50 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
82775
last-modified
Tue, 09 Mar 2021 15:58:26 GMT
server
nginx/1.17.9
etag
"b0e0fdee7d0dbe6ab5e9a2ef66d76af7"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Mar 2051 15:05:52 GMT
4dc96bb98a51182f8971.js
yastatic.net/partner-code-bundles/14103/ 		270 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/14103/4dc96bb98a51182f8971.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
9f4a1feef86a35620c481888bdf4ad6481374bd7c4143210c3037639ce053a15
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Origin
http://www.tut.by
Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:50 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
45385
last-modified
Tue, 09 Mar 2021 15:58:26 GMT
server
nginx/1.17.9
etag
"e46cda1d0540c6b4a916e4e7676a0aab"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Mar 2051 15:06:03 GMT
fpdata.js
gaby1.hit.gemius.pl/ 		275 B
388 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gaby1.hit.gemius.pl/fpdata.js?href=www.tut.by
Requested by
Host: gaby1.hit.gemius.pl
URL: https://gaby1.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS
ip28.ip-54-37-238.eu
Software
GHC /
Resource Hash
6ea030759d5c8caaa4030835ef6038098f04511351dcb534bfe519a8eb87fdce

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:52 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
server
GHC
etag
PRIVATE7520710249
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
private, max-age=2592000
accept-ranges
none
content-type
application/x-javascript
content-length
275
expires
Sat, 10 Apr 2021 08:34:52 GMT
rexdot.js
gaby1.hit.gemius.pl/__/_1615451692131/
Redirect Chain
  • https://gaby1.hit.gemius.pl/_1615451692131/rexdot.js?l=100&id=ApuaduN8tygYeYEDIglPDJYUPzNpmG_wR5t8sIdtU4L.B7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=http%3A%2F%2Fwww.tut.b...
  • https://gaby1.hit.gemius.pl/__/_1615451692131/rexdot.js?l=100&id=ApuaduN8tygYeYEDIglPDJYUPzNpmG_wR5t8sIdtU4L.B7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=http%3A%2F%2Fwww.tu...
169 B
427 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gaby1.hit.gemius.pl/__/_1615451692131/rexdot.js?l=100&id=ApuaduN8tygYeYEDIglPDJYUPzNpmG_wR5t8sIdtU4L.B7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=http%3A%2F%2Fwww.tut.by%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=4unKG4pwcqWk3YvN9Wa_6ngcVnE0mrW4RAZCNXNSYQ..K7&vis=1
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS
ip28.ip-54-37-238.eu
Software
GHC /
Resource Hash
2b3eb1fb0a3960fcc413d094ecddd653709587f896ac462f2be3ad906691904d

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 08:34:52 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
no-store, no-cache, must-revalidate, max-age=0
accept-ranges
none
content-type
application/x-javascript
content-length
169
expires
Wed, 10 Mar 2021 08:34:52 GMT

Redirect headers

pragma
no-cache
date
Thu, 11 Mar 2021 08:34:52 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
/__/_1615451692131/rexdot.js?l=100&id=ApuaduN8tygYeYEDIglPDJYUPzNpmG_wR5t8sIdtU4L.B7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=http%3A%2F%2Fwww.tut.by%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=4unKG4pwcqWk3YvN9Wa_6ngcVnE0mrW4RAZCNXNSYQ..K7&vis=1
cache-control
no-store, no-cache, must-revalidate, max-age=0
accept-ranges
none
content-length
0
expires
Wed, 10 Mar 2021 08:34:52 GMT
rum.js
securepubads.g.doubleclick.net/pagead/js/ 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
3132eacd5425ca6e16b66e18a1587c72f8a9f8787cba87fac56c49a963981381
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 07:41:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3204
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20910
x-xss-protection
0
server
cafe
etag
15911962102859849068
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Thu, 11 Mar 2021 08:41:28 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.tut.by
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 11 Mar 2021 08:34:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
553 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.tut.by
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 11 Mar 2021 08:34:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		496 B
602 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2883581063428105&correlator=4007748184753406&output=ldjh&impl=fif&eid=21066613%2C21066614%2C21067088&vrg=2021030401&ptt=17&sc=0&sfv=1-0-37&ecs=20210311&iu_parts=83130649%2CNot_Belarus_main_horizontal_728x90Not_Belarus_news_horizontal_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&eri=2&cookie_enabled=1&bc=23&abxe=1&lmt=1615451692&dt=1615451692167&dlt=1615451690029&idt=2121&frm=20&biw=1600&bih=1200&oid=3&adxs=120&adys=0&adks=3398475104&ucis=1&ifi=1&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.tut.by%2F&rumc=2883581063428105&rume=1&vis=1&scr_x=0&scr_y=0&psz=1360x90&msz=1360x90&ga_vid=1319103873.1615451692&ga_sid=1615451692&ga_hid=1104419952&ga_fc=false&fws=0&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
6542cb55da2b6caf35513e580833e41abd1db118df68ad603474a7db5cf0f588
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:52 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
252
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://www.tut.by
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
93ebfc16cb32d39b0b1843be3bc18155.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://93ebfc16cb32d39b0b1843be3bc18155.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
res_co_track.gif
c1hit.tut.by/ 		43 B
202 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1hit.tut.by/res_co_track.gif
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a0a:7d80::c:2:0 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:52 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
content-type
image/gif
cache-control
no-cache
x-robots-tag
noindex, nofollow
content-length
43
expires
Thu, 11 Mar 2021 08:34:51 GMT
sprite.webp
tutby.gcdn.co/i/by5/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tutby.gcdn.co/i/by5/sprite.webp?06c07f8f41
Requested by
Host: www.tut.by
URL: https://www.tut.by/css/by5/v5.2.4~r29646.css?M2YwMWNxMjNlNTN0kTNkdDOjNmM3cDZ5cjZkBDZ0ADZ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
05ffac8e198eead304ab31d6b647f4923a395dc1b51c612e03c1f29b75463afc
Security Headers
Name Value
Strict-Transport-Security max-age=86400;

Request headers

Referer
https://www.tut.by/css/by5/v5.2.4~r29646.css?M2YwMWNxMjNlNTN0kTNkdDOjNmM3cDZ5cjZkBDZ0ADZ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id
fr5-up-gc38
date
Thu, 11 Mar 2021 08:34:52 GMT
last-modified
Fri, 26 Jun 2020 14:07:10 GMT
server
nginx
etag
"5ef6010e-339c"
strict-transport-security
max-age=86400;
x-cached-since
2021-03-09T14:24:10+00:00
content-type
image/webp
cache-control
max-age=1209600
cache
HIT
accept-ranges
bytes
content-length
13212
x-vhost-ver
14330921091485934966
expires
Thu, 19 Nov 2020 10:44:37 GMT
18408_9903.gif
c2hit.tut.by/stat/219/45466/js/161545168/ 		43 B
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c2hit.tut.by/stat/219/45466/js/161545168/18408_9903.gif
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a0a:7d80::c:2:0 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:52 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
content-type
image/gif
cache-control
max-age=60
x-robots-tag
noindex, nofollow
content-length
43
expires
Thu, 11 Mar 2021 08:35:52 GMT
18408_9117.gif
c2hit.tut.by/stat/797/40201/js/161545168/ 		43 B
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c2hit.tut.by/stat/797/40201/js/161545168/18408_9117.gif
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a0a:7d80::c:2:0 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:52 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
content-type
image/gif
cache-control
max-age=60
x-robots-tag
noindex, nofollow
content-length
43
expires
Thu, 11 Mar 2021 08:35:52 GMT
truncated
/ 		483 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1458066f8e5fe7ab25a90af344c45b3a3e7cd2f7687a85db10e940047ed245d0

Request headers

Referer
https://www.tut.by/css/by5/v5.2.4~r29646.css?M2YwMWNxMjNlNTN0kTNkdDOjNmM3cDZ5cjZkBDZ0ADZ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
42_bsmp_20190322_zam_tutby_phsl.jpg
tutby.gcdn.co/552x368c/n/zamirovskiy/0a/c/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tutby.gcdn.co/552x368c/n/zamirovskiy/0a/c/42_bsmp_20190322_zam_tutby_phsl.jpg
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
2054e3865b4886300e608fac8c1567b82d72d8451b665aa1b34fb36bff1f89ee
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id
fr5-up-gc38
date
Thu, 11 Mar 2021 08:34:52 GMT
last-modified
Tue, 12 May 2020 15:35:10 GMT
server
nginx
etag
"5ebac22e-44f3"
strict-transport-security
max-age=15768000
x-cached-since
2021-03-11T08:15:52+00:00
content-type
image/jpeg
cache-control
max-age=1209600
cache
HIT
accept-ranges
bytes
content-length
17651
x-vhost-ver
14330921091485934966
expires
Thu, 25 Mar 2021 08:15:52 GMT
skoda_rapid_online_stream_2020_2.jpg
tutby.gcdn.co/279x186c/n/avto/02/9/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tutby.gcdn.co/279x186c/n/avto/02/9/skoda_rapid_online_stream_2020_2.jpg
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
eeac9dfc42296e3b17052f3a56da3e09e29be99ffd79c6013e87b9a4c1d728d8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id
fr5-up-gc38
date
Thu, 11 Mar 2021 08:34:52 GMT
last-modified
Thu, 11 Mar 2021 06:43:23 GMT
server
nginx
etag
"6049bc0b-2460"
strict-transport-security
max-age=15768000
x-cached-since
2021-03-11T06:45:30+00:00
content-type
image/jpeg
cache-control
max-age=1209600
cache
HIT
accept-ranges
bytes
content-length
9312
x-vhost-ver
14330921091485934966
expires
Thu, 25 Mar 2021 06:45:30 GMT
tihanovski_20200520_kom_tutby_phs_4945.jpg
tutby.gcdn.co/279x186c/n/regiony/07/6/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tutby.gcdn.co/279x186c/n/regiony/07/6/tihanovski_20200520_kom_tutby_phs_4945.jpg
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
dc74e046c1699aaf7a457b9183809c0112e9f80f4ec40115da24e2360259fbcd
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id
fr5-up-gc38
date
Thu, 11 Mar 2021 08:34:52 GMT
last-modified
Thu, 04 Mar 2021 09:55:23 GMT
server
nginx
etag
"6040ae8b-1b46"
strict-transport-security
max-age=15768000
x-cached-since
2021-03-11T07:13:21+00:00
content-type
image/jpeg
cache-control
max-age=1209600
cache
HIT
accept-ranges
bytes
content-length
6982
x-vhost-ver
14330921091485934966
expires
Thu, 25 Mar 2021 07:13:21 GMT
truncated
/ 		1 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
text/javascript
store.html
www.tut.by/api/ Frame A7BF 		2 KB
1016 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.tut.by/api/store.html
Requested by
Host: www.tut.by
URL: https://www.tut.by/scripts/by4/jquery-2.2.4~modernizr~bootstrap~jquery.touchSwipe~bootstrap-ext~core~v4~ext~topbar~search~auth~resource~hint~geo~geo-ext~tut_ads~handlebars~r29644.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a0a:7d80::b Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software
nginx /
Resource Hash
b381551d270a4d855e8f337d16ba587c1f4cc8bd59b3c03dd5ee1dfbc3fc0782
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=15768000

Request headers

:method
GET
:authority
www.tut.by
:scheme
https
:path
/api/store.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.tut.by/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__utsid=a4ec6bd6-8244-11eb-9be7-0cc47ac956c1; __gfp_64b=4unKG4pwcqWk3YvN9Wa_6ngcVnE0mrW4RAZCNXNSYQ..K7|1615451692
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.tut.by/

Response headers

server
nginx
date
Thu, 11 Mar 2021 08:34:52 GMT
content-type
text/html; charset=utf8
vary
Accept-Encoding Accept-Encoding
set-cookie
__utsid=a4ec6bd6-8244-11eb-9be7-0cc47ac956c1; Expires=Thu, 11-Mar-21 09:04:52 GMT; Max-Age=1800; Domain=.tut.by; Path=/; Secure; SameSite=None
etag
W/"5dc96c73-668"
expires
Tue, 16 Mar 2021 08:34:52 GMT
cache-control
max-age=432000
strict-transport-security
max-age=15768000
referrer-policy
unsafe-url
content-security-policy
upgrade-insecure-requests
content-encoding
gzip
v2
an.yandex.ru/adfox/246762/getBulk/ 		9 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/246762/getBulk/v2?dl=http%3A%2F%2Fwww.tut.by%2F&date=2021-03-11T09%3A34%3A52.304%2B01%3A00&pd=11&pdh=1200&pdw=1600&pr1=1023393659&pr=3328949620&prr=&pv=9&pw=4&extid_loader=&extid_tag_loader=www.tut.by&ylv=0.3045&ybv=0.3044&ytt=547574033942549&is-turbo=0&skip-token=&ad-session-id=6082671615451692313&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.6%2C%22w%22%3A1060%2C%22h%22%3A0%2C%22width%22%3A1060%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A120%2C%22top%22%3A903%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=0&yandexuid=17965973028366643137&sign=33ec9cbebd702569de23110e80e46ecc&p1=cihfx&p2=gpwx&puid1=0&puid2=&puid4=&puid5=0&puid13=0&puid14=0&puid17=&slotNumber=1&matchid-direct=1&bids=W10%3D&grab=dNCR0LXQu9C-0YDRg9GB0YHQutC40Lkg0L_QvtGA0YLQsNC7IFRVVC5CWS4g0J3QvtCy0L7RgdGC0Lgg0JHQtdC70LDRgNGD0YHQuCDQuCDQvNC40YDQsAoxCjPQkiDQkdC10LvQsNGA0YPRgdGMINC_0YDQuNGI0LXQuyDQsdGA0LjRgtCw0L3RgdC60LjQuSDRiNGC0LDQvNC8INC60L7RgNC-0L3QsNCy0LjRgNGD0YHQsC4g0J7QvSDQsdC-0LvQtdC1INC30LDRgNCw0LfQvdGL0LkgMTIgMTA6NDcgCg%3D%3D&utf8=%E2%9C%93
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
9455eb8c37c55be10999f978e3813aace75f21a7cd3cd15c77ba45d3a1996036
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 08:34:52 GMT
content-encoding
gzip
last-modified
Thu, 11 Mar 2021 08:34:52 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
http://www.tut.by
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 11 Mar 2021 08:34:52 GMT
maket_na_ssylku.jpg
tutby.gcdn.co/75x50c/p/03/2/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tutby.gcdn.co/75x50c/p/03/2/maket_na_ssylku.jpg
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
80300ee2f19a73f1c2a360e7a3ff617944cf9aa89deb5777d09f7d136db83025
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id
fr5-up-gc38
date
Thu, 11 Mar 2021 08:34:52 GMT
last-modified
Mon, 23 Nov 2020 06:00:07 GMT
server
nginx
etag
"5fbb4fe7-791"
strict-transport-security
max-age=15768000
x-cached-since
2021-03-09T06:04:21+00:00
content-type
image/jpeg
cache-control
max-age=1209600
cache
HIT
accept-ranges
bytes
content-length
1937
x-vhost-ver
14330921091485934966
expires
Tue, 23 Mar 2021 06:04:21 GMT
18408_7359_advertising.gif
c2hit.tut.by/stat/820/55008/js/161545168/ 		43 B
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c2hit.tut.by/stat/820/55008/js/161545168/18408_7359_advertising.gif
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a0a:7d80::c:2:0 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:52 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
content-type
image/gif
cache-control
max-age=60
x-robots-tag
noindex, nofollow
content-length
43
expires
Thu, 11 Mar 2021 08:35:52 GMT
entry-icon.webp
tutby.gcdn.co/i/by5/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tutby.gcdn.co/i/by5/entry-icon.webp?34d79a012b
Requested by
Host: www.tut.by
URL: https://www.tut.by/css/by5/v5.2.4~r29646.css?M2YwMWNxMjNlNTN0kTNkdDOjNmM3cDZ5cjZkBDZ0ADZ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
8da926e2b37032adcd0496c5bf695c0df7603ad930b0ba9934fee778d2a293b0
Security Headers
Name Value
Strict-Transport-Security max-age=86400;

Request headers

Referer
https://www.tut.by/css/by5/v5.2.4~r29646.css?M2YwMWNxMjNlNTN0kTNkdDOjNmM3cDZ5cjZkBDZ0ADZ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id
fr5-up-gc38
date
Thu, 11 Mar 2021 08:34:52 GMT
last-modified
Fri, 26 Jun 2020 14:07:10 GMT
server
nginx
etag
"5ef6010e-21f4"
strict-transport-security
max-age=86400;
x-cached-since
2021-03-09T13:09:38+00:00
content-type
image/webp
cache-control
max-age=1209600
cache
HIT
accept-ranges
bytes
content-length
8692
x-vhost-ver
14330921091485934966
expires
Thu, 19 Nov 2020 10:44:37 GMT
entry-type.webp
tutby.gcdn.co/i/by5/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tutby.gcdn.co/i/by5/entry-type.webp?16c06e0da3
Requested by
Host: www.tut.by
URL: https://www.tut.by/css/by5/v5.2.4~r29646.css?M2YwMWNxMjNlNTN0kTNkdDOjNmM3cDZ5cjZkBDZ0ADZ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
4da66c42465459d72f5b17f138f5d258d489d327ba9b4cac2eb7e3f4bc338be4
Security Headers
Name Value
Strict-Transport-Security max-age=86400;

Request headers

Referer
https://www.tut.by/css/by5/v5.2.4~r29646.css?M2YwMWNxMjNlNTN0kTNkdDOjNmM3cDZ5cjZkBDZ0ADZ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id
fr5-up-gc38
date
Thu, 11 Mar 2021 08:34:52 GMT
last-modified
Fri, 26 Jun 2020 14:07:10 GMT
server
nginx
etag
"5ef6010e-70e"
strict-transport-security
max-age=86400;
x-cached-since
2021-03-09T14:24:06+00:00
content-type
image/webp
cache-control
max-age=1209600
cache
HIT
accept-ranges
bytes
content-length
1806
x-vhost-ver
14330921091485934966
expires
Thu, 19 Nov 2020 10:44:37 GMT
gastrofest_patrik_2021_vinie_jones_pub.jpg
tutby.gcdn.co/390x260c/n/afisha/0f/9/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tutby.gcdn.co/390x260c/n/afisha/0f/9/gastrofest_patrik_2021_vinie_jones_pub.jpg
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
9e21ca74073a2ad2d6602d6264b592e805454766c33cf1f061caff084f4437b9
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id
fr5-up-gc38
date
Thu, 11 Mar 2021 08:34:52 GMT
last-modified
Thu, 11 Mar 2021 06:15:44 GMT
server
nginx
etag
"6049b590-4c36"
strict-transport-security
max-age=15768000
x-cached-since
2021-03-11T07:04:59+00:00
content-type
image/jpeg
cache-control
max-age=1209600
cache
HIT
accept-ranges
bytes
content-length
19510
x-vhost-ver
14330921091485934966
expires
Thu, 25 Mar 2021 07:04:59 GMT
titul_zg_11032021_2_.jpg
tutby.gcdn.co/150x100c/p/00/5/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tutby.gcdn.co/150x100c/p/00/5/titul_zg_11032021_2_.jpg
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
093340188121d420c00adb4977def76dbbd932bf58eb1b89780ccb8393ad8930
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id
fr5-up-gc38
date
Thu, 11 Mar 2021 08:34:52 GMT
last-modified
Thu, 11 Mar 2021 06:00:00 GMT
server
nginx
etag
"6049b1e0-c54"
strict-transport-security
max-age=15768000
x-cached-since
2021-03-11T06:02:10+00:00
content-type
image/jpeg
cache-control
max-age=1209600
cache
HIT
accept-ranges
bytes
content-length
3156
x-vhost-ver
14330921091485934966
expires
Thu, 25 Mar 2021 06:02:10 GMT
6.png
tutby.gcdn.co/i/by4/weather/128/d/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tutby.gcdn.co/i/by4/weather/128/d/6.png
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
0b4aba87513ffa7fcc0282254d127236bf3bcf250e84d0da06f92c69081d6056
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id
fr5-up-gc38
date
Thu, 11 Mar 2021 08:34:52 GMT
last-modified
Mon, 05 Feb 2018 08:37:48 GMT
server
nginx
etag
"5a7817dc-967"
strict-transport-security
max-age=15768000
x-cached-since
2021-03-08T05:41:31+00:00
content-type
image/png
cache-control
max-age=1209600
cache
HIT
accept-ranges
bytes
content-length
2407
x-vhost-ver
14330921091485934966
expires
Mon, 22 Mar 2021 05:41:31 GMT
rayya-i-posledniy-drakon-089691.jpg
img.afisha.tut.by/static/media/194x158c/screens/05/3/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.afisha.tut.by/static/media/194x158c/screens/05/3/rayya-i-posledniy-drakon-089691.jpg
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a0a:7d80::b Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software
nginx /
Resource Hash
8e6c0b3e4f935d370174d4339d3b968c2fa60a182d7721eb52ada3e29f30aa1d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:52 GMT
referrer-policy
unsafe-url
last-modified
Thu, 04 Mar 2021 07:50:15 GMT
server
nginx
etag
"60409137-1f78"
strict-transport-security
max-age=15768000
content-type
image/jpeg
cache-control
max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
8056
expires
Thu, 18 Mar 2021 08:34:52 GMT
18408_48211.gif
c2hit.tut.by/stat/70/53477/js/161545168/ 		43 B
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c2hit.tut.by/stat/70/53477/js/161545168/18408_48211.gif
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a0a:7d80::c:2:0 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:52 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
content-type
image/gif
cache-control
max-age=60
x-robots-tag
noindex, nofollow
content-length
43
expires
Thu, 11 Mar 2021 08:35:52 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
777 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.tut.by
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 11 Mar 2021 08:34:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.tut.by
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 11 Mar 2021 08:34:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		42 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2883581063428105&correlator=4007748184753406&output=ldjh&impl=fif&eid=21066613%2C21066614%2C21067088&vrg=2021030401&ptt=17&sc=0&sfv=1-0-37&ecs=20210311&iu_parts=83130649%2Cmain_vertical_240x400&enc_prev_ius=%2F0%2F1&prev_iu_szs=240x400&eri=2&cookie_enabled=1&bc=23&abxe=1&lmt=1615451692&dt=1615451692383&dlt=1615451690029&idt=2121&frm=20&biw=1600&bih=1200&oid=3&adxs=1180&adys=350&adks=454273514&ucis=2&ifi=2&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.tut.by%2F&rumc=2883581063428105&rume=1&vis=1&scr_x=0&scr_y=0&psz=300x400&msz=300x400&ga_vid=1319103873.1615451692&ga_sid=1615451692&ga_hid=1104419952&ga_fc=false&fws=4&ohw=300&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
32ef0419a06888c0a2b55c7b3ffdd8929bfec79a1223ea1c287ba2556305c2ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10868
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://www.tut.by
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
18408_8560.gif
c2hit.tut.by/stat/187/45328/js/161545168/ 		43 B
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c2hit.tut.by/stat/187/45328/js/161545168/18408_8560.gif
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a0a:7d80::c:2:0 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:52 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
content-type
image/gif
cache-control
max-age=60
x-robots-tag
noindex, nofollow
content-length
43
expires
Thu, 11 Mar 2021 08:35:52 GMT
v2
an.yandex.ru/adfox/246762/getBulk/ 		23 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/246762/getBulk/v2?dl=http%3A%2F%2Fwww.tut.by%2F&date=2021-03-11T09%3A34%3A52.391%2B01%3A00&pd=11&pdh=1200&pdw=1600&pr1=876214893&pr=3328949620&prr=&pv=9&pw=4&extid_loader=&extid_tag_loader=www.tut.by&ylv=0.3045&ybv=0.3044&ytt=547574033942549&is-turbo=0&skip-token=&ad-session-id=6082671615451692313&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.6%2C%22w%22%3A300%2C%22h%22%3A0%2C%22width%22%3A300%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A1180%2C%22top%22%3A1070%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=0&yandexuid=17965973028366643137&sign=33ec9cbebd702569de23110e80e46ecc&p1=cegdb&p2=ghdq&puid1=0&puid2=&puid3=&puid4=&puid5=0&slotNumber=2&matchid-direct=1&bids=W10%3D&grab=dNCR0LXQu9C-0YDRg9GB0YHQutC40Lkg0L_QvtGA0YLQsNC7IFRVVC5CWS4g0J3QvtCy0L7RgdGC0Lgg0JHQtdC70LDRgNGD0YHQuCDQuCDQvNC40YDQsAoxCjPQkiDQkdC10LvQsNGA0YPRgdGMINC_0YDQuNGI0LXQuyDQsdGA0LjRgtCw0L3RgdC60LjQuSDRiNGC0LDQvNC8INC60L7RgNC-0L3QsNCy0LjRgNGD0YHQsC4g0J7QvSDQsdC-0LvQtdC1INC30LDRgNCw0LfQvdGL0LkgMTIgMTA6NDcgCg%3D%3D&utf8=%E2%9C%93
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
1406488c49325fec4b03e8b6a8d89ce3ca336b2ad8fd62730f1eb960782c2f55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 08:34:52 GMT
content-encoding
gzip
last-modified
Thu, 11 Mar 2021 08:34:52 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
http://www.tut.by
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 11 Mar 2021 08:34:52 GMT
18408_952_advertising.gif
c2hit.tut.by/stat/222/53239/js/161545168/ 		43 B
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c2hit.tut.by/stat/222/53239/js/161545168/18408_952_advertising.gif
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a0a:7d80::c:2:0 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:52 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
content-type
image/gif
cache-control
max-age=60
x-robots-tag
noindex, nofollow
content-length
43
expires
Thu, 11 Mar 2021 08:35:52 GMT
optimize.webp
avatars.mds.yandex.net/get-adfox-content/2765366/210310_adfox_1587481_4203948.337133519daa52952a4b5e371127ed69.jpg/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.mds.yandex.net/get-adfox-content/2765366/210310_adfox_1587481_4203948.337133519daa52952a4b5e371127ed69.jpg/optimize.webp
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx /
Resource Hash
a2bc813ffc2a0e629a4ad95025fd3ec0d479212df66f7716d4b72a6d753bcb22

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:52 GMT
last-modified
Wed, 10 Mar 2021 11:17:20 GMT
server
nginx
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400,immutable
access-control-allow-credentials
true
timing-allow-origin
*
content-length
20534
x-request-id
cc563ebf88fca5fa
tesla_model_3_murmansk_2021_11.jpg
tutby.gcdn.co/432x288c/n/avto/02/2/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tutby.gcdn.co/432x288c/n/avto/02/2/tesla_model_3_murmansk_2021_11.jpg
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
251dcea28f2c61551f9e0bb6d2045d21e6b864fb033ba3453abe097b02351716
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id
fr5-up-gc38
date
Thu, 11 Mar 2021 08:34:52 GMT
last-modified
Wed, 10 Mar 2021 13:26:57 GMT
server
nginx
etag
"6048c921-5e5a"
strict-transport-security
max-age=15768000
x-cached-since
2021-03-10T13:27:19+00:00
content-type
image/jpeg
cache-control
max-age=1209600
cache
HIT
accept-ranges
bytes
content-length
24154
x-vhost-ver
14330921091485934966
expires
Wed, 24 Mar 2021 13:27:19 GMT
6329543b-478c-40fa-a97f-02bfbb5dbcc5.jpg
tutby.gcdn.co/432x288c/n/360_foto_video/0d/d/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tutby.gcdn.co/432x288c/n/360_foto_video/0d/d/6329543b-478c-40fa-a97f-02bfbb5dbcc5.jpg
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
61f8953216c549d8b802bd66b53aaebc30248a65821ae2bd582ea2e550907e04
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id
fr5-up-gc38
date
Thu, 11 Mar 2021 08:34:52 GMT
last-modified
Wed, 10 Mar 2021 08:29:59 GMT
server
nginx
etag
"60488387-2f19"
strict-transport-security
max-age=15768000
x-cached-since
2021-03-10T09:00:27+00:00
content-type
image/jpeg
cache-control
max-age=1209600
cache
HIT
accept-ranges
bytes
content-length
12057
x-vhost-ver
14330921091485934966
expires
Wed, 24 Mar 2021 09:00:27 GMT
160331_syd1-900x600.jpg
tutby.gcdn.co/432x288c/n/00/b/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tutby.gcdn.co/432x288c/n/00/b/160331_syd1-900x600.jpg
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
661011d9e336c2fe28cbb750b1ebedf532adf6d14362969c29228533f6c88932
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id
fr5-up-gc38
date
Thu, 11 Mar 2021 08:34:52 GMT
last-modified
Wed, 10 Mar 2021 08:24:50 GMT
server
nginx
etag
"60488252-91ac"
strict-transport-security
max-age=15768000
x-cached-since
2021-03-10T08:25:03+00:00
content-type
image/jpeg
cache-control
max-age=1209600
cache
HIT
accept-ranges
bytes
content-length
37292
x-vhost-ver
14330921091485934966
expires
Wed, 24 Mar 2021 08:25:03 GMT
10_khalatryan_levon_20210305_zam_tutby_phsl.jpg
tutby.gcdn.co/432x288c/n/zamirovskiy/0d/3/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tutby.gcdn.co/432x288c/n/zamirovskiy/0d/3/10_khalatryan_levon_20210305_zam_tutby_phsl.jpg
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
e5b93f728523afdafd1714890abe235148ae940a80e6b5dd79b862b63d7f3b1d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id
fr5-up-gc38
date
Thu, 11 Mar 2021 08:34:52 GMT
last-modified
Tue, 09 Mar 2021 13:17:24 GMT
server
nginx
etag
"60477564-29a3"
strict-transport-security
max-age=15768000
x-cached-since
2021-03-09T13:20:25+00:00
content-type
image/jpeg
cache-control
max-age=1209600
cache
HIT
accept-ranges
bytes
content-length
10659
x-vhost-ver
14330921091485934966
expires
Tue, 23 Mar 2021 13:20:25 GMT
v2
an.yandex.ru/adfox/246762/getBulk/ 		170 B
173 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/246762/getBulk/v2?dl=http%3A%2F%2Fwww.tut.by%2F&date=2021-03-11T09%3A34%3A52.481%2B01%3A00&pd=11&pdh=1200&pdw=1600&pr1=259452947&pr=3328949620&prr=&pv=9&pw=4&extid_loader=&extid_tag_loader=www.tut.by&ylv=0.3045&ybv=0.3044&ytt=547574033942549&is-turbo=0&skip-token=&ad-session-id=6082671615451692313&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.6%2C%22w%22%3A0%2C%22h%22%3A0%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A0%2C%22top%22%3A0%2C%22req_no%22%3A2%2C%22ad_no%22%3A1%7D&enable-flat-highlight=1&pcode-version=0&yandexuid=17965973028366643137&sign=33ec9cbebd702569de23110e80e46ecc&p1=cfhes&p2=glie&slotNumber=3&matchid-direct=1&bids=W10%3D&grab=dNCR0LXQu9C-0YDRg9GB0YHQutC40Lkg0L_QvtGA0YLQsNC7IFRVVC5CWS4g0J3QvtCy0L7RgdGC0Lgg0JHQtdC70LDRgNGD0YHQuCDQuCDQvNC40YDQsAoxCjPQkiDQkdC10LvQsNGA0YPRgdGMINC_0YDQuNGI0LXQuyDQsdGA0LjRgtCw0L3RgdC60LjQuSDRiNGC0LDQvNC8INC60L7RgNC-0L3QsNCy0LjRgNGD0YHQsC4g0J7QvSDQsdC-0LvQtdC1INC30LDRgNCw0LfQvdGL0LkgMTIgMTA6NDcgCg%3D%3D&utf8=%E2%9C%93
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
45bf1be2e04bf8106588a80773981be7ee03a1dfd15f677141129bb29a141254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 08:34:52 GMT
content-encoding
gzip
last-modified
Thu, 11 Mar 2021 08:34:52 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
http://www.tut.by
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 11 Mar 2021 08:34:52 GMT
protesty_posle_vyborov_20200814_shuk_tutby_phsl_4925.jpg
tutby.gcdn.co/390x260c/n/shukaylo/07/c/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tutby.gcdn.co/390x260c/n/shukaylo/07/c/protesty_posle_vyborov_20200814_shuk_tutby_phsl_4925.jpg
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
a2e7d0367b3fbfaca20e00fccff5d6a11c074b351ddb66b549a3802eb6300c97
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id
fr5-up-gc38
date
Thu, 11 Mar 2021 08:34:52 GMT
last-modified
Wed, 10 Mar 2021 19:34:53 GMT
server
nginx
etag
"60491f5d-58ee"
strict-transport-security
max-age=15768000
x-cached-since
2021-03-10T19:35:46+00:00
content-type
image/jpeg
cache-control
max-age=1209600
cache
HIT
accept-ranges
bytes
content-length
22766
x-vhost-ver
14330921091485934966
expires
Wed, 24 Mar 2021 19:35:46 GMT
klimov_dvigateli.jpg
tutby.gcdn.co/390x260c/n/07/0/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tutby.gcdn.co/390x260c/n/07/0/klimov_dvigateli.jpg
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
bf66a69d68bbca9980ac161d776cfbd8dfae16056201aa7705a55ba2d7ae4759
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id
fr5-up-gc38
date
Thu, 11 Mar 2021 08:34:52 GMT
last-modified
Wed, 10 Mar 2021 11:39:00 GMT
server
nginx
etag
"6048afd4-5b4d"
strict-transport-security
max-age=15768000
x-cached-since
2021-03-10T11:39:45+00:00
content-type
image/jpeg
cache-control
max-age=1209600
cache
HIT
accept-ranges
bytes
content-length
23373
x-vhost-ver
14330921091485934966
expires
Wed, 24 Mar 2021 11:39:45 GMT
390x260_paradavto_nkmk_11.03.2021.jpg
tutby.gcdn.co/150x100c/p/03/7/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tutby.gcdn.co/150x100c/p/03/7/390x260_paradavto_nkmk_11.03.2021.jpg
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
b76ec6edec28f5f17c6a1f1306d0f9cda26bc30b1f98a715a9185c0bbcae6a42
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id
fr5-up-gc38
date
Thu, 11 Mar 2021 08:34:52 GMT
last-modified
Thu, 11 Mar 2021 06:00:00 GMT
server
nginx
etag
"6049b1e0-132f"
strict-transport-security
max-age=15768000
x-cached-since
2021-03-11T06:06:14+00:00
content-type
image/jpeg
cache-control
max-age=1209600
cache
HIT
accept-ranges
bytes
content-length
4911
x-vhost-ver
14330921091485934966
expires
Thu, 25 Mar 2021 06:06:14 GMT
belivpul_1103_l.jpg
tutby.gcdn.co/150x100c/p/01/9/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tutby.gcdn.co/150x100c/p/01/9/belivpul_1103_l.jpg
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
96990bd1f071f9c71b4c5d10388ed7b1bc9d70f31278857abed10b13993cfd78
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id
fr5-up-gc38
date
Thu, 11 Mar 2021 08:34:52 GMT
last-modified
Thu, 11 Mar 2021 06:00:02 GMT
server
nginx
etag
"6049b1e2-11be"
strict-transport-security
max-age=15768000
x-cached-since
2021-03-11T06:01:35+00:00
content-type
image/jpeg
cache-control
max-age=1209600
cache
HIT
accept-ranges
bytes
content-length
4542
x-vhost-ver
14330921091485934966
expires
Thu, 25 Mar 2021 06:01:35 GMT
dlya_stati-perevody_mart.jpg
tutby.gcdn.co/150x100c/p/01/5/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tutby.gcdn.co/150x100c/p/01/5/dlya_stati-perevody_mart.jpg
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
e1dbb248ce78959ec8b04c255ab0c95171052f9167ddf7fdcf3c6ae482acb6b9
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id
fr5-up-gc38
date
Thu, 11 Mar 2021 08:34:52 GMT
last-modified
Thu, 11 Mar 2021 06:00:02 GMT
server
nginx
etag
"6049b1e2-12ad"
strict-transport-security
max-age=15768000
x-cached-since
2021-03-11T06:01:34+00:00
content-type
image/jpeg
cache-control
max-age=1209600
cache
HIT
accept-ranges
bytes
content-length
4781
x-vhost-ver
14330921091485934966
expires
Thu, 25 Mar 2021 06:01:34 GMT
390x260_paradavto_nkmk_11.03.2021.jpg
img.tyt.by/150x100c/p/03/7/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.tyt.by/150x100c/p/03/7/390x260_paradavto_nkmk_11.03.2021.jpg
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a0a:7d80::b Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software
nginx /
Resource Hash
b76ec6edec28f5f17c6a1f1306d0f9cda26bc30b1f98a715a9185c0bbcae6a42
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:52 GMT
last-modified
Thu, 11 Mar 2021 06:00:00 GMT
server
nginx
etag
"6049b1e0-132f"
strict-transport-security
max-age=15768000
content-type
image/jpeg
cache-control
max-age=1209600
accept-ranges
bytes
content-length
4911
expires
Thu, 25 Mar 2021 08:34:52 GMT
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.7.0/ Frame 6E80 		57 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.7.0/animate.min.css
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode-bundles/0.1.3044/banners.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ed082521f47921ffff14d4ec1c6c3f1ea55114741bee23cc23d4ab6a3213642
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
646123
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3541
cf-request-id
08c205b5e100002c326d35c000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:58 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d2a-e283"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jlzh%2FFVYB1Vqs%2Fo%2BpTGKZWbEK8LTKFh4dWYB4vzOjn9HRwRTmvJRCqYH8deTOUDpCltpk8BoHEBV7gJhZhUnt19LYawppoZpivl9oDsYGktsRo4k02XVE2FqJGrALk1D0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
62e3723638902c32-FRA
expires
Tue, 01 Mar 2022 08:34:52 GMT
polyfill.min.js
polyfill.io/v2/ Frame 6E80 		222 B
613 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v2/polyfill.min.js?features=IntersectionObserver
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode-bundles/0.1.3044/banners.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
1831206
detected-user-agent
Chrome/89.0.4389
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=1
content-length
126
referrer-policy
origin-when-cross-origin
last-modified
Wed, 17 Feb 2021 11:29:48 GMT
date
Thu, 11 Mar 2021 08:34:52 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/89.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
3100027_5.695704680c6031b9eb72e02723c13b39.jpg
banners.adfox.ru/190722/adfox/1097890/ Frame 6E80 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banners.adfox.ru/190722/adfox/1097890/3100027_5.695704680c6031b9eb72e02723c13b39.jpg
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode-bundles/0.1.3044/banners.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::2:158 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx /
Resource Hash
1c79d43610df9d1cc125d2afc0e9215c18d7f1e8a338d0c63f89382ab5c89e56

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:52 GMT
x-amz-expiration
expiry-date="Thu, 01 Jan 1970 00:00:00 GMT", rule-id=""
last-modified
Mon, 22 Jul 2019 14:34:14 GMT
server
nginx
x-amz-request-id
e21b00dd74259f70
etag
"695704680c6031b9eb72e02723c13b39"
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type
image/jpeg
access-control-allow-origin
*
content-length
54321
accept-ranges
bytes
x-amz-version-id
null
x-nginx-request-id
5b9994505f953866
rubric_logo_a.png
tutby.gcdn.co/n/reklama/00/9/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tutby.gcdn.co/n/reklama/00/9/rubric_logo_a.png
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
1196f1889d60a267f1438d36987cdead372e9239a7a93f0c1c7b3a6741a580f7
Security Headers
Name Value
Strict-Transport-Security max-age=86400;

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id
fr5-up-gc38
date
Thu, 11 Mar 2021 08:34:52 GMT
last-modified
Thu, 25 Jun 2020 14:22:09 GMT
server
nginx
etag
"5ef4b311-11d7"
strict-transport-security
max-age=86400;
x-cached-since
2021-03-09T17:04:56+00:00
content-type
image/png
cache-control
max-age=1209600
cache
HIT
accept-ranges
bytes
content-length
4567
x-vhost-ver
14330921091485934966
expires
Thu, 19 Nov 2020 10:46:53 GMT
skoraya_pomoshch_loshica20200127_pilip_tutby_phsl-2479.jpg
tutby.gcdn.co/390x260c/n/obshchestvo/02/8/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tutby.gcdn.co/390x260c/n/obshchestvo/02/8/skoraya_pomoshch_loshica20200127_pilip_tutby_phsl-2479.jpg
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
4ad77d2f539c16dcbcb67171d4c6633c94de9ed42b76f5f79f4a042a6739ca73
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id
fr5-up-gc38
date
Thu, 11 Mar 2021 08:34:52 GMT
last-modified
Mon, 27 Jan 2020 12:23:26 GMT
server
nginx
etag
"5e2ed63e-3d36"
strict-transport-security
max-age=15768000
x-cached-since
2021-03-11T07:40:48+00:00
content-type
image/jpeg
cache-control
max-age=1209600
cache
HIT
accept-ranges
bytes
content-length
15670
x-vhost-ver
14330921091485934966
expires
Thu, 25 Mar 2021 07:40:48 GMT
pogoda_vesna_20210303_shuk_tutby_phsl_8692.jpg
tutby.gcdn.co/390x260c/n/shukaylo/09/2/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tutby.gcdn.co/390x260c/n/shukaylo/09/2/pogoda_vesna_20210303_shuk_tutby_phsl_8692.jpg
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
a97481b063202dfdf0535a65e2c3e7bf67861ca56a5af7ecbaab2825f5f2e79e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id
fr5-up-gc38
date
Thu, 11 Mar 2021 08:34:52 GMT
last-modified
Thu, 04 Mar 2021 13:13:23 GMT
server
nginx
etag
"6040dcf3-4257"
strict-transport-security
max-age=15768000
x-cached-since
2021-03-10T15:00:44+00:00
content-type
image/jpeg
cache-control
max-age=1209600
cache
HIT
accept-ranges
bytes
content-length
16983
x-vhost-ver
14330921091485934966
expires
Wed, 24 Mar 2021 15:00:44 GMT
yaponiya_zemletryasenie_cunami_2011.jpg
tutby.gcdn.co/390x260c/n/reuters/0c/c/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tutby.gcdn.co/390x260c/n/reuters/0c/c/yaponiya_zemletryasenie_cunami_2011.jpg
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
9b3568f61e42170d56bb68e39b94e205a400fa225df22b0dfdde5e8f4f1d87f1
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id
fr5-up-gc38
date
Thu, 11 Mar 2021 08:34:52 GMT
last-modified
Thu, 11 Mar 2021 04:24:32 GMT
server
nginx
etag
"60499b80-617d"
strict-transport-security
max-age=15768000
x-cached-since
2021-03-11T04:26:53+00:00
content-type
image/jpeg
cache-control
max-age=1209600
cache
HIT
accept-ranges
bytes
content-length
24957
x-vhost-ver
14330921091485934966
expires
Thu, 25 Mar 2021 04:26:53 GMT
baranovichi_galasy_zmesta_2020_1.jpg
tutby.gcdn.co/390x260c/n/regiony/06/a/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tutby.gcdn.co/390x260c/n/regiony/06/a/baranovichi_galasy_zmesta_2020_1.jpg
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
c3a348ff1ee08aa75021481fd84f91478c711b0ca24cca674bcc10be9f0bb669
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id
fr5-up-gc38
date
Thu, 11 Mar 2021 08:34:52 GMT
last-modified
Tue, 08 Dec 2020 05:48:49 GMT
server
nginx
etag
"5fcf13c1-5369"
strict-transport-security
max-age=15768000
x-cached-since
2021-03-11T06:12:18+00:00
content-type
image/jpeg
cache-control
max-age=1209600
cache
HIT
accept-ranges
bytes
content-length
21353
x-vhost-ver
14330921091485934966
expires
Thu, 25 Mar 2021 06:12:18 GMT
halasy3mesta.jpg
tutby.gcdn.co/390x260c/n/10/5/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tutby.gcdn.co/390x260c/n/10/5/halasy3mesta.jpg
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
4c6abb347c42439150bf9dcc568055ff16f94494c81ad5efefd5ae088b252400
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id
fr5-up-gc38
date
Thu, 11 Mar 2021 08:34:52 GMT
last-modified
Tue, 09 Mar 2021 15:47:37 GMT
server
nginx
etag
"60479899-3bfb"
strict-transport-security
max-age=15768000
x-cached-since
2021-03-09T15:56:35+00:00
content-type
image/jpeg
cache-control
max-age=1209600
cache
HIT
accept-ranges
bytes
content-length
15355
x-vhost-ver
14330921091485934966
expires
Tue, 23 Mar 2021 15:56:35 GMT
v2
an.yandex.ru/adfox/246762/getBulk/ 		49 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/246762/getBulk/v2?dl=http%3A%2F%2Fwww.tut.by%2F&date=2021-03-11T09%3A34%3A52.551%2B01%3A00&pd=11&pdh=1200&pdw=1600&pr1=3918557570&pr=3328949620&prr=&pv=9&pw=4&extid_loader=&extid_tag_loader=www.tut.by&ylv=0.3045&ybv=0.3044&ytt=547574033942549&is-turbo=0&skip-token=&ad-session-id=6082671615451692313&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.6%2C%22w%22%3A300%2C%22h%22%3A0%2C%22width%22%3A300%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A1180%2C%22top%22%3A2401%2C%22req_no%22%3A3%2C%22ad_no%22%3A2%7D&enable-flat-highlight=1&pcode-version=0&yandexuid=17965973028366643137&sign=33ec9cbebd702569de23110e80e46ecc&p1=byqjq&p2=ftao&puid1=0&puid2=&puid4=&puid5=0&slotNumber=4&matchid-direct=1&bids=W10%3D&grab=dNCR0LXQu9C-0YDRg9GB0YHQutC40Lkg0L_QvtGA0YLQsNC7IFRVVC5CWS4g0J3QvtCy0L7RgdGC0Lgg0JHQtdC70LDRgNGD0YHQuCDQuCDQvNC40YDQsAoxCjPQkiDQkdC10LvQsNGA0YPRgdGMINC_0YDQuNGI0LXQuyDQsdGA0LjRgtCw0L3RgdC60LjQuSDRiNGC0LDQvNC8INC60L7RgNC-0L3QsNCy0LjRgNGD0YHQsC4g0J7QvSDQsdC-0LvQtdC1INC30LDRgNCw0LfQvdGL0LkgMTIgMTA6NDcgCg%3D%3D&utf8=%E2%9C%93
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
0d8b34b45d991059a3e73bf7d54d97b88b02235267f65875a4959114b1943a39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 08:34:52 GMT
content-encoding
gzip
last-modified
Thu, 11 Mar 2021 08:34:52 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
http://www.tut.by
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 11 Mar 2021 08:34:52 GMT
18408_6936_advertising.gif
c2hit.tut.by/stat/221/49707/js/161545168/ 		43 B
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c2hit.tut.by/stat/221/49707/js/161545168/18408_6936_advertising.gif
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a0a:7d80::c:2:0 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:52 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
content-type
image/gif
cache-control
max-age=60
x-robots-tag
noindex, nofollow
content-length
43
expires
Thu, 11 Mar 2021 08:35:52 GMT
v2
an.yandex.ru/adfox/246762/getBulk/ 		1 KB
921 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/246762/getBulk/v2?dl=http%3A%2F%2Fwww.tut.by%2F&date=2021-03-11T09%3A34%3A52.576%2B01%3A00&pd=11&pdh=1200&pdw=1600&pr1=552862955&pr=3328949620&prr=&pv=9&pw=4&extid_loader=&extid_tag_loader=www.tut.by&ylv=0.3045&ybv=0.3044&ytt=547574033942549&is-turbo=0&skip-token=&ad-session-id=6082671615451692313&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.6%2C%22w%22%3A300%2C%22h%22%3A0%2C%22width%22%3A300%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A1180%2C%22top%22%3A3740%2C%22req_no%22%3A4%2C%22ad_no%22%3A2%7D&enable-flat-highlight=1&pcode-version=0&yandexuid=17965973028366643137&sign=33ec9cbebd702569de23110e80e46ecc&p1=cdsxu&p2=ghdq&puid1=0&puid2=&puid3=&puid4=&slotNumber=5&matchid-direct=1&bids=W10%3D&grab=dNCR0LXQu9C-0YDRg9GB0YHQutC40Lkg0L_QvtGA0YLQsNC7IFRVVC5CWS4g0J3QvtCy0L7RgdGC0Lgg0JHQtdC70LDRgNGD0YHQuCDQuCDQvNC40YDQsAoxCjPQkiDQkdC10LvQsNGA0YPRgdGMINC_0YDQuNGI0LXQuyDQsdGA0LjRgtCw0L3RgdC60LjQuSDRiNGC0LDQvNC8INC60L7RgNC-0L3QsNCy0LjRgNGD0YHQsC4g0J7QvSDQsdC-0LvQtdC1INC30LDRgNCw0LfQvdGL0LkgMTIgMTA6NDcgCg%3D%3D&utf8=%E2%9C%93
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
f55a3bee72d23954fd1ecb0f7e60e874f34e01b11a106f029691a9b6f55105ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 08:34:52 GMT
content-encoding
gzip
last-modified
Thu, 11 Mar 2021 08:34:52 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
http://www.tut.by
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 11 Mar 2021 08:34:52 GMT
18408_5121_advertising.gif
c2hit.tut.by/stat/223/53190/js/161545168/ 		43 B
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c2hit.tut.by/stat/223/53190/js/161545168/18408_5121_advertising.gif
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a0a:7d80::c:2:0 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:52 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
content-type
image/gif
cache-control
max-age=60
x-robots-tag
noindex, nofollow
content-length
43
expires
Thu, 11 Mar 2021 08:35:52 GMT
vladimir_martov_bsmp.jpg
tutby.gcdn.co/390x260c/n/matveeva/03/8/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tutby.gcdn.co/390x260c/n/matveeva/03/8/vladimir_martov_bsmp.jpg
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
cce5d006667c9847f55f82559bed1d54e5162380d54e8dc7c75822d4ad53b3b3
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id
fr5-up-gc38
date
Thu, 11 Mar 2021 08:34:52 GMT
last-modified
Wed, 10 Mar 2021 11:41:21 GMT
server
nginx
etag
"6048b061-29d0"
strict-transport-security
max-age=15768000
x-cached-since
2021-03-10T11:42:00+00:00
content-type
image/jpeg
cache-control
max-age=1209600
cache
HIT
accept-ranges
bytes
content-length
10704
x-vhost-ver
14330921091485934966
expires
Wed, 24 Mar 2021 11:42:00 GMT
kofe_kafe_eda.jpg
tutby.gcdn.co/390x260c/n/05/e/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tutby.gcdn.co/390x260c/n/05/e/kofe_kafe_eda.jpg
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
a349ed2a2691e6400f357c32846cb0e3b82d5017a1f93a5108a4e69b43064d60
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id
fr5-up-gc38
date
Thu, 11 Mar 2021 08:34:52 GMT
last-modified
Fri, 01 Nov 2019 11:41:01 GMT
server
nginx
etag
"5dbc19cd-4086"
strict-transport-security
max-age=15768000
x-cached-since
2021-03-10T08:53:51+00:00
content-type
image/jpeg
cache-control
max-age=1209600
cache
HIT
accept-ranges
bytes
content-length
16518
x-vhost-ver
14330921091485934966
expires
Wed, 24 Mar 2021 08:53:51 GMT
allergiya_titulnaya.jpg
tutby.gcdn.co/390x260c/n/os/07/8/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tutby.gcdn.co/390x260c/n/os/07/8/allergiya_titulnaya.jpg
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
bc70bb866c5ea3be4086f6605a4838436032577731d9bca99b061ed21175a1e3
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id
fr5-up-gc38
date
Thu, 11 Mar 2021 08:34:52 GMT
last-modified
Wed, 10 Mar 2021 21:00:42 GMT
server
nginx
etag
"6049337a-30d9"
strict-transport-security
max-age=15768000
x-cached-since
2021-03-11T06:03:40+00:00
content-type
image/jpeg
cache-control
max-age=1209600
cache
HIT
accept-ranges
bytes
content-length
12505
x-vhost-ver
14330921091485934966
expires
Thu, 25 Mar 2021 06:03:40 GMT
r~29.rss
news.tut.by/rss/ 		4 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://news.tut.by/rss/r~29.rss
Requested by
Host: www.tut.by
URL: https://www.tut.by/scripts/by4/jquery-2.2.4~modernizr~bootstrap~jquery.touchSwipe~bootstrap-ext~core~v4~ext~topbar~search~auth~resource~hint~geo~geo-ext~tut_ads~handlebars~r29644.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a0a:7d80::a Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software
nginx /
Resource Hash
cacff79baae9681531af42a644d73d133543ab0f1c5be1482d2adcf837ff596a

Request headers

Accept
application/xml, text/xml, */*; q=0.01
Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:52 GMT
server
nginx
vary
Cookie, Accept-Language, Origin
access-control-allow-methods
GET, HEAD, OPTIONS, POST
content-type
application/rss+xml; charset=utf-8
access-control-allow-origin
http://www.tut.by
cache-control
max-age=300
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-External-Resource,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
4459
expires
Thu, 11 Mar 2021 08:39:52 GMT
r~28.rss
news.tut.by/rss/ 		7 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://news.tut.by/rss/r~28.rss
Requested by
Host: www.tut.by
URL: https://www.tut.by/scripts/by4/jquery-2.2.4~modernizr~bootstrap~jquery.touchSwipe~bootstrap-ext~core~v4~ext~topbar~search~auth~resource~hint~geo~geo-ext~tut_ads~handlebars~r29644.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a0a:7d80::a Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software
nginx /
Resource Hash
d03b3b188e3ebffe14660e4b561f2c5e59875f7d27dd9c43fc273ba413f9310c

Request headers

Accept
application/xml, text/xml, */*; q=0.01
Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:52 GMT
server
nginx
vary
Cookie, Accept-Language, Origin
access-control-allow-methods
GET, HEAD, OPTIONS, POST
content-type
application/rss+xml; charset=utf-8
access-control-allow-origin
http://www.tut.by
cache-control
max-age=300
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-External-Resource,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
7469
expires
Thu, 11 Mar 2021 08:39:52 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		139 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode-bundles/0.1.3044/banners.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a1088330e7e3f920ad6aacb74d21355d223a195bbf72dee3ed3bddc1a7f8708
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49988
x-xss-protection
0
server
cafe
etag
3674309925980533368
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 11 Mar 2021 08:34:52 GMT
18697_6829.gif
c2hit.tut.by/stat/825/57199/js/161545168/ 		43 B
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c2hit.tut.by/stat/825/57199/js/161545168/18697_6829.gif
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a0a:7d80::c:2:0 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:52 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
content-type
image/gif
cache-control
max-age=60
x-robots-tag
noindex, nofollow
content-length
43
expires
Thu, 11 Mar 2021 08:35:52 GMT
truncated
/ 		613 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
feb93781b9b34b5eae1a2110bb719a35a1e9afc94b9a34f1f38d2bd9ba1e0e5f

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
text/javascript
kot-kradetsya.mp4
tutby.gcdn.co/120x80c/gif/n/360_foto_video/0f/5/ 		42 KB
42 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://tutby.gcdn.co/120x80c/gif/n/360_foto_video/0f/5/kot-kradetsya.mp4
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
ee3cf04bf384804fff51d9656ca7d4abe5f7ac0f7bb9deb3f640c52903dc35d9
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://www.tut.by/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

x-id
fr5-up-gc38
date
Thu, 11 Mar 2021 08:34:52 GMT
last-modified
Wed, 10 Mar 2021 07:21:03 GMT
server
nginx
etag
"6048735f-a914"
strict-transport-security
max-age=15768000
x-cached-since
2021-03-10T09:30:53+00:00
content-type
video/mp4
Content-Range
bytes 0-43283/43284
cache-control
max-age=1209600
cache
HIT
Content-Length
43284
x-vhost-ver
14330921091485934966
expires
Wed, 24 Mar 2021 09:30:53 GMT
1.webp
tutby.gcdn.co/i/by5/addon/0071392/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tutby.gcdn.co/i/by5/addon/0071392/1.webp
Requested by
Host: www.tut.by
URL: https://www.tut.by/css/by5/v5.2.4~r29646.css?M2YwMWNxMjNlNTN0kTNkdDOjNmM3cDZ5cjZkBDZ0ADZ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
fc27324c4f6c3b6c996871d2974fb55d26e87a9996087bf941ef03a8bc62e963
Security Headers
Name Value
Strict-Transport-Security max-age=86400;

Request headers

Referer
https://www.tut.by/css/by5/v5.2.4~r29646.css?M2YwMWNxMjNlNTN0kTNkdDOjNmM3cDZ5cjZkBDZ0ADZ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id
fr5-up-gc38
date
Thu, 11 Mar 2021 08:34:52 GMT
last-modified
Mon, 19 Oct 2020 09:30:10 GMT
server
nginx
etag
"5f8d5ca2-64c8"
strict-transport-security
max-age=86400;
x-cached-since
2021-03-09T14:24:07+00:00
content-type
image/webp
cache-control
max-age=1209600
cache
HIT
accept-ranges
bytes
content-length
25800
x-vhost-ver
14330921091485934966
expires
Thu, 19 Nov 2020 10:44:38 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210309/r20190131/ 		225 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210309/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4262459596704413&plah=www.tut.by&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3763a8975fcfa164fadcbc035780a147f75434ecaf79f33c1f3d0221477458cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
86491
x-xss-protection
0
server
cafe
etag
16470564300944896599
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 11 Mar 2021 08:34:52 GMT
2.webp
tutby.gcdn.co/i/by5/addon/0071392/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tutby.gcdn.co/i/by5/addon/0071392/2.webp
Requested by
Host: www.tut.by
URL: https://www.tut.by/css/by5/v5.2.4~r29646.css?M2YwMWNxMjNlNTN0kTNkdDOjNmM3cDZ5cjZkBDZ0ADZ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
7514b48580657e66c962cdde6d460705bd3eeeb670cd62b88207a0ba5eb59a71
Security Headers
Name Value
Strict-Transport-Security max-age=86400;

Request headers

Referer
https://www.tut.by/css/by5/v5.2.4~r29646.css?M2YwMWNxMjNlNTN0kTNkdDOjNmM3cDZ5cjZkBDZ0ADZ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id
fr5-up-gc38
date
Thu, 11 Mar 2021 08:34:52 GMT
last-modified
Mon, 19 Oct 2020 09:30:10 GMT
server
nginx
etag
"5f8d5ca2-5c72"
strict-transport-security
max-age=86400;
x-cached-since
2021-03-09T17:15:40+00:00
content-type
image/webp
cache-control
max-age=1209600
cache
HIT
accept-ranges
bytes
content-length
23666
x-vhost-ver
14330921091485934966
expires
Thu, 19 Nov 2020 10:44:38 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210309/r20190131/ Frame B81E 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210309/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210309/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.tut.by/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.tut.by/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 10 Mar 2021 23:47:12 GMT
expires
Wed, 24 Mar 2021 23:47:12 GMT
content-type
text/html; charset=UTF-8
etag
14488317231655078900
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4661
x-xss-protection
0
age
31660
cache-control
public, max-age=1209600
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
social-sprite.webp
tutby.gcdn.co/i/by5/news/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tutby.gcdn.co/i/by5/news/social-sprite.webp?80c830d030
Requested by
Host: www.tut.by
URL: https://www.tut.by/css/by5/v5.2.4~r29646.css?M2YwMWNxMjNlNTN0kTNkdDOjNmM3cDZ5cjZkBDZ0ADZ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
7a8a81f6ea3ffd49f892bcfdc4729b170ecdb653ec859354a70efe5b75d4c72b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.tut.by/css/by5/v5.2.4~r29646.css?M2YwMWNxMjNlNTN0kTNkdDOjNmM3cDZ5cjZkBDZ0ADZ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-id
fr5-up-gc38
date
Thu, 11 Mar 2021 08:34:52 GMT
last-modified
Mon, 25 Jan 2021 11:11:08 GMT
server
nginx
etag
"600ea74c-14fe"
strict-transport-security
max-age=15768000
x-cached-since
2021-03-10T13:05:03+00:00
content-type
image/webp
cache-control
max-age=1209600
cache
HIT
accept-ranges
bytes
content-length
5374
x-vhost-ver
14330921091485934966
expires
Mon, 08 Feb 2021 11:46:38 GMT
tag.js
mc.yandex.ru/metrika/ 		210 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
5efd3f4610ccc45e00c99246be09d65505a21997f01c638055f0d5478ed25a9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:52 GMT
content-encoding
br
last-modified
Tue, 09 Mar 2021 18:36:29 GMT
etag
"60472f6c-106f8"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
67320
expires
Thu, 11 Mar 2021 09:34:52 GMT
rtrg
vk.com/ 		49 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vk.com/rtrg?r=WzzOW2DLQkitnm3pO8*Wh2tyhgA2ZjAycAMhb38smJSjf4CfDWbFjwXVkxt6ZYXaaaYUv4a0FRdm0Ce6pAuXW8trRLmYa4*XsJO*GvGeyjU9JPI1mRg9yz8PLn*8du/QMDxfO1chXl9TRIBc/WF8CJybHlZ5iHXRWf9GDsJi9n0-
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),
Reverse DNS
Software
kittenx / KPHP/7.4.106421
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:52 GMT
content-encoding
gzip
x-frontend
front605107
server
kittenx
x-powered-by
KPHP/7.4.106421
strict-transport-security
max-age=15768000
content-type
image/gif
access-control-expose-headers
X-Frontend
cache-control
no-store
content-length
65
fbevents.js
connect.facebook.net/en_US/ 		91 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23762
x-fb-rlafr
0
pragma
public
x-fb-debug
NdzzcRbCDh2fKMDApglnOwOEuf2od7ilmQPHTJbD/0p53MYyeL3r0xz0tBIoY63lcjwgDSBpiUMC4xicDndb5w==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Thu, 11 Mar 2021 08:34:52 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
x-xss-protection
0
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
banner_advertising.js
www.tut.by/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.tut.by/banner_advertising.js?_=1615451690294
Protocol
H2
Server
2a0a:7d80::a Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-requested-with
Origin
http://www.tut.by
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Thu, 11 Mar 2021 08:34:52 GMT
content-type
application/javascript; charset=utf8 application/javascript
content-length
25
expires
Fri, 12 Mar 2021 08:34:52 GMT
cache-control
max-age=86400
banner_advertising.js
www.tut.by/ 		0
0
tracker.js
ad.tam.by/spy/ 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.tam.by/spy/tracker.js?v=3
Requested by
Host: www.tut.by
URL: https://www.tut.by/scripts/BY/ga~r29644.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.125.48.34 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
93-125-48-34.hoster.by
Software
nginx/1.14.2 /
Resource Hash
5fe62ef8663ff9b723e4e82171b36ac81ad4557c4628438a4a655806c859e1cd
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 11 Mar 2021 08:34:53 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Server
nginx/1.14.2
ETag
W/"6d50-pyneVTEbDeU+9Tt16+LFcGm3T4U"
Strict-Transport-Security
max-age=15768000
Content-Type
application/x-javascript; charset=utf-8
Access-Control-Expose-Headers
IPCity
Cache-Control
max-age=10
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-type,Accept,X-Access-Token,X-Key,If-Modified-Since,Authorization,Etag,If-None-Match,IPCity
Expires
Thu, 11 Mar 2021 08:35:03 GMT
18408_99792.gif
c2hit.tut.by/stat/826/13944/js/161545168/ 		43 B
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c2hit.tut.by/stat/826/13944/js/161545168/18408_99792.gif
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a0a:7d80::c:2:0 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:52 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
content-type
image/gif
cache-control
max-age=60
x-robots-tag
noindex, nofollow
content-length
43
expires
Thu, 11 Mar 2021 08:35:52 GMT
358054421733988
connect.facebook.net/signals/config/ 		241 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/358054421733988?v=2.9.33&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6cb6c52243734856344e97df500a7fb1319b8326b2ed9639a040e0e00b31c1cb
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
70925
x-fb-rlafr
0
pragma
public
x-fb-debug
JMsFuff6KM8kSsjHqSgj67qPJkG1yO3vwX9Gv/md6/byoBiyUVuxlD3yE8yY0z/R3kLDqCunxpjWZbdXMUp9Iw==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Thu, 11 Mar 2021 08:34:52 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		12 B
480 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.tut.by&callback=_gfp_s_&client=ca-pub-4262459596704413&cookie=ID%3D1323417b6a2f9b9c-22cd222cc0ba0009%3AT%3D1615451692%3AS%3DALNI_MZxt7utreoYvhdp9pzQVYaL-BLHSA
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210309/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4262459596704413&plah=www.tut.by&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.tut.by
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210309/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4262459596704413&plah=www.tut.by&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 11 Mar 2021 08:34:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.tut.by
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210309/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4262459596704413&plah=www.tut.by&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 11 Mar 2021 08:34:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6C7D 		84 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4262459596704413&output=html&h=253&slotname=2783279852&adk=1045486368&adf=4037928039&pi=t.ma~as.2783279852&w=300&lmt=1615451692&rafmt=11&psa=0&format=300x253&url=http%3A%2F%2Fwww.tut.by%2F&flash=0&wgl=1&dt=1615451692710&bpp=10&bdt=2681&idt=108&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1323417b6a2f9b9c-22cd222cc0ba0009%3AT%3D1615451692%3AS%3DALNI_MZxt7utreoYvhdp9pzQVYaL-BLHSA&correlator=6964909445216&rume=1&frm=20&pv=2&ga_vid=1319103873.1615451692&ga_sid=1615451692&ga_hid=1104419952&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1180&ady=3740&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21066431%2C21066923%2C21068084%2C21068786%2C21066613%2C21066614%2C21067088&oid=3&pvsid=2883581063428105&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CoeEbr%7C&abl=NS&pfx=0&fu=8320&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Y6GozkO40i&p=http%3A//www.tut.by&dtd=124
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210309/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4262459596704413&plah=www.tut.by&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dbf0b901d244014a594a8415cd4221e6d354ed09e1b5c1cc834ebef58fe3523f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-4262459596704413&output=html&h=253&slotname=2783279852&adk=1045486368&adf=4037928039&pi=t.ma~as.2783279852&w=300&lmt=1615451692&rafmt=11&psa=0&format=300x253&url=http%3A%2F%2Fwww.tut.by%2F&flash=0&wgl=1&dt=1615451692710&bpp=10&bdt=2681&idt=108&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1323417b6a2f9b9c-22cd222cc0ba0009%3AT%3D1615451692%3AS%3DALNI_MZxt7utreoYvhdp9pzQVYaL-BLHSA&correlator=6964909445216&rume=1&frm=20&pv=2&ga_vid=1319103873.1615451692&ga_sid=1615451692&ga_hid=1104419952&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1180&ady=3740&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21066431%2C21066923%2C21068084%2C21068786%2C21066613%2C21066614%2C21067088&oid=3&pvsid=2883581063428105&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CoeEbr%7C&abl=NS&pfx=0&fu=8320&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Y6GozkO40i&p=http%3A//www.tut.by&dtd=124
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.tut.by/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.tut.by/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 11 Mar 2021 08:34:53 GMT
server
cafe
content-length
25643
x-xss-protection
0
set-cookie
IDE=AHWqTUl9j7NehVL5KXBVLVGpbpI9-PaYxGsiMV9AJebhJV304AqvWtnS4yRYiN6F9F4; expires=Tue, 05-Apr-2022 08:34:52 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 11 Mar 2021 08:34:53 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210309/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4262459596704413&plah=www.tut.by&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
495b316cdda6e7b6ce663bb9eeeee0cf6f7f6e5969d0a6c1fe39307cbdb9d686
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1615378846156468"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28222
x-xss-protection
0
expires
Thu, 11 Mar 2021 08:34:52 GMT
host.js
yastatic.net/safeframe-bundles/0.80/ 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/safeframe-bundles/0.80/host.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
9a10b1418ae87e1667a44c85f39b5e1af9b8a24279d9a2743c0859d478f3f925
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Origin
http://www.tut.by
Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:52 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
8120
last-modified
Wed, 13 Jan 2021 14:53:48 GMT
server
nginx/1.17.9
etag
"7fa61ab429a981f415ba1c49d1babdbb"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Mar 2051 15:09:07 GMT
truncated
/ 		333 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f1e572871055c1d0e152936f664d5fb075f505b99b412a4776f65a7abe80b505

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
watch.js
mc.yandex.ru/metrika/ 		123 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
a83a4b91b9d7e6f311543068b7c65291d001cd2fb17f19ab8e5a0adb1a0d01e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Origin
http://www.tut.by
Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:53 GMT
content-encoding
br
last-modified
Tue, 09 Mar 2021 18:36:29 GMT
etag
"60472f6c-aa82"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
43650
expires
Thu, 11 Mar 2021 09:34:53 GMT
y300
avatars.mds.yandex.net/get-direct/1520687/Xh3Ysb0uk-48VVJsusmF4g/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.mds.yandex.net/get-direct/1520687/Xh3Ysb0uk-48VVJsusmF4g/y300
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx /
Resource Hash
c92019dc24a40c69676e6591c61e864ee788abe03fb1e3e2c490e79eb9d5956d

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:52 GMT
last-modified
Fri, 04 Dec 2020 15:07:05 GMT
server
nginx
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=604800,immutable
access-control-allow-credentials
true
timing-allow-origin
*
content-length
21802
x-request-id
f8da62180a4b5aa
arrow-light.svg
yastatic.net/pcode-static/resources/32/poster/ 		573 B
864 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yastatic.net/pcode-static/resources/32/poster/arrow-light.svg
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
8f0e6d4660923d760d33c0530003fbd85a1398c4a7ea2c078adf7e81dd7d3e10
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:53 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
317
last-modified
Fri, 15 May 2020 06:40:57 GMT
server
nginx/1.17.9
etag
"9d7414a5605d903642bcfb972f42010d"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=216013
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 Mar 2021 20:30:23 GMT
y300
avatars.mds.yandex.net/get-direct/135341/FF9QLwelj8jSoKjLAi9szg/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.mds.yandex.net/get-direct/135341/FF9QLwelj8jSoKjLAi9szg/y300
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx /
Resource Hash
00f7ccac2bfea70ef3a3c8ce1a6db48ca27361b85b58b564a2077e4c9d84f534

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:52 GMT
last-modified
Tue, 24 Sep 2019 11:45:59 GMT
server
nginx
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=604800,immutable
access-control-allow-credentials
true
timing-allow-origin
*
content-length
35664
x-request-id
a9228aedfb1a5777
ga.php
www.tut.by/login/ 		62 B
954 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tut.by/login/ga.php?tm=1615451692794&js=1
Requested by
Host: www.tut.by
URL: https://www.tut.by/scripts/BY/ga~r29644.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a0a:7d80::b Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software
nginx /
Resource Hash
74f8113a093a9772ebe29204ff0fd89b692fcc0ad69814bc1725fd8f68ceaa4e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 08:34:52 GMT
referrer-policy
unsafe-url
last-modified
Thu, 11 Mar 2021 08:34:52 GMT
server
nginx
vary
Cookie
content-type
application/x-javascript; charset=utf-8
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=15768000
x-robots-tag
noindex, nofollow
content-length
62
expires
Mon, 26 Jul 1997 05:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame DEB5 		17 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4262459596704413&output=html&adk=1812271804&adf=3025194257&lmt=1615451692&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.tut.by%2F&ea=0&flash=0&pra=7&wgl=1&dt=1615451692779&bpp=2&bdt=2751&idt=134&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1323417b6a2f9b9c-22cd222cc0ba0009%3AT%3D1615451692%3AS%3DALNI_MZxt7utreoYvhdp9pzQVYaL-BLHSA&prev_fmts=300x253&nras=1&correlator=6964909445216&rume=1&frm=20&pv=1&ga_vid=1319103873.1615451692&ga_sid=1615451692&ga_hid=1104419952&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21066431%2C21066923%2C21068084%2C21068786%2C21066613%2C21066614%2C21067088&oid=3&pvsid=2883581063428105&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=4&uci=a!4&fsb=1&dtd=142
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210309/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4262459596704413&plah=www.tut.by&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
71c1c463a68414fa8714c7abb742aa0efed513114ced17411969f30ba2de725e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-4262459596704413&output=html&adk=1812271804&adf=3025194257&lmt=1615451692&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.tut.by%2F&ea=0&flash=0&pra=7&wgl=1&dt=1615451692779&bpp=2&bdt=2751&idt=134&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1323417b6a2f9b9c-22cd222cc0ba0009%3AT%3D1615451692%3AS%3DALNI_MZxt7utreoYvhdp9pzQVYaL-BLHSA&prev_fmts=300x253&nras=1&correlator=6964909445216&rume=1&frm=20&pv=1&ga_vid=1319103873.1615451692&ga_sid=1615451692&ga_hid=1104419952&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21066431%2C21066923%2C21068084%2C21068786%2C21066613%2C21066614%2C21067088&oid=3&pvsid=2883581063428105&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=4&uci=a!4&fsb=1&dtd=142
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.tut.by/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.tut.by/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 11 Mar 2021 08:34:53 GMT
server
cafe
content-length
1390
x-xss-protection
0
set-cookie
IDE=AHWqTUmwn-YrVQk7idbv3ogp3kxfPPBm2srwMe8lDqV-mF0StbWMP3aPJvX2b0SuMMY; expires=Tue, 05-Apr-2022 08:34:52 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 11 Mar 2021 08:34:53 GMT
cache-control
private
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012101070013000/ Frame 38F6 		185 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
60583
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53820
x-xss-protection
0
server
sffe
date
Wed, 10 Mar 2021 15:45:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ee5348f2de7cdf64"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Mar 2022 15:45:09 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 38F6 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
60583
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4559
x-xss-protection
0
server
sffe
date
Wed, 10 Mar 2021 15:45:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"c3a321a15743f406"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Mar 2022 15:45:09 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 38F6 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
60583
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27206
x-xss-protection
0
server
sffe
date
Wed, 10 Mar 2021 15:45:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1f991b6a8daa2b14"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Mar 2022 15:45:09 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 38F6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
60583
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1376
x-xss-protection
0
server
sffe
date
Wed, 10 Mar 2021 15:45:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"512b909f94eb26fb"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Mar 2022 15:45:09 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 38F6 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
60583
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12793
x-xss-protection
0
server
sffe
date
Wed, 10 Mar 2021 15:45:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1e3ef417618f7e28"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Mar 2022 15:45:09 GMT
truncated
/ Frame 38F6 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3c2d3fa4b75bc11e8bdcb2bf7e67a65917409b0d9d4089a6e3051e328f0555c0

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
12984855680449086816
tpc.googlesyndication.com/simgad/ Frame 38F6 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12984855680449086816?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmJ1oDgkQMosh4JHm0Rk9MUzxKPkA
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
851c25cc1a1faf247a990597341a16a7056f39a1e477ee75b1e91063cd664cb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 14:04:45 GMT
x-content-type-options
nosniff
last-modified
Thu, 18 Feb 2021 02:52:08 GMT
server
sffe
age
585007
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42652
x-xss-protection
0
expires
Fri, 04 Mar 2022 14:04:45 GMT
ru.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 38F6 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ru.png
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Mar 2021 10:22:27 GMT
x-content-type-options
nosniff
server
cafe
age
79945
etag
6726277462267614359
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3041
x-xss-protection
0
expires
Thu, 11 Mar 2021 10:22:27 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 38F6 		344 B
797 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 11 Mar 2021 06:19:42 GMT
x-content-type-options
nosniff
server
cafe
age
8110
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Fri, 12 Mar 2021 06:19:42 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 38F6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CQAGtLNZJYPipIeOxlQfbrJDoCcCJg-Zhr-WknLIN29keEAEgwYnYPGDp5MmF2BqgAdaKgukCyAEC4AIAqAMByAMIqgTHAU_QzXKFzOu9DvGdbZu3syY_ouABEmolnviEoKNAs-hFtumBWSKGyNuiKuGpMp0grl5oXDP5UxcixX4y7ZMV51KhOep1CWh_lHLnNS67bsCT3Rgofj7DOfLYjz-HEE3rcxSLTDcD7JTdF73jEnMpF77C6bvl9jQHMC6XNuUYF_Dh6I8S8hvqJUaVyhPK7qmGjuAvaBcQUhsXayurii75AskWy0TPa41RJ3JVtWEMNniBSeGO9DVbx1Vz76y3vHkkb3Wf9qvjfo3ABLLQop3CA-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAeS9f2WAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBDV3APSCAkIgOGAUBABGB2ACgPICwHYEw2yFxoKGAgAEhRwdWItNTg4MzA5NjI0MjM4NDgxNQ&sigh=osBUnRRT-lQ&tpd=AGWhJmt70TkV6IE54yACJjdFrd4aSskTLXDsN6KNaHbHayXPYg
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
www.facebook.com/tr/ 		44 B
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=358054421733988&ev=PageView&dl=http%3A%2F%2Fwww.tut.by%2F&rl=&if=false&ts=1615451692971&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1615451692969.968452227&it=1615451692812&coo=false&rqm=GET
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:52 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 11 Mar 2021 08:34:52 GMT
/
www.facebook.com/tr/ 		44 B
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=358054421733988&ev=ViewContent&dl=http%3A%2F%2Fwww.tut.by%2F&rl=&if=false&ts=1615451692975&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&fbp=fb.1.1615451692969.968452227&it=1615451692812&coo=false&rqm=GET
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:52 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 11 Mar 2021 08:34:52 GMT
/
www.facebook.com/tr/ 		44 B
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=358054421733988&ev=Search&dl=http%3A%2F%2Fwww.tut.by%2F&rl=&if=false&ts=1615451692978&sw=1600&sh=1200&v=2.9.33&r=stable&ec=2&o=30&fbp=fb.1.1615451692969.968452227&it=1615451692812&coo=false&rqm=GET
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:52 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 11 Mar 2021 08:34:52 GMT
analytics.js
www.google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.tut.by
URL: https://www.tut.by/scripts/BY/ga~r29644.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
1938
date
Thu, 11 Mar 2021 08:02:35 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Thu, 11 Mar 2021 10:02:35 GMT
render.html
yastatic.net/safeframe-bundles/0.80/1-1-0/ Frame 0D76 		22 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/safeframe-bundles/0.80/1-1-0/render.html
Requested by
Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.80/host.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
40cc818c8b06374b11230d18b2b54f8c7f2a7668b94ac9ee00d6a106cf0efd8b
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

:method
GET
:authority
yastatic.net
:scheme
https
:path
/safeframe-bundles/0.80/1-1-0/render.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.tut.by/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.tut.by/

Response headers

server
nginx/1.17.9
date
Thu, 11 Mar 2021 08:34:53 GMT
content-type
text/html
content-length
6026
access-control-allow-origin
*
cache-control
public, max-age=946708560
content-encoding
br
etag
"f883bd7781c332870c9968db60e89349"
expires
Sat, 11 Mar 2051 15:07:32 GMT
last-modified
Wed, 13 Jan 2021 14:53:48 GMT
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{ "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security
max-age=43200000; includeSubDomains;
timing-allow-origin
*
vary
Accept-Encoding
x-robots-tag
noindex, noarchive, nofollow
accept-ranges
bytes
1
mc.yandex.ru/watch/46086984/
Redirect Chain
  • https://mc.yandex.ru/watch/46086984?wmode=7&page-url=http%3A%2F%2Fwww.tut.by%2F&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1d7r6afuymvj624d%3Afp%3A2314%3Afu%3A0%3Aen%3Aut...
  • https://mc.yandex.ru/watch/46086984/1?wmode=7&page-url=http%3A%2F%2Fwww.tut.by%2F&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1d7r6afuymvj624d%3Afp%3A2314%3Afu%3A0%3Aen%3A...
221 B
289 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/46086984/1?wmode=7&page-url=http%3A%2F%2Fwww.tut.by%2F&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1d7r6afuymvj624d%3Afp%3A2314%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A451%3Acn%3A1%3Adp%3A0%3Als%3A652349869043%3Ahid%3A109910971%3Az%3A60%3Ai%3A20210311093453%3Aet%3A1615451693%3Ac%3A1%3Arn%3A462353930%3Au%3A1615451693671730666%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1615451689878%3Awv%3A2%3Ads%3A5%2C33%2C109%2C66%2C0%2C0%2C%2C2744%2C8%2C%2C%2C%2C2895%3Adsn%3A6%2C32%2C109%2C65%2C0%2C0%2C%2C2681%2C9%2C%2C%2C%2C2895%3Arqnl%3A1%3Ati%3A2%3Ast%3A1615451693%3At%3A%D0%91%D0%B5%D0%BB%D0%BE%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20TUT.BY.%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%D0%B8%20%D0%BC%D0%B8%D1%80%D0%B0
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
6b07e191a13974b75afdb4573654a08b2a7ea83fc96a8dd13f53abb5e5f28b24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 08:34:53 GMT
x-content-type-options
nosniff
last-modified
Thu, 11-Mar-2021 08:34:53 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
http://www.tut.by
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
221
x-xss-protection
1; mode=block
expires
Thu, 11-Mar-2021 08:34:53 GMT

Redirect headers

pragma
no-cache
date
Thu, 11 Mar 2021 08:34:53 GMT
last-modified
Thu, 11-Mar-2021 08:34:53 GMT
location
/watch/46086984/1?wmode=7&page-url=http%3A%2F%2Fwww.tut.by%2F&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1d7r6afuymvj624d%3Afp%3A2314%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A451%3Acn%3A1%3Adp%3A0%3Als%3A652349869043%3Ahid%3A109910971%3Az%3A60%3Ai%3A20210311093453%3Aet%3A1615451693%3Ac%3A1%3Arn%3A462353930%3Au%3A1615451693671730666%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1615451689878%3Awv%3A2%3Ads%3A5%2C33%2C109%2C66%2C0%2C0%2C%2C2744%2C8%2C%2C%2C%2C2895%3Adsn%3A6%2C32%2C109%2C65%2C0%2C0%2C%2C2681%2C9%2C%2C%2C%2C2895%3Arqnl%3A1%3Ati%3A2%3Ast%3A1615451693%3At%3A%D0%91%D0%B5%D0%BB%D0%BE%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20TUT.BY.%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%D0%B8%20%D0%BC%D0%B8%D1%80%D0%B0
strict-transport-security
max-age=31536000
access-control-allow-origin
http://www.tut.by
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
x-xss-protection
1; mode=block
expires
Thu, 11-Mar-2021 08:34:53 GMT
1
mc.yandex.ru/watch/17863687/
Redirect Chain
  • https://mc.yandex.ru/watch/17863687?wmode=7&page-url=http%3A%2F%2Fwww.tut.by%2F&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1d7r6afuymvj624d%3Afp%3A2314%3Afu%3A0%3Aen%3Aut...
  • https://mc.yandex.ru/watch/17863687/1?wmode=7&page-url=http%3A%2F%2Fwww.tut.by%2F&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1d7r6afuymvj624d%3Afp%3A2314%3Afu%3A0%3Aen%3A...
202 B
573 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/17863687/1?wmode=7&page-url=http%3A%2F%2Fwww.tut.by%2F&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1d7r6afuymvj624d%3Afp%3A2314%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A451%3Acn%3A2%3Adp%3A0%3Als%3A103703039246%3Ahid%3A109910971%3Az%3A60%3Ai%3A20210311093453%3Aet%3A1615451693%3Ac%3A1%3Arn%3A506485657%3Au%3A1615451693923476314%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1615451689878%3Awv%3A2%3Ads%3A5%2C33%2C109%2C66%2C0%2C0%2C%2C2744%2C8%2C%2C%2C%2C2895%3Adsn%3A6%2C32%2C109%2C65%2C0%2C0%2C%2C2681%2C9%2C%2C%2C%2C2895%3Arqnl%3A1%3Ati%3A2%3Ast%3A1615451693%3At%3A%D0%91%D0%B5%D0%BB%D0%BE%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20TUT.BY.%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%D0%B8%20%D0%BC%D0%B8%D1%80%D0%B0
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
2f2875d69e936f9a8c819b0be736b0290c91482d2f147c8d2cc71cbb404b6d6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 08:34:53 GMT
x-content-type-options
nosniff
last-modified
Thu, 11-Mar-2021 08:34:53 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
http://www.tut.by
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
202
x-xss-protection
1; mode=block
expires
Thu, 11-Mar-2021 08:34:53 GMT

Redirect headers

pragma
no-cache
date
Thu, 11 Mar 2021 08:34:53 GMT
last-modified
Thu, 11-Mar-2021 08:34:53 GMT
location
/watch/17863687/1?wmode=7&page-url=http%3A%2F%2Fwww.tut.by%2F&charset=utf-8&site-info=%7B%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1d7r6afuymvj624d%3Afp%3A2314%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A451%3Acn%3A2%3Adp%3A0%3Als%3A103703039246%3Ahid%3A109910971%3Az%3A60%3Ai%3A20210311093453%3Aet%3A1615451693%3Ac%3A1%3Arn%3A506485657%3Au%3A1615451693923476314%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1615451689878%3Awv%3A2%3Ads%3A5%2C33%2C109%2C66%2C0%2C0%2C%2C2744%2C8%2C%2C%2C%2C2895%3Adsn%3A6%2C32%2C109%2C65%2C0%2C0%2C%2C2681%2C9%2C%2C%2C%2C2895%3Arqnl%3A1%3Ati%3A2%3Ast%3A1615451693%3At%3A%D0%91%D0%B5%D0%BB%D0%BE%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20TUT.BY.%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%D0%B8%20%D0%BC%D0%B8%D1%80%D0%B0
strict-transport-security
max-age=31536000
access-control-allow-origin
http://www.tut.by
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
x-xss-protection
1; mode=block
expires
Thu, 11-Mar-2021 08:34:53 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 38F6
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Thu, 11 Mar 2021 08:34:53 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
advert.gif
mc.yandex.ru/metrika/ 		43 B
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:53 GMT
last-modified
Tue, 09 Mar 2021 18:36:29 GMT
etag
"60472f6c-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Thu, 11 Mar 2021 09:34:53 GMT
banner
ad.tam.by/api/tutby/ 		10 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.tam.by/api/tutby/banner?limit=12&loc_type=tut_by&location=http://www.tut.by/
Requested by
Host: ad.tam.by
URL: https://ad.tam.by/spy/tracker.js?v=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.125.48.34 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
93-125-48-34.hoster.by
Software
nginx/1.14.2 /
Resource Hash
510e8f014b36c4ed20a71bb1e7a187eb916d02d21132a5a86bd20d4051975eef

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 11 Mar 2021 08:34:53 GMT
Content-Encoding
gzip
Server
nginx/1.14.2
ETag
W/"269f-zjoraAcMtHOSXxl5yL0yloYYrbM"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://www.tut.by
Access-Control-Expose-Headers
IPCity
Transfer-Encoding
chunked
IPCity
eyJ0aXRsZSI6IiVEMCU5QyVEMCVCOCVEMCVCRCVEMSU4MSVEMCVCQSIsImlwX2RldGVjdGVkIjp0cnVlLCJjb2RlIjoxNTgwMCwiZW4iOiJtaW5zayJ9
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-type,Accept,X-Access-Token,X-Key,If-Modified-Since,Authorization,Etag,If-None-Match,IPCity
publisher:getClientId
ampcid.google.com/v1/ 		74 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 11 Mar 2021 08:34:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
http://www.tut.by
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
94
x-xss-protection
0
268667
mc.yandex.ru/watch/ 		167 B
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/268667?wmode=7&page-url=http%3A%2F%2Fwww.tut.by%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2z9ezuq74honwal%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A451%3Acn%3A3%3Adp%3A0%3Als%3A1157756804769%3Ahid%3A109910971%3Az%3A60%3Ai%3A20210311093453%3Aet%3A1615451693%3Ac%3A1%3Arn%3A318767310%3Au%3A1615451693930698643%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1615451689878%3Arqnl%3A1%3Ati%3A2%3Ast%3A1615451693%3At%3A%D0%91%D0%B5%D0%BB%D0%BE%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20TUT.BY.%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%D0%B8%20%D0%BC%D0%B8%D1%80%D0%B0
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
3c546ac07ff790338421602f274863ff9b4e7e255bdcaf37155947d0e7cd4f1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 08:34:53 GMT
x-content-type-options
nosniff
last-modified
Thu, 11-Mar-2021 08:34:53 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
http://www.tut.by
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
167
x-xss-protection
1; mode=block
expires
Thu, 11-Mar-2021 08:34:53 GMT
publisher:getClientId
ampcid.google.de/v1/ 		3 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 11 Mar 2021 08:34:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
http://www.tut.by
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
1
mc.yandex.ru/watch/46086984/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/46086984/1?page-url=http%3A%2F%2Fwww.tut.by%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A1d7r6afuymvj624d%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A451%3Acn%3A1%3Adp%3A1%3Als%3A652349869043%3Ahid%3A109910971%3Az%3A60%3Ai%3A20210311093453%3Aet%3A1615451693%3Ac%3A1%3Arn%3A801310413%3Au%3A1615451693671730666%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1615451689878%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1615451693
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 08:34:53 GMT
last-modified
Thu, 11-Mar-2021 08:34:53 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
http://www.tut.by
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 11-Mar-2021 08:34:53 GMT
1
mc.yandex.ru/watch/17863687/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/17863687/1?page-url=http%3A%2F%2Fwww.tut.by%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A1d7r6afuymvj624d%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A451%3Acn%3A2%3Adp%3A1%3Als%3A103703039246%3Ahid%3A109910971%3Az%3A60%3Ai%3A20210311093453%3Aet%3A1615451693%3Ac%3A1%3Arn%3A600678205%3Au%3A1615451693923476314%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1615451689878%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1615451693
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 08:34:53 GMT
last-modified
Thu, 11-Mar-2021 08:34:53 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
http://www.tut.by
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 11-Mar-2021 08:34:53 GMT
1
mc.yandex.ru/watch/268667/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/268667/1?page-url=http%3A%2F%2Fwww.tut.by%2F&charset=utf-8&cnt-class=1&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2z9ezuq74honwal%3Afp%3A2314%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A451%3Acn%3A3%3Adp%3A0%3Als%3A1157756804769%3Ahid%3A109910971%3Az%3A60%3Ai%3A20210311093453%3Aet%3A1615451693%3Ac%3A1%3Arn%3A602117510%3Au%3A1615451693930698643%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1615451689878%3Ads%3A5%2C33%2C109%2C66%2C0%2C0%2C%2C2744%2C8%2C%2C%2C%2C2895%3Adsn%3A6%2C32%2C109%2C65%2C0%2C0%2C%2C2681%2C9%2C%2C%2C%2C2895%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1615451693
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 08:34:53 GMT
last-modified
Thu, 11-Mar-2021 08:34:53 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
http://www.tut.by
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 11-Mar-2021 08:34:53 GMT
d.png
ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/ Frame 0D76 		95 B
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::5:114 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 11 Mar 2021 08:34:53 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=315360000; includeSubDomains
X-RT-IH
0.0002
Content-Type
image/png
Cache-Control
private
Connection
close
X-RT-IQ
0.0001
Content-Length
95
Expires
Fri, 12 Mar 2021 08:34:53 GMT
268667
mc.yandex.ru/watch/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/268667?page-url=http%3A%2F%2Fwww.tut.by%2F&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2z9ezuq74honwal%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A451%3Acn%3A3%3Adp%3A0%3Als%3A1157756804769%3Ahid%3A109910971%3Az%3A60%3Ai%3A20210311093453%3Aet%3A1615451693%3Ac%3A1%3Arn%3A60114299%3Au%3A1615451693930698643%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1615451689878%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1615451693%3At%3A%D0%91%D0%B5%D0%BB%D0%BE%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20TUT.BY.%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D0%B8%20%D0%B8%20%D0%BC%D0%B8%D1%80%D0%B0
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 08:34:53 GMT
last-modified
Thu, 11-Mar-2021 08:34:53 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
http://www.tut.by
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 11-Mar-2021 08:34:53 GMT
csi
csi.gstatic.com/ Frame 38F6 		0
331 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?s=ampad&ctx=2&puid=1~1615451693347&c=2883581063428105&qqid=CPjvpMLqp-8CFeNY5QodWxYEnQ&rt=any.link.3.1a.f.7.k.1.1687.15j0~any.script.4.16.1.i.0.0.3kv.3in~any.script.4.1a.3.j.0.0.l28.kzq~any.script.4.18.0.l.0.0.14g.128~any.script.4.16.1.j.0.0.9xm.9vd~any.img.7.w.3.f.0.0.x0j.wws~any.img.7.w.0.g.0.0.2f4.2ch~any.img.7.t.1.e.r.0.m5.9k~any.img.7.28.2f.0.0.0.0.0~any.img.7a.13.8d.0.0.0.0.0&met.a4a=dcl.0~ol.~nvs.1615451692938~ini.1615451693349
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/v0/amp-analytics-0.1.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400a:801::2003 Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 08:34:53 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
html
ad.tam.by/retarget/banner/ 		0
543 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.tam.by/retarget/banner/html?type=200x200&special_banner=show_on_main
Requested by
Host: ad.tam.by
URL: https://ad.tam.by/spy/tracker.js?v=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.125.48.34 , Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
93-125-48-34.hoster.by
Software
nginx/1.14.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 11 Mar 2021 08:34:53 GMT
Server
nginx/1.14.2
ETag
W/"9-R1yEhnOj95+nePAcK9WnIdTEFwc"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
http://www.tut.by
Access-Control-Expose-Headers
IPCity
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-type,Accept,X-Access-Token,X-Key,If-Modified-Since,Authorization,Etag,If-None-Match,IPCity
icon-gift.png
img.tyt.by/catalog/icons/ 		268 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.tyt.by/catalog/icons/icon-gift.png
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a0a:7d80::b Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software
nginx /
Resource Hash
6f79476df3093af3ab73e5e938479c8e2158615b010f010bc9f2f1a504976356
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:53 GMT
last-modified
Tue, 16 Oct 2018 11:32:39 GMT
server
nginx
etag
"5bc5cc57-10c"
strict-transport-security
max-age=15768000
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
content-length
268
expires
Thu, 25 Mar 2021 08:34:53 GMT
css
fonts.googleapis.com/ Frame 6C7D 		2 KB
627 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4262459596704413&output=html&h=253&slotname=2783279852&adk=1045486368&adf=4037928039&pi=t.ma~as.2783279852&w=300&lmt=1615451692&rafmt=11&psa=0&format=300x253&url=http%3A%2F%2Fwww.tut.by%2F&flash=0&wgl=1&dt=1615451692710&bpp=10&bdt=2681&idt=108&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1323417b6a2f9b9c-22cd222cc0ba0009%3AT%3D1615451692%3AS%3DALNI_MZxt7utreoYvhdp9pzQVYaL-BLHSA&correlator=6964909445216&rume=1&frm=20&pv=2&ga_vid=1319103873.1615451692&ga_sid=1615451692&ga_hid=1104419952&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1180&ady=3740&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21066431%2C21066923%2C21068084%2C21068786%2C21066613%2C21066614%2C21067088&oid=3&pvsid=2883581063428105&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CoeEbr%7C&abl=NS&pfx=0&fu=8320&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Y6GozkO40i&p=http%3A//www.tut.by&dtd=124
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c6a305cd9f8592bbd50ddd47eb5af53952b97937e9b0c4df40498f7140ff8a49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 11 Mar 2021 08:28:26 GMT
server
ESF
date
Thu, 11 Mar 2021 08:34:53 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 11 Mar 2021 08:34:53 GMT
spam_signals_bundle_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210309/r20110914/elements/html/spam_signals/ Frame 6C7D 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210309/r20110914/elements/html/spam_signals/spam_signals_bundle_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4262459596704413&output=html&h=253&slotname=2783279852&adk=1045486368&adf=4037928039&pi=t.ma~as.2783279852&w=300&lmt=1615451692&rafmt=11&psa=0&format=300x253&url=http%3A%2F%2Fwww.tut.by%2F&flash=0&wgl=1&dt=1615451692710&bpp=10&bdt=2681&idt=108&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1323417b6a2f9b9c-22cd222cc0ba0009%3AT%3D1615451692%3AS%3DALNI_MZxt7utreoYvhdp9pzQVYaL-BLHSA&correlator=6964909445216&rume=1&frm=20&pv=2&ga_vid=1319103873.1615451692&ga_sid=1615451692&ga_hid=1104419952&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1180&ady=3740&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21066431%2C21066923%2C21068084%2C21068786%2C21066613%2C21066614%2C21067088&oid=3&pvsid=2883581063428105&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CoeEbr%7C&abl=NS&pfx=0&fu=8320&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Y6GozkO40i&p=http%3A//www.tut.by&dtd=124
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
086cc8b8f2014b67a226e28c03392b08f0c6278b5f988cdbb5e26a5349d946f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 05:28:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11171
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2537
x-xss-protection
0
server
cafe
etag
3404100309940318720
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Mar 2021 05:28:42 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/ Frame 6C7D 		2 KB
992 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4262459596704413&output=html&h=253&slotname=2783279852&adk=1045486368&adf=4037928039&pi=t.ma~as.2783279852&w=300&lmt=1615451692&rafmt=11&psa=0&format=300x253&url=http%3A%2F%2Fwww.tut.by%2F&flash=0&wgl=1&dt=1615451692710&bpp=10&bdt=2681&idt=108&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1323417b6a2f9b9c-22cd222cc0ba0009%3AT%3D1615451692%3AS%3DALNI_MZxt7utreoYvhdp9pzQVYaL-BLHSA&correlator=6964909445216&rume=1&frm=20&pv=2&ga_vid=1319103873.1615451692&ga_sid=1615451692&ga_hid=1104419952&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1180&ady=3740&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21066431%2C21066923%2C21068084%2C21068786%2C21066613%2C21066614%2C21067088&oid=3&pvsid=2883581063428105&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CoeEbr%7C&abl=NS&pfx=0&fu=8320&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Y6GozkO40i&p=http%3A//www.tut.by&dtd=124
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:21:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
790
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
896
x-xss-protection
0
server
cafe
etag
948078048762640732
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Mar 2021 08:21:43 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210309/r20110914/ Frame 6C7D 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210309/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4262459596704413&output=html&h=253&slotname=2783279852&adk=1045486368&adf=4037928039&pi=t.ma~as.2783279852&w=300&lmt=1615451692&rafmt=11&psa=0&format=300x253&url=http%3A%2F%2Fwww.tut.by%2F&flash=0&wgl=1&dt=1615451692710&bpp=10&bdt=2681&idt=108&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1323417b6a2f9b9c-22cd222cc0ba0009%3AT%3D1615451692%3AS%3DALNI_MZxt7utreoYvhdp9pzQVYaL-BLHSA&correlator=6964909445216&rume=1&frm=20&pv=2&ga_vid=1319103873.1615451692&ga_sid=1615451692&ga_hid=1104419952&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1180&ady=3740&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21066431%2C21066923%2C21068084%2C21068786%2C21066613%2C21066614%2C21067088&oid=3&pvsid=2883581063428105&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CoeEbr%7C&abl=NS&pfx=0&fu=8320&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Y6GozkO40i&p=http%3A//www.tut.by&dtd=124
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dfa4afc591a648c53ed92c8b08026647f6a19e04a783676dd437a4fb69d4c72c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:32:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
159
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7138
x-xss-protection
0
server
cafe
etag
7904608329869157807
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Mar 2021 08:32:14 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/ Frame 6C7D 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4262459596704413&output=html&h=253&slotname=2783279852&adk=1045486368&adf=4037928039&pi=t.ma~as.2783279852&w=300&lmt=1615451692&rafmt=11&psa=0&format=300x253&url=http%3A%2F%2Fwww.tut.by%2F&flash=0&wgl=1&dt=1615451692710&bpp=10&bdt=2681&idt=108&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1323417b6a2f9b9c-22cd222cc0ba0009%3AT%3D1615451692%3AS%3DALNI_MZxt7utreoYvhdp9pzQVYaL-BLHSA&correlator=6964909445216&rume=1&frm=20&pv=2&ga_vid=1319103873.1615451692&ga_sid=1615451692&ga_hid=1104419952&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1180&ady=3740&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21066431%2C21066923%2C21068084%2C21068786%2C21066613%2C21066614%2C21067088&oid=3&pvsid=2883581063428105&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CoeEbr%7C&abl=NS&pfx=0&fu=8320&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Y6GozkO40i&p=http%3A//www.tut.by&dtd=124
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
79c521a89112af803faa48f72e1f5f1b5d0685129a14b917317d1cc688613a18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
6751271179024913178
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Mar 2021 08:34:44 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6C7D 		112 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4262459596704413&output=html&h=253&slotname=2783279852&adk=1045486368&adf=4037928039&pi=t.ma~as.2783279852&w=300&lmt=1615451692&rafmt=11&psa=0&format=300x253&url=http%3A%2F%2Fwww.tut.by%2F&flash=0&wgl=1&dt=1615451692710&bpp=10&bdt=2681&idt=108&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1323417b6a2f9b9c-22cd222cc0ba0009%3AT%3D1615451692%3AS%3DALNI_MZxt7utreoYvhdp9pzQVYaL-BLHSA&correlator=6964909445216&rume=1&frm=20&pv=2&ga_vid=1319103873.1615451692&ga_sid=1615451692&ga_hid=1104419952&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1180&ady=3740&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21066431%2C21066923%2C21068084%2C21068786%2C21066613%2C21066614%2C21067088&oid=3&pvsid=2883581063428105&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CoeEbr%7C&abl=NS&pfx=0&fu=8320&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Y6GozkO40i&p=http%3A//www.tut.by&dtd=124
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61902c5623fc9780b6485f3439557295cc392d92d114aa404b56128dd65ea704
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1615378840307797"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34576
x-xss-protection
0
expires
Thu, 11 Mar 2021 08:34:53 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/ Frame 6C7D 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210309/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4262459596704413&output=html&h=253&slotname=2783279852&adk=1045486368&adf=4037928039&pi=t.ma~as.2783279852&w=300&lmt=1615451692&rafmt=11&psa=0&format=300x253&url=http%3A%2F%2Fwww.tut.by%2F&flash=0&wgl=1&dt=1615451692710&bpp=10&bdt=2681&idt=108&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1323417b6a2f9b9c-22cd222cc0ba0009%3AT%3D1615451692%3AS%3DALNI_MZxt7utreoYvhdp9pzQVYaL-BLHSA&correlator=6964909445216&rume=1&frm=20&pv=2&ga_vid=1319103873.1615451692&ga_sid=1615451692&ga_hid=1104419952&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1180&ady=3740&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21066431%2C21066923%2C21068084%2C21068786%2C21066613%2C21066614%2C21067088&oid=3&pvsid=2883581063428105&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CoeEbr%7C&abl=NS&pfx=0&fu=8320&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Y6GozkO40i&p=http%3A//www.tut.by&dtd=124
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f14a53d6e112f5652255e499e109659fe79678b0de2eec4f42a1ac48c9ce72bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5996
x-xss-protection
0
server
cafe
etag
15528521553155206461
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Mar 2021 08:34:30 GMT
l
www.google.com/ads/measurement/ Frame 6C7D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQBrRd0Y0RTrSzqzm-1Sl3Ro04fy7rq9-KE1SYcnjZ1gr7eUJ1vUKj-uH7-zaCGdPLhhs3QBlcT3n1vWmjZigUvL0nOJg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4262459596704413&output=html&h=253&slotname=2783279852&adk=1045486368&adf=4037928039&pi=t.ma~as.2783279852&w=300&lmt=1615451692&rafmt=11&psa=0&format=300x253&url=http%3A%2F%2Fwww.tut.by%2F&flash=0&wgl=1&dt=1615451692710&bpp=10&bdt=2681&idt=108&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1323417b6a2f9b9c-22cd222cc0ba0009%3AT%3D1615451692%3AS%3DALNI_MZxt7utreoYvhdp9pzQVYaL-BLHSA&correlator=6964909445216&rume=1&frm=20&pv=2&ga_vid=1319103873.1615451692&ga_sid=1615451692&ga_hid=1104419952&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1180&ady=3740&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21066431%2C21066923%2C21068084%2C21068786%2C21066613%2C21066614%2C21067088&oid=3&pvsid=2883581063428105&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CoeEbr%7C&abl=NS&pfx=0&fu=8320&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Y6GozkO40i&p=http%3A//www.tut.by&dtd=124
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
1e8eaeef6431cb6de349a68674062a29.js
www.gstatic.com/mysidia/ Frame 6C7D 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/1e8eaeef6431cb6de349a68674062a29.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4262459596704413&output=html&h=253&slotname=2783279852&adk=1045486368&adf=4037928039&pi=t.ma~as.2783279852&w=300&lmt=1615451692&rafmt=11&psa=0&format=300x253&url=http%3A%2F%2Fwww.tut.by%2F&flash=0&wgl=1&dt=1615451692710&bpp=10&bdt=2681&idt=108&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1323417b6a2f9b9c-22cd222cc0ba0009%3AT%3D1615451692%3AS%3DALNI_MZxt7utreoYvhdp9pzQVYaL-BLHSA&correlator=6964909445216&rume=1&frm=20&pv=2&ga_vid=1319103873.1615451692&ga_sid=1615451692&ga_hid=1104419952&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1180&ady=3740&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21066431%2C21066923%2C21068084%2C21068786%2C21066613%2C21066614%2C21067088&oid=3&pvsid=2883581063428105&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CoeEbr%7C&abl=NS&pfx=0&fu=8320&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Y6GozkO40i&p=http%3A//www.tut.by&dtd=124
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b0b572a90abb3fce27b9dc1f79145706c7bcc6cc3ac84c8f501d344132816d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 21:17:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 09 Mar 2021 03:08:06 GMT
server
sffe
age
40666
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10971
x-xss-protection
0
expires
Tue, 08 Jun 2021 21:17:07 GMT
/
www.facebook.com/tr/ 		0
103 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundary4KJ2sv1OBVgR1WfR

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Thu, 11 Mar 2021 08:34:53 GMT
content-type
text/plain
access-control-allow-origin
http://www.tut.by
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
adview
googleads.g.doubleclick.net/pagead/ Frame 6C7D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CWF6ALNZJYNXTNZfb7_UP4sui0A3-gLnmYfC2gOvfC77l1byEGhABILmzwS9glYq4gsgHoAGsoPvOAsgBCakCPHRA1KUEtD6oAwHIA8sEqgSzAU_QcT_evjc1voZvaEh1XZqWwhynrkr9Qynwm2LbCbu96NZ5aAaFlz0Fg54TzvozMDkwsFFwLSQIF1GjEd0TSOUx0itWIThITx2equBsutwPsPR3tqp1CIWHE_iRF4aXHIHwWqWvZOYg2_7dr8dVQXGOjHHh7lOm3oUsKwmOiEsymyg62tvU0Tu20WfFwuj9AK8deMxgA0IVkfZywgJCHX_FvFKr6sHWJbdIcY2nJecMsw9wwATQxKPUjQOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHvN-EsQGoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEJr9CNIICQiA4YAQEAEYH4AKAcgLAdgTDtAVAYAXAbIXGgoYCAASFHB1Yi00MjYyNDU5NTk2NzA0NDEz&sigh=g6Ih67RT0SI&template_id=494&tpd=AGWhJmu49wFxVKIihVyNWyYMAQb_-DUkt6tuFM4ebdOcvwB_Xg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4262459596704413&output=html&h=253&slotname=2783279852&adk=1045486368&adf=4037928039&pi=t.ma~as.2783279852&w=300&lmt=1615451692&rafmt=11&psa=0&format=300x253&url=http%3A%2F%2Fwww.tut.by%2F&flash=0&wgl=1&dt=1615451692710&bpp=10&bdt=2681&idt=108&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1323417b6a2f9b9c-22cd222cc0ba0009%3AT%3D1615451692%3AS%3DALNI_MZxt7utreoYvhdp9pzQVYaL-BLHSA&correlator=6964909445216&rume=1&frm=20&pv=2&ga_vid=1319103873.1615451692&ga_sid=1615451692&ga_hid=1104419952&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1180&ady=3740&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21066431%2C21066923%2C21068084%2C21068786%2C21066613%2C21066614%2C21067088&oid=3&pvsid=2883581063428105&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CoeEbr%7C&abl=NS&pfx=0&fu=8320&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Y6GozkO40i&p=http%3A//www.tut.by&dtd=124
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4262459596704413&output=html&h=253&slotname=2783279852&adk=1045486368&adf=4037928039&pi=t.ma~as.2783279852&w=300&lmt=1615451692&rafmt=11&psa=0&format=300x253&url=http%3A%2F%2Fwww.tut.by%2F&flash=0&wgl=1&dt=1615451692710&bpp=10&bdt=2681&idt=108&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1323417b6a2f9b9c-22cd222cc0ba0009%3AT%3D1615451692%3AS%3DALNI_MZxt7utreoYvhdp9pzQVYaL-BLHSA&correlator=6964909445216&rume=1&frm=20&pv=2&ga_vid=1319103873.1615451692&ga_sid=1615451692&ga_hid=1104419952&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1180&ady=3740&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21066431%2C21066923%2C21068084%2C21068786%2C21066613%2C21066614%2C21067088&oid=3&pvsid=2883581063428105&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CoeEbr%7C&abl=NS&pfx=0&fu=8320&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Y6GozkO40i&p=http%3A//www.tut.by&dtd=124
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 11 Mar 2021 08:34:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 7486 		1 KB
854 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4262459596704413&output=html&h=253&slotname=2783279852&adk=1045486368&adf=4037928039&pi=t.ma~as.2783279852&w=300&lmt=1615451692&rafmt=11&psa=0&format=300x253&url=http%3A%2F%2Fwww.tut.by%2F&flash=0&wgl=1&dt=1615451692710&bpp=10&bdt=2681&idt=108&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1323417b6a2f9b9c-22cd222cc0ba0009%3AT%3D1615451692%3AS%3DALNI_MZxt7utreoYvhdp9pzQVYaL-BLHSA&correlator=6964909445216&rume=1&frm=20&pv=2&ga_vid=1319103873.1615451692&ga_sid=1615451692&ga_hid=1104419952&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1180&ady=3740&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21066431%2C21066923%2C21068084%2C21068786%2C21066613%2C21066614%2C21067088&oid=3&pvsid=2883581063428105&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CoeEbr%7C&abl=NS&pfx=0&fu=8320&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Y6GozkO40i&p=http%3A//www.tut.by&dtd=124
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 11 Mar 2021 03:14:09 GMT
expires
Fri, 12 Mar 2021 03:14:09 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
cache-control
public, max-age=86400
age
19244
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
shopping
encrypted-tbn1.gstatic.com/ Frame 6C7D 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSI6A7NpKMPGYM31VHmn4ytZiBcHHjzVsQMuVuvmiMfO9ssqbrwIJo2a9D27oo&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4262459596704413&output=html&h=253&slotname=2783279852&adk=1045486368&adf=4037928039&pi=t.ma~as.2783279852&w=300&lmt=1615451692&rafmt=11&psa=0&format=300x253&url=http%3A%2F%2Fwww.tut.by%2F&flash=0&wgl=1&dt=1615451692710&bpp=10&bdt=2681&idt=108&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1323417b6a2f9b9c-22cd222cc0ba0009%3AT%3D1615451692%3AS%3DALNI_MZxt7utreoYvhdp9pzQVYaL-BLHSA&correlator=6964909445216&rume=1&frm=20&pv=2&ga_vid=1319103873.1615451692&ga_sid=1615451692&ga_hid=1104419952&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1180&ady=3740&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21066431%2C21066923%2C21068084%2C21068786%2C21066613%2C21066614%2C21067088&oid=3&pvsid=2883581063428105&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CoeEbr%7C&abl=NS&pfx=0&fu=8320&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Y6GozkO40i&p=http%3A//www.tut.by&dtd=124
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
186294e04dbae537603379d50ca624e25ede48a8dacdcb9ee3b557740a17cabf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 20:00:52 GMT
x-content-type-options
nosniff
last-modified
Wed, 15 Jan 2020 22:42:54 GMT
server
sffe
age
45241
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24467
x-xss-protection
0
expires
Thu, 10 Mar 2022 20:00:52 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 6C7D 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQzUN-WzWqqjpTBsFtxEwfcjpbtde9NQCnGfWJrP78DdWOgemLKL_ZglktbLKY&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4262459596704413&output=html&h=253&slotname=2783279852&adk=1045486368&adf=4037928039&pi=t.ma~as.2783279852&w=300&lmt=1615451692&rafmt=11&psa=0&format=300x253&url=http%3A%2F%2Fwww.tut.by%2F&flash=0&wgl=1&dt=1615451692710&bpp=10&bdt=2681&idt=108&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1323417b6a2f9b9c-22cd222cc0ba0009%3AT%3D1615451692%3AS%3DALNI_MZxt7utreoYvhdp9pzQVYaL-BLHSA&correlator=6964909445216&rume=1&frm=20&pv=2&ga_vid=1319103873.1615451692&ga_sid=1615451692&ga_hid=1104419952&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1180&ady=3740&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21066431%2C21066923%2C21068084%2C21068786%2C21066613%2C21066614%2C21067088&oid=3&pvsid=2883581063428105&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CoeEbr%7C&abl=NS&pfx=0&fu=8320&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Y6GozkO40i&p=http%3A//www.tut.by&dtd=124
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e042b7bc630b5a4a748f4f939ea04e78a3cea0b19fbf32f078977a56628d589b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 10:57:21 GMT
x-content-type-options
nosniff
last-modified
Tue, 14 Jan 2020 00:04:17 GMT
server
sffe
age
423452
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22049
x-xss-protection
0
expires
Sun, 06 Mar 2022 10:57:21 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 6C7D 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRY117Jnzjti8qLiSdEd4ybjJ4Y4GRAP5GOyT0LYboBo5EnSNmYSmXWpt6AYSw&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4262459596704413&output=html&h=253&slotname=2783279852&adk=1045486368&adf=4037928039&pi=t.ma~as.2783279852&w=300&lmt=1615451692&rafmt=11&psa=0&format=300x253&url=http%3A%2F%2Fwww.tut.by%2F&flash=0&wgl=1&dt=1615451692710&bpp=10&bdt=2681&idt=108&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1323417b6a2f9b9c-22cd222cc0ba0009%3AT%3D1615451692%3AS%3DALNI_MZxt7utreoYvhdp9pzQVYaL-BLHSA&correlator=6964909445216&rume=1&frm=20&pv=2&ga_vid=1319103873.1615451692&ga_sid=1615451692&ga_hid=1104419952&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1180&ady=3740&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21066431%2C21066923%2C21068084%2C21068786%2C21066613%2C21066614%2C21067088&oid=3&pvsid=2883581063428105&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CoeEbr%7C&abl=NS&pfx=0&fu=8320&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Y6GozkO40i&p=http%3A//www.tut.by&dtd=124
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f032c6fed67540f63c074f56e3063a986eaafaf9b8d44ebaf7bf68f3e09d78e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 05:08:55 GMT
x-content-type-options
nosniff
last-modified
Sat, 05 Dec 2020 09:47:06 GMT
server
sffe
age
12358
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25101
x-xss-protection
0
expires
Fri, 11 Mar 2022 05:08:55 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 6C7D 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTMZwBLy6MdWkEup8dMVMB6qd3RGSADeER8UI1UeXQA0HqE84t9LmVSehqbRdk&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4262459596704413&output=html&h=253&slotname=2783279852&adk=1045486368&adf=4037928039&pi=t.ma~as.2783279852&w=300&lmt=1615451692&rafmt=11&psa=0&format=300x253&url=http%3A%2F%2Fwww.tut.by%2F&flash=0&wgl=1&dt=1615451692710&bpp=10&bdt=2681&idt=108&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1323417b6a2f9b9c-22cd222cc0ba0009%3AT%3D1615451692%3AS%3DALNI_MZxt7utreoYvhdp9pzQVYaL-BLHSA&correlator=6964909445216&rume=1&frm=20&pv=2&ga_vid=1319103873.1615451692&ga_sid=1615451692&ga_hid=1104419952&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1180&ady=3740&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21066431%2C21066923%2C21068084%2C21068786%2C21066613%2C21066614%2C21067088&oid=3&pvsid=2883581063428105&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CoeEbr%7C&abl=NS&pfx=0&fu=8320&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Y6GozkO40i&p=http%3A//www.tut.by&dtd=124
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc20830a3c063a54ddf295fb84a1d7980e94fa3fe67d126b9952383cccfc713c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 06:53:17 GMT
x-content-type-options
nosniff
last-modified
Sat, 05 Dec 2020 09:47:01 GMT
server
sffe
age
438096
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25026
x-xss-protection
0
expires
Sun, 06 Mar 2022 06:53:17 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 6C7D 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQ8qLKJCDbGhUREoLDT_xPnXRD9mYKpJqdulUygl4WqImRYugg9&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4262459596704413&output=html&h=253&slotname=2783279852&adk=1045486368&adf=4037928039&pi=t.ma~as.2783279852&w=300&lmt=1615451692&rafmt=11&psa=0&format=300x253&url=http%3A%2F%2Fwww.tut.by%2F&flash=0&wgl=1&dt=1615451692710&bpp=10&bdt=2681&idt=108&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1323417b6a2f9b9c-22cd222cc0ba0009%3AT%3D1615451692%3AS%3DALNI_MZxt7utreoYvhdp9pzQVYaL-BLHSA&correlator=6964909445216&rume=1&frm=20&pv=2&ga_vid=1319103873.1615451692&ga_sid=1615451692&ga_hid=1104419952&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1180&ady=3740&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21066431%2C21066923%2C21068084%2C21068786%2C21066613%2C21066614%2C21067088&oid=3&pvsid=2883581063428105&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CoeEbr%7C&abl=NS&pfx=0&fu=8320&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Y6GozkO40i&p=http%3A//www.tut.by&dtd=124
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de573764232019f5c74a42f4cdc0a57352afd05a2b6bdb8dcc0cab8eb243b7d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 11:27:24 GMT
x-content-type-options
nosniff
last-modified
Sat, 04 Apr 2020 10:34:15 GMT
server
sffe
age
508049
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25425
x-xss-protection
0
expires
Sat, 05 Mar 2022 11:27:24 GMT
truncated
/ Frame 6C7D 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
471b23a92e7d1f35e34e5137b3393c7096b407a71b8edf36b5e3fffbcd84fdf2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
dpixel
cms.quantserve.com/ Frame 7486 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBO0Y8Mig9wNFp6-nVEyUNI&google_cver=1&google_push=AQvitUKHzbCt0e6lFo-dD6mE_QMA1e7C24kPCtvtKHVA_8ycvYd8w6yzZUK6EiR6z9bqmPEMbAxrUeGRbQZld81StiUGi3-tzxPv
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4262459596704413&output=html&h=253&slotname=2783279852&adk=1045486368&adf=4037928039&pi=t.ma~as.2783279852&w=300&lmt=1615451692&rafmt=11&psa=0&format=300x253&url=http%3A%2F%2Fwww.tut.by%2F&flash=0&wgl=1&dt=1615451692710&bpp=10&bdt=2681&idt=108&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1323417b6a2f9b9c-22cd222cc0ba0009%3AT%3D1615451692%3AS%3DALNI_MZxt7utreoYvhdp9pzQVYaL-BLHSA&correlator=6964909445216&rume=1&frm=20&pv=2&ga_vid=1319103873.1615451692&ga_sid=1615451692&ga_hid=1104419952&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1180&ady=3740&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21066431%2C21066923%2C21068084%2C21068786%2C21066613%2C21066614%2C21067088&oid=3&pvsid=2883581063428105&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CoeEbr%7C&abl=NS&pfx=0&fu=8320&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Y6GozkO40i&p=http%3A//www.tut.by&dtd=124
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 08:34:53 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7486
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEJoPdv4b7GwH6ww-WkuuxFc&google_cver=1&google_push=AQvitUK5glehmAZv7aWqjMbLDtkHAp6R1N6iGSOLFQ65SgZVKLK5-tP71b6mRQlwZVUqU_-kbnrxUe_3ooPlHZY4z_iZqatuWeJm
  • https://cm.g.doubleclick.net/pixel?google_nid=akneustar_dmp&google_cm&google_hm=Q0FFU0VKb1BkdjRiN0d3SDZ3dy1Xa3V1eEZj
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=akneustar_dmp&google_cm&google_hm=Q0FFU0VKb1BkdjRiN0d3SDZ3dy1Xa3V1eEZj
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 08:34:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 11 Mar 2021 08:34:52 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=akneustar_dmp&google_cm&google_hm=Q0FFU0VKb1BkdjRiN0d3SDZ3dy1Xa3V1eEZj
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7486
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUKYz4e9...
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUKYz4e9...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMTEwODM0NTQ1MzY4MDUxNDYyMjM4NQ%3D%3D&google_push=AQvitUKYz4e90hxiSDVfu7Can9MJnXj-yjVkYvJTrHWWe9tvkzvJRQl4gJ_EXaJe0nq0zJ...
170 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMTEwODM0NTQ1MzY4MDUxNDYyMjM4NQ%3D%3D&google_push=AQvitUKYz4e90hxiSDVfu7Can9MJnXj-yjVkYvJTrHWWe9tvkzvJRQl4gJ_EXaJe0nq0zJuNLj31S98ALnQlnpfkBJ8WwpctOxrC
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 08:34:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMTEwODM0NTQ1MzY4MDUxNDYyMjM4NQ%3D%3D&google_push=AQvitUKYz4e90hxiSDVfu7Can9MJnXj-yjVkYvJTrHWWe9tvkzvJRQl4gJ_EXaJe0nq0zJuNLj31S98ALnQlnpfkBJ8WwpctOxrC
Pragma
no-cache
Date
Thu, 11 Mar 2021 08:34:54 GMT
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 7486
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEGsOTAkov5Toj29k2_kCBro&google_cver=1&google_push=AQvitUKGOsr6b9VO-Od-moo7IquBxO6zlr74RffMFqY0zGfXvU5C99nXh4QXmL2yiWRw2eEY4k5lydF86SRzfnxYVxmT_t3_et7M
  • https://rtb.openx.net/sync/dds?google_gid=CAESEGsOTAkov5Toj29k2_kCBro&google_cver=1&google_push=AQvitUKGOsr6b9VO-Od-moo7IquBxO6zlr74RffMFqY0zGfXvU5C99nXh4QXmL2yiWRw2eEY4k5lydF86SRzfnxYVxmT_t3_et7M&...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKGOsr6b9VO-Od-moo7IquBxO6zlr74RffMFqY0zGfXvU5C99nXh4QXmL2yiWRw2eEY4k5lydF86SRzfnxYVxmT_t3_et7M&google_hm=fvUDP4BCwS0oGqYqjeODXg==
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKGOsr6b9VO-Od-moo7IquBxO6zlr74RffMFqY0zGfXvU5C99nXh4QXmL2yiWRw2eEY4k5lydF86SRzfnxYVxmT_t3_et7M&google_hm=fvUDP4BCwS0oGqYqjeODXg==
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 08:34:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 11 Mar 2021 08:34:53 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKGOsr6b9VO-Od-moo7IquBxO6zlr74RffMFqY0zGfXvU5C99nXh4QXmL2yiWRw2eEY4k5lydF86SRzfnxYVxmT_t3_et7M&google_hm=fvUDP4BCwS0oGqYqjeODXg==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
1cdolgdn4s0dsqvrb2mgi7qve5tqrbe1
pixel
cm.g.doubleclick.net/ Frame 7486
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=EvFyAOaUQYmGiFHgDHxJCA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=EvFyAOaUQYmGiFHgDHxJCA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUK0SKumcj7fKOybes0Td9YHaW0-LXE2wsz-Zh9M4jd0t1QRgxhd4_y5wPQ_Cy71YvQchgexSSWo1WXXpG4IPd1Q1UEEa2Vc
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 08:34:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=EvFyAOaUQYmGiFHgDHxJCA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUK0SKumcj7fKOybes0Td9YHaW0-LXE2wsz-Zh9M4jd0t1QRgxhd4_y5wPQ_Cy71YvQchgexSSWo1WXXpG4IPd1Q1UEEa2Vc
Date
Thu, 11 Mar 2021 08:34:52 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
0
Content-Type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 7486
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECuWVfNt5n9aqACKDzM6xgM&google_cver=1&google_push=AQvitULSFx-VQpD0NBdXfUhK0P42BV1L0XY3Kg9TRDaGHeesoKrCwWG1BlgTnUDaOLDyB6LqWB_...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S000TTg4RlctUC03MlJY&google_push=AQvitULSFx-VQpD0NBdXfUhK0P42BV1L0XY3Kg9TRDaGHeesoKrCwWG1BlgTnUDaOLDyB6LqWB_B9nGsQtrxBt41Y6uw5Aie4QLo
170 B
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S000TTg4RlctUC03MlJY&google_push=AQvitULSFx-VQpD0NBdXfUhK0P42BV1L0XY3Kg9TRDaGHeesoKrCwWG1BlgTnUDaOLDyB6LqWB_B9nGsQtrxBt41Y6uw5Aie4QLo
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 08:34:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S000TTg4RlctUC03MlJY&google_push=AQvitULSFx-VQpD0NBdXfUhK0P42BV1L0XY3Kg9TRDaGHeesoKrCwWG1BlgTnUDaOLDyB6LqWB_B9nGsQtrxBt41Y6uw5Aie4QLo
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
pixel
cm.g.doubleclick.net/ Frame 7486
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEGblvhZ2LfteHSX8CUuz50&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEGblvhZ2LfteHSX8CUuz50&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YEnWLV9FenTlgZLP0FOHHwAABGYAAAAB&google_push=AQvitUKDzASIsmfaMJPFpwYKjsEr3cO-je0u9WYqJlZP42nTQDaElZ99yXEWIuYWyHFQWZzTRQWTLn4CgR2cwr6QDh...
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YEnWLV9FenTlgZLP0FOHHwAABGYAAAAB&google_push=AQvitUKDzASIsmfaMJPFpwYKjsEr3cO-je0u9WYqJlZP42nTQDaElZ99yXEWIuYWyHFQWZzTRQWTLn4CgR2cwr6QDhpA_HyfgdIS&google_cver=1&google_gid=CAESEEGblvhZ2LfteHSX8CUuz50
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 08:34:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 11 Mar 2021 08:34:53 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YEnWLV9FenTlgZLP0FOHHwAABGYAAAAB&google_push=AQvitUKDzASIsmfaMJPFpwYKjsEr3cO-je0u9WYqJlZP42nTQDaElZ99yXEWIuYWyHFQWZzTRQWTLn4CgR2cwr6QDhpA_HyfgdIS&google_cver=1&google_gid=CAESEEGblvhZ2LfteHSX8CUuz50
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
460
Expires
Thu, 11 Mar 2021 08:34:53 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 7486 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JUXerWH59eo1ictG8t1r8m0CPmLTCLgjxBzdCxYlJdXxA3rR78s3MoNqpKKS__RZ4YKp-S
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4262459596704413&output=html&h=253&slotname=2783279852&adk=1045486368&adf=4037928039&pi=t.ma~as.2783279852&w=300&lmt=1615451692&rafmt=11&psa=0&format=300x253&url=http%3A%2F%2Fwww.tut.by%2F&flash=0&wgl=1&dt=1615451692710&bpp=10&bdt=2681&idt=108&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1323417b6a2f9b9c-22cd222cc0ba0009%3AT%3D1615451692%3AS%3DALNI_MZxt7utreoYvhdp9pzQVYaL-BLHSA&correlator=6964909445216&rume=1&frm=20&pv=2&ga_vid=1319103873.1615451692&ga_sid=1615451692&ga_hid=1104419952&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1180&ady=3740&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21066431%2C21066923%2C21068084%2C21068786%2C21066613%2C21066614%2C21067088&oid=3&pvsid=2883581063428105&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CoeEbr%7C&abl=NS&pfx=0&fu=8320&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Y6GozkO40i&p=http%3A//www.tut.by&dtd=124
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:53 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v14/ Frame 6C7D 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v14/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 19:41:26 GMT
x-content-type-options
nosniff
last-modified
Wed, 04 Dec 2019 18:44:32 GMT
server
sffe
age
564807
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20900
x-xss-protection
0
expires
Fri, 04 Mar 2022 19:41:26 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021030401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9f1e9762b2912301aa58b25ab8dd127b3c09f487837e09b050084b0efc20f32a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 11 Mar 2021 08:34:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6526
x-xss-protection
0
KT7npM2pC4VPAEc6AEIcwWkjK4LR7Yu_WhYO7ltjsYQ.js
pagead2.googlesyndication.com/bg/ Frame 6DF8 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/KT7npM2pC4VPAEc6AEIcwWkjK4LR7Yu_WhYO7ltjsYQ.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4262459596704413&output=html&h=253&slotname=2783279852&adk=1045486368&adf=4037928039&pi=t.ma~as.2783279852&w=300&lmt=1615451692&rafmt=11&psa=0&format=300x253&url=http%3A%2F%2Fwww.tut.by%2F&flash=0&wgl=1&dt=1615451692710&bpp=10&bdt=2681&idt=108&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1323417b6a2f9b9c-22cd222cc0ba0009%3AT%3D1615451692%3AS%3DALNI_MZxt7utreoYvhdp9pzQVYaL-BLHSA&correlator=6964909445216&rume=1&frm=20&pv=2&ga_vid=1319103873.1615451692&ga_sid=1615451692&ga_hid=1104419952&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1180&ady=3740&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21066431%2C21066923%2C21068084%2C21068786%2C21066613%2C21066614%2C21067088&oid=3&pvsid=2883581063428105&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CoeEbr%7C&abl=NS&pfx=0&fu=8320&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Y6GozkO40i&p=http%3A//www.tut.by&dtd=124
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
293ee7a4cda90b854f00473a00421cc169232b82d1ed8bbf5a160eee5b63b184
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 08:52:47 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 17:45:00 GMT
server
sffe
age
171726
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5656
x-xss-protection
0
expires
Wed, 09 Mar 2022 08:52:47 GMT
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame 6C7D 		54 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4262459596704413&output=html&h=253&slotname=2783279852&adk=1045486368&adf=4037928039&pi=t.ma~as.2783279852&w=300&lmt=1615451692&rafmt=11&psa=0&format=300x253&url=http%3A%2F%2Fwww.tut.by%2F&flash=0&wgl=1&dt=1615451692710&bpp=10&bdt=2681&idt=108&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1323417b6a2f9b9c-22cd222cc0ba0009%3AT%3D1615451692%3AS%3DALNI_MZxt7utreoYvhdp9pzQVYaL-BLHSA&correlator=6964909445216&rume=1&frm=20&pv=2&ga_vid=1319103873.1615451692&ga_sid=1615451692&ga_hid=1104419952&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1180&ady=3740&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735931%2C21066431%2C21066923%2C21068084%2C21068786%2C21066613%2C21066614%2C21067088&oid=3&pvsid=2883581063428105&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CoeEbr%7C&abl=NS&pfx=0&fu=8320&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Y6GozkO40i&p=http%3A//www.tut.by&dtd=124
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
3132eacd5425ca6e16b66e18a1587c72f8a9f8787cba87fac56c49a963981381
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 07:41:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3205
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20910
x-xss-protection
0
server
cafe
etag
15911962102859849068
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Thu, 11 Mar 2021 08:41:28 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&su=www.tut.by&doc=complete&pg_h=8443&pg_w=1600&pg_hs=8443&c=4&aa_c=0&av_h=332&av_w=565&av_a=123450&s=260&all_s=260&b=3864.984&all_b=3864.984&d=0.157&all_d=0.157&ard=0.037&all_ard=0.037&dt=d
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 08:34:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Thu, 11 Mar 2021 08:34:53 GMT
csi
csi.gstatic.com/ Frame 6C7D 		0
318 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&puid=1~km4m88fz&ctx=2&gqid=LNZJYLWcNZbX-gb16p6wCQ&qqid=CNWZucLqp-8CFZftuwgd4qUI2g&met.6=6.1_Cg0YlgUgNCoGCAESAhABCgsYswYgRioECAgSAA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400a:801::2003 Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 08:34:53 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 6C7D 		0
21 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&puid=2~km4m88g6&ctx=2&gqid=LNZJYLWcNZbX-gb16p6wCQ&qqid=CNWZucLqp-8CFZftuwgd4qUI2g&met.4=fb.hg~lb.ju~cmrload.l8~ol.lm~bdt.-25z~bpp.-38~idt.-i~dtd.-2~dt.-3i&met.3=739.ju~555.kv~556.kv_1~740.kw_1~740.kx~740.ky~740.l2~738.ld~749.ld_9~735.m2_2~740.pj~113.pn_4~112.pn_4~246.ps_1&met.1=1.km4m87qc~6.1~7.1~8.1~9.2~10.y~11.2~12.e~13.eb~14.ec~15.fv~16.jv~17.jv~18.jv~19.l9~20.l9~21.lm&met.7=CAUQCBgBMIQEOIoGQAFIAVABWCFgAWgOcIIEeNLJAYABq8gBiAGNngWwAQG4AQM~CBIQBxgBIPMEKPMEMIUFOBJo8wRwhQV48wSAAfgDiAHODaoBGQoXR29vZ2xlIFNhbnMgRGlzcGxheTo0MDCwAQG4AQM~CBwQChgBIPQEKPQEMPwEOAho9ARw_AR4lBWAAekTiAHPKrABAbgBAw~CBwQChgBIPQEKPQEMIsFOBdogwVwiwV44AeAAYAHiAGADLABAbgBAw~CBwQChgBIPYEKPYEMP8EOAlo9gRw_gR4wziAAeI3iAH-iQGwAQG4AQM~CBwQChgBIPYEKPYEMIwFOBZogwVwiwV49gqAAZcKiAHYE7ABAbgBAw~CCoQChgBIPYEKPYEMIcFOBE~CBwQChgBIPYEKPYEMIAFOApo9wRw_wR4zC-AAewuiAGza7ABAbgBAw~CBsQBhgBIPcEKPcEMKYFODA~CBsQChgBIPcEKPcEMIwFOBU~CCEQBBgBIIQFKIQFMKUFOCBohwVwpAV4Q7ABAbgBAw~CBwQBRgBIIgFKIgFMI8FOAdoiQVwjwV41gaAAdQFiAGWCbABAbgBAw~CBsQAhgBIIwFKIwFMLAFOCU~CBsQAhgBIIwFKIwFMK8FOCM~CBsQAhgBIIwFKIwFMLcFOCs~CBsQAhgBIIwFKIwFMLAFOCM~CBsQAhgBII0FKI0FMLQFOCg~CBMQAhgBIIcGKIcGMI4GOAhohwZwjgZ4kaQBgAGkowGIAaSjAaoBFwoRZ29vZ2xlc2Fuc2Rpc3BsYXkQDhgCsAEBuAED~CCgQChgBIJAGKJAGML8GOC9okQZwuwZ4zaMBgAGuowGIAbqvA7ABAbgBAw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400a:801::2003 Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 08:34:53 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame C2F6 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.tut.by/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.tut.by/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Wed, 10 Mar 2021 15:49:12 GMT
expires
Thu, 10 Mar 2022 15:49:12 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
60341
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
KT7npM2pC4VPAEc6AEIcwWkjK4LR7Yu_WhYO7ltjsYQ.js
pagead2.googlesyndication.com/bg/ Frame C2F6 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/KT7npM2pC4VPAEc6AEIcwWkjK4LR7Yu_WhYO7ltjsYQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
293ee7a4cda90b854f00473a00421cc169232b82d1ed8bbf5a160eee5b63b184
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 08:52:47 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 17:45:00 GMT
server
sffe
age
171726
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5656
x-xss-protection
0
expires
Wed, 09 Mar 2022 08:52:47 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
46 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021030401&jk=2883581063428105&bg=!pKelp-TNAAUO7zDoDjsAKQB2-DxapKtKvWz5IU9ozBnZyiD7xjiHcPtteLBEy8rq1I53hLTpvCbeAgAAAKtSAAAAD2gBBwoBX5yEZT-xccfh-kvUZSrZRtLEIXYlenpFK0w-W1zS7UX3qtvDLFWYPeS5AzLgQUOZ4EakTuUKPLIH5R87GxsXoSAqwvNUN5n0ExIIl1WydhH00NYf_EhCfZHumL9thaPX3whdlwhOXA7HtMRvHzHCS76UOcdwVebUJQEYVdXBjYLf3FpatxMJRHtU7F12fTnv4cFgsgm1ADwwudCKthcbW47IS7AQf5QTWLKeEYymnNAwF1H1tnK7NDH3uPI1hhZPiuk6OYoYCgHeR4FopqWTCmEuojxjDe3rcAmaA1Y6fvrz-WMBL6VpITF3GXs6qVUrRCdUeg_ATJTwwaKTd8kbFEHoRaUMEUHdVOQwcXl2PfzOWKPsH4tGnOTeZYAIHpMZqiyDt7GUTvtSf3fJTkJYGamHuKUaLUBMhdm1zUwnhjrv1Xge1uPDS_NuLqd_QAs9Yr1zHIp8qiTIpzZvL6gqDpkCDJ0lSLiBbllmzOUpwrLdwYPCNnMG1l9TCB7EJtP5ry4HfamsGVbPBQex2y_IoIzRxal7KY8qBWS99FG2Wzbl-lMy8XBnsXYmjL8EQt1oOlnbK2zfC3Gz8h4Ol3JqpqAX3scDpMBSgwutChZEzRgLGZbXhhGO7zUuWma8vzqu0-D_yv6EfDzhlTePyFIbLNyWPb7h2hfaIM8vWnE38SxCIBlyKHDJ0YzlAZMuJSHyY1yeazMvHJy9OkWmUCyoqQwv5GA2byT3CLjGseC6qvwdmflkEMMGwLH3xgi5_-vVufBiTxkcgwp5hWpC73dmvk58iqs2wVHywfcibCGJVmfj7CKFHAkTh9diBCjhlIx4J6PV_P5yLYnKGaSmjyAPlxl1-8ItmHJr1bIlM9n2H5vf1v3bgDvqnSLtLhQcQLGMqCkFG0vgMOZ71ExvWL3CvZmxXufyy2-n5toElEgjBoVMkYJ8cCKEd3ooUnXKLc_W0bPhESS6Eu6xI3aTc-NXKhpGe_87XSTjqv1pVuWIXfAUmMKW8Cy2ZyqtxTIlUeru6_GUjcjLEDfZC-EUbt3Q8kI98ffTttyR7ScXOFjALpe5O8k1g1S3zHrpGmTmjn_V_KfMBSDboheldhS360ay8XEukpm8p2iGSa6n30KSpm29eYR3GFEzColzk9HrQzpXMSO8jfa4sbmP_7ilrC5I
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 08:34:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 6C7D 		0
44 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&puid=3~km4m88g6&ctx=2&gqid=LNZJYLWcNZbX-gb16p6wCQ&qqid=CNWZucLqp-8CFZftuwgd4qUI2g&met.6=6.1_CgsY9wkgOyoECAUSAA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400a:801::2003 Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 08:34:54 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 38F6 		42 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss1RfK-eiVZF9nZ5B8poErWsVpOeCRW-HeOMi5Me_4QdBMqpjLPCqdZ1sAUPJG0bFX2i-WRyj5-DXVjH5K9BVuUUNquQE56MRpKdq61v8api9v2pHnodhMPHYjZtgn4iIAmdyoXNXa4Ez_KRu1AeLm9&sai=AMfl-YQKFWZC7taEWQ0VabJSaua0d1XCnB63_tFEXgtqz1Tv7eikFzYHMws0Mu0xRRST-nbkObmYDdEsXlFKOIZdT-iPNjo-pqOYY2kW3J6KhjAmCpz5Vwb2KWXRuX66r9MZ&sig=Cg0ArKJSzLGlCwH8pqqUEAE&cid=CAASPeRoC-BrhQPd_Dz1CXz8l4l6QszHSsapbyqAy8rfiBoYt0_kQPVCFaHN4TAo81oKvwr1RrTZC94tTYe9ays&id=ampim&o=1210,350&d=240,400&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=294&tls=1294&g=99.98828172683716&h=99.98828172683716&tt=1294&r=v&avms=ampa&adk=454273514
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 08:34:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ 		0
21 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&puid=1~km4m87cn&c=2883581063428105&e=21066613%2C21066614%2C21067088&ctx=1&met.9=1.ed~2.1r4~3_1.1rq~7_1.0~3_2.1xn~7_2.0~4_1.236~5_1.236~4_2.2ct~5_2.2cz~6_2.2om&met.10=1_1.IIcSEKC8BwigvAcYgJh1KAE~1_2.INATEMCpBwjAqQcYgJh1KAE&met.3=112.1wh_1~779.26m~166.26j_5~164.26w_3~165.26o_a~164.28m_2~165.28l_3~326.29q~827.29q~161.29q_1~216.29o_5~215.29o_5~843.29o_5~639.2aa~160.2aa~326.2cb~827.2cb~161.2cc~216.2cb_1~215.2cb_1~639.2cl~160.2cl~189.2cl~189.2di~298.2ez~298.2f0~155.2ek_o~629.2ib~132.2iw~132.2ix~143.2j7_1~132.2jd~132.2kb~132.2kc~453.2kl_3~453.2kn_3~453.2kq_3~453.2kt_2~454.2kw_2~454.2ky_2~454.2l1_2~453.2l3_2~753.2l9~353.2kd_w~132.2l9~132.2nz~143.2nz_1~132.2o0~129.2o1~132.2pc~132.2pd~143.2ri_1~132.2rz~132.2u7_1~132.2u8~132.2ua~168.2ua~168.2ua~168.2ua~168.2ua~168.2ua~168.2ua~168.2ub~168.2ub~132.2ub~132.2ub~143.2v5_1~129.2v9~154.2vu~113.2vz_5~143.2z2_1~153.2zo~143.323_1~129.32j~143.350_1~143.384_1~143.3b6_1~143.3dz_1~132.3g5~143.3gs_1~143.3jm_1~143.3mf_1~143.3p8_1&met.1=1.km4m85g6~6.0~7.1~8.6~9.6~10.13~12.13~13.44~14.5y~15.47~16.28f~17.28f~18.28n~19.2vt~20.2vt~21.2vv~22.eh~23.1sa&qqid.1=COGqk8Lqp-8CFeXJuwgdVRMBIg&qqid.2=CPjvpMLqp-8CFeNY5QodWxYEnQ
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400a:801::2003 Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 08:34:54 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bundle.js
yastatic.net/q/set/s/rsya-tag-users/ Frame 0D76 		105 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/q/set/s/rsya-tag-users/bundle.js
Requested by
Host: www.tut.by
URL: http://www.tut.by/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264

Request headers

Referer
https://yastatic.net/safeframe-bundles/0.80/1-1-0/render.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:54 GMT
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
server
nginx/1.17.9
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=1213
timing-allow-origin
*
content-length
107764
expires
Thu, 11 Mar 2021 08:51:45 GMT
event
ads.adfox.ru/246762/ 		0
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/246762/event?hash=f59a90947ccff7c9&pm=bmn&p5=jfewi&ad-session-id=6082671615451692313&lts=ffzcjlk&ytt=547574033942549&ylv=0.3045&rqs=KtYdsgMREAss1klg7GjnZ0clsKDRp4C3&ybv=0.3044&puid14=0&dl=http%3A%2F%2Fwww.tut.by%2F&puid13=0&p2=gpwx&rand=dbcyxqn&sj=LgL9HklDQrg-vQBVfbElbeFUHJ8TzrcGsSNDXLInnu9X2_AvHtSHDPxWWujv&puid1=0&pr=kuetdrw&p1=cihfx&puid5=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 11 Mar 2021 08:34:55 GMT
x-content-type-options
nosniff
timing-allow-origin
*
watch.js
mc.yandex.ru/metrika/ Frame 0D76 		124 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
a7f83cda873d25ff1224f95488a49b0ac6db70650f4c658401022d969ae2096c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:55 GMT
content-encoding
br
last-modified
Tue, 09 Mar 2021 18:36:29 GMT
etag
"6047c02d-aca9"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
44201
expires
Thu, 11 Mar 2021 09:34:55 GMT
data
yandex.ru/set/s/rsya-tag-users/ Frame 0D76 		403 B
977 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/set/s/rsya-tag-users/data?referrer=http%3A%2F%2Fwww.tut.by%2F
Requested by
Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
8a748e93281a295e43d895663a7a7871654244dde5ba6b64f810e74d4e02550f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:55 GMT
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yastatic.net
cache-control
public,max-age=300
access-control-allow-credentials
true
content-length
403
x-xss-protection
1; mode=block
event
ads.adfox.ru/246762/ 		0
14 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/246762/event?hash=7b6768e5d3baca7e&pm=bmn&p5=jaemh&ad-session-id=6082671615451692313&lts=ffzcjlk&ytt=547574033942549&ybv=0.3044&ylv=0.3045&dl=http%3A%2F%2Fwww.tut.by%2F&rqs=KtYdsgMREAss1klgXaq_Q-cly0DWk7JZ&p2=ghdq&rand=efkxmsm&sj=1EB__9YM5h5uIg67IgJVk3PXY_uA0x7EyQ8oVKQLmgTP3Ydco5zLbngTcd2N&puid1=0&pr=kuetdrw&p1=cegdb&puid5=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
adfox-external-l3-engine.stable.qloud-b.yandex.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 11 Mar 2021 08:34:55 GMT
x-content-type-options
nosniff
timing-allow-origin
*
conversion_async.js
www.googleadservices.com/pagead/ Frame 0D76 		32 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
08e8886e305db1744d2c9f1439f28abc73bef383f7a14da5f6e45e3f9e905cd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12597
x-xss-protection
0
server
cafe
etag
5966996634223651104
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 11 Mar 2021 08:34:55 GMT
/
www.google.de/pagead/1p-user-list/1014923426/ Frame 0D76
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=L9ZJYPedENjSgQf0-6GgCw...
  • https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2138917056&crd=&is_vtc=1&random=4248839681
  • https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2138917056&crd=&is_vtc=1&random=4248839681&ipr=y
42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2138917056&crd=&is_vtc=1&random=4248839681&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 08:34:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 11 Mar 2021 08:34:55 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2138917056&crd=&is_vtc=1&random=4248839681&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1014923426/ Frame 0D76
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=L9ZJYKGdEPuBx_AP3MyCwA...
  • https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=79956307&crd=&is_vtc=1&random=3174817141
  • https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=79956307&crd=&is_vtc=1&random=3174817141&ipr=y
42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=79956307&crd=&is_vtc=1&random=3174817141&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 08:34:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 11 Mar 2021 08:34:55 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=79956307&crd=&is_vtc=1&random=3174817141&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
3
mc.yandex.ru/watch/ Frame 0D76 		35 B
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&page-ref=http%3A%2F%2Fwww.tut.by%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A%3Avf%3A2z9wiizbr9g9ge5%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A460%3Acn%3A1%3Adp%3A0%3Als%3A439850337762%3Ahid%3A64680802%3Az%3A60%3Ai%3A20210311093455%3Aet%3A1615451695%3Ac%3A1%3Arn%3A331743491%3Au%3A1615451695292536323%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1615451693045%3Ads%3A0%2C0%2C46%2C1%2C1%2C0%2C%2C229%2C0%2C331%2C331%2C0%2C331%3Adsn%3A0%2C0%2C46%2C1%2C0%2C0%2C%2C283%2C0%2C331%2C331%2C0%2C331%3Ati%3A2%3Ast%3A1615451695
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 08:34:55 GMT
x-content-type-options
nosniff
last-modified
Thu, 11-Mar-2021 08:34:55 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yastatic.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
35
x-xss-protection
1; mode=block
expires
Thu, 11-Mar-2021 08:34:55 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame 0D76 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1615451695321&cv=9&fst=1615451695321&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fwww.tut.by%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3daffaa2102583e182d03ac6236241cc0064ab4e7b4f1b991b64517875ac51ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 08:34:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1110
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame 0D76 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1615451695325&cv=9&fst=1615451695325&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fwww.tut.by%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
728ffb2f1067d8317af610b628ba2642f32058afea6a8352773fdcd5b68d1435
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 08:34:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1111
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame 0D76 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1615451695327&cv=9&fst=1615451695327&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fwww.tut.by%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
34e25e3150336750f0e1942c2ebf32c8deaa6ea40b18bd31b28a320de63d864b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 08:34:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1109
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame 0D76 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1615451695329&cv=9&fst=1615451695329&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fwww.tut.by%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
af403563f2df61d7f8a057c7325d5d675c4bca47d6976c69dd94652c910dddfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 08:34:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1110
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
advert.gif
mc.yandex.ru/metrika/ Frame 0D76 		43 B
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 08:34:55 GMT
last-modified
Tue, 09 Mar 2021 18:36:29 GMT
etag
"60472f6c-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Thu, 11 Mar 2021 09:34:55 GMT
37412095
mc.yandex.ru/watch/ Frame 0D76 		186 B
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&page-ref=http%3A%2F%2Fwww.tut.by%2F&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%220%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22chrome%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Agdpr%3A6%3Avf%3A2z9wiizbr9g9ge5%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A460%3Acn%3A2%3Adp%3A1%3Als%3A1285353564788%3Ahid%3A64680802%3Az%3A60%3Ai%3A20210311093455%3Aet%3A1615451695%3Ac%3A1%3Arn%3A589936033%3Au%3A1615451695426566673%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ahdl%3A1%3Ans%3A1615451693045%3Anp%3ATGludXggeDg2XzY0%3Ads%3A0%2C0%2C46%2C1%2C1%2C0%2C%2C229%2C0%2C331%2C331%2C0%2C331%3Adsn%3A0%2C0%2C46%2C1%2C0%2C0%2C%2C283%2C0%2C331%2C331%2C0%2C331%3Arqnl%3A1%3Ati%3A2%3Ast%3A1615451695%3At%3A
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
1fa689793fcfa73086ec5a3b202e37fddf30a7cdc7d01d836ab593f1f3545049
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 08:34:55 GMT
x-content-type-options
nosniff
last-modified
Thu, 11-Mar-2021 08:34:55 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yastatic.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
186
x-xss-protection
1; mode=block
expires
Thu, 11-Mar-2021 08:34:55 GMT
17863687
mc.yandex.ru/webvisor/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/webvisor/17863687?wmode=0&wv-part=1&wv-hit=109910971&page-url=http%3A%2F%2Fwww.tut.by%2F&rn=903655953&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1615451695%3Aw%3A1600x1200%3Av%3A451%3Az%3A60%3Ai%3A20210311093455%3Au%3A1615451693923476314%3Avf%3A1d7r6afuymvj624d%3Ati%3A2%3Ast%3A1615451695
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 08:34:55 GMT
last-modified
Thu, 11-Mar-2021 08:34:55 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
http://www.tut.by
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 11-Mar-2021 08:34:55 GMT
17863687
mc.yandex.ru/webvisor/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/webvisor/17863687?wmode=0&wv-part=1&wv-hit=109910971&page-url=http%3A%2F%2Fwww.tut.by%2F&rn=527429286&wv-type=5&browser-info=gdpr%3A14%3Aet%3A1615451695%3Aw%3A1600x1200%3Av%3A451%3Az%3A60%3Ai%3A20210311093455%3Au%3A1615451693923476314%3Avf%3A1d7r6afuymvj624d%3Ati%3A2%3Ast%3A1615451695
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 08:34:55 GMT
last-modified
Thu, 11-Mar-2021 08:34:55 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
http://www.tut.by
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 11-Mar-2021 08:34:55 GMT
/
www.google.com/pagead/1p-user-list/693627671/ Frame 0D76 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/693627671/?random=1615451695325&cv=9&fst=1615449600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fwww.tut.by%2F&async=1&fmt=3&is_vtc=1&random=2188000793&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 08:34:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/693627671/ Frame 0D76 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/693627671/?random=1615451695325&cv=9&fst=1615449600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fwww.tut.by%2F&async=1&fmt=3&is_vtc=1&random=2188000793&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 08:34:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/947884341/ Frame 0D76 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/947884341/?random=1615451695321&cv=9&fst=1615449600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fwww.tut.by%2F&async=1&fmt=3&is_vtc=1&random=3989348643&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 08:34:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/947884341/ Frame 0D76 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/947884341/?random=1615451695321&cv=9&fst=1615449600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fwww.tut.by%2F&async=1&fmt=3&is_vtc=1&random=3989348643&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 08:34:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/947884341/ Frame 0D76 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/947884341/?random=1615451695327&cv=9&fst=1615449600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fwww.tut.by%2F&async=1&fmt=3&is_vtc=1&random=981049941&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 08:34:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/947884341/ Frame 0D76 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/947884341/?random=1615451695327&cv=9&fst=1615449600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fwww.tut.by%2F&async=1&fmt=3&is_vtc=1&random=981049941&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 08:34:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/693627671/ Frame 0D76 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/693627671/?random=1615451695329&cv=9&fst=1615449600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fwww.tut.by%2F&async=1&fmt=3&is_vtc=1&random=3516275132&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 08:34:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/693627671/ Frame 0D76 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/693627671/?random=1615451695329&cv=9&fst=1615449600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.80%2F1-1-0%2Frender.html&ref=http%3A%2F%2Fwww.tut.by%2F&async=1&fmt=3&is_vtc=1&random=3516275132&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 08:34:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.tut.by/stat/ 		0
512 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.tut.by/stat/?t=ctr&g=6049d62e-65a2-4df0-bc92-e5ab7373400f%3Anull
Requested by
Host: www.tut.by
URL: https://www.tut.by/scripts/by4/jquery-2.2.4~modernizr~bootstrap~jquery.touchSwipe~bootstrap-ext~core~v4~ext~topbar~search~auth~resource~hint~geo~geo-ext~tut_ads~handlebars~r29644.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a0a:7d80::b Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://www.tut.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 08:35:02 GMT
content-encoding
gzip
referrer-policy
unsafe-url
server
nginx
vary
Accept-Encoding, Accept-Encoding, Cookie, Accept-Language
content-type
text/html; charset=utf-8
access-control-allow-origin
http://www.tut.by
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=15768000
expires
Mon, 26 Jul 1997 05:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.tut.by
URL
https://www.tut.by/banner_advertising.js?_=1615451690294

Verdicts & Comments Add Verdict or Comment

148 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated object| runCore function| runPlayerJSTimeline function| playerSend function| PlayerjsEvents function| watchOnYoutube function| changeIt function| BannerSlotSize function| bannerExpandOld function| bannerExpand function| bannerState function| FillBannerSlot object| CookieManager function| rCount boolean| bCounted function| $ function| jQuery object| html5 object| Modernizr object| page_wsapi object| pljssglobal undefined| pljssglobalid function| Playerjs function| Hls object| swfobject object| Handlebars string| pp_gemius_identifier function| gemius_pending function| gemius_hit function| gemius_event function| pp_gemius_hit function| pp_gemius_event object| Ya object| yaSafeFrameCallbacksStorage number| pr function| AdFox_getCodeScript object| adfoxAsyncParams object| adfoxAsyncParamsScroll object| adfoxAsyncParamsAdaptive object| googletag object| adblockDetector object| TUTBYAdvAPI object| pbjs object| AdriverPrebid object| ggeac object| google_js_reporting_queue object| conceptJsonp3044 undefined| yandexContextAsyncCallbacks object| pcodeStaticJsonp14103 undefined| yandex_context_callbacks boolean| yandex_context_perf_logging object| gemius_cmpclient object| gemius_hcconn number| pp_gemius_cnt function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter boolean| google_measure_js_timing object| google_rum_config object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| gaGlobal number| google_srt object| _google_rum_ns_ undefined| google_timing_params function| tambySliderHelper object| google_ad_modifications object| google_logging_queue object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc object| google_sv_map function| HHWidgetInit object| respond function| init_floats object| aUAAccounts function| ym function| fbq function| _fbq object| _gaq object| aGAAccounts object| _uaq boolean| _term object| TUTBYPushManager function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator boolean| _gfp_p_ object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired boolean| isLoadingSafeframeStarted object| yaSafeFrameAsyncCallbacks function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| $sf string| GoogleAnalyticsObject function| ga object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| yaCounter46086984 object| yaCounter17863687 function| hasClass function| AdTamByOffer object| adTamByOffer object| promotions object| offer_tab undefined| li_offer_tab undefined| offer_div object| popular_link string| popular_link_text number| TutGtaInterval object| AdTam_TutByCore function| withInViewport object| google_tag_data object| gaplugins object| yaCounter268667 object| gaData undefined| google_rum_values object| google_image_requests object| GoogleGcLKhOms number| containerScrollTop number| containerScrollLeft

18 Cookies

Domain/Path Name / Value
yastatic.net/safeframe-bundles/0.80/1-1-0 Name: afpix
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUl9j7NehVL5KXBVLVGpbpI9-PaYxGsiMV9AJebhJV304AqvWtnS4yRYiN6F9F4
.doubleclick.net/ Name: DSID
Value: NO_DATA
.tut.by/ Name: lvutm
Value: 0
.tut.by/ Name: _ym_uid
Value: 1576121349121908457
.tut.by/ Name: _ga
Value: GA1.2.1319103873.1615451692
.tut.by/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.tut.by/ Name: __utsid
Value: ebfac726-77e4-11eb-9ba1-0cc47ac90813
.tut.by/ Name: _ym_isad
Value: 2
.tut.by/ Name: _gid
Value: GA1.2.1996723530.1615451693
.tut.by/ Name: _ym_d
Value: 1615451693
.tut.by/ Name: _ym_visorc
Value: w
.tut.by/ Name: _fbp
Value: fb.1.1615451692969.968452227
.tut.by/ Name: gadsTest
Value: test
www.tut.by/ Name: last_visit
Value: 1615451694
.tut.by/ Name: __utuid
Value: af1reqyq-6vg1b13n-a3puxocw-3m1y5weg-bbc6e9j8
.tut.by/ Name: __gads
Value: ID=84e60a5464debf41-22470531c0ba0018:T=1615451692:S=ALNI_MbpCBn-SrsEBZO5PF2iIsii72gmVQ
.tut.by/ Name: __gfp_64b
Value: 4unKG4pwcqWk3YvN9Wa_6ngcVnE0mrW4RAZCNXNSYQ..K7|1615451692

2 Console Messages

Source Level URL
Text
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030401.js(Line 6)
Message:
The googletag.pubads().definePassback function has been deprecated. The function may break in certain contexts, see https://developers.google.com/publisher-tag/guides/passback-tags#construct_passback_tags for how to correctly create a passback.
console-api info URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2101070013000 http://www.tut.by/

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=15768000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

93ebfc16cb32d39b0b1843be3bc18155.safeframe.googlesyndication.com
ad.tam.by
ads.adfox.ru
adservice.google.com
adservice.google.de
ampcid.google.com
ampcid.google.de
an.yandex.ru
api.rabota.by
avatars.mds.yandex.net
banners.adfox.ru
bugaga.tut.by
c1hit.tut.by
c2hit.tut.by
cdn.ampproject.org
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
csi.gstatic.com
d.agkn.com
e.dlx.addthis.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
expert-pb.adriver.ru
fonts.googleapis.com
fonts.gstatic.com
gaby1.hit.gemius.pl
googleads.g.doubleclick.net
image6.pubmatic.com
img.afisha.tut.by
img.tam.by
img.tyt.by
matchid.adfox.yandex.ru
mc.yandex.ru
news.tut.by
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
polyfill.io
rtb.openx.net
s1r.tut.by
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
tpc.googlesyndication.com
tutby.gcdn.co
vk.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
www.tut.by
yandex.ru
yastatic.net
ysa-static.passport.yandex.ru
www.tut.by
142.250.185.194
172.217.16.130
172.217.18.98
18.195.77.165
184.30.20.241
185.64.190.78
195.209.111.20
2606:4700::6810:135e
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1450:4001:800::2002
2a00:1450:4001:801::2001
2a00:1450:4001:801::200e
2a00:1450:4001:802::2004
2a00:1450:4001:808::2002
2a00:1450:4001:809::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:812::2003
2a00:1450:4001:813::200e
2a00:1450:4001:827::200e
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::200a
2a00:1450:400a:801::2003
2a02:6b8:20::215
2a02:6b8::16b
2a02:6b8::184
2a02:6b8::1:119
2a02:6b8::2:158
2a02:6b8::5:114
2a02:6b8::90
2a02:6b8:a::a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a03:90c0:41:2801::254
2a04:4e42:400::621
2a0a:7d80::a
2a0a:7d80::b
2a0a:7d80::c:2:0
35.227.252.103
52.39.207.175
54.37.238.28
69.173.144.138
77.88.21.179
93.125.48.149
93.125.48.34
93.186.225.208
00f7ccac2bfea70ef3a3c8ce1a6db48ca27361b85b58b564a2077e4c9d84f534
05ffac8e198eead304ab31d6b647f4923a395dc1b51c612e03c1f29b75463afc
073b934e236a73cd305cb235b5fd9aa06109a5d30bc2e5ab6e4710c462a442e3
0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f
086cc8b8f2014b67a226e28c03392b08f0c6278b5f988cdbb5e26a5349d946f4
08e8886e305db1744d2c9f1439f28abc73bef383f7a14da5f6e45e3f9e905cd0
093340188121d420c00adb4977def76dbbd932bf58eb1b89780ccb8393ad8930
0b4aba87513ffa7fcc0282254d127236bf3bcf250e84d0da06f92c69081d6056
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d8b34b45d991059a3e73bf7d54d97b88b02235267f65875a4959114b1943a39
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1196f1889d60a267f1438d36987cdead372e9239a7a93f0c1c7b3a6741a580f7
1406488c49325fec4b03e8b6a8d89ce3ca336b2ad8fd62730f1eb960782c2f55
1458066f8e5fe7ab25a90af344c45b3a3e7cd2f7687a85db10e940047ed245d0
186294e04dbae537603379d50ca624e25ede48a8dacdcb9ee3b557740a17cabf
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c
1b6ddd3072f67cdb7e9884779bddc6779ec3fcb66496f3276dc0eab78d842cce
1c79d43610df9d1cc125d2afc0e9215c18d7f1e8a338d0c63f89382ab5c89e56
1cee0ab34eeba9d55c5c321dc6f9616c85740fdbede1885439db172f950470c2
1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31
1ed082521f47921ffff14d4ec1c6c3f1ea55114741bee23cc23d4ab6a3213642
1fa689793fcfa73086ec5a3b202e37fddf30a7cdc7d01d836ab593f1f3545049
2054e3865b4886300e608fac8c1567b82d72d8451b665aa1b34fb36bff1f89ee
236a0f5fc80b647e938ef60e0de4bd1975af4f829d6fb3e2156516dd90a79968
251dcea28f2c61551f9e0bb6d2045d21e6b864fb033ba3453abe097b02351716
293ee7a4cda90b854f00473a00421cc169232b82d1ed8bbf5a160eee5b63b184
2a766aa00b1b9a69b1e3c59c5f65b0760616b0b83ad15309704d6b2e66b3e958
2b3eb1fb0a3960fcc413d094ecddd653709587f896ac462f2be3ad906691904d
2e3d37d8c591a57edc33ae51b69322398e8fd661abc593b58ea076a6ca3dc668
2f032c6fed67540f63c074f56e3063a986eaafaf9b8d44ebaf7bf68f3e09d78e
2f2875d69e936f9a8c819b0be736b0290c91482d2f147c8d2cc71cbb404b6d6f
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30d51cc114c1a5dfe8c5cc2a31b3b46217e4e4aecc8035fe402ab7cf8d9889c2
3132eacd5425ca6e16b66e18a1587c72f8a9f8787cba87fac56c49a963981381
31697d4d66425d89d7fd18d49398d684e70656568ed4ecc64761840f7b4e2724
32ef0419a06888c0a2b55c7b3ffdd8929bfec79a1223ea1c287ba2556305c2ab
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
34e25e3150336750f0e1942c2ebf32c8deaa6ea40b18bd31b28a320de63d864b
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3763a8975fcfa164fadcbc035780a147f75434ecaf79f33c1f3d0221477458cb
3c2d3fa4b75bc11e8bdcb2bf7e67a65917409b0d9d4089a6e3051e328f0555c0
3c546ac07ff790338421602f274863ff9b4e7e255bdcaf37155947d0e7cd4f1c
3daffaa2102583e182d03ac6236241cc0064ab4e7b4f1b991b64517875ac51ae
40cc818c8b06374b11230d18b2b54f8c7f2a7668b94ac9ee00d6a106cf0efd8b
45bf1be2e04bf8106588a80773981be7ee03a1dfd15f677141129bb29a141254
471b23a92e7d1f35e34e5137b3393c7096b407a71b8edf36b5e3fffbcd84fdf2
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
495b316cdda6e7b6ce663bb9eeeee0cf6f7f6e5969d0a6c1fe39307cbdb9d686
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4ad77d2f539c16dcbcb67171d4c6633c94de9ed42b76f5f79f4a042a6739ca73
4c6abb347c42439150bf9dcc568055ff16f94494c81ad5efefd5ae088b252400
4da66c42465459d72f5b17f138f5d258d489d327ba9b4cac2eb7e3f4bc338be4
4e856c3ed40b2d47b65889016d55572828c52353f70a856ef2bcd25950d4059e
510e8f014b36c4ed20a71bb1e7a187eb916d02d21132a5a86bd20d4051975eef
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5efd3f4610ccc45e00c99246be09d65505a21997f01c638055f0d5478ed25a9e
5fe62ef8663ff9b723e4e82171b36ac81ad4557c4628438a4a655806c859e1cd
61902c5623fc9780b6485f3439557295cc392d92d114aa404b56128dd65ea704
61f8953216c549d8b802bd66b53aaebc30248a65821ae2bd582ea2e550907e04
62b830a36415befe8347a44998a4fdef7d71a3d1504c16a5df9779efb5f5586c
64b392ea06b8b0939cdeed93df8821268d535216bb141a03a8ccc2590682443c
6542cb55da2b6caf35513e580833e41abd1db118df68ad603474a7db5cf0f588
661011d9e336c2fe28cbb750b1ebedf532adf6d14362969c29228533f6c88932
66903ba0ed680143be8fe40565b06d98628cca24e1b37df2440ed5f93ab29cb7
6b07e191a13974b75afdb4573654a08b2a7ea83fc96a8dd13f53abb5e5f28b24
6cb6c52243734856344e97df500a7fb1319b8326b2ed9639a040e0e00b31c1cb
6ea030759d5c8caaa4030835ef6038098f04511351dcb534bfe519a8eb87fdce
6f064b11007507ecebb88b25c6b21a41e51189b079c5a30342c8dc8950019c0c
6f79476df3093af3ab73e5e938479c8e2158615b010f010bc9f2f1a504976356
71c1c463a68414fa8714c7abb742aa0efed513114ced17411969f30ba2de725e
728ffb2f1067d8317af610b628ba2642f32058afea6a8352773fdcd5b68d1435
74f8113a093a9772ebe29204ff0fd89b692fcc0ad69814bc1725fd8f68ceaa4e
7514b48580657e66c962cdde6d460705bd3eeeb670cd62b88207a0ba5eb59a71
77ccda026863a6feb42264c111a1f6c5b9b340bd6d53926c57fa2eab02935406
79c521a89112af803faa48f72e1f5f1b5d0685129a14b917317d1cc688613a18
7a8a81f6ea3ffd49f892bcfdc4729b170ecdb653ec859354a70efe5b75d4c72b
7b0b572a90abb3fce27b9dc1f79145706c7bcc6cc3ac84c8f501d344132816d8
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
80300ee2f19a73f1c2a360e7a3ff617944cf9aa89deb5777d09f7d136db83025
81bcfc12dba18088d6d409a998a70a3f47da9e4580ef3b371da0d77f1638083b
851c25cc1a1faf247a990597341a16a7056f39a1e477ee75b1e91063cd664cb4
8a748e93281a295e43d895663a7a7871654244dde5ba6b64f810e74d4e02550f
8da926e2b37032adcd0496c5bf695c0df7603ad930b0ba9934fee778d2a293b0
8e6c0b3e4f935d370174d4339d3b968c2fa60a182d7721eb52ada3e29f30aa1d
8f0e6d4660923d760d33c0530003fbd85a1398c4a7ea2c078adf7e81dd7d3e10
9455eb8c37c55be10999f978e3813aace75f21a7cd3cd15c77ba45d3a1996036
96990bd1f071f9c71b4c5d10388ed7b1bc9d70f31278857abed10b13993cfd78
981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9a1088330e7e3f920ad6aacb74d21355d223a195bbf72dee3ed3bddc1a7f8708
9a10b1418ae87e1667a44c85f39b5e1af9b8a24279d9a2743c0859d478f3f925
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b3568f61e42170d56bb68e39b94e205a400fa225df22b0dfdde5e8f4f1d87f1
9e21ca74073a2ad2d6602d6264b592e805454766c33cf1f061caff084f4437b9
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
9f1e9762b2912301aa58b25ab8dd127b3c09f487837e09b050084b0efc20f32a
9f4a1feef86a35620c481888bdf4ad6481374bd7c4143210c3037639ce053a15
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2bc813ffc2a0e629a4ad95025fd3ec0d479212df66f7716d4b72a6d753bcb22
a2e7d0367b3fbfaca20e00fccff5d6a11c074b351ddb66b549a3802eb6300c97
a349ed2a2691e6400f357c32846cb0e3b82d5017a1f93a5108a4e69b43064d60
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7f83cda873d25ff1224f95488a49b0ac6db70650f4c658401022d969ae2096c
a83a4b91b9d7e6f311543068b7c65291d001cd2fb17f19ab8e5a0adb1a0d01e1
a97481b063202dfdf0535a65e2c3e7bf67861ca56a5af7ecbaab2825f5f2e79e
af403563f2df61d7f8a057c7325d5d675c4bca47d6976c69dd94652c910dddfb
b381551d270a4d855e8f337d16ba587c1f4cc8bd59b3c03dd5ee1dfbc3fc0782
b76ec6edec28f5f17c6a1f1306d0f9cda26bc30b1f98a715a9185c0bbcae6a42
bc70bb866c5ea3be4086f6605a4838436032577731d9bca99b061ed21175a1e3
bcdb44143efd34383d1f59e3212c34a9bd6c4c6d6838447a7343d674b1de0682
bd192b151a60c727e65e0457581cd174517470b015bb67ec44488dfa1ee9a960
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
bde058da7fb6299afb029760feb2b457daa2e334d650989110bcae95e758bdda
bf66a69d68bbca9980ac161d776cfbd8dfae16056201aa7705a55ba2d7ae4759
c3a348ff1ee08aa75021481fd84f91478c711b0ca24cca674bcc10be9f0bb669
c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb
c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770
c6a305cd9f8592bbd50ddd47eb5af53952b97937e9b0c4df40498f7140ff8a49
c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5
c901e1f52e83dad6cf78978114ed54a23ebfd380684132db32d376798d977b40
c92019dc24a40c69676e6591c61e864ee788abe03fb1e3e2c490e79eb9d5956d
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cac61a8963d3d8315a7ff0f3c304733fda887888b786d5fe88d89a65f428ae1e
cacff79baae9681531af42a644d73d133543ab0f1c5be1482d2adcf837ff596a
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
cc20830a3c063a54ddf295fb84a1d7980e94fa3fe67d126b9952383cccfc713c
cce5d006667c9847f55f82559bed1d54e5162380d54e8dc7c75822d4ad53b3b3
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d03b3b188e3ebffe14660e4b561f2c5e59875f7d27dd9c43fc273ba413f9310c
d79248a733f97b06080df1eeb8f0e08aa3fc1b278a5171dc770ed7d2bd5e58a6
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
daaed978fa526a1ebc670771ec5b53e614bc4ff5c1fa6d4e92293dec62e45222
dbf0b901d244014a594a8415cd4221e6d354ed09e1b5c1cc834ebef58fe3523f
dc74e046c1699aaf7a457b9183809c0112e9f80f4ec40115da24e2360259fbcd
de573764232019f5c74a42f4cdc0a57352afd05a2b6bdb8dcc0cab8eb243b7d2
dfa4afc591a648c53ed92c8b08026647f6a19e04a783676dd437a4fb69d4c72c
e042b7bc630b5a4a748f4f939ea04e78a3cea0b19fbf32f078977a56628d589b
e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264
e1dbb248ce78959ec8b04c255ab0c95171052f9167ddf7fdcf3c6ae482acb6b9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b93f728523afdafd1714890abe235148ae940a80e6b5dd79b862b63d7f3b1d
e6ffe1d73e3559a6412f6bff751376acab1ed13ecda054d3385f09425ffd5a59
e71b547e5aeb68c09efa99a45eb970459fb64a1a888656ff5bd4557446ec63f2
ee3cf04bf384804fff51d9656ca7d4abe5f7ac0f7bb9deb3f640c52903dc35d9
eeac9dfc42296e3b17052f3a56da3e09e29be99ffd79c6013e87b9a4c1d728d8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b
f14a53d6e112f5652255e499e109659fe79678b0de2eec4f42a1ac48c9ce72bd
f1e572871055c1d0e152936f664d5fb075f505b99b412a4776f65a7abe80b505
f55a3bee72d23954fd1ecb0f7e60e874f34e01b11a106f029691a9b6f55105ad
fb7da801394365bcfafe34635417459d8e4dc21e9605e66d08c066b06fb74231
fc14fac6d4596a5b19bd83e92dbf5a3f9b8685fbd65413c4c29a9d0a7fea2463
fc27324c4f6c3b6c996871d2974fb55d26e87a9996087bf941ef03a8bc62e963
feb93781b9b34b5eae1a2110bb719a35a1e9afc94b9a34f1f38d2bd9ba1e0e5f
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6