www.tumen.kp.ru Open in urlscan Pro
95.181.181.82 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://pda.tumen.kp.ru/
Effective URL:
https://www.tumen.kp.ru/
Submission: On July 09 via manual (July 9th 2022, 1:12:38 am UTC) from UA — Scanned from DE

Summary HTTP 304 Redirects Links 34 Behaviour Indicators

Summary

This website contacted 57 IPs in 10 countries across 40 domains to perform 304 HTTP transactions. The main IP is 95.181.181.82, located in Russian Federation and belongs to EDGECENTERLLC, RU. The main domain is www.tumen.kp.ru.
TLS certificate: Issued by R3 on May 25th 2022. Valid for: 3 months.

This is the only time www.tumen.kp.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 4	95.181.181.82 95.181.181.82	210756 (EDGECENTE...) (EDGECENTERLLC)
16	2a02:6b8:a::a 2a02:6b8:a::a	208722 (GLOBAL_DC) (GLOBAL_DC)
25	2a03:90c0:41:... 2a03:90c0:41:2801::254	199524 (GCORE) (GCORE)
1	2a02:6b8::16b 2a02:6b8::16b	208722 (GLOBAL_DC) (GLOBAL_DC)
9	2a02:6b8:20::215 2a02:6b8:20::215	208722 (GLOBAL_DC) (GLOBAL_DC)
1	95.181.181.12 95.181.181.12	210756 (EDGECENTE...) (EDGECENTERLLC)
17	2a02:6b8::1be 2a02:6b8::1be	208722 (GLOBAL_DC) (GLOBAL_DC)
2 4	159.69.141.123 159.69.141.123	24940 (HETZNER-AS) (HETZNER-AS)
3	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
3	195.209.111.20 195.209.111.20	52007 (ADRIVER-AS) (ADRIVER-AS)
3	2a00:1148:db0... 2a00:1148:db00::17	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
3	188.42.191.196 188.42.191.196	7979 (SERVERS-COM) (SERVERS-COM)
1	65.108.1.48 65.108.1.48	24940 (HETZNER-AS) (HETZNER-AS)
6	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
8	2606:4700:10:... 2606:4700:10::ac43:581	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:401... 2a00:1450:4014:80b::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
7	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
3 26	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
7	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
3	2a02:6b8::184 2a02:6b8::184	208722 (GLOBAL_DC) (GLOBAL_DC)
2	2a02:6b8::2:158 2a02:6b8::2:158	208722 (GLOBAL_DC) (GLOBAL_DC)
20	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
44	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:6b8::5:114 2a02:6b8::5:114	208722 (GLOBAL_DC) (GLOBAL_DC)
2 12	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
3 13	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1 1	52.31.146.195 52.31.146.195	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:214... 2600:9000:214f:be00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
3 4	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
2 4	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	185.33.221.52 185.33.221.52	29990 (ASN-APPNEX) (ASN-APPNEX)
10	2a00:1450:400... 2a00:1450:4001:82b::2006	15169 (GOOGLE) (GOOGLE)
1	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
1 4	2001:6d0:4001... 2001:6d0:4001::226	52016 (TNSMSK-) (TNSMSK-)
4	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	46.161.36.2 46.161.36.2	49505 (SELECTEL) (SELECTEL)
1 3	13.32.121.17 13.32.121.17	16509 (AMAZON-02) (AMAZON-02)
1 2	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
2	142.251.36.66 142.251.36.66	15169 (GOOGLE) (GOOGLE)
1 2	34.249.106.217 34.249.106.217	16509 (AMAZON-02) (AMAZON-02)
1	85.14.248.72 85.14.248.72	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2	2a00:1450:400... 2a00:1450:400c:c1b::9c	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	2a02:6b8::36 2a02:6b8::36	208722 (GLOBAL_DC) (GLOBAL_DC)
4	185.147.80.106 185.147.80.106	41722 (MIRAN-AS ...) (MIRAN-AS Miran DC)
1	82.148.14.198 82.148.14.198	50340 (SELECTEL-MSK) (SELECTEL-MSK)
1	82.202.225.240 82.202.225.240	49505 (SELECTEL) (SELECTEL)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 3	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
304	57

4 95.181.181.82 (Russian Federation) 2 redirects

ASN210756 (EDGECENTERLLC, RU)

pda.tumen.kp.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.tumen.kp.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)

s01.stc.yc.kpcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s16.stc.yc.kpcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s09.stc.yc.kpcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s02.api.yc.kpcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s14.stc.yc.kpcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s10.stc.yc.kpcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::16b (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

matchid.adfox.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.181.181.12 (Russian Federation)

ASN210756 (EDGECENTERLLC, RU)

identity.kp.house	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a02:6b8::1be (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

ads.adfox.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 159.69.141.123 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.123.141.69.159.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

adfox-c2s-ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 195.209.111.20 (Russian Federation)

ASN52007 (ADRIVER-AS, RU)

pb.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.42.191.196 (Luxembourg)

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.108.1.48 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.48.1.108.65.clients.your-server.de

ssp.bidvol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:10::ac43:581 (United States)

ASN13335 (CLOUDFLARENET, US)

jsn.24smi.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
data.24smi.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.24smi.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4014:80b::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8::184 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

avatars.mds.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::2:158 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

banners.adfox.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1c93cdb1133891517efd814bd17e41a7.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2ba128fbea317ed3d3b611d8744b68f6.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bae702d774fa849aafdd12eb7538a159.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::5:114 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

ysa-static.passport.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.146.195 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-146-195.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:be00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.181.226 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.18.126 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.52 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:6d0:4001::226 (Russian Federation) 1 redirects

ASN52016 (TNSMSK-, RU)

tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.161.36.2 (Russian Federation)

ASN49505 (SELECTEL, RU)
PTR: target2-1.sselp1.imcmdb.net

target.smi2.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.121.17 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-17.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.204 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.36.66 (United States)

ASN15169 (GOOGLE, US)
PTR: prg03s10-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.249.106.217 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-106-217.eu-west-1.compute.amazonaws.com

skydeutschland.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.14.248.72 (Meerbusch, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c1b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::36 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

favicon.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.147.80.106 (Russian Federation)

ASN41722 (MIRAN-AS Miran DC, RU)
PTR: smir13.imcmdb.net

stat.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.148.14.198 (Russian Federation)

ASN50340 (SELECTEL-MSK, RU)
PTR: ads5-2.ssel30.imcmdb.net

smi2.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.202.225.240 (Moscow, Russian Federation)

ASN49505 (SELECTEL, RU)
PTR: smi2adm2-1.ssel27.imcmdb.net

smi2.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
68	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 1c93cdb1133891517efd814bd17e41a7.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 160 2ba128fbea317ed3d3b611d8744b68f6.safeframe.googlesyndication.com bae702d774fa849aafdd12eb7538a159.safeframe.googlesyndication.com	404 KB
25	doubleclick.net 5 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 cm.g.doubleclick.net — Cisco Umbrella Rank: 205 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 287 stats.g.doubleclick.net — Cisco Umbrella Rank: 119	477 KB
25	kpcdn.net s01.stc.yc.kpcdn.net — Cisco Umbrella Rank: 259658 s16.stc.yc.kpcdn.net — Cisco Umbrella Rank: 305812 s09.stc.yc.kpcdn.net — Cisco Umbrella Rank: 295937 s02.api.yc.kpcdn.net — Cisco Umbrella Rank: 373783 s14.stc.yc.kpcdn.net — Cisco Umbrella Rank: 303760 s10.stc.yc.kpcdn.net — Cisco Umbrella Rank: 296418	756 KB
23	yandex.ru 1 redirects yandex.ru — Cisco Umbrella Rank: 1297 matchid.adfox.yandex.ru — Cisco Umbrella Rank: 28061 mc.yandex.ru — Cisco Umbrella Rank: 3472 ysa-static.passport.yandex.ru — Cisco Umbrella Rank: 25280 an.yandex.ru — Cisco Umbrella Rank: 2244	387 KB
22	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 10550	5 KB
19	adfox.ru ads.adfox.ru — Cisco Umbrella Rank: 10773 banners.adfox.ru — Cisco Umbrella Rank: 61881	94 KB
16	google.com 3 redirects adservice.google.com — Cisco Umbrella Rank: 92 www.google.com — Cisco Umbrella Rank: 8	3 KB
10	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 276	242 KB
10	google.de adservice.google.de — Cisco Umbrella Rank: 7751 www.google.de — Cisco Umbrella Rank: 5448	2 KB
9	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 744 gum.criteo.com — Cisco Umbrella Rank: 391 mug.criteo.com — Cisco Umbrella Rank: 2727	9 KB
9	yastatic.net yastatic.net — Cisco Umbrella Rank: 6189	234 KB
8	24smi.net jsn.24smi.net — Cisco Umbrella Rank: 58053 data.24smi.net — Cisco Umbrella Rank: 58626 img.24smi.net — Cisco Umbrella Rank: 78961	59 KB
7	gstatic.com fonts.gstatic.com	122 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49 region1.google-analytics.com — Cisco Umbrella Rank: 2733	20 KB
5	yandex.net avatars.mds.yandex.net — Cisco Umbrella Rank: 7874 favicon.yandex.net — Cisco Umbrella Rank: 9592	63 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 179	167 KB
4	stat.media stat.media — Cisco Umbrella Rank: 22336	29 KB
4	tns-counter.ru 1 redirects tns-counter.ru — Cisco Umbrella Rank: 10783	62 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 608	4 KB
4	buzzoola.com 2 redirects exchange.buzzoola.com — Cisco Umbrella Rank: 18578	2 KB
4	kp.ru 2 redirects pda.tumen.kp.ru www.tumen.kp.ru	100 KB
3	googleadservices.com 2 redirects www.googleadservices.com — Cisco Umbrella Rank: 126	16 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 134	785 B
3	smi2.net target.smi2.net — Cisco Umbrella Rank: 117395 smi2.net — Cisco Umbrella Rank: 46224	2 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 244	3 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	210 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 71	3 KB
3	betweendigital.com ads.betweendigital.com — Cisco Umbrella Rank: 2197	3 KB
3	mail.ru ad.mail.ru — Cisco Umbrella Rank: 11075	1014 B
3	adriver.ru pb.adriver.ru — Cisco Umbrella Rank: 38127	909 B
3	creativecdn.com adfox-c2s-ams.creativecdn.com — Cisco Umbrella Rank: 61709	627 B
3	criteo.net static.criteo.net — Cisco Umbrella Rank: 606	40 KB
2	demdex.net 1 redirects skydeutschland.demdex.net — Cisco Umbrella Rank: 86800	2 KB
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 9125	2 KB
2	adsafeprotected.com 1 redirects pixel.adsafeprotected.com — Cisco Umbrella Rank: 536 static.adsafeprotected.com — Cisco Umbrella Rank: 562	687 B
1	smi2.ru smi2.ru — Cisco Umbrella Rank: 48295	868 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	22 KB
1	exactag.com m.exactag.com — Cisco Umbrella Rank: 11552	60 B
1	bidvol.com ssp.bidvol.com — Cisco Umbrella Rank: 28481	485 B
1	kp.house identity.kp.house — Cisco Umbrella Rank: 271500	2 KB
304	40

	Domain	Requested by
44	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 1c93cdb1133891517efd814bd17e41a7.safeframe.googlesyndication.com www.tumen.kp.ru bae702d774fa849aafdd12eb7538a159.safeframe.googlesyndication.com s0.2mdn.net
22	mc.yandex.com	2 redirects www.tumen.kp.ru mc.yandex.ru
19	pagead2.googlesyndication.com	securepubads.g.doubleclick.net 1c93cdb1133891517efd814bd17e41a7.safeframe.googlesyndication.com tpc.googlesyndication.com www.tumen.kp.ru googleads.g.doubleclick.net s0.2mdn.net www.googletagservices.com
18	s01.stc.yc.kpcdn.net	www.tumen.kp.ru s01.stc.yc.kpcdn.net
17	ads.adfox.ru	yandex.ru www.tumen.kp.ru
16	yandex.ru	www.tumen.kp.ru yandex.ru yastatic.net
13	www.google.com	3 redirects tpc.googlesyndication.com 1c93cdb1133891517efd814bd17e41a7.safeframe.googlesyndication.com www.tumen.kp.ru bae702d774fa849aafdd12eb7538a159.safeframe.googlesyndication.com
10	s0.2mdn.net	www.tumen.kp.ru s0.2mdn.net tpc.googlesyndication.com
10	googleads.g.doubleclick.net	2 redirects 1c93cdb1133891517efd814bd17e41a7.safeframe.googlesyndication.com www.tumen.kp.ru bae702d774fa849aafdd12eb7538a159.safeframe.googlesyndication.com www.googleadservices.com
9	yastatic.net	yandex.ru yastatic.net www.tumen.kp.ru
7	www.google.de	www.tumen.kp.ru
7	fonts.gstatic.com	fonts.googleapis.com
7	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.tumen.kp.ru
6	bidder.criteo.com	static.criteo.net
5	www.googletagservices.com	yastatic.net 1c93cdb1133891517efd814bd17e41a7.safeframe.googlesyndication.com bae702d774fa849aafdd12eb7538a159.safeframe.googlesyndication.com
4	stat.media	target.smi2.net stat.media
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.tumen.kp.ru
4	tns-counter.ru	1 redirects www.tumen.kp.ru tns-counter.ru
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	img.24smi.net	www.tumen.kp.ru
4	mc.yandex.ru	1 redirects yandex.ru www.tumen.kp.ru yastatic.net
4	exchange.buzzoola.com	2 redirects www.tumen.kp.ru
3	www.googleadservices.com	2 redirects yastatic.net
3	sb.scorecardresearch.com	1 redirects www.tumen.kp.ru
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.googletagmanager.com	www.tumen.kp.ru www.googletagmanager.com
3	adservice.google.com	securepubads.g.doubleclick.net
3	adservice.google.de	securepubads.g.doubleclick.net
3	avatars.mds.yandex.net	www.tumen.kp.ru
3	fonts.googleapis.com	client yastatic.net
3	ads.betweendigital.com	yandex.ru
3	ad.mail.ru	yandex.ru
3	pb.adriver.ru	yandex.ru
3	adfox-c2s-ams.creativecdn.com	yandex.ru
3	static.criteo.net	yandex.ru www.tumen.kp.ru
2	gum.criteo.com	1 redirects static.criteo.net
2	favicon.yandex.net	www.tumen.kp.ru
2	region1.google-analytics.com	www.googletagmanager.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	skydeutschland.demdex.net	1 redirects 1c93cdb1133891517efd814bd17e41a7.safeframe.googlesyndication.com
2	googleads4.g.doubleclick.net	www.tumen.kp.ru
2	counter.yadro.ru	1 redirects www.tumen.kp.ru
2	target.smi2.net	www.tumen.kp.ru
2	bae702d774fa849aafdd12eb7538a159.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	1c93cdb1133891517efd814bd17e41a7.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	banners.adfox.ru	www.tumen.kp.ru
2	data.24smi.net	jsn.24smi.net
2	jsn.24smi.net	yastatic.net jsn.24smi.net
2	s10.stc.yc.kpcdn.net	www.tumen.kp.ru
2	s02.api.yc.kpcdn.net	s01.stc.yc.kpcdn.net
2	www.tumen.kp.ru	www.tumen.kp.ru
2	pda.tumen.kp.ru	2 redirects
1	mug.criteo.com
1	smi2.net	www.tumen.kp.ru
1	smi2.ru	www.tumen.kp.ru
1	cdnjs.cloudflare.com	s0.2mdn.net
1	m.exactag.com	1c93cdb1133891517efd814bd17e41a7.safeframe.googlesyndication.com
1	an.yandex.ru	yandex.ru
1	static.adsafeprotected.com	1c93cdb1133891517efd814bd17e41a7.safeframe.googlesyndication.com
1	pixel.adsafeprotected.com	1 redirects
1	2ba128fbea317ed3d3b611d8744b68f6.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	ysa-static.passport.yandex.ru	www.tumen.kp.ru
1	ssp.bidvol.com	yandex.ru
1	s14.stc.yc.kpcdn.net	www.tumen.kp.ru
1	identity.kp.house	s01.stc.yc.kpcdn.net
1	matchid.adfox.yandex.ru	yandex.ru
1	s09.stc.yc.kpcdn.net	www.tumen.kp.ru
1	s16.stc.yc.kpcdn.net	www.tumen.kp.ru
304	69

This site contains links to these domains. Also see Links.

Domain
www.kazan.kp.ru
www.kp.ru
radiokp.ru
advert.kp.ru
parus.kp.ru
kino.kp.ru
tumen.kp.ru
ads.adfox.ru

Subject Issuer	Validity	Valid
uralian.kp.ru R3	`2022-05-25` - `2022-08-23`	3 months	crt.sh
*.xn--d1acpjx3f.xn--p1ai GlobalSign ECC OV SSL CA 2018	`2022-03-04` - `2022-09-01`	6 months	crt.sh
*.stc.yc.kpcdn.net R3	`2022-05-31` - `2022-08-29`	3 months	crt.sh
matchid.adfox.yandex.ru Yandex CA	`2022-02-05` - `2022-07-31`	6 months	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2022-04-01` - `2022-09-29`	6 months	crt.sh
identity.kp.house R3	`2022-05-10` - `2022-08-08`	3 months	crt.sh
s01.api.yc.kpcdn.net R3	`2022-06-08` - `2022-09-06`	3 months	crt.sh
*.adfox.ru GlobalSign RSA OV SSL CA 2018	`2022-05-30` - `2022-11-08`	5 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-21` - `2022-09-23`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.adriver.ru GlobalSign GCC R3 DV TLS CA 2020	`2022-04-05` - `2023-04-05`	a year	crt.sh
*.mail.ru GeoTrust ECC CA 2018	`2021-10-15` - `2022-11-15`	a year	crt.sh
*.ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-15` - `2023-01-15`	a year	crt.sh
ssp.bidvol.com R3	`2022-04-19` - `2022-07-18`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-15` - `2022-09-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-10-13` - `2022-10-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-05-21` - `2022-10-31`	5 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
*.avatars.yandex.net GlobalSign RSA OV SSL CA 2018	`2022-03-04` - `2023-04-05`	a year	crt.sh
*.s3.yandex.net GlobalSign RSA OV SSL CA 2018	`2022-03-11` - `2022-10-11`	7 months	crt.sh
*.google.de GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
ysa-static.passport.yandex.net GlobalSign ECC OV SSL CA 2018	`2022-03-04` - `2023-04-05`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
bs.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-05-05` - `2022-11-03`	6 months	crt.sh
*.tns-counter.ru GlobalSign ECC OV SSL CA 2018	`2021-12-10` - `2022-12-31`	a year	crt.sh
smi2.net R3	`2022-05-27` - `2022-08-25`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
*.exactag.com Sectigo ECC Domain Validation Secure Server CA	`2021-08-16` - `2022-09-14`	a year	crt.sh
www.google.de GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
favicon.yandex.net GlobalSign ECC OV SSL CA 2018	`2022-04-11` - `2022-09-10`	5 months	crt.sh
stat.media R3	`2022-05-10` - `2022-08-08`	3 months	crt.sh
smi2.ru R3	`2022-07-01` - `2022-09-29`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh

This page contains 23 frames:

Primary Page: https://www.tumen.kp.ru/
Frame ID: C29636C35B514E765158AEE418FEAA69
Requests: 173 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 87CED051D5E749617D3F9D52044F5FFC
Requests: 8 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Frame ID: B1E0BF45FA39DCF9BD8B83F86FC5580E
Requests: 23 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 1AC076DF31043E041989BE7047E98059
Requests: 7 HTTP requests in this frame

Frame: https://1c93cdb1133891517efd814bd17e41a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 5EE1E29DF5C77FB4D45296F55F1BF28B
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 8052995CA6437003BA5EBCEF67FDE956
Requests: 8 HTTP requests in this frame

Frame: https://1c93cdb1133891517efd814bd17e41a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 8F4C87945131D671F36E54ABF8CEC46F
Requests: 18 HTTP requests in this frame

Frame: https://2ba128fbea317ed3d3b611d8744b68f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 050770F93BCA24847CCCFB58EDDD5C82
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: ABC063BC6DB786AAFA53F027977E408B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 97BCCAD3C1FCF9BBB1A9E9870FBF703F
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGO6p_M0BMAE&v=APEucNXdz6jxVhCIsD8FtilHVsnhSTJ6uDP8Q6qv7gUreMJKfyFTc_yzalZsFEsuoQJnLSeQ8OHEz8QSUph-Qc6tK9JXm3tVBjvOMUKh-Y_UXRdp2WIXU4jVLRR9zrxxSm56suxGP4YBXKdwdbaykuDpkf1ESQKz229mcqevC8kNMw_28GV3Qoo
Frame ID: C3BB4CC2ED50B1CA96941546F6BEB8EE
Requests: 5 HTTP requests in this frame

Frame: https://bae702d774fa849aafdd12eb7538a159.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 7A16616925E77C03D897F86E565AE524
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 09887358C139676C2662E00D31A4E1B3
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F5A6C365CCD8B18AC9BF00E693518C84
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9DBC62800009953B7EED2FF15010F435
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DD5539748CA58789104DC1342F2A12C0
Requests: 2 HTTP requests in this frame

Frame: https://bae702d774fa849aafdd12eb7538a159.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: C04F91CC3DDEFC2890F50A50BF5C864F
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=TCBqRYGvr3&t=1&renderingType=2&ev=01_247
Frame ID: 5219B633C39F21483B5DEC53FF7BB3A9
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6198CED13E904192FD5450E31D4C3996
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/index.html
Frame ID: BABDE167A02273B1A2905BD9C7E37E6E
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: FDBFD17CFE2999882F7314A9AF530C73
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js
Frame ID: 52D9D6CF4CE21E6F81D437DD08056279
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.tumen.kp.ru
Frame ID: 3E8BCE2FF436FE8978DF0EDA082EEE55
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Новости Тюмени и Тюменской области: главные новости на сегодня | Комсомольская Правда в Тюмени - KP.Ru

Page URL History Show full URLs

http://pda.tumen.kp.ru/ HTTP 301
https://pda.tumen.kp.ru/ HTTP 303
https://www.tumen.kp.ru/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

304
Requests

95 %
HTTPS

58 %
IPv6

40
Domains

69
Subdomains

57
IPs

10
Countries

3537 kB
Transfer

9013 kB
Size

66
Cookies

34 Outgoing links

These are links going to different origins than the main page.

URL: https://www.kazan.kp.ru/daily/21712095/4332309/

Search URL Search Domain Scan URL

URL: https://www.kp.ru/daily/euromaidan/
Title: Спецоперация на Украине

Search URL Search Domain Scan URL

URL: https://www.kp.ru/sports/
Title: Спорт

Search URL Search Domain Scan URL

URL: https://www.kp.ru/samobranka/
Title: Самобранка

Search URL Search Domain Scan URL

URL: https://www.kp.ru/expert/
Title: Выбор экспертов

Search URL Search Domain Scan URL

URL: https://www.kp.ru/doctor/
Title: Доктор

Search URL Search Domain Scan URL

URL: https://www.kp.ru/family/
Title: Семья

Search URL Search Domain Scan URL

URL: https://www.kp.ru/woman/
Title: Женские секреты

Search URL Search Domain Scan URL

URL: https://www.kp.ru/putevoditel/
Title: Путеводитель

Search URL Search Domain Scan URL

URL: https://www.kp.ru/promokod/
Title: Промокоды

Search URL Search Domain Scan URL

URL: https://www.kp.ru/putevoditel/serialy/
Title: Сериалы

Search URL Search Domain Scan URL

URL: http://www.kp.ru/best/msk/projects/
Title: Спецпроекты

Search URL Search Domain Scan URL

URL: https://www.kp.ru/putevoditel/zdorove/defitsit-zheleza-u-zhenshhin/
Title: Дефицит железа

Search URL Search Domain Scan URL

URL: https://www.kp.ru/guide/
Title: Гид потребителя

Search URL Search Domain Scan URL

URL: https://www.kp.ru/daily/217165/4265546/
Title: Все о КП

Search URL Search Domain Scan URL

URL: https://radiokp.ru/
Title: Радио КП

Search URL Search Domain Scan URL

URL: https://advert.kp.ru/
Title: Реклама

Search URL Search Domain Scan URL

URL: https://www.kp.ru/daily/theme/16218/
Title: Украина: сводка

Search URL Search Domain Scan URL

URL: http://parus.kp.ru/
Title: Алый парус

Search URL Search Domain Scan URL

URL: https://kino.kp.ru/
Title: Наше кино

Search URL Search Domain Scan URL

URL: https://www.kp.ru/daily/koronavirus/
Title: COVID-19

Search URL Search Domain Scan URL

URL: https://www.kp.ru/daily/partiya_dela/
Title: Лица труда

Search URL Search Domain Scan URL

URL: https://www.kp.ru/russia/
Title: Отдых в России

Search URL Search Domain Scan URL

URL: https://www.kp.ru/incidents/
Title: Происшествия

Search URL Search Domain Scan URL

URL: https://www.kp.ru/afisha/msk/
Title: Афиша

Search URL Search Domain Scan URL

URL: https://tumen.kp.ru/tourism/
Title: Туризм

Search URL Search Domain Scan URL

URL: https://tumen.kp.ru/special/
Title: Дом. Семья

Search URL Search Domain Scan URL

URL: https://tumen.kp.ru/society/
Title: Общество

Search URL Search Domain Scan URL

URL: https://tumen.kp.ru/incidents/
Title: Происшествия

Search URL Search Domain Scan URL

URL: https://tumen.kp.ru/stars/
Title: Звезды

Search URL Search Domain Scan URL

URL: https://tumen.kp.ru/health/
Title: Здоровье

Search URL Search Domain Scan URL

URL: https://tumen.kp.ru/dom/
Title: Недвижимость

Search URL Search Domain Scan URL

URL: https://ads.adfox.ru/232598/goLink?ad-session-id=9907131657329149716&hash=1149b4828afc4ddb&puid1=adv-1657329149674-292&sj=1-AGldmrvhClGGrCjce5TsgzOnacyLrY98C_H-KXOKjAN4uHv2OTHsh1qWBCDw%3D%3D&rand=niwqsqg&rqs=_cF1AbUMuD_-1chikKVaHz3eYtjsl-Wh&puid3=top%3Aregion&pr=dyeeiod&p1=clerf&ytt=423863344300037&p5=ljjmt&ybv=0.612099&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&p2=gvdq&ylv=0.612099&pf=http%3A%2F%2Fads.adfox.ru%2F232598%2FgoLink%3Fp1%3Dbzbip%26p2%3Dfrfe%26p5%3Dlsrgh%26pr%3D1%26puid1%3D%26puid2%3D%26puid3%3D%26puid4%3D%26puid5%3D%26puid6%3D%26puid7%3D

Search URL Search Domain Scan URL

URL: https://ads.adfox.ru/232598/goLink?ad-session-id=9907131657329149716&hash=1149b4828afc4ddb&puid1=adv-1657329149674-292&sj=1-AGldmrvhClGGrCjce5TsgzOnacyLrY98C_H-KXOKjAN4uHv2OTHsh1qWBCDw%3D%3D&rand=niwqsqg&rqs=_cF1AbUMuD_-1chikKVaHz3eYtjsl-Wh&puid3=top%3Aregion&pr=dyeeiod&p1=clerf&ytt=423863344300037&p5=ljjmt&ybv=0.612099&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&p2=gvdq&ylv=0.612099&pf=https%3A%2F%2Fwww.msk.kp.ru%2Fdaily%2Fmoskva-budushego%2F

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://pda.tumen.kp.ru/ HTTP 301
https://pda.tumen.kp.ru/ HTTP 303
https://www.tumen.kp.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://exchange.buzzoola.com/ssp/adfox HTTP 307
https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t

Request Chain 52

https://exchange.buzzoola.com/ssp/adfox HTTP 307
https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t

Request Chain 120

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9693.K7RkhM4a-an70jbYTthIxKzQMLWaKrJNRVV8r4pCbxpOHwrF6-_i72LEFqYa5X8O.xUzG3grK6O4LqRTYOG8WiqP7aiA%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9693.WLPoiV12zUE0rcC1VY-NO7ZZfjcYgQCe9GWd-LjyYp5jBSU3YazHmvQpSxFGqtmpWFD2gH2nPsmOamt3fm5d8d3YL9jzGCXLbIfhxFYHiPg%2C.-7vgyBYILR83_sje7lG2igyLpxU%2C

Request Chain 135

https://pixel.adsafeprotected.com/rfw/st/1083870/64162795/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_dspID=3&ias_campId=1008209757&ias_pubId=pub-7172733408455692&ias_chanId=1&ias_placementId=17611747867&bidurl=https://www.tumen.kp.ru/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0g0AvjzCIol8moiqqJrd_iy HTTP 302
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 149

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKIAtgVJI-dujdqKYsIUpII&google_cver=1

Request Chain 150

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YsjV-xXQxrTZQfd2JxPpLQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEiQr4omnpya0x_DblSbyiI&google_cver=1

Request Chain 151

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEDivxYrv2khFhvJrnz6LCfM&google_cver=1

Request Chain 152

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ2NTM4MDM1NDQ1ODkwNzI0OQ%3D%3D

Request Chain 172

https://counter.yadro.ru/hit;kp/kpall/reg/kptumen?r;s1600*1200*24;uhttps%3A//www.tumen.kp.ru/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0422%u044E%u043C%u0435%u043D%u0438%20%u0438%20%u0422%u044E%u043C%u0435%u043D%u0441%u043A%u043E%u0439%20%u043E%u0431%u043B%u0430%u0441%u0442%u0438%3A%20%u0433%u043B%u0430%u0432%u043D%u044B%u0435%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438%20%u043D%u0430%20%u0441%u0435%u0433%u043E%u0434%u043D%u044F%20%7C%20%u041A%u043E%u043C%u0441%u043E%u043C%u043E%u043B%u044C%u0441%u043A%u0430%u044F%20%u041F;0.5403549518281558 HTTP 302
https://counter.yadro.ru/hit;kp/kpall/reg/kptumen?q;r;s1600*1200*24;uhttps%3A//www.tumen.kp.ru/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0422%u044E%u043C%u0435%u043D%u0438%20%u0438%20%u0422%u044E%u043C%u0435%u043D%u0441%u043A%u043E%u0439%20%u043E%u0431%u043B%u0430%u0441%u0442%u0438%3A%20%u0433%u043B%u0430%u0432%u043D%u044B%u0435%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438%20%u043D%u0430%20%u0441%u0435%u0433%u043E%u0434%u043D%u044F%20%7C%20%u041A%u043E%u043C%u0441%u043E%u043C%u043E%u043B%u044C%u0441%u043A%u0430%u044F%20%u041F;0.5403549518281558

Request Chain 177

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131962155&d_placement=339771397&d_campaign=28017826&d_bust=3941290521&gdpr=&gdpr_consent= HTTP 302
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131962155&d_placement=339771397&d_campaign=28017826&d_bust=3941290521&gdpr=&gdpr_consent=

Request Chain 180

https://mc.yandex.com/watch/26254?wmode=7&page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2n2z35yck7fai9c6gvqew%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A641159656718%3Ahid%3A24424282%3Az%3A0%3Ai%3A20220709011230%3Aet%3A1657329151%3Ac%3A1%3Arn%3A324585750%3Au%3A1657329151362652560%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1657329147906%3Aco%3A0%3Arqnl%3A1%3Ast%3A1657329151%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20-%20KP.Ru&t=gdpr(14)clc(0-0-0)aw(1)rqnl(1)ti(2) HTTP 302
https://mc.yandex.com/watch/26254/1?wmode=7&page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2n2z35yck7fai9c6gvqew%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A641159656718%3Ahid%3A24424282%3Az%3A0%3Ai%3A20220709011230%3Aet%3A1657329151%3Ac%3A1%3Arn%3A324585750%3Au%3A1657329151362652560%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1657329147906%3Aco%3A0%3Arqnl%3A1%3Ast%3A1657329151%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20-%20KP.Ru&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnl%281%29ti%282%29

Request Chain 233

https://tns-counter.ru/V13a***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/803887895 HTTP 302
https://tns-counter.ru/V13b***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/803887895

Request Chain 266

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 288

https://sb.scorecardresearch.com/c2/16803468/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/default/cs.js

Request Chain 290

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=ANbIYsyTNJyK9fgPxr2c6Aw&random=1061912254&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1061912254&crd=&is_vtc=1&random=1488144436 HTTP 302
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1061912254&crd=&is_vtc=1&random=1488144436&ipr=y

Request Chain 291

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=ANbIYqeTNMGJ9fgPnOK40AE&random=510370282&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=510370282&crd=&is_vtc=1&random=34604020 HTTP 302
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=510370282&crd=&is_vtc=1&random=34604020&ipr=y

Request Chain 295

https://gum.criteo.com/sid/json?origin=publishertag&domain=kp.ru&sn=ChromeSyncframe&so=0&topUrl=www.tumen.kp.ru&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=GCy-cnxOYmY3K0IrSmllZXAxVlpHZTZjSFlZWFhuK1dUQ0MvY2pmTTJ1NWUzaDg1QXQzR3pXTnpyZFpSMmI0ZnUrWC81YWE0WUZxd0V6TEpKZmllcWJ3VHNpNjJpSHBsOGUrbGE5MEpadWRBTE12N1JRbTJOVnhLU3pGeVFkMElHUXFWS25weDlKTmpqQjhKbDVDMEJEWDZaN2VFdnN5V0hYRmg1UzJERVozK2E2eTZPTzRLSEZnbWoyS294aVdiUzVrbVd3QVl3TG5MR055d2lZQW5SSkMrVE10eDQ0UnZsb1U2dEpLU2JVZGE0WXRGNHZCZkxnRkFRems1OHYwYnVMVXlEQk5SUW0zRFZHaVVKUXRxUFRrNjNFQT09fA&cppv=2

304 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.tumen.kp.ru/
Redirect Chain

http://pda.tumen.kp.ru/
https://pda.tumen.kp.ru/
https://www.tumen.kp.ru/

704 KB
97 KB

205ms
90ms

Document
text/html

95.181.181.82
EDGECENTERLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumen.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.181.181.82 , Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: d7967a1bd0d70e43ad3a45d355bd875102055a291468a7515fbcfdb762e4be06

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 09 Jul 2022 01:12:28 GMT
server: nginx
vary: Accept-Encoding
x-manifest-version-id: 0005E2BF065E254F

Redirect headers

content-length: 51
content-type: text/html; charset=utf-8
date: Sat, 09 Jul 2022 01:12:28 GMT
location: https://www.tumen.kp.ru/
server: nginx

GET
H2 200 header-bidding.js Show response
yandex.ru/ads/system/ 122 KB
32 KB 238ms
84ms Script
text/javascript 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/header-bidding.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

4be74101162d4ed978851bd6dd595e849e4209b55cdfbf43bf39fdaee81a4192

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1657329148821080-12815200373179395978-sas2-0259-2ea-sas-l7-balancer-8080-BAL-7001
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Sat, 09 Jul 2022 02:12:28 GMT

GET
H2 200 context.js Show response
yandex.ru/ads/system/ 285 KB
77 KB 241ms
87ms Script
text/javascript 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

fabc35515a741521e45c951c48086cbed8392a47fff166c7e9443ca6e0cf7070

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1657329148821334-4165459413342479460-sas2-0259-2ea-sas-l7-balancer-8080-BAL-2670
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Sat, 09 Jul 2022 02:12:28 GMT

GET
DATA 200
OK truncated
/ 587 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 445837ee1d1da2644d2531f84c664f157828154b8b5e032dbef64c3a8308ef17

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3394110000caa52bc9dcf892178cb4a7a8d25db76721a2290caaeb667413a4d0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6b0c6ad2a39e30acdd045f1e10d04d6032f0447387edd32af55f7d80b2d4f0f0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 88c3f8d6237466d983567ddf480dfb98.woff2
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 22 KB
22 KB 333ms
22ms Font
font/woff2 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/88c3f8d6237466d983567ddf480dfb98.woff2

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

7a0fb8fc4de0bde528e5b17743e35c50492d1d1de41567cb3b83f5a63db862d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumen.kp.ru/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc15
date: Sat, 09 Jul 2022 01:12:29 GMT
x-content-type-options: nosniff
x-server-trace-id: 6d64dc11cc8699ae:625c26f719435127:6d64dc11cc8699ae:1
x-amz-request-id: 476bf7b2ecb30120
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T01:02:31+00:00
content-length: 22100
x-request-id: f38aa6f2-1da5-43af-8157-51522273e517
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:45 GMT
server: nginx
etag: "88c3f8d6237466d983567ddf480dfb98"
x-amz-version-id: 0005D1CC489C28E6
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-type: font/woff2
expires: Sun, 10 Jul 2022 01:12:29 GMT

GET
H2 200 71df57f56c922e07c34676f1e3160977.woff2
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 39 KB
39 KB 326ms
24ms Font
font/woff2 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/71df57f56c922e07c34676f1e3160977.woff2

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

9205ceae907f8417e3b4bd8463b1075526a25da4cdd2aed549b03cd6869632aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumen.kp.ru/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc15
date: Sat, 09 Jul 2022 01:12:29 GMT
x-content-type-options: nosniff
x-server-trace-id: 4e804d95ffb6ef13:84487684b01eadbc:4e804d95ffb6ef13:1
x-amz-request-id: 54429927d369d31d
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T01:02:31+00:00
content-length: 39768
x-request-id: 22cf33d6-5003-42ac-af05-2fa28d310ee5
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:45 GMT
server: nginx
etag: "71df57f56c922e07c34676f1e3160977"
x-amz-version-id: 0005D1CC48A637F4
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-type: font/woff2
expires: Sun, 10 Jul 2022 01:12:29 GMT

GET
H2 200 0b10ab6aa24fb2b424de7991b679f5e9.png
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 6 KB
6 KB 261ms
22ms Image
image/png 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/0b10ab6aa24fb2b424de7991b679f5e9.png

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

abb5348aeb50feab8abc0212d24ef2d4daa64f08d38e6cabce13e7a78f1ad837

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc30
date: Sat, 09 Jul 2022 01:12:29 GMT
x-content-type-options: nosniff
x-server-trace-id: 1ac5401cdec68adf:faa0402866683798:1ac5401cdec68adf:1
x-amz-request-id: 681655f21d4a8004
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-08T14:32:39+00:00
content-length: 6368
x-request-id: dd8fc971-2dab-40b2-a433-2baeb1205788
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:49 GMT
server: nginx
etag: "0b10ab6aa24fb2b424de7991b679f5e9"
x-amz-version-id: 0005D1CC48E0B8E0
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-type: image/png
expires: Sun, 10 Jul 2022 01:12:29 GMT

GET
H2 200 favicon-16.png
www.tumen.kp.ru/boom/api/2/metrics/adaptive/ 514 B
923 B 144ms
144ms Image
image/png 95.181.181.82
EDGECENTERLLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tumen.kp.ru/boom/api/2/metrics/adaptive/favicon-16.png?target.base=digest&target.entity=root&target.spot=tumen

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.181.181.82 , Russian Federation, ASN210756 (EDGECENTERLLC, RU),

Reverse DNS

Software

nginx /

Resource Hash

da09f03549a3d9ae51406d85931ec2682bc82759cf96101b982496da1139ddda

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:28 GMT
x-content-type-options: nosniff
last-modified: Sat, 27 Nov 2021 21:56:51 GMT
server: nginx
x-server-trace-id: 51eb04356158d0b8:801a85aa83623622:51eb04356158d0b8:1
x-amz-request-id: 712d2215fb16f787
x-serverless-gateway-path: /boom/api/{api}/{version}/{content+}
etag: "642c7d14314b78ed52c384a1a2ba4203"
content-type: image/png
access-control-allow-origin: *
content-length: 514
x-serverless-gateway-id: d5dscajgqq50cos2lp8d
x-amz-version-id: 0005D1CC48F877CB
x-request-id: 05700061-f1bd-4cef-9f14-90e504d61488

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: becefc9f93e9ea8cec1d4749c473c476c44e65a7eee7d88dda107958649413e9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d3114c4944dcf347da9b150fbd12bf83cf1a719fca0eb5480d9af4cb2f30aefc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 d.svg
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/meteo/ 2 KB
2 KB 258ms
21ms Image
image/svg+xml 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/meteo/d.svg

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

541348f95206a170effd95f869a9c576be30f9408b7bfa5885aa94d29fce726b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc30
date: Sat, 09 Jul 2022 01:12:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: 28d720d6cd869581:678477f113d49dd2:28d720d6cd869581:1
x-amz-request-id: 80bf86bfb6719868
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-08T15:03:57+00:00
x-request-id: c95c52cd-4aef-4e38-ab84-5d27bd8d25a6
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:53 GMT
server: nginx
etag: W/"eb1d088e654cd61490ce9ed3f821ccd4"
x-amz-version-id: 0005D1CC491EC82D
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: image/svg+xml
expires: Sun, 10 Jul 2022 01:12:29 GMT

GET
H2 200 wr-750.webp
s16.stc.yc.kpcdn.net/share/i/12/12590238/ 78 KB
78 KB 306ms
249ms Image
image/webp 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s16.stc.yc.kpcdn.net/share/i/12/12590238/wr-750.webp
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: cc557f7c454f4507d1722f12a78d6cc4a10cf3db3104d761dc87cb014bbaa21c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc37
date: Sat, 09 Jul 2022 01:12:29 GMT
last-modified: Fri, 08 Jul 2022 07:07:43 GMT
server: nginx
x-amz-request-id: ab7439806a8d0a21
etag: "44428bebf9d1c3579acd0f03e40b2dd8"
x-amz-version-id: null
cache-control: max-age=345600
cache: MISS
accept-ranges: bytes
content-type: image/webp
content-length: 79478
expires: Wed, 13 Jul 2022 01:12:29 GMT

GET
H2 200 325472601571f31e1bf00674c368d335.gif
s09.stc.yc.kpcdn.net/share/i/beige/ 43 B
303 B 77ms
20ms Image
image/gif 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s09.stc.yc.kpcdn.net/share/i/beige/325472601571f31e1bf00674c368d335.gif
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc30
date: Sat, 09 Jul 2022 01:12:28 GMT
last-modified: Sat, 02 Oct 2021 15:40:25 GMT
server: nginx
x-amz-request-id: bc615c66a453d20b
etag: "325472601571f31e1bf00674c368d335"
x-cached-since: 2022-07-05T18:43:05+00:00
x-amz-version-id: null
cache-control: max-age=345600
cache: HIT
accept-ranges: bytes
content-type: image/gif
content-length: 43
expires: Wed, 13 Jul 2022 01:12:28 GMT

GET
H2 200 vendors~adaptive.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 339 KB
128 KB 247ms
27ms Script
text/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/vendors~adaptive.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

b2b5ba1466d0642bd868bef2b0e13277b34376fd0a11484fc1518d67e48b727d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc30
date: Sat, 09 Jul 2022 01:12:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: 2bb3e25731d32246:72ff524034c1332b:2bb3e25731d32246:1
x-amz-request-id: 28a58c7c38baf907
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-08T14:23:40+00:00
x-request-id: 6fe18d4c-d792-446d-adcc-9b8d83622a2f
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Thu, 30 Jun 2022 12:10:27 GMT
server: nginx
etag: W/"98675e5b796bd847a8803e1c69d8b874"
x-amz-version-id: 0005E2A927C058B5
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Sun, 10 Jul 2022 01:12:29 GMT

GET
H2 200 adaptive.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 276 KB
81 KB 244ms
24ms Script
text/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/adaptive.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

924170a2b204eb90280acbb03496558dc98acc1b9d6fd96ae955996047ec970d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc30
date: Sat, 09 Jul 2022 01:12:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: 1ea5dd30d1f4b17:1eb6966acc9347dd:1ea5dd30d1f4b17:1
x-amz-request-id: 2d3d2b74127e5a19
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-08T14:23:40+00:00
x-request-id: 10692297-0258-425c-9d54-0831e8a826d6
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Fri, 01 Jul 2022 13:33:52 GMT
server: nginx
etag: W/"2378fe123e0fecebba09157bb2536b9c"
x-amz-version-id: 0005E2BE6FE323CA
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Sun, 10 Jul 2022 01:12:29 GMT

GET
H2 200 adaptive-topbar.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 67 KB
23 KB 25ms
24ms Script
text/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/adaptive-topbar.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

2d32f681e01e8082f5df941a021b306e98063b7330b197ba674e71dcc5dc4d4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc30
date: Sat, 09 Jul 2022 01:12:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: 4f5cac2fd4c28593:3b352b276fa89f01:4f5cac2fd4c28593:1
x-amz-request-id: c136fdca823f3f3e
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-08T14:23:40+00:00
x-request-id: 69d9ff52-fa32-4866-80b3-dc7ff918ad53
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Fri, 01 Jul 2022 13:33:52 GMT
server: nginx
etag: W/"7700d4b62e38d1493f2653db0feb9b45"
x-amz-version-id: 0005E2BE6FE49A25
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Sun, 10 Jul 2022 01:12:29 GMT

GET
H2 200 radio.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 10 KB
4 KB 24ms
24ms Script
text/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/radio.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

73720f862be505fc73b3884bc441d49060f787d3273bde1738114819dcbaf0a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc30
date: Sat, 09 Jul 2022 01:12:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: 13de4962a7ec4ca0:cd28d25665124e08:13de4962a7ec4ca0:1
x-amz-request-id: c9fa0b379be0ff76
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-08T14:23:40+00:00
x-request-id: 6aa25632-fb93-4e71-ab4b-87e24a6f7d2d
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Thu, 30 Jun 2022 12:10:26 GMT
server: nginx
etag: W/"a3a9cccf9e2d2a9ce8f7bafa4339497a"
x-amz-version-id: 0005E2A927A79488
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Sun, 10 Jul 2022 01:12:29 GMT

GET
H2 200 main.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 17 KB
7 KB 26ms
23ms Script
text/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/main.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

69c3207f80de1de6ee4ff239d740ea31bbc7091e7870365c49aad61b21359687

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc30
date: Sat, 09 Jul 2022 01:12:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: 939444adb2c0c93f:c8e98a00298b11ee:939444adb2c0c93f:1
x-amz-request-id: f83932238a9cd46b
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-08T14:44:52+00:00
x-request-id: 4cb50666-f027-4348-9a43-e6d911020d48
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Fri, 01 Jul 2022 12:39:39 GMT
server: nginx
etag: W/"cb2b1ed58fb8b4ba09dc5e9487c8fa34"
x-amz-version-id: 0005E2BDAE058001
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Sun, 10 Jul 2022 01:12:29 GMT

GET
H2 200 vendors~digest-area.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 97 KB
32 KB 28ms
25ms Script
text/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/vendors~digest-area.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

32b0f7e66a50c24d967afd1b4c120fc5a898758db2d7d2023c8987c312c8f2fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc30
date: Sat, 09 Jul 2022 01:12:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: 2b4fa7e1211648dd:7e71d1439c6867da:2b4fa7e1211648dd:1
x-amz-request-id: b6231ef31e0500e6
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-08T14:54:22+00:00
x-request-id: 5912bd8c-f346-40c7-9d1f-2e4b6a439970
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Fri, 01 Jul 2022 12:39:41 GMT
server: nginx
etag: W/"46e357ef7b6cf3e349c3af0978aca190"
x-amz-version-id: 0005E2BDAE241823
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Sun, 10 Jul 2022 01:12:29 GMT

GET
H2 200 digest-area~digest-section~note~online-page~photo~section-video~see-also~special-article~video.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 22 KB
8 KB 27ms
24ms Script
text/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/digest-area~digest-section~note~online-page~photo~section-video~see-also~special-article~video.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

aa99cf825a3d0aa0fe6ef29ade07cea2dd50561661e91f65a8dbc06bf1c4b4d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc30
date: Sat, 09 Jul 2022 01:12:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: 951e1ae5501bc730:355d4cc1842e911f:951e1ae5501bc730:1
x-amz-request-id: d9a1b1973a60cf9f
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-08T14:23:41+00:00
x-request-id: 95391caf-606f-43cc-be99-9e9f9984d67b
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Fri, 01 Jul 2022 12:39:38 GMT
server: nginx
etag: W/"b31cfb10ee072ead4f32a6885a826cae"
x-amz-version-id: 0005E2BDADE973C2
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Sun, 10 Jul 2022 01:12:29 GMT

GET
H2 200 digest-area~digest-section~online-page~section-video~see-also.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 36 KB
13 KB 29ms
26ms Script
text/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/digest-area~digest-section~online-page~section-video~see-also.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

677acc9eed10d735ed46dabd82553005a036fe19930511d9850060a4fb6d2c2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc30
date: Sat, 09 Jul 2022 01:12:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: d8ea85d68d7bc307:acefde84da29bc74:d8ea85d68d7bc307:1
x-amz-request-id: ba00e823f5dcdbb9
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-08T14:44:52+00:00
x-request-id: 95eb15b3-971c-4667-8317-90f57ff98e8b
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Fri, 01 Jul 2022 12:39:38 GMT
server: nginx
etag: W/"0df52b90df7ad9d22083e858071729f8"
x-amz-version-id: 0005E2BDADEDD1AE
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Sun, 10 Jul 2022 01:12:29 GMT

GET
H2 200 digest-area.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 47 KB
13 KB 30ms
28ms Script
text/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/digest-area.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

77403385afe39467e0833e772e0221fdad7007eb96d819d6fb21c776392e81c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc30
date: Sat, 09 Jul 2022 01:12:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: 48cd17d29305ea55:baa9b262f545192e:48cd17d29305ea55:1
x-amz-request-id: d18ceb64d38f5bbb
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-08T17:10:04+00:00
x-request-id: a1df7322-92b3-4539-bda2-ef96ae4da149
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Fri, 01 Jul 2022 13:33:52 GMT
server: nginx
etag: W/"4682a0351fe6956c5d06b8ec281c0f4b"
x-amz-version-id: 0005E2BE6FEC6309
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Sun, 10 Jul 2022 01:12:29 GMT

GET
DATA 200
OK truncated
/ 162 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6ff082130eb8e0fe1ba485606bab3de43a410b184c718be62c739ab9f67c6863

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 d_c1.svg
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/meteo/ 2 KB
1 KB 28ms
27ms Image
image/svg+xml 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/meteo/d_c1.svg

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

6251ec4f734c7d06fd01d32d191786319864206e9b374cfda5f055314427487c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc30
date: Sat, 09 Jul 2022 01:12:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: 8672f0d35d529708:45cafe0100cab8b7:8672f0d35d529708:1
x-amz-request-id: ba340b064cdd7673
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-08T15:19:51+00:00
x-request-id: 9affaf76-6ab6-4121-a21b-d00a35235bb1
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:54 GMT
server: nginx
etag: W/"487f54f0c53e89966ecb91fb18632e0d"
x-amz-version-id: 0005D1CC492F37C9
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: image/svg+xml
expires: Sun, 10 Jul 2022 01:12:29 GMT

GET
H2 200 getcookie Show response
matchid.adfox.yandex.ru/ 88 B
374 B 366ms
72ms XHR
application/json 2a02:6b8::16b
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://matchid.adfox.yandex.ru/getcookie

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::16b Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

a9d32de5e2a605dc6e26e1482de4634c5287da675138ca7e54c629f3f2ff82bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://www.tumen.kp.ru
date: Sat, 09 Jul 2022 01:12:29 GMT
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 88
x-content-type-options: nosniff
content-type: application/json

GET
H2 200 f9d21c388edd4fa1314d.js Show response
yastatic.net/partner-code-bundles/612099/ 13 KB
5 KB 188ms
63ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/612099/f9d21c388edd4fa1314d.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

5f79f2248ec9a61063edb2d147185af69a5f1dc235d2aa3cee326032d15d6149

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.tumen.kp.ru/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:29 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4462
last-modified: Thu, 07 Jul 2022 19:27:10 GMT
server: nginx/1.17.9
etag: "6a27e435a6a80f146099f935d0388d16"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 08 Jul 2052 07:48:08 GMT

GET
H2 200 d7c474c5d65c443d9f38.js Show response
yastatic.net/partner-code-bundles/612099/ 86 KB
18 KB 244ms
119ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/612099/d7c474c5d65c443d9f38.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

7fecc7639be7e62a5331cb184a10d8ef8a06237317e797830a717054016c4c20

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.tumen.kp.ru/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:29 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 17857
last-modified: Thu, 07 Jul 2022 19:27:10 GMT
server: nginx/1.17.9
etag: "8257fc8bebec331a29dbc6426ccf2e20"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 08 Jul 2052 07:48:04 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 262ms
138ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.tumen.kp.ru/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:29 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 08 Jul 2052 07:44:00 GMT

GET
H2 200 3f2865e0d5f2d3b6288d.js Show response
yastatic.net/partner-code-bundles/612099/ 553 KB
112 KB 290ms
169ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/612099/3f2865e0d5f2d3b6288d.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

18b94ef3c41770b428b20d5ec02a81f193450c869521969d03f1a62200abb97e

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.tumen.kp.ru/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:29 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 114167
last-modified: Thu, 07 Jul 2022 19:27:09 GMT
server: nginx/1.17.9
etag: "6913369bdfa2f3455bccd71d65e73d6d"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 08 Jul 2052 07:48:04 GMT

GET
H2 200 token.json Show response
identity.kp.house/identity/api/2/auth/ 754 B
2 KB 348ms
182ms Fetch
application/json 95.181.181.12
EDGECENTERLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://identity.kp.house/identity/api/2/auth/token.json?callback=data&client_name=prod&sub=1
Requested by: Host: s01.stc.yc.kpcdn.net
URL: https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/adaptive.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.181.181.12 , Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: e30829e30546929dbc2c8217b9d7242f57b757b8285f95c1b2fedf4cea49d292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:29 GMT
content-encoding: gzip
last-modified: Sat, 09 Jul 2022 01:12:29 -0000
server: nginx
etag: "72925fedae1b5cbe0bfb6bd6185e91f0"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.tumen.kp.ru
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Set-Cookie,Cookie
content-length: 611

GET
H2 200 get.json Show response
s02.api.yc.kpcdn.net/content/api/1/pages/ 52 B
253 B 590ms
206ms Fetch
application/json 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://s02.api.yc.kpcdn.net/content/api/1/pages/get.json?callback=cb-5524430&pages.direction=current&pages.spot=49&pages.target.class=194&pages.target.id=0&sub=1
Requested by: Host: s01.stc.yc.kpcdn.net
URL: https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/adaptive.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: ec7ca374784bc8cf2540e39f1565bd482ddce914dd4f7e5148698e147d55043e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc17
date: Sat, 09 Jul 2022 01:12:30 GMT
last-modified: Sat, 09 Jul 2022 01:12:30 -0000
server: nginx
etag: "c7974d8a07bc79c9930f4ba881a06fd3"
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=600
cache: MISS
accept-ranges: bytes
content-length: 52
expires: Sat, 09 Jul 2022 01:22:30 GMT

GET
H2 200 get.json Show response
s02.api.yc.kpcdn.net/content/api/1/pages/ 181 KB
38 KB 734ms
352ms Fetch
application/json 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://s02.api.yc.kpcdn.net/content/api/1/pages/get.json?callback=cb-5524430&pages.direction=current&pages.spot=49&pages.target.class=68&pages.target.id=0&sub=1
Requested by: Host: s01.stc.yc.kpcdn.net
URL: https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/adaptive.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 3e0ba6e949555bd0cd8b4cc650cd5aa0b2af830b5beb89976706359dd27329a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc17
date: Sat, 09 Jul 2022 01:12:30 GMT
content-encoding: gzip
last-modified: Sat, 09 Jul 2022 01:12:30 -0000
server: nginx
etag: W/"fd4ef7f3a3dc2185683ba483c3d21a8f"
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=600
cache: MISS
expires: Sat, 09 Jul 2022 01:22:30 GMT

HEAD
H2 200 banner.gif
s01.stc.yc.kpcdn.net/s0/v-0005D1CC497B5068/adaptive/img/ 0
0 20ms
20ms Fetch
image/gif 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/v-0005D1CC497B5068/adaptive/img/banner.gif?adriver

Requested by

Host: s01.stc.yc.kpcdn.net
URL: https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/adaptive.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc15
date: Sat, 09 Jul 2022 01:12:29 GMT
x-content-type-options: nosniff
x-server-trace-id: 7740d612e13d8624:c9a54050198bbcb6:7740d612e13d8624:1
x-amz-request-id: 17d7df35c5ca7ff7
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T00:59:35+00:00
content-length: 43
x-request-id: a965f95e-fd37-4064-ba83-198bcf9f0ddd
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:59 GMT
server: nginx
etag: "325472601571f31e1bf00674c368d335"
x-amz-version-id: 0005D1CC497B5068
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-type: image/gif
expires: Sun, 10 Jul 2022 01:12:29 GMT

GET
DATA 200
OK truncated
/ 169 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 35ed988aff3c8059b4869fd94cc2885879041fbd698317a53741bca5095c3091

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 700 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 59e2467d94ae007fa71bc0b10f4b92f227edfa03afb5ce7c904b9ea2bcf537e9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 8b30c8d1c1f0427f0034cce82ade6db3.png
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 3 KB
3 KB 21ms
20ms Image
image/png 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/8b30c8d1c1f0427f0034cce82ade6db3.png

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

1d386626a236bf37f510e9c0c2d85036641c5cc85bed4b320a181861477d0ec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc30
date: Sat, 09 Jul 2022 01:12:29 GMT
x-content-type-options: nosniff
x-server-trace-id: 6ef3b04f763f163:fd86715c28b3d5dc:6ef3b04f763f163:1
x-amz-request-id: 7f983bb9ba1a9919
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-08T14:48:01+00:00
content-length: 2873
x-request-id: e6a22a33-7272-4249-9e7c-dcfb5fdaf44b
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:46 GMT
server: nginx
etag: "8b30c8d1c1f0427f0034cce82ade6db3"
x-amz-version-id: 0005D1CC48B4B459
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-type: image/png
expires: Sun, 10 Jul 2022 01:12:29 GMT

GET
H2 200 wr-750.webp
s14.stc.yc.kpcdn.net/share/i/12/12590110/ 74 KB
74 KB 678ms
441ms Image
image/webp 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s14.stc.yc.kpcdn.net/share/i/12/12590110/wr-750.webp
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 01c3133a48ff2cc94764baf35da0123b56adc3473636cb010174cbd80506801b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc30
date: Sat, 09 Jul 2022 01:12:30 GMT
last-modified: Fri, 08 Jul 2022 06:19:22 GMT
server: nginx
x-amz-request-id: 02886caea331eaf4
etag: "1a7d8b1c1868c5ed8bc3db636bfb3a9a"
x-amz-version-id: null
cache-control: max-age=345600
cache: MISS
accept-ranges: bytes
content-type: image/webp
content-length: 75894
expires: Wed, 13 Jul 2022 01:12:30 GMT

GET
H2 200 wr-750.webp
s10.stc.yc.kpcdn.net/share/i/12/12589075/ 41 KB
41 KB 79ms
21ms Image
image/webp 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s10.stc.yc.kpcdn.net/share/i/12/12589075/wr-750.webp
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 5f82a0326043e566a49afe9721e264995b5031f4f102cf64f699b36da7d02c99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc30
date: Sat, 09 Jul 2022 01:12:29 GMT
last-modified: Thu, 07 Jul 2022 13:03:50 GMT
server: nginx
x-amz-request-id: 66ef62b0ac2e4ad1
etag: "f3e98c48bcc09acad79f3459499061de"
x-cached-since: 2022-07-07T13:13:19+00:00
x-amz-version-id: null
cache-control: max-age=345600
cache: HIT
accept-ranges: bytes
content-type: image/webp
content-length: 42110
expires: Wed, 13 Jul 2022 01:12:29 GMT

GET
H2 200 wr-750.webp
s10.stc.yc.kpcdn.net/share/i/12/12588124/ 114 KB
115 KB 81ms
24ms Image
image/webp 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s10.stc.yc.kpcdn.net/share/i/12/12588124/wr-750.webp
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 8542641e7c8131c5619a1dbd3665906f93961e0ce164d64f5a869de32ebda899

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc30
date: Sat, 09 Jul 2022 01:12:29 GMT
last-modified: Thu, 07 Jul 2022 07:01:12 GMT
server: nginx
x-amz-request-id: de558fe20eb05886
etag: "3876e5a2b4351e2f5cd2edd9ace19a87"
x-cached-since: 2022-07-07T10:02:16+00:00
x-amz-version-id: null
cache-control: max-age=345600
cache: HIT
accept-ranges: bytes
content-type: image/webp
content-length: 117236
expires: Wed, 13 Jul 2022 01:12:29 GMT

GET
H2 200 9a588310742adbc44f55.js Show response
yastatic.net/partner-code-bundles/599290/ 37 KB
10 KB 58ms
57ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/599290/9a588310742adbc44f55.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

3bdab4da5017468f0ddfc1a51edc3772a13aa064c83df984c152729075714847

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.tumen.kp.ru/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:29 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 10038
last-modified: Fri, 17 Jun 2022 13:53:09 GMT
server: nginx/1.17.9
etag: "b3fb60d15c0a59a3cf542d7daeab0766"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 08 Jul 2052 07:48:17 GMT

POST
H2 200 hb Show response
ads.adfox.ru/ 218 B
201 B 265ms
87ms XHR
application/json 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adfox.ru/hb

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

bd3a0d307866f965fb48e4b622e42aded0b94ec21de3759c1c284d62b92fd1c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
content-type: application/json
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

POST
H2

200

adfox Show response
exchange.buzzoola.com/ssp/
Redirect Chain

https://exchange.buzzoola.com/ssp/adfox
https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t

11 B
507 B

38ms
38ms

XHR
text/plain

159.69.141.123
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H2
Server: 159.69.141.123 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.123.141.69.159.clients.your-server.de
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:29 GMT
server: nginx
serverid: TODO
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.tumen.kp.ru
access-control-expose-headers: Set-Cookie, Etag
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, If-None-Match
content-length: 11

Redirect headers

date: Sat, 09 Jul 2022 01:12:29 GMT
server: nginx
access-control-allow-origin: https://www.tumen.kp.ru
etag: W/"6283ae2f59eefd8f88b7aed376c289ea4827a3d11411b5f2d775cfb75e6bf68d"
serverid: TODO
location: /ssp/adfox?set_buzzoola_cookie=t
access-control-expose-headers: Set-Cookie, Etag
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, If-None-Match
content-length: 0

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 119 KB
39 KB 127ms
44ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c40168707694e0bb9241c2f9f4ef86dfa65513f547b6a37c151babf07fcd7d53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:29 GMT
content-encoding: gzip
last-modified: Wed, 29 Jun 2022 06:23:35 GMT
server: nginx
etag: W/"62bbefe7-1dc0d"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 10 Jul 2022 01:12:29 GMT

POST
H2 204 bids Show response
adfox-c2s-ams.creativecdn.com/bidder/adfox/ 0
209 B 90ms
27ms XHR
application/json 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tumen.kp.ru
date: Sat, 09 Jul 2022 01:12:29 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST
content-type: application/json;charset=utf-8

POST
H/1.1 204
No Content bid.cgi Show response
pb.adriver.ru/cgi-bin/ 0
303 B 195ms
62ms XHR
text/plain 195.209.111.20
ADRIVER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pb.adriver.ru/cgi-bin/bid.cgi
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.209.111.20 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.tumen.kp.ru
Pragma: no-cache
Date: Sat, 09 Jul 2022 01:12:29 GMT
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK / Show response
ad.mail.ru/hbid_yandex/ 11 B
338 B 259ms
79ms XHR
application/json 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/hbid_yandex/
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 09 Jul 2022 01:12:29 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://www.tumen.kp.ru
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

POST
H2 200 adjson Show response
ads.betweendigital.com/ 11 B
920 B 144ms
30ms XHR
application/json 188.42.191.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=adfox
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H2 204 bids Show response
adfox-c2s-ams.creativecdn.com/bidder/adfox/ 0
209 B 88ms
27ms XHR
application/json 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tumen.kp.ru
date: Sat, 09 Jul 2022 01:12:29 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST
content-type: application/json;charset=utf-8

POST
H/1.1 204
No Content bid.cgi Show response
pb.adriver.ru/cgi-bin/ 0
303 B 194ms
63ms XHR
text/plain 195.209.111.20
ADRIVER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pb.adriver.ru/cgi-bin/bid.cgi
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.209.111.20 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.tumen.kp.ru
Pragma: no-cache
Date: Sat, 09 Jul 2022 01:12:29 GMT
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK / Show response
ad.mail.ru/hbid_yandex/ 11 B
338 B 253ms
75ms XHR
application/json 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/hbid_yandex/
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 09 Jul 2022 01:12:29 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://www.tumen.kp.ru
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

POST
H2 200 adjson Show response
ads.betweendigital.com/ 11 B
920 B 141ms
30ms XHR
application/json 188.42.191.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=adfox
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H2

200

adfox Show response
exchange.buzzoola.com/ssp/
Redirect Chain

https://exchange.buzzoola.com/ssp/adfox
https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t

11 B
507 B

41ms
41ms

XHR
text/plain

159.69.141.123
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H2
Server: 159.69.141.123 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.123.141.69.159.clients.your-server.de
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:29 GMT
server: nginx
serverid: TODO
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.tumen.kp.ru
access-control-expose-headers: Set-Cookie, Etag
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, If-None-Match
content-length: 11

Redirect headers

date: Sat, 09 Jul 2022 01:12:29 GMT
server: nginx
access-control-allow-origin: https://www.tumen.kp.ru
etag: W/"a8159c409dae054f5eae9759af9023235481bd09e587497231e971318374c634"
serverid: TODO
location: /ssp/adfox?set_buzzoola_cookie=t
access-control-expose-headers: Set-Cookie, Etag
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, If-None-Match
content-length: 0

POST
H2 200 pl999 Show response
ssp.bidvol.com/rtb/ 11 B
485 B 209ms
97ms XHR
application/json 65.108.1.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.bidvol.com/rtb/pl999
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 65.108.1.48 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.48.1.108.65.clients.your-server.de
Software: nginx/1.14.0 /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:29 GMT
server: nginx/1.14.0
surrogate-control: no-store
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
content-length: 11
x-request-id: 413591bb-28e7-498e-8774-4ecf554c3a84
expires: 0

POST
H2 200 hb Show response
ads.adfox.ru/ 217 B
200 B 255ms
84ms XHR
application/json 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adfox.ru/hb

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

90b12d79ff3260c947201070508505487f9dde7b4d15341f65bfb69443778a63

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
content-type: application/json
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

POST
H2 200 hb Show response
ads.adfox.ru/ 220 B
531 B 250ms
79ms XHR
application/json 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adfox.ru/hb

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

8555e509d3feb7658cb064c8268e7aff6d55a58471e88c4523cf9efbe922879e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
content-type: application/json
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

POST
H2 204 bids Show response
adfox-c2s-ams.creativecdn.com/bidder/adfox/ 0
209 B 86ms
28ms XHR
application/json 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tumen.kp.ru
date: Sat, 09 Jul 2022 01:12:29 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST
content-type: application/json;charset=utf-8

POST
H/1.1 204
No Content bid.cgi Show response
pb.adriver.ru/cgi-bin/ 0
303 B 191ms
62ms XHR
text/plain 195.209.111.20
ADRIVER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pb.adriver.ru/cgi-bin/bid.cgi
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.209.111.20 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.tumen.kp.ru
Pragma: no-cache
Date: Sat, 09 Jul 2022 01:12:29 GMT
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK / Show response
ad.mail.ru/hbid_yandex/ 11 B
338 B 251ms
75ms XHR
application/json 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/hbid_yandex/
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 09 Jul 2022 01:12:29 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://www.tumen.kp.ru
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

POST
H2 200 adjson Show response
ads.betweendigital.com/ 11 B
920 B 138ms
29ms XHR
application/json 188.42.191.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=adfox
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/232598/getBulk/ 14 KB
8 KB 295ms
294ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/232598/getBulk/v2?dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3F&date=2022-07-09T01%3A12%3A29.713%2B00%3A00&pd=9&pdh=1200&pdw=1600&pr1=3278087852&pr=1213804335&prr=&pv=1&pw=6&extid_loader=&extid_tag_loader=www.tumen.kp.ru&ylv=0.612099&ybv=0.612099&ytt=423863344300037&is-turbo=0&skip-token=&ad-session-id=9907131657329149716&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A160%2C%22h%22%3A0%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22isBlackTheme%22%3Afalse%2C%22left%22%3A1410%2C%22top%22%3A389%2C%22fontFamily%22%3A%22ys%22%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=612099&available-width=160&yaru=true&pp=g&p2=gftf&ps=bxyd&puid1=adv-1657329149666-335&puid2=&puid3=&puid5=&slotNumber=2&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=612520%2C0%2C39%3B586085%2C0%2C8%3B597485%2C0%2C9%3B590118%2C0%2C23%3B598478%2C0%2C18%3B605344%2C0%2C41%3B610322%2C0%2C21%3B610874%2C0%2C85%3B612099%2C0%2C12&pcode-flags-map=eJyVWNtu3DYQ%2FZVin4OCulCXvFESVyIskSpJ7XpTBIO09ZsRFI1TFAjy7x1K2rWktbm2HwysoHM4nOsZ%2Fdhp3nNm4dCxHjT%2FbeDGAttbrkFIrdp29%2FH3H7t%2Fvzx%2Bf9h93Fk98N2H3dPDtyfxF%2F6maRoHye7n5w%2B7AzMgOBirelC2QbxtmIRuaK24zZOlNLzmeTdY1FJpDp0whldQMcugZ5p1BvZKw0FUXOG1oFRdoVacD%2F%2F9vaLMSUzpxR42WFVzyTWzSNuz8s40ykI14AOh5IopWvPEhOQXHi5Z0XKQ%2FLgg4Qathk5VfMWjZHsC3vKOS2ugbEV558CvsM%2FMHbuHhou6sXhHafC%2BWsj63ZenURCOtKxt1XEKQ4%2F0I8fkS1uzGxwxocuYTOd3TNdC%2BpAJiYMo2rps6KvR951yDgfLRItGTL7zJkdCkmwRAc07deBQNkwbbmGvVQetkHd%2BjiCISbo1aS%2FuAX9asBpj6dxsLNN29E5v%2BFCp%2Bc6lxgITB25uHULp1b1L1veOujhBpY7yLaYmWehjQZdpdGQhrMvm95Dh9RzZgWuzTXpnfErX2DAmwdaQgzCiEK2wJ%2BhbdirQcVgJg0HjblgS0vCqjoTENmV4OaaEKgzXB9d2XDgWJ72VeJCYUwwrZowg6%2Fol8Omf7w8LWBxmUU4mmMFmZVy33GK2mb0AsQoM589Gr2Ffv%2Fzx%2BLBCRkmYTwnosq7Ds%2BYql9Z%2FZEyjfIpCqQaJuargvtFeSJZmYTxCTkxW%2FB70gLnXMX%2FZUpKG0dzBV50G9kPbGqwB7scHURiRyxULre7QP3g9qLWo%2FMiUZsmLBkMljNWi8MLDgCTTfT9xGY7mwlFUtgHRsZp7sXEQZ%2BQZi8eNiVko7fJIs0oM5pc3MpyYs3syGFh7ZCfjR0bpHNpq70a36bHjc7Ci42qwK2hICFljYxJNd%2B5LHDzjsMA54z%2BPIs2cvXuFXuauXM7nAb%2F3ZiIemabhNVzsAf8fXXu5lSGvMJwNOLB2WEUrIi%2Bjz01xzE4hewwyMN35z06CPJrPxnq1wowCaa%2Bup8cWSglqiRHacqbdpHfTkGnBNg4Pt7A5vJt60vzIML2qtxYWMp1j7YYedBxV0SVduNbY7Vq16r90hc9IPMW910Jp17txjhwEP%2FZK%2B1MmSZO54bnXQeLwLjnKu672wtIQcSPMmB6HV9lwZyH0XJebLA3IKsgpDfJ4kSLknuC8wmagjBXeM7OAzmdWKLrsON7Rx0eNoxNDPbfbd4ioDHv2FD8cJ%2BV8gU0%2F2UwVmmU4jSYj5k5S4bAuUcwZb8%2BmeZBmix4mUDAyDCwq%2BdJ5zPgOzSMaBCvs2PcMNkHbuMLqWVXhgPaTxHROknHOuDF86jlEfqtx1tBFtDpdvjK3r4%2FL0%2BRVJKAcGAXzjdPPHNoWi2ICUzIn71hp1crrwa%2FBCp9GWXTBvxs0iuqCSdwqAKXHXmC2jYIGOfxDJ8%2FCNF1cfiaZchMHPPbEi7jCxm7dArWVGFvNHcbRlHhNsZEjNM%2FDnKxejkicjS%2FXmhXhDTEfp%2BT5XTDi0%2BpyNAiJ7%2F0XpllAX0FM3pgbOqYAbrboBtelhXRZcdHpWNo3jKZ0ygzUATW3Y7UL6VY%2FjQ3M%2FcTmeWNeJiSNQ%2FJSA98LbdzqwTonYWGawOpwDqGfNEeZtDSNFUa1A%2FYr07nlw1X7jVjjMjPvV4ucxy7nOlS9FeJX4DDIp5JtbNfSqcwMzpRKMLAcV4QbeJQ78fOer6BByYaF0zIHRmFv9RsEO7kwjAqg1i7c6ABUbi%2FMiBc%2BGCQke97uEY4i3sAJlzlc1EowunwP%2Fjwj3PI9dr8V%2BPvXbw9P6%2FpN4wXa7Q%2Fug8D8HQATwojOLdtmwM1gowFL224%2BUwRBdqHqccqN6xQHV%2FOAeuPyANckJas1Wz7%2BbXpLnL5OOCmnym%2FSM8M67cX4PQJMw3CTRT619tOfT4%2FrTKdRPGWK847me5QsjctRUXpxAYnCcJ5EWPm6c2pFc3le7HrNC%2F9CgRRZulDH2%2F0MU5Cs3TY%2F%2Bfn55%2F%2BkFZzb&use-server-side-rendering=1&pcode-icookie=JPys%2B5rHIq%2BVYOSZpzg%2BMVHSc2DsCsXbTWltzyl%2Bl6ELGaOHg6a0Uaklq4o1HvDzI6FCIBTO81x%2F0ZD%2B1UU3ge690V4%3D&top-ancestor=https%3A%2F%2Fwww.tumen.kp.ru&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxNDh9ChqjpqjkJu6BYKCO8DD3bz8cGs9jHE5mc8yh7XASjuGaP5OZ5txDYsPfzof2cbbn2GYcOxQb3tBsS_vNcilALwX0BtpWBVWRVCqVv0v4-G14Ll-JCBKEFCkNKqiKag6hhcpQHyrlJrkxjHIIUQ4zVIe6UDWgfSDkplC7SJHkBTeEmjBu2LHmkHxALucqOVWoywubNH-qMM4Lk26RVIZkiyxlBlIOoS9o9aJZsAVQI4d1HuIFuBCKnPY8ki18oV6KufYMKlCF0dCBbfOyxMqfwbb6GQUrgy0QUiyHcPJyORCJFgFVBggtjCyFJB-7mRkpLx87p4WLl8_MZkbKyYvbus0n1GzgY-Y0WzKThZkTTFEuTnpuJGwMZjZGJtHMzchk5mQygykagkAUGwlEJVcaC-cQkHKqvGghLICLdsH0A90cKuQ0hyUKtQuoLlQPXPHSg0YOMy_gWrlxUcRDgeX26KIFHMRlH-0yPJbDC6NBR370A8F4IQl5uVUM6mVuvNCKRIZT1XC8SBgHkmG8KNVn9dJy6SEHwkLTtHDqDuf2XmRYOHxFS0s4i2Lop1-QlCLDtKhZeeZTNk0WCs1y8kVBLSLZM8UQW8D8ZepAa8ruRFMo3_YhkOVhWU01nTg7i8LCokLSJMXCiQARIxIueh9hQQ-hiBBVvQpZ9S5y0uUxPAh1_iNn5ELAy8fFhlgSHDmd2czIlLmRWujpwRSl57Yzc-DkZ6G3W8HKnMxIETOiEOUNAfnKhskn1MhIcm7xw2FjRcTGwMpvF8wcaC2oOfOixcZFB5IgQrs1swDZggUlguWPYrtLtnwp-YQszuEAxFLPSDB42OjZQWW3LDyQXubwtq8vby9BALdkOf2Kpl4dMhF6VbHqBB0todDITQ55hSJdmbFDvqGGBjnsoBacdQNYb4U4YzTFZFU0UcQhDIBe6utC0pBMTuWI_5Qm-o27zpgObfzvI3_lYOyAYxoHPYOUorYjOOJHbMPprnLAcOgPtjSPPROejI7IGIpLbHFWlev6DNNgd3_vkDsYC5d2-JfTOmrHOrqNIc6oC5jApdwzjpuZmKoD737QLIXHeYw_ig7IumjwJsIp14nqTtIL0kNN9FdP5SDPJzq0L9D9hFM5Igzdnuvozt2Y_4Q1D7_OkhrivP6lImmodtCaSXKTfRk7BW90VHLQ_h43PeeoDkE-i5yRAcTqs_6UdJLej9rnVzvdCCOHPIMwB_3Xcjq8XBqCGnESsk1zVpRzOqE45B3yVgvZGNTgy_m2-c9ADd4hRTUva2Oeqb6WsSOSo9yuK9a2eNw_gGT4Oo9C0pfOz0nxizPDR4MMMcdyDNg51oUAEWCEgfuhzCDAbUUisAziAoUHJE6Ez73AriOWE3YBCe5ttowCPSrQGP6fJK0vPnoGC5M7vPyZh5EVLb0HSoPIPAwBYo9HgkEgc4HEhgoJ6sfcWHY-iIafm5sbicWSnN_P0ebJ2spzum4yksg4JqZHfk4QIOVCxoHcLpA50DGhQ8AjymvjB4YJtsC9TbQx0zMI0LPasWUWzFyY0KMqJxYYXlhTAw8Pk4UQ4ztxB1bmZqYDg5ld1Dv5i10H7pwD_F2iaQvPGedQ1kAFNgSE3SpotTrj3WdKx1gn_9pdiPcW3bkD_LigGfsVSz1xzGe31syp2TCvPROVDnnGjBYlRkx2GzZnbAfU3ceGWePTn8xJp6FuUe9NllN_UYb8EjaJ5VhdCcHBHXIly79qOEVFoSc6kRmKI7MCFb4ZaMhlUahCrbM0aVjYrT6oIgALhyBCs92W2enB4MBi9kQ-diuvFKRcwS2eiGszM9CZmViW_iwMPKAwon096ftl5C-vn5FzCLiFKNlcyQXIXlYH3E-Q-SHO1IP1PMVQI5LlcIfX3OE4v56j32TNoJph8aumbHbWCee0tWd7L8qqE1k8_3LqILfRsJwqbpNuRBdODbMQN1ozMjPR4bQtUXBhREEPn839wAlJwFtNtmY2jGixoEQjKkkCrMgtgogRLVds6NFhQPTwO2_k7kNGh3HkynuNsc9NM2_r0_5FOpusHG6bhKdILFwklwE0xC5ZFNVx25YaDwI6VOhEeb_FfcCtOrS4tG_dECbEjIjY05cljLj6jplOuWXd_VHNW9EGrVPM8Lm3bUcS_yKW01Kn_9OIB46lZT5_PcGpOg530z-cvwW3jOc_6Ja442Q8Dsw_i5Ryall1Et9jbJmLByPo9KAvtfTL95dOQmO-W14RUUNjv6g3q6UMHyKrhx0jaKChQSR-9Ug__HxzWX-iqc1jClZ_m_8b0YlXVk0U3oVDv_Deoc5-FKweB0QOT04zPrNJ0jC_Zckp78k7ummI8Q8jIrpQuTEgRI4Q9e3q5hjCq3cZNrlH-inj1fv0hJXP27BXXdX5L664XaJO96H28T2GkRz28J_l1MOlnHKKb6iimS7PgKjpslUsonAqd6LzqQfAr-oJiaaufdr3QdMh8gOQopXXQzgbm1K-aEolHm0rnzoaYor4f7ZUr59iN1a2eUo7c9w0VKSK-hPir-lUmOJkEbBYnzswT6lHE7XixzdqKYTrF-oyv2CT0iipjeLHvoeuGh8IjXxBRUGZ2GN6rNBPbUyIhVumANmTnEpk4itJr1xzujWvKFgPqAv6UTQqDfptbeW_8OiIVXfqynzeNBX1tK4dVdQuSz6elSpfzW14dusIXj_WnCK6qtwxGf6XjesCIXbhuNfpPfs4NxBbb_kQoG5FoqqPxcOg5nrZqeu7eVXSR6oDb64f9MCUVwuKG2rn7TCYupe6UtbBquwkvy8zpCJpraX615y2XhQAPQESFniB_23XBYOoT8FF1ftQR5kJf1Rppe7Wzm-dYD-zm7KDc_IH7fLT1aXsSIE1iKh6n3ZqIzk2sPL_6JA_bbdtr-Q_ZSyHOWMY6QNdYFefrNY1wh6PK3a9Qy6G9r5X3lR_fdLs7ZRDDPn7FIilZz4VZhmD00UwpFMuVNHI-wAawh9PK4BS9G4ot4pmEv_RS1rjdKTmbD6mpElFzDoUANd16MD7SUbxcrcnrIpcsn-QAnoKXvOXaUqzWMFFP40F4jC8OrkN0j8eG4lVGbr58L-a-9J71nF3IgWZStAmuzYp3ANlfNO-SeT67yYNXZf-JHG7NNJXzp6_17UucFc9gWqk_93AgBfJgMidX2xjcKof-PmIU_utSFc9mx59fKQQZ-z2p8A2d91QkL7qVj_PYi91gLo74z3ucSpGiG26QvV_ep0cXh8T0rsATW7J64-yMAP3sL-pyjtYkVUtoe4_-503NKXl0bTVpnuIu6rssbBsu65ROQ0Ab0qI9YfaL5F2vLhwMek8oI0NsPtNqltT0tkh-0eysK2VKOI2s7f-aeyHTd9SxoG4rPYgmzC7kBc667wH0dj5_8bfnzStILkFYyK-JDW3UHQPt_9FgbeVNsrGvn94XcDaNtAnx6XqD9Dr-UsjMDBJJhQRvNr457zAbJUpbv7DPCh4eDDJfnfcy25L3we-d5p9u_hqCV1ra1JXjpr6cqoz9bb-q_VMY7HDJVI22v1XDYwbcQ9xxesfXps1pA-wdad0_VgniGtvAbeZMYG2d9OorL3gRS8byEvLGwe6StxDTncjvVFLSNalS6B7MmqmVEyZvxdCm2BA4zwq8py4xnpLsK7aEscYI2Sdrcr8WEvrqnRzPWn-NW97MBF4A5hIn6Uk3UgkCwzPDF3nl4_avx-EURtPE5KjQx8QDrTWcHuEvdoif3NaRbSAq1tueQby_pzPoD6n6vI18B7IekA1ik1sEM8p-VsQJTk5ZYnsw7lTHkIEroVhn5SmstkPG8k1JQT7jXiHwD3vgawlizc2bqnYe_Nvt_MIq821u9zXmIJDvFD4odDf4SpdlAOuiZoObPFSFp5u4ndlVi8xFzlsXYA2-JyyB1nLlzj2Aj4St0eKTxyi96jnO7hH_1FNSjXOKA8Q-rtSlW95jjY6Rlteqp5Q1bdblUk0NocAG5eepXQ2e_jxe2GmaF_1ZWUoPmNMkg0R6axV_w6P0yke7jHj0dH1r4vyASG_4TIG3ScU8oeyuFyMvb0LTalZNASvfBterHxovUK3-TOumjqXnO7wqbFPak7nlW4VDXFMz2nqFaLPpOgtJe19RzfFr7i9pEpGMFm-nDZ5K2Trtal7KNeUdOIAQI2vdwfgQ92OwCkQaOpDBYOGrmoileyz4PO9X1tPQuBoU55J5YwUePnYbR45cS-0WHDCR4aNwY5z0XJzm7fFVn6ZzLFNSuUkASeOzIGZAyUr5iTuKWOzK0LI4CNnY8V0-QWltE6QKAqb2Zg5JbjEnjkxczCgYJNSRA9CwNgHLGgKZA4kQEeNCd1ZoQoebCuR5qw-nN-yukz2F79akdu0uw6b4u5ihD7bq3wjkPmUuIytrWi4fR1UdV5IWqOv9ghw4tEuU1z5coUQtTQ-6gEVSVNrUBOCH7nfMMmGd5rg4lR23viSlizqqKMqUekHS7208Bh-NJKA51iigYCRieNIBLLY78TzI5jp_SnndSz3h4Wk7RSR3FILD8T6QLWh7aoyJCG7kzDcsknwo72uWPLFLVOpDzheWj3j1yT2tL9VaAkTa1SFHQcKnUqm6Iln7_lA9SFa__bWgNm6W3hessQ75TyOZ2JWpa_f-jfKxnxJ43ARTfu8VdD-2XjOJMxxSn8q13z8OEflnjZempKWQHqzA5ex1lEVu2HB9XRbRFJPQjyWOezE2A-9TijP-4Xb28i3CnoVSHgjeEjqpnQnEO2f8ofEEW7QyUTAqfy5OnvukVC_HVELcdPeX_rVqNEl9XsV1fcUoni81CZ_dm3nQj1h1McLaedpZKDSLxp2JPn1V55mcRdjX3x1y0-UgPtXH9xOFehXRvVIODH-Zd14lgp7mGehbdvGv2-Tv9JhXulMkuStFN4AgUeSGZLnD8qkX3_uNqCqGwOUhCi5obZFTRJIru1e_ewcGb7WeZhurZG1QOk8GGXLMZf-4-Y4bjx0rvLibb7dq7RVIvt9l_UfCkCrdxe31J7kLoKbqaNMmFaTXHyy90lLI9Cu5WoF&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

c228b1ce1fedbe299baefd380e91dad1bf0d71ce972557460a1b0fcebeefb53a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1657329149776601-3194579784778186921-sas2-0259-2ea-sas-l7-balancer-8080-BAL-9062
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 09 Jul 2022 01:12:29 GMT
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 09 Jul 2022 01:12:29 GMT

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/232598/getBulk/ 3 KB
2 KB 192ms
191ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/232598/getBulk/v2?dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&date=2022-07-09T01%3A12%3A29.746%2B00%3A00&pd=9&pdh=1200&pdw=1600&pr1=2892068992&pr=1213804335&prr=&pv=1&pw=6&extid_loader=&extid_tag_loader=www.tumen.kp.ru&ylv=0.612099&ybv=0.612099&ytt=423863344300037&is-turbo=0&skip-token=&ad-session-id=9907131657329149716&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A300%2C%22h%22%3A400%2C%22width%22%3A300%2C%22height%22%3A400%2C%22visible%22%3A0%2C%22isBlackTheme%22%3Afalse%2C%22left%22%3A1100%2C%22top%22%3A1655%2C%22fontFamily%22%3A%22ys%22%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=612099&available-width=300&available-height=400&yaru=true&pp=g&p2=fqyp&ps=bxyd&puid1=adv-1657329149673-853&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&puid3=top%3Aregion&puid5=&slotNumber=5&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=612520%2C0%2C39%3B586085%2C0%2C8%3B597485%2C0%2C9%3B590118%2C0%2C23%3B598478%2C0%2C18%3B605344%2C0%2C41%3B610322%2C0%2C21%3B610874%2C0%2C85%3B612099%2C0%2C12&pcode-flags-map=eJyVWNtu3DYQ%2FZVin4OCulCXvFESVyIskSpJ7XpTBIO09ZsRFI1TFAjy7x1K2rWktbm2HwysoHM4nOsZ%2Fdhp3nNm4dCxHjT%2FbeDGAttbrkFIrdp29%2FH3H7t%2Fvzx%2Bf9h93Fk98N2H3dPDtyfxF%2F6maRoHye7n5w%2B7AzMgOBirelC2QbxtmIRuaK24zZOlNLzmeTdY1FJpDp0whldQMcugZ5p1BvZKw0FUXOG1oFRdoVacD%2F%2F9vaLMSUzpxR42WFVzyTWzSNuz8s40ykI14AOh5IopWvPEhOQXHi5Z0XKQ%2FLgg4Qathk5VfMWjZHsC3vKOS2ugbEV558CvsM%2FMHbuHhou6sXhHafC%2BWsj63ZenURCOtKxt1XEKQ4%2F0I8fkS1uzGxwxocuYTOd3TNdC%2BpAJiYMo2rps6KvR951yDgfLRItGTL7zJkdCkmwRAc07deBQNkwbbmGvVQetkHd%2BjiCISbo1aS%2FuAX9asBpj6dxsLNN29E5v%2BFCp%2Bc6lxgITB25uHULp1b1L1veOujhBpY7yLaYmWehjQZdpdGQhrMvm95Dh9RzZgWuzTXpnfErX2DAmwdaQgzCiEK2wJ%2BhbdirQcVgJg0HjblgS0vCqjoTENmV4OaaEKgzXB9d2XDgWJ72VeJCYUwwrZowg6%2Fol8Omf7w8LWBxmUU4mmMFmZVy33GK2mb0AsQoM589Gr2Ffv%2Fzx%2BLBCRkmYTwnosq7Ds%2BYql9Z%2FZEyjfIpCqQaJuargvtFeSJZmYTxCTkxW%2FB70gLnXMX%2FZUpKG0dzBV50G9kPbGqwB7scHURiRyxULre7QP3g9qLWo%2FMiUZsmLBkMljNWi8MLDgCTTfT9xGY7mwlFUtgHRsZp7sXEQZ%2BQZi8eNiVko7fJIs0oM5pc3MpyYs3syGFh7ZCfjR0bpHNpq70a36bHjc7Ci42qwK2hICFljYxJNd%2B5LHDzjsMA54z%2BPIs2cvXuFXuauXM7nAb%2F3ZiIemabhNVzsAf8fXXu5lSGvMJwNOLB2WEUrIi%2Bjz01xzE4hewwyMN35z06CPJrPxnq1wowCaa%2Bup8cWSglqiRHacqbdpHfTkGnBNg4Pt7A5vJt60vzIML2qtxYWMp1j7YYedBxV0SVduNbY7Vq16r90hc9IPMW910Jp17txjhwEP%2FZK%2B1MmSZO54bnXQeLwLjnKu672wtIQcSPMmB6HV9lwZyH0XJebLA3IKsgpDfJ4kSLknuC8wmagjBXeM7OAzmdWKLrsON7Rx0eNoxNDPbfbd4ioDHv2FD8cJ%2BV8gU0%2F2UwVmmU4jSYj5k5S4bAuUcwZb8%2BmeZBmix4mUDAyDCwq%2BdJ5zPgOzSMaBCvs2PcMNkHbuMLqWVXhgPaTxHROknHOuDF86jlEfqtx1tBFtDpdvjK3r4%2FL0%2BRVJKAcGAXzjdPPHNoWi2ICUzIn71hp1crrwa%2FBCp9GWXTBvxs0iuqCSdwqAKXHXmC2jYIGOfxDJ8%2FCNF1cfiaZchMHPPbEi7jCxm7dArWVGFvNHcbRlHhNsZEjNM%2FDnKxejkicjS%2FXmhXhDTEfp%2BT5XTDi0%2BpyNAiJ7%2F0XpllAX0FM3pgbOqYAbrboBtelhXRZcdHpWNo3jKZ0ygzUATW3Y7UL6VY%2FjQ3M%2FcTmeWNeJiSNQ%2FJSA98LbdzqwTonYWGawOpwDqGfNEeZtDSNFUa1A%2FYr07nlw1X7jVjjMjPvV4ucxy7nOlS9FeJX4DDIp5JtbNfSqcwMzpRKMLAcV4QbeJQ78fOer6BByYaF0zIHRmFv9RsEO7kwjAqg1i7c6ABUbi%2FMiBc%2BGCQke97uEY4i3sAJlzlc1EowunwP%2Fjwj3PI9dr8V%2BPvXbw9P6%2FpN4wXa7Q%2Fug8D8HQATwojOLdtmwM1gowFL224%2BUwRBdqHqccqN6xQHV%2FOAeuPyANckJas1Wz7%2BbXpLnL5OOCmnym%2FSM8M67cX4PQJMw3CTRT619tOfT4%2FrTKdRPGWK847me5QsjctRUXpxAYnCcJ5EWPm6c2pFc3le7HrNC%2F9CgRRZulDH2%2F0MU5Cs3TY%2F%2Bfn55%2F%2BkFZzb&use-server-side-rendering=1&pcode-icookie=JPys%2B5rHIq%2BVYOSZpzg%2BMVHSc2DsCsXbTWltzyl%2Bl6ELGaOHg6a0Uaklq4o1HvDzI6FCIBTO81x%2F0ZD%2B1UU3ge690V4%3D&top-ancestor=https%3A%2F%2Fwww.tumen.kp.ru&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxNDh9ChqjpqjkJu6BYKCO8DD3bz8cGs9jHE5mc8yh7XASjuGaP5OZ5txDYsPfzof2cbbn2GYcOxQb3tBsS_vNcilALwX0BtpWBVWRVCqVv0v4-G14Ll-JCBKEFCkNKqiKag6hhcpQHyrlJrkxjHIIUQ4zVIe6UDWgfSDkplC7SJHkBTeEmjBu2LHmkHxALucqOVWoywubNH-qMM4Lk26RVIZkiyxlBlIOoS9o9aJZsAVQI4d1HuIFuBCKnPY8ki18oV6KufYMKlCF0dCBbfOyxMqfwbb6GQUrgy0QUiyHcPJyORCJFgFVBggtjCyFJB-7mRkpLx87p4WLl8_MZkbKyYvbus0n1GzgY-Y0WzKThZkTTFEuTnpuJGwMZjZGJtHMzchk5mQygykagkAUGwlEJVcaC-cQkHKqvGghLICLdsH0A90cKuQ0hyUKtQuoLlQPXPHSg0YOMy_gWrlxUcRDgeX26KIFHMRlH-0yPJbDC6NBR370A8F4IQl5uVUM6mVuvNCKRIZT1XC8SBgHkmG8KNVn9dJy6SEHwkLTtHDqDuf2XmRYOHxFS0s4i2Lop1-QlCLDtKhZeeZTNk0WCs1y8kVBLSLZM8UQW8D8ZepAa8ruRFMo3_YhkOVhWU01nTg7i8LCokLSJMXCiQARIxIueh9hQQ-hiBBVvQpZ9S5y0uUxPAh1_iNn5ELAy8fFhlgSHDmd2czIlLmRWujpwRSl57Yzc-DkZ6G3W8HKnMxIETOiEOUNAfnKhskn1MhIcm7xw2FjRcTGwMpvF8wcaC2oOfOixcZFB5IgQrs1swDZggUlguWPYrtLtnwp-YQszuEAxFLPSDB42OjZQWW3LDyQXubwtq8vby9BALdkOf2Kpl4dMhF6VbHqBB0todDITQ55hSJdmbFDvqGGBjnsoBacdQNYb4U4YzTFZFU0UcQhDIBe6utC0pBMTuWI_5Qm-o27zpgObfzvI3_lYOyAYxoHPYOUorYjOOJHbMPprnLAcOgPtjSPPROejI7IGIpLbHFWlev6DNNgd3_vkDsYC5d2-JfTOmrHOrqNIc6oC5jApdwzjpuZmKoD737QLIXHeYw_ig7IumjwJsIp14nqTtIL0kNN9FdP5SDPJzq0L9D9hFM5Igzdnuvozt2Y_4Q1D7_OkhrivP6lImmodtCaSXKTfRk7BW90VHLQ_h43PeeoDkE-i5yRAcTqs_6UdJLej9rnVzvdCCOHPIMwB_3Xcjq8XBqCGnESsk1zVpRzOqE45B3yVgvZGNTgy_m2-c9ADd4hRTUva2Oeqb6WsSOSo9yuK9a2eNw_gGT4Oo9C0pfOz0nxizPDR4MMMcdyDNg51oUAEWCEgfuhzCDAbUUisAziAoUHJE6Ez73AriOWE3YBCe5ttowCPSrQGP6fJK0vPnoGC5M7vPyZh5EVLb0HSoPIPAwBYo9HgkEgc4HEhgoJ6sfcWHY-iIafm5sbicWSnN_P0ebJ2spzum4yksg4JqZHfk4QIOVCxoHcLpA50DGhQ8AjymvjB4YJtsC9TbQx0zMI0LPasWUWzFyY0KMqJxYYXlhTAw8Pk4UQ4ztxB1bmZqYDg5ld1Dv5i10H7pwD_F2iaQvPGedQ1kAFNgSE3SpotTrj3WdKx1gn_9pdiPcW3bkD_LigGfsVSz1xzGe31syp2TCvPROVDnnGjBYlRkx2GzZnbAfU3ceGWePTn8xJp6FuUe9NllN_UYb8EjaJ5VhdCcHBHXIly79qOEVFoSc6kRmKI7MCFb4ZaMhlUahCrbM0aVjYrT6oIgALhyBCs92W2enB4MBi9kQ-diuvFKRcwS2eiGszM9CZmViW_iwMPKAwon096ftl5C-vn5FzCLiFKNlcyQXIXlYH3E-Q-SHO1IP1PMVQI5LlcIfX3OE4v56j32TNoJph8aumbHbWCee0tWd7L8qqE1k8_3LqILfRsJwqbpNuRBdODbMQN1ozMjPR4bQtUXBhREEPn839wAlJwFtNtmY2jGixoEQjKkkCrMgtgogRLVds6NFhQPTwO2_k7kNGh3HkynuNsc9NM2_r0_5FOpusHG6bhKdILFwklwE0xC5ZFNVx25YaDwI6VOhEeb_FfcCtOrS4tG_dECbEjIjY05cljLj6jplOuWXd_VHNW9EGrVPM8Lm3bUcS_yKW01Kn_9OIB46lZT5_PcGpOg530z-cvwW3jOc_6Ja442Q8Dsw_i5Ryall1Et9jbJmLByPo9KAvtfTL95dOQmO-W14RUUNjv6g3q6UMHyKrhx0jaKChQSR-9Ug__HxzWX-iqc1jClZ_m_8b0YlXVk0U3oVDv_Deoc5-FKweB0QOT04zPrNJ0jC_Zckp78k7ummI8Q8jIrpQuTEgRI4Q9e3q5hjCq3cZNrlH-inj1fv0hJXP27BXXdX5L664XaJO96H28T2GkRz28J_l1MOlnHKKb6iimS7PgKjpslUsonAqd6LzqQfAr-oJiaaufdr3QdMh8gOQopXXQzgbm1K-aEolHm0rnzoaYor4f7ZUr59iN1a2eUo7c9w0VKSK-hPir-lUmOJkEbBYnzswT6lHE7XixzdqKYTrF-oyv2CT0iipjeLHvoeuGh8IjXxBRUGZ2GN6rNBPbUyIhVumANmTnEpk4itJr1xzujWvKFgPqAv6UTQqDfptbeW_8OiIVXfqynzeNBX1tK4dVdQuSz6elSpfzW14dusIXj_WnCK6qtwxGf6XjesCIXbhuNfpPfs4NxBbb_kQoG5FoqqPxcOg5nrZqeu7eVXSR6oDb64f9MCUVwuKG2rn7TCYupe6UtbBquwkvy8zpCJpraX615y2XhQAPQESFniB_23XBYOoT8FF1ftQR5kJf1Rppe7Wzm-dYD-zm7KDc_IH7fLT1aXsSIE1iKh6n3ZqIzk2sPL_6JA_bbdtr-Q_ZSyHOWMY6QNdYFefrNY1wh6PK3a9Qy6G9r5X3lR_fdLs7ZRDDPn7FIilZz4VZhmD00UwpFMuVNHI-wAawh9PK4BS9G4ot4pmEv_RS1rjdKTmbD6mpElFzDoUANd16MD7SUbxcrcnrIpcsn-QAnoKXvOXaUqzWMFFP40F4jC8OrkN0j8eG4lVGbr58L-a-9J71nF3IgWZStAmuzYp3ANlfNO-SeT67yYNXZf-JHG7NNJXzp6_17UucFc9gWqk_93AgBfJgMidX2xjcKof-PmIU_utSFc9mx59fKQQZ-z2p8A2d91QkL7qVj_PYi91gLo74z3ucSpGiG26QvV_ep0cXh8T0rsATW7J64-yMAP3sL-pyjtYkVUtoe4_-503NKXl0bTVpnuIu6rssbBsu65ROQ0Ab0qI9YfaL5F2vLhwMek8oI0NsPtNqltT0tkh-0eysK2VKOI2s7f-aeyHTd9SxoG4rPYgmzC7kBc667wH0dj5_8bfnzStILkFYyK-JDW3UHQPt_9FgbeVNsrGvn94XcDaNtAnx6XqD9Dr-UsjMDBJJhQRvNr457zAbJUpbv7DPCh4eDDJfnfcy25L3we-d5p9u_hqCV1ra1JXjpr6cqoz9bb-q_VMY7HDJVI22v1XDYwbcQ9xxesfXps1pA-wdad0_VgniGtvAbeZMYG2d9OorL3gRS8byEvLGwe6StxDTncjvVFLSNalS6B7MmqmVEyZvxdCm2BA4zwq8py4xnpLsK7aEscYI2Sdrcr8WEvrqnRzPWn-NW97MBF4A5hIn6Uk3UgkCwzPDF3nl4_avx-EURtPE5KjQx8QDrTWcHuEvdoif3NaRbSAq1tueQby_pzPoD6n6vI18B7IekA1ik1sEM8p-VsQJTk5ZYnsw7lTHkIEroVhn5SmstkPG8k1JQT7jXiHwD3vgawlizc2bqnYe_Nvt_MIq821u9zXmIJDvFD4odDf4SpdlAOuiZoObPFSFp5u4ndlVi8xFzlsXYA2-JyyB1nLlzj2Aj4St0eKTxyi96jnO7hH_1FNSjXOKA8Q-rtSlW95jjY6Rlteqp5Q1bdblUk0NocAG5eepXQ2e_jxe2GmaF_1ZWUoPmNMkg0R6axV_w6P0yke7jHj0dH1r4vyASG_4TIG3ScU8oeyuFyMvb0LTalZNASvfBterHxovUK3-TOumjqXnO7wqbFPak7nlW4VDXFMz2nqFaLPpOgtJe19RzfFr7i9pEpGMFm-nDZ5K2Trtal7KNeUdOIAQI2vdwfgQ92OwCkQaOpDBYOGrmoileyz4PO9X1tPQuBoU55J5YwUePnYbR45cS-0WHDCR4aNwY5z0XJzm7fFVn6ZzLFNSuUkASeOzIGZAyUr5iTuKWOzK0LI4CNnY8V0-QWltE6QKAqb2Zg5JbjEnjkxczCgYJNSRA9CwNgHLGgKZA4kQEeNCd1ZoQoebCuR5qw-nN-yukz2F79akdu0uw6b4u5ihD7bq3wjkPmUuIytrWi4fR1UdV5IWqOv9ghw4tEuU1z5coUQtTQ-6gEVSVNrUBOCH7nfMMmGd5rg4lR23viSlizqqKMqUekHS7208Bh-NJKA51iigYCRieNIBLLY78TzI5jp_SnndSz3h4Wk7RSR3FILD8T6QLWh7aoyJCG7kzDcsknwo72uWPLFLVOpDzheWj3j1yT2tL9VaAkTa1SFHQcKnUqm6Iln7_lA9SFa__bWgNm6W3hessQ75TyOZ2JWpa_f-jfKxnxJ43ARTfu8VdD-2XjOJMxxSn8q13z8OEflnjZempKWQHqzA5ex1lEVu2HB9XRbRFJPQjyWOezE2A-9TijP-4Xb28i3CnoVSHgjeEjqpnQnEO2f8ofEEW7QyUTAqfy5OnvukVC_HVELcdPeX_rVqNEl9XsV1fcUoni81CZ_dm3nQj1h1McLaedpZKDSLxp2JPn1V55mcRdjX3x1y0-UgPtXH9xOFehXRvVIODH-Zd14lgp7mGehbdvGv2-Tv9JhXulMkuStFN4AgUeSGZLnD8qkX3_uNqCqGwOUhCi5obZFTRJIru1e_ewcGb7WeZhurZG1QOk8GGXLMZf-4-Y4bjx0rvLibb7dq7RVIvt9l_UfCkCrdxe31J7kLoKbqaNMmFaTXHyy90lLI9Cu5WoF&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

b8bf3d2cf309d69486e6a972b29252070bee201ea1682bb8a7dfc351c7315e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1657329149849143-5526597800100714406-sas2-0259-2ea-sas-l7-balancer-8080-BAL-4047
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 09 Jul 2022 01:12:29 GMT
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 09 Jul 2022 01:12:29 GMT

GET
H2 200 vendors~autobahn.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 86 KB
26 KB 22ms
21ms Script
text/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/vendors~autobahn.js

Requested by

Host: s01.stc.yc.kpcdn.net
URL: https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/adaptive.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

a2f96d2c0ff2b96cc2421214831ffda7b4e71aee0426d60628d04173dcd699c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc30
date: Sat, 09 Jul 2022 01:12:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: 9659d6203a89f823:2db37350e4784a06:9659d6203a89f823:1
x-amz-request-id: a58b1e6d42efb0c7
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-08T14:23:59+00:00
x-request-id: 0e8751d4-9b19-4c22-8473-301fa5cbb53e
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Fri, 01 Jul 2022 12:39:41 GMT
server: nginx
etag: W/"c21f53249c99e0b7d1bced9b5513375b"
x-amz-version-id: 0005E2BDAE211742
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Sun, 10 Jul 2022 01:12:29 GMT

GET
H2 200 autobahn.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 405 B
526 B 23ms
22ms Script
text/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/autobahn.js

Requested by

Host: s01.stc.yc.kpcdn.net
URL: https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/adaptive.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

8a550da83fe5faf522945c7b61350dec5c08ef10a670c1db4fc5958b5a85057b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc30
date: Sat, 09 Jul 2022 01:12:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: ba25fc76488f387a:c4c152c846ede0c9:ba25fc76488f387a:1
x-amz-request-id: 3832d1d12a8d46ae
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-08T14:24:14+00:00
x-request-id: f8756601-08e6-4de0-a3ac-2d29749e2a22
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Fri, 01 Jul 2022 12:39:39 GMT
server: nginx
etag: W/"c6bcedb067d139a244e5e24f4f1037ee"
x-amz-version-id: 0005E2BDADF96F29
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Sun, 10 Jul 2022 01:12:29 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
216 B 94ms
29ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=124&profileId=184&cb=88588445945

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 09 Jul 2022 01:12:29 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://www.tumen.kp.ru
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
217 B 93ms
28ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=124&profileId=184&cb=53317048760

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 09 Jul 2022 01:12:29 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://www.tumen.kp.ru
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
216 B 94ms
29ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=124&profileId=184&cb=5128766722

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 09 Jul 2022 01:12:29 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://www.tumen.kp.ru
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 8c03bd3844e7a4bb193c.js Show response
yastatic.net/partner-code-bundles/612099/ 36 KB
10 KB 57ms
57ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/612099/8c03bd3844e7a4bb193c.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

2017b3e9540b1e80d62709567b261ec51d23ddcddc4a789034baf750022df916

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.tumen.kp.ru/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:29 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 9987
last-modified: Thu, 07 Jul 2022 19:27:09 GMT
server: nginx/1.17.9
etag: "1a5557a25e725f21769f1b336fc9c049"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 08 Jul 2052 07:43:29 GMT

GET
H2 200 smi.js Show response
jsn.24smi.net/ 89 KB
28 KB 95ms
29ms Script
application/javascript 2606:4700:10::ac43:581
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsn.24smi.net/smi.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/612099/3f2865e0d5f2d3b6288d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:581 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed046b5d2756f81f71273241564fa4931704a532d63fdbb7883e7dfef65ed76f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:30 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 471
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 16 May 2022 14:38:35 GMT
server: cloudflare
etag: W/"628261eb-162b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 727d31139bf59162-FRA
expires: Sat, 09 Jul 2022 02:04:39 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
54 B 67ms
67ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=07ac68656f2353f2&pm=cyz&p5=lamxz&ad-session-id=9907131657329149716&lts=fjmtaiv&ytt=423863344300037&ybv=0.612099&ylv=0.612099&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&rqs=_cF1AbUMuD_91chikoEYGLY403sKBRBi&pr=dyeeiod&puid3=top%3Aregion&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&p2=fqyp&rand=cpkzwpd&sj=5mBmjuhExB7f7EjvKga1ObgulqeyP44-ksrsXmzvJ_QsTTIbYCxAOzn9dPaWqg%3D%3D&puid1=adv-1657329149673-853&p1=cbpai

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:29 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Jul 2022 01:12:29 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/232598/getBulk/ 81 KB
26 KB 304ms
304ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/232598/getBulk/v2?dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3F&date=2022-07-09T01%3A12%3A29.958%2B00%3A00&pd=9&pdh=1200&pdw=1600&pr1=1680482352&pr=1213804335&prr=&pv=1&pw=6&extid_loader=&extid_tag_loader=www.tumen.kp.ru&ylv=0.612099&ybv=0.612099&ytt=423863344300037&is-turbo=0&skip-token=&ad-session-id=9907131657329149716&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A1560%2C%22h%22%3A250%2C%22width%22%3A1560%2C%22height%22%3A250%2C%22visible%22%3A1%2C%22isBlackTheme%22%3Afalse%2C%22left%22%3A20%2C%22top%22%3A120%2C%22fontFamily%22%3A%22ys%22%2C%22req_no%22%3A2%2C%22ad_no%22%3A1%7D&enable-flat-highlight=1&pcode-version=612099&available-width=1560&available-height=250&yaru=true&pp=g&p2=fban&ps=bxyd&puid1=adv-1657329149665-138&puid2=&puid3=&puid5=&slotNumber=1&bids=W3siYmlkZGVyTmFtZSI6ImFkZm94X2Fkc21hcnQiLCJjYW1wYWlnbl9pZCI6MTU5MjA0MCwicmVzcG9uc2VfdGltZSI6MjU5LCJlcnJvciI6eyJjb2RlIjoxfX0seyJiaWRkZXJOYW1lIjoiYnV6em9vbGEiLCJjYW1wYWlnbl9pZCI6ODkwNDUwLCJyZXNwb25zZV90aW1lIjoxMjMsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIxMjI3MTY5In1d&utf8=%E2%9C%93&pcode-test-ids=612520%2C0%2C39%3B586085%2C0%2C8%3B597485%2C0%2C9%3B590118%2C0%2C23%3B598478%2C0%2C18%3B605344%2C0%2C41%3B610322%2C0%2C21%3B610874%2C0%2C85%3B612099%2C0%2C12&pcode-flags-map=eJyVWNtu3DYQ%2FZVin4OCulCXvFESVyIskSpJ7XpTBIO09ZsRFI1TFAjy7x1K2rWktbm2HwysoHM4nOsZ%2Fdhp3nNm4dCxHjT%2FbeDGAttbrkFIrdp29%2FH3H7t%2Fvzx%2Bf9h93Fk98N2H3dPDtyfxF%2F6maRoHye7n5w%2B7AzMgOBirelC2QbxtmIRuaK24zZOlNLzmeTdY1FJpDp0whldQMcugZ5p1BvZKw0FUXOG1oFRdoVacD%2F%2F9vaLMSUzpxR42WFVzyTWzSNuz8s40ykI14AOh5IopWvPEhOQXHi5Z0XKQ%2FLgg4Qathk5VfMWjZHsC3vKOS2ugbEV558CvsM%2FMHbuHhou6sXhHafC%2BWsj63ZenURCOtKxt1XEKQ4%2F0I8fkS1uzGxwxocuYTOd3TNdC%2BpAJiYMo2rps6KvR951yDgfLRItGTL7zJkdCkmwRAc07deBQNkwbbmGvVQetkHd%2BjiCISbo1aS%2FuAX9asBpj6dxsLNN29E5v%2BFCp%2Bc6lxgITB25uHULp1b1L1veOujhBpY7yLaYmWehjQZdpdGQhrMvm95Dh9RzZgWuzTXpnfErX2DAmwdaQgzCiEK2wJ%2BhbdirQcVgJg0HjblgS0vCqjoTENmV4OaaEKgzXB9d2XDgWJ72VeJCYUwwrZowg6%2Fol8Omf7w8LWBxmUU4mmMFmZVy33GK2mb0AsQoM589Gr2Ffv%2Fzx%2BLBCRkmYTwnosq7Ds%2BYql9Z%2FZEyjfIpCqQaJuargvtFeSJZmYTxCTkxW%2FB70gLnXMX%2FZUpKG0dzBV50G9kPbGqwB7scHURiRyxULre7QP3g9qLWo%2FMiUZsmLBkMljNWi8MLDgCTTfT9xGY7mwlFUtgHRsZp7sXEQZ%2BQZi8eNiVko7fJIs0oM5pc3MpyYs3syGFh7ZCfjR0bpHNpq70a36bHjc7Ci42qwK2hICFljYxJNd%2B5LHDzjsMA54z%2BPIs2cvXuFXuauXM7nAb%2F3ZiIemabhNVzsAf8fXXu5lSGvMJwNOLB2WEUrIi%2Bjz01xzE4hewwyMN35z06CPJrPxnq1wowCaa%2Bup8cWSglqiRHacqbdpHfTkGnBNg4Pt7A5vJt60vzIML2qtxYWMp1j7YYedBxV0SVduNbY7Vq16r90hc9IPMW910Jp17txjhwEP%2FZK%2B1MmSZO54bnXQeLwLjnKu672wtIQcSPMmB6HV9lwZyH0XJebLA3IKsgpDfJ4kSLknuC8wmagjBXeM7OAzmdWKLrsON7Rx0eNoxNDPbfbd4ioDHv2FD8cJ%2BV8gU0%2F2UwVmmU4jSYj5k5S4bAuUcwZb8%2BmeZBmix4mUDAyDCwq%2BdJ5zPgOzSMaBCvs2PcMNkHbuMLqWVXhgPaTxHROknHOuDF86jlEfqtx1tBFtDpdvjK3r4%2FL0%2BRVJKAcGAXzjdPPHNoWi2ICUzIn71hp1crrwa%2FBCp9GWXTBvxs0iuqCSdwqAKXHXmC2jYIGOfxDJ8%2FCNF1cfiaZchMHPPbEi7jCxm7dArWVGFvNHcbRlHhNsZEjNM%2FDnKxejkicjS%2FXmhXhDTEfp%2BT5XTDi0%2BpyNAiJ7%2F0XpllAX0FM3pgbOqYAbrboBtelhXRZcdHpWNo3jKZ0ygzUATW3Y7UL6VY%2FjQ3M%2FcTmeWNeJiSNQ%2FJSA98LbdzqwTonYWGawOpwDqGfNEeZtDSNFUa1A%2FYr07nlw1X7jVjjMjPvV4ucxy7nOlS9FeJX4DDIp5JtbNfSqcwMzpRKMLAcV4QbeJQ78fOer6BByYaF0zIHRmFv9RsEO7kwjAqg1i7c6ABUbi%2FMiBc%2BGCQke97uEY4i3sAJlzlc1EowunwP%2Fjwj3PI9dr8V%2BPvXbw9P6%2FpN4wXa7Q%2Fug8D8HQATwojOLdtmwM1gowFL224%2BUwRBdqHqccqN6xQHV%2FOAeuPyANckJas1Wz7%2BbXpLnL5OOCmnym%2FSM8M67cX4PQJMw3CTRT619tOfT4%2FrTKdRPGWK847me5QsjctRUXpxAYnCcJ5EWPm6c2pFc3le7HrNC%2F9CgRRZulDH2%2F0MU5Cs3TY%2F%2Bfn55%2F%2BkFZzb&use-server-side-rendering=1&pcode-icookie=JPys%2B5rHIq%2BVYOSZpzg%2BMVHSc2DsCsXbTWltzyl%2Bl6ELGaOHg6a0Uaklq4o1HvDzI6FCIBTO81x%2F0ZD%2B1UU3ge690V4%3D&top-ancestor=https%3A%2F%2Fwww.tumen.kp.ru&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxNDh9ChqjpqjkJu6BYKCO8DD3bz8cGs9jHE5mc8yh7XASjuGaP5OZ5txDYsPfzof2cbbn2GYcOxQb3tBsS_vNcilALwX0BtpWBVWRVCqVv0v4-G14Ll-JCBKEFCkNKqiKag6hhcpQHyrlJrkxjHIIUQ4zVIe6UDWgfSDkplC7SJHkBTeEmjBu2LHmkHxALucqOVWoywubNH-qMM4Lk26RVIZkiyxlBlIOoS9o9aJZsAVQI4d1HuIFuBCKnPY8ki18oV6KufYMKlCF0dCBbfOyxMqfwbb6GQUrgy0QUiyHcPJyORCJFgFVBggtjCyFJB-7mRkpLx87p4WLl8_MZkbKyYvbus0n1GzgY-Y0WzKThZkTTFEuTnpuJGwMZjZGJtHMzchk5mQygykagkAUGwlEJVcaC-cQkHKqvGghLICLdsH0A90cKuQ0hyUKtQuoLlQPXPHSg0YOMy_gWrlxUcRDgeX26KIFHMRlH-0yPJbDC6NBR370A8F4IQl5uVUM6mVuvNCKRIZT1XC8SBgHkmG8KNVn9dJy6SEHwkLTtHDqDuf2XmRYOHxFS0s4i2Lop1-QlCLDtKhZeeZTNk0WCs1y8kVBLSLZM8UQW8D8ZepAa8ruRFMo3_YhkOVhWU01nTg7i8LCokLSJMXCiQARIxIueh9hQQ-hiBBVvQpZ9S5y0uUxPAh1_iNn5ELAy8fFhlgSHDmd2czIlLmRWujpwRSl57Yzc-DkZ6G3W8HKnMxIETOiEOUNAfnKhskn1MhIcm7xw2FjRcTGwMpvF8wcaC2oOfOixcZFB5IgQrs1swDZggUlguWPYrtLtnwp-YQszuEAxFLPSDB42OjZQWW3LDyQXubwtq8vby9BALdkOf2Kpl4dMhF6VbHqBB0todDITQ55hSJdmbFDvqGGBjnsoBacdQNYb4U4YzTFZFU0UcQhDIBe6utC0pBMTuWI_5Qm-o27zpgObfzvI3_lYOyAYxoHPYOUorYjOOJHbMPprnLAcOgPtjSPPROejI7IGIpLbHFWlev6DNNgd3_vkDsYC5d2-JfTOmrHOrqNIc6oC5jApdwzjpuZmKoD737QLIXHeYw_ig7IumjwJsIp14nqTtIL0kNN9FdP5SDPJzq0L9D9hFM5Igzdnuvozt2Y_4Q1D7_OkhrivP6lImmodtCaSXKTfRk7BW90VHLQ_h43PeeoDkE-i5yRAcTqs_6UdJLej9rnVzvdCCOHPIMwB_3Xcjq8XBqCGnESsk1zVpRzOqE45B3yVgvZGNTgy_m2-c9ADd4hRTUva2Oeqb6WsSOSo9yuK9a2eNw_gGT4Oo9C0pfOz0nxizPDR4MMMcdyDNg51oUAEWCEgfuhzCDAbUUisAziAoUHJE6Ez73AriOWE3YBCe5ttowCPSrQGP6fJK0vPnoGC5M7vPyZh5EVLb0HSoPIPAwBYo9HgkEgc4HEhgoJ6sfcWHY-iIafm5sbicWSnN_P0ebJ2spzum4yksg4JqZHfk4QIOVCxoHcLpA50DGhQ8AjymvjB4YJtsC9TbQx0zMI0LPasWUWzFyY0KMqJxYYXlhTAw8Pk4UQ4ztxB1bmZqYDg5ld1Dv5i10H7pwD_F2iaQvPGedQ1kAFNgSE3SpotTrj3WdKx1gn_9pdiPcW3bkD_LigGfsVSz1xzGe31syp2TCvPROVDnnGjBYlRkx2GzZnbAfU3ceGWePTn8xJp6FuUe9NllN_UYb8EjaJ5VhdCcHBHXIly79qOEVFoSc6kRmKI7MCFb4ZaMhlUahCrbM0aVjYrT6oIgALhyBCs92W2enB4MBi9kQ-diuvFKRcwS2eiGszM9CZmViW_iwMPKAwon096ftl5C-vn5FzCLiFKNlcyQXIXlYH3E-Q-SHO1IP1PMVQI5LlcIfX3OE4v56j32TNoJph8aumbHbWCee0tWd7L8qqE1k8_3LqILfRsJwqbpNuRBdODbMQN1ozMjPR4bQtUXBhREEPn839wAlJwFtNtmY2jGixoEQjKkkCrMgtgogRLVds6NFhQPTwO2_k7kNGh3HkynuNsc9NM2_r0_5FOpusHG6bhKdILFwklwE0xC5ZFNVx25YaDwI6VOhEeb_FfcCtOrS4tG_dECbEjIjY05cljLj6jplOuWXd_VHNW9EGrVPM8Lm3bUcS_yKW01Kn_9OIB46lZT5_PcGpOg530z-cvwW3jOc_6Ja442Q8Dsw_i5Ryall1Et9jbJmLByPo9KAvtfTL95dOQmO-W14RUUNjv6g3q6UMHyKrhx0jaKChQSR-9Ug__HxzWX-iqc1jClZ_m_8b0YlXVk0U3oVDv_Deoc5-FKweB0QOT04zPrNJ0jC_Zckp78k7ummI8Q8jIrpQuTEgRI4Q9e3q5hjCq3cZNrlH-inj1fv0hJXP27BXXdX5L664XaJO96H28T2GkRz28J_l1MOlnHKKb6iimS7PgKjpslUsonAqd6LzqQfAr-oJiaaufdr3QdMh8gOQopXXQzgbm1K-aEolHm0rnzoaYor4f7ZUr59iN1a2eUo7c9w0VKSK-hPir-lUmOJkEbBYnzswT6lHE7XixzdqKYTrF-oyv2CT0iipjeLHvoeuGh8IjXxBRUGZ2GN6rNBPbUyIhVumANmTnEpk4itJr1xzujWvKFgPqAv6UTQqDfptbeW_8OiIVXfqynzeNBX1tK4dVdQuSz6elSpfzW14dusIXj_WnCK6qtwxGf6XjesCIXbhuNfpPfs4NxBbb_kQoG5FoqqPxcOg5nrZqeu7eVXSR6oDb64f9MCUVwuKG2rn7TCYupe6UtbBquwkvy8zpCJpraX615y2XhQAPQESFniB_23XBYOoT8FF1ftQR5kJf1Rppe7Wzm-dYD-zm7KDc_IH7fLT1aXsSIE1iKh6n3ZqIzk2sPL_6JA_bbdtr-Q_ZSyHOWMY6QNdYFefrNY1wh6PK3a9Qy6G9r5X3lR_fdLs7ZRDDPn7FIilZz4VZhmD00UwpFMuVNHI-wAawh9PK4BS9G4ot4pmEv_RS1rjdKTmbD6mpElFzDoUANd16MD7SUbxcrcnrIpcsn-QAnoKXvOXaUqzWMFFP40F4jC8OrkN0j8eG4lVGbr58L-a-9J71nF3IgWZStAmuzYp3ANlfNO-SeT67yYNXZf-JHG7NNJXzp6_17UucFc9gWqk_93AgBfJgMidX2xjcKof-PmIU_utSFc9mx59fKQQZ-z2p8A2d91QkL7qVj_PYi91gLo74z3ucSpGiG26QvV_ep0cXh8T0rsATW7J64-yMAP3sL-pyjtYkVUtoe4_-503NKXl0bTVpnuIu6rssbBsu65ROQ0Ab0qI9YfaL5F2vLhwMek8oI0NsPtNqltT0tkh-0eysK2VKOI2s7f-aeyHTd9SxoG4rPYgmzC7kBc667wH0dj5_8bfnzStILkFYyK-JDW3UHQPt_9FgbeVNsrGvn94XcDaNtAnx6XqD9Dr-UsjMDBJJhQRvNr457zAbJUpbv7DPCh4eDDJfnfcy25L3we-d5p9u_hqCV1ra1JXjpr6cqoz9bb-q_VMY7HDJVI22v1XDYwbcQ9xxesfXps1pA-wdad0_VgniGtvAbeZMYG2d9OorL3gRS8byEvLGwe6StxDTncjvVFLSNalS6B7MmqmVEyZvxdCm2BA4zwq8py4xnpLsK7aEscYI2Sdrcr8WEvrqnRzPWn-NW97MBF4A5hIn6Uk3UgkCwzPDF3nl4_avx-EURtPE5KjQx8QDrTWcHuEvdoif3NaRbSAq1tueQby_pzPoD6n6vI18B7IekA1ik1sEM8p-VsQJTk5ZYnsw7lTHkIEroVhn5SmstkPG8k1JQT7jXiHwD3vgawlizc2bqnYe_Nvt_MIq821u9zXmIJDvFD4odDf4SpdlAOuiZoObPFSFp5u4ndlVi8xFzlsXYA2-JyyB1nLlzj2Aj4St0eKTxyi96jnO7hH_1FNSjXOKA8Q-rtSlW95jjY6Rlteqp5Q1bdblUk0NocAG5eepXQ2e_jxe2GmaF_1ZWUoPmNMkg0R6axV_w6P0yke7jHj0dH1r4vyASG_4TIG3ScU8oeyuFyMvb0LTalZNASvfBterHxovUK3-TOumjqXnO7wqbFPak7nlW4VDXFMz2nqFaLPpOgtJe19RzfFr7i9pEpGMFm-nDZ5K2Trtal7KNeUdOIAQI2vdwfgQ92OwCkQaOpDBYOGrmoileyz4PO9X1tPQuBoU55J5YwUePnYbR45cS-0WHDCR4aNwY5z0XJzm7fFVn6ZzLFNSuUkASeOzIGZAyUr5iTuKWOzK0LI4CNnY8V0-QWltE6QKAqb2Zg5JbjEnjkxczCgYJNSRA9CwNgHLGgKZA4kQEeNCd1ZoQoebCuR5qw-nN-yukz2F79akdu0uw6b4u5ihD7bq3wjkPmUuIytrWi4fR1UdV5IWqOv9ghw4tEuU1z5coUQtTQ-6gEVSVNrUBOCH7nfMMmGd5rg4lR23viSlizqqKMqUekHS7208Bh-NJKA51iigYCRieNIBLLY78TzI5jp_SnndSz3h4Wk7RSR3FILD8T6QLWh7aoyJCG7kzDcsknwo72uWPLFLVOpDzheWj3j1yT2tL9VaAkTa1SFHQcKnUqm6Iln7_lA9SFa__bWgNm6W3hessQ75TyOZ2JWpa_f-jfKxnxJ43ARTfu8VdD-2XjOJMxxSn8q13z8OEflnjZempKWQHqzA5ex1lEVu2HB9XRbRFJPQjyWOezE2A-9TijP-4Xb28i3CnoVSHgjeEjqpnQnEO2f8ofEEW7QyUTAqfy5OnvukVC_HVELcdPeX_rVqNEl9XsV1fcUoni81CZ_dm3nQj1h1McLaedpZKDSLxp2JPn1V55mcRdjX3x1y0-UgPtXH9xOFehXRvVIODH-Zd14lgp7mGehbdvGv2-Tv9JhXulMkuStFN4AgUeSGZLnD8qkX3_uNqCqGwOUhCi5obZFTRJIru1e_ewcGb7WeZhurZG1QOk8GGXLMZf-4-Y4bjx0rvLibb7dq7RVIvt9l_UfCkCrdxe31J7kLoKbqaNMmFaTXHyy90lLI9Cu5WoF&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

71beceaa7772e86059f602d1078affcb9a5164e965bfc543ba6a16283aa21e20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
ssr: true
x-yandex-req-id: 1657329149994141-7944473753481919126-sas2-0259-2ea-sas-l7-balancer-8080-BAL-3839
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type: Direct
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 09 Jul 2022 01:12:30 GMT
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 09 Jul 2022 01:12:30 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
216 B 36ms
35ms Ping
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 09 Jul 2022 01:12:29 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://www.tumen.kp.ru
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
365 B 50ms
50ms Image
image/gif 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:30 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
strict-transport-security: max-age=31536000; preload;
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Tue, 04 Jul 2023 01:12:30 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
365 B 50ms
49ms Image
image/gif 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:30 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
strict-transport-security: max-age=31536000; preload;
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Tue, 04 Jul 2023 01:12:30 GMT

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/232598/getBulk/ 16 KB
8 KB 578ms
577ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/232598/getBulk/v2?dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&date=2022-07-09T01%3A12%3A29.987%2B00%3A00&pd=9&pdh=1200&pdw=1600&pr1=1224376023&pr=1213804335&prr=&pv=1&pw=6&extid_loader=&extid_tag_loader=www.tumen.kp.ru&ylv=0.612099&ybv=0.612099&ytt=423863344300037&is-turbo=0&skip-token=&ad-session-id=9907131657329149716&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A300%2C%22h%22%3A600%2C%22width%22%3A300%2C%22height%22%3A600%2C%22visible%22%3A1%2C%22isBlackTheme%22%3Afalse%2C%22left%22%3A1100%2C%22top%22%3A486%2C%22fontFamily%22%3A%22ys%22%2C%22req_no%22%3A3%2C%22ad_no%22%3A1%7D&enable-flat-highlight=1&pcode-version=612099&available-width=300&available-height=600&yaru=true&pp=hrs&p2=fbao&ps=bxyd&puid1=adv-1657329149673-55&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&puid3=top%3Aregion&puid5=&slotNumber=4&bids=W3siYmlkZGVyTmFtZSI6ImNyaXRlbyIsImNhbXBhaWduX2lkIjo3MjI1NzMsInJlc3BvbnNlX3RpbWUiOjI4NywiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjExNDA4OTgifSx7ImJpZGRlck5hbWUiOiJydGJob3VzZSIsImNhbXBhaWduX2lkIjo4NTM4NjksInJlc3BvbnNlX3RpbWUiOjg3LCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoiNzE1NzM3NzA5NDBiNzJjMDQyODkifSx7ImJpZGRlck5hbWUiOiJhZHJpdmVyIiwiY2FtcGFpZ25faWQiOjcyODI1NCwicmVzcG9uc2VfdGltZSI6MTkzLCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoia3BfMnNsb3RfMXNjciJ9LHsiYmlkZGVyTmFtZSI6Im15dGFyZ2V0IiwiY2FtcGFpZ25faWQiOjgxMDQwMiwicmVzcG9uc2VfdGltZSI6MjUzLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMjMzODQyIn0seyJiaWRkZXJOYW1lIjoiYmV0d2VlbmRpZ2l0YWwiLCJjYW1wYWlnbl9pZCI6ODEwMzQ0LCJyZXNwb25zZV90aW1lIjoxNDEsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIyNDg4MDUyIn0seyJiaWRkZXJOYW1lIjoiYWRmb3hfYWRzbWFydCIsImNhbXBhaWduX2lkIjoxNTkyMDQwLCJyZXNwb25zZV90aW1lIjoyNTYsImVycm9yIjp7ImNvZGUiOjF9fSx7ImJpZGRlck5hbWUiOiJidXp6b29sYSIsImNhbXBhaWduX2lkIjo4OTA0NTAsInJlc3BvbnNlX3RpbWUiOjEyNSwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjEyMjcxNjYifSx7ImJpZGRlck5hbWUiOiJiaWR2b2wiLCJjYW1wYWlnbl9pZCI6MTg3MTAxNiwicmVzcG9uc2VfdGltZSI6MjA4LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMjE1MzUifSx7ImJpZGRlck5hbWUiOiJhZGZveF9pbWhvLXZpZGVvIiwiY2FtcGFpZ25faWQiOjE3ODk1ODEsInJlc3BvbnNlX3RpbWUiOjI1NiwiZXJyb3IiOnsiY29kZSI6MX19XQ%3D%3D&utf8=%E2%9C%93&pcode-test-ids=612520%2C0%2C39%3B586085%2C0%2C8%3B597485%2C0%2C9%3B590118%2C0%2C23%3B598478%2C0%2C18%3B605344%2C0%2C41%3B610322%2C0%2C21%3B610874%2C0%2C85%3B612099%2C0%2C12&pcode-flags-map=eJyVWNtu3DYQ%2FZVin4OCulCXvFESVyIskSpJ7XpTBIO09ZsRFI1TFAjy7x1K2rWktbm2HwysoHM4nOsZ%2Fdhp3nNm4dCxHjT%2FbeDGAttbrkFIrdp29%2FH3H7t%2Fvzx%2Bf9h93Fk98N2H3dPDtyfxF%2F6maRoHye7n5w%2B7AzMgOBirelC2QbxtmIRuaK24zZOlNLzmeTdY1FJpDp0whldQMcugZ5p1BvZKw0FUXOG1oFRdoVacD%2F%2F9vaLMSUzpxR42WFVzyTWzSNuz8s40ykI14AOh5IopWvPEhOQXHi5Z0XKQ%2FLgg4Qathk5VfMWjZHsC3vKOS2ugbEV558CvsM%2FMHbuHhou6sXhHafC%2BWsj63ZenURCOtKxt1XEKQ4%2F0I8fkS1uzGxwxocuYTOd3TNdC%2BpAJiYMo2rps6KvR951yDgfLRItGTL7zJkdCkmwRAc07deBQNkwbbmGvVQetkHd%2BjiCISbo1aS%2FuAX9asBpj6dxsLNN29E5v%2BFCp%2Bc6lxgITB25uHULp1b1L1veOujhBpY7yLaYmWehjQZdpdGQhrMvm95Dh9RzZgWuzTXpnfErX2DAmwdaQgzCiEK2wJ%2BhbdirQcVgJg0HjblgS0vCqjoTENmV4OaaEKgzXB9d2XDgWJ72VeJCYUwwrZowg6%2Fol8Omf7w8LWBxmUU4mmMFmZVy33GK2mb0AsQoM589Gr2Ffv%2Fzx%2BLBCRkmYTwnosq7Ds%2BYql9Z%2FZEyjfIpCqQaJuargvtFeSJZmYTxCTkxW%2FB70gLnXMX%2FZUpKG0dzBV50G9kPbGqwB7scHURiRyxULre7QP3g9qLWo%2FMiUZsmLBkMljNWi8MLDgCTTfT9xGY7mwlFUtgHRsZp7sXEQZ%2BQZi8eNiVko7fJIs0oM5pc3MpyYs3syGFh7ZCfjR0bpHNpq70a36bHjc7Ci42qwK2hICFljYxJNd%2B5LHDzjsMA54z%2BPIs2cvXuFXuauXM7nAb%2F3ZiIemabhNVzsAf8fXXu5lSGvMJwNOLB2WEUrIi%2Bjz01xzE4hewwyMN35z06CPJrPxnq1wowCaa%2Bup8cWSglqiRHacqbdpHfTkGnBNg4Pt7A5vJt60vzIML2qtxYWMp1j7YYedBxV0SVduNbY7Vq16r90hc9IPMW910Jp17txjhwEP%2FZK%2B1MmSZO54bnXQeLwLjnKu672wtIQcSPMmB6HV9lwZyH0XJebLA3IKsgpDfJ4kSLknuC8wmagjBXeM7OAzmdWKLrsON7Rx0eNoxNDPbfbd4ioDHv2FD8cJ%2BV8gU0%2F2UwVmmU4jSYj5k5S4bAuUcwZb8%2BmeZBmix4mUDAyDCwq%2BdJ5zPgOzSMaBCvs2PcMNkHbuMLqWVXhgPaTxHROknHOuDF86jlEfqtx1tBFtDpdvjK3r4%2FL0%2BRVJKAcGAXzjdPPHNoWi2ICUzIn71hp1crrwa%2FBCp9GWXTBvxs0iuqCSdwqAKXHXmC2jYIGOfxDJ8%2FCNF1cfiaZchMHPPbEi7jCxm7dArWVGFvNHcbRlHhNsZEjNM%2FDnKxejkicjS%2FXmhXhDTEfp%2BT5XTDi0%2BpyNAiJ7%2F0XpllAX0FM3pgbOqYAbrboBtelhXRZcdHpWNo3jKZ0ygzUATW3Y7UL6VY%2FjQ3M%2FcTmeWNeJiSNQ%2FJSA98LbdzqwTonYWGawOpwDqGfNEeZtDSNFUa1A%2FYr07nlw1X7jVjjMjPvV4ucxy7nOlS9FeJX4DDIp5JtbNfSqcwMzpRKMLAcV4QbeJQ78fOer6BByYaF0zIHRmFv9RsEO7kwjAqg1i7c6ABUbi%2FMiBc%2BGCQke97uEY4i3sAJlzlc1EowunwP%2Fjwj3PI9dr8V%2BPvXbw9P6%2FpN4wXa7Q%2Fug8D8HQATwojOLdtmwM1gowFL224%2BUwRBdqHqccqN6xQHV%2FOAeuPyANckJas1Wz7%2BbXpLnL5OOCmnym%2FSM8M67cX4PQJMw3CTRT619tOfT4%2FrTKdRPGWK847me5QsjctRUXpxAYnCcJ5EWPm6c2pFc3le7HrNC%2F9CgRRZulDH2%2F0MU5Cs3TY%2F%2Bfn55%2F%2BkFZzb&use-server-side-rendering=1&pcode-icookie=JPys%2B5rHIq%2BVYOSZpzg%2BMVHSc2DsCsXbTWltzyl%2Bl6ELGaOHg6a0Uaklq4o1HvDzI6FCIBTO81x%2F0ZD%2B1UU3ge690V4%3D&top-ancestor=https%3A%2F%2Fwww.tumen.kp.ru&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxNDh9ChqjpqjkJu6BYKCO8DD3bz8cGs9jHE5mc8yh7XASjuGaP5OZ5txDYsPfzof2cbbn2GYcOxQb3tBsS_vNcilALwX0BtpWBVWRVCqVv0v4-G14Ll-JCBKEFCkNKqiKag6hhcpQHyrlJrkxjHIIUQ4zVIe6UDWgfSDkplC7SJHkBTeEmjBu2LHmkHxALucqOVWoywubNH-qMM4Lk26RVIZkiyxlBlIOoS9o9aJZsAVQI4d1HuIFuBCKnPY8ki18oV6KufYMKlCF0dCBbfOyxMqfwbb6GQUrgy0QUiyHcPJyORCJFgFVBggtjCyFJB-7mRkpLx87p4WLl8_MZkbKyYvbus0n1GzgY-Y0WzKThZkTTFEuTnpuJGwMZjZGJtHMzchk5mQygykagkAUGwlEJVcaC-cQkHKqvGghLICLdsH0A90cKuQ0hyUKtQuoLlQPXPHSg0YOMy_gWrlxUcRDgeX26KIFHMRlH-0yPJbDC6NBR370A8F4IQl5uVUM6mVuvNCKRIZT1XC8SBgHkmG8KNVn9dJy6SEHwkLTtHDqDuf2XmRYOHxFS0s4i2Lop1-QlCLDtKhZeeZTNk0WCs1y8kVBLSLZM8UQW8D8ZepAa8ruRFMo3_YhkOVhWU01nTg7i8LCokLSJMXCiQARIxIueh9hQQ-hiBBVvQpZ9S5y0uUxPAh1_iNn5ELAy8fFhlgSHDmd2czIlLmRWujpwRSl57Yzc-DkZ6G3W8HKnMxIETOiEOUNAfnKhskn1MhIcm7xw2FjRcTGwMpvF8wcaC2oOfOixcZFB5IgQrs1swDZggUlguWPYrtLtnwp-YQszuEAxFLPSDB42OjZQWW3LDyQXubwtq8vby9BALdkOf2Kpl4dMhF6VbHqBB0todDITQ55hSJdmbFDvqGGBjnsoBacdQNYb4U4YzTFZFU0UcQhDIBe6utC0pBMTuWI_5Qm-o27zpgObfzvI3_lYOyAYxoHPYOUorYjOOJHbMPprnLAcOgPtjSPPROejI7IGIpLbHFWlev6DNNgd3_vkDsYC5d2-JfTOmrHOrqNIc6oC5jApdwzjpuZmKoD737QLIXHeYw_ig7IumjwJsIp14nqTtIL0kNN9FdP5SDPJzq0L9D9hFM5Igzdnuvozt2Y_4Q1D7_OkhrivP6lImmodtCaSXKTfRk7BW90VHLQ_h43PeeoDkE-i5yRAcTqs_6UdJLej9rnVzvdCCOHPIMwB_3Xcjq8XBqCGnESsk1zVpRzOqE45B3yVgvZGNTgy_m2-c9ADd4hRTUva2Oeqb6WsSOSo9yuK9a2eNw_gGT4Oo9C0pfOz0nxizPDR4MMMcdyDNg51oUAEWCEgfuhzCDAbUUisAziAoUHJE6Ez73AriOWE3YBCe5ttowCPSrQGP6fJK0vPnoGC5M7vPyZh5EVLb0HSoPIPAwBYo9HgkEgc4HEhgoJ6sfcWHY-iIafm5sbicWSnN_P0ebJ2spzum4yksg4JqZHfk4QIOVCxoHcLpA50DGhQ8AjymvjB4YJtsC9TbQx0zMI0LPasWUWzFyY0KMqJxYYXlhTAw8Pk4UQ4ztxB1bmZqYDg5ld1Dv5i10H7pwD_F2iaQvPGedQ1kAFNgSE3SpotTrj3WdKx1gn_9pdiPcW3bkD_LigGfsVSz1xzGe31syp2TCvPROVDnnGjBYlRkx2GzZnbAfU3ceGWePTn8xJp6FuUe9NllN_UYb8EjaJ5VhdCcHBHXIly79qOEVFoSc6kRmKI7MCFb4ZaMhlUahCrbM0aVjYrT6oIgALhyBCs92W2enB4MBi9kQ-diuvFKRcwS2eiGszM9CZmViW_iwMPKAwon096ftl5C-vn5FzCLiFKNlcyQXIXlYH3E-Q-SHO1IP1PMVQI5LlcIfX3OE4v56j32TNoJph8aumbHbWCee0tWd7L8qqE1k8_3LqILfRsJwqbpNuRBdODbMQN1ozMjPR4bQtUXBhREEPn839wAlJwFtNtmY2jGixoEQjKkkCrMgtgogRLVds6NFhQPTwO2_k7kNGh3HkynuNsc9NM2_r0_5FOpusHG6bhKdILFwklwE0xC5ZFNVx25YaDwI6VOhEeb_FfcCtOrS4tG_dECbEjIjY05cljLj6jplOuWXd_VHNW9EGrVPM8Lm3bUcS_yKW01Kn_9OIB46lZT5_PcGpOg530z-cvwW3jOc_6Ja442Q8Dsw_i5Ryall1Et9jbJmLByPo9KAvtfTL95dOQmO-W14RUUNjv6g3q6UMHyKrhx0jaKChQSR-9Ug__HxzWX-iqc1jClZ_m_8b0YlXVk0U3oVDv_Deoc5-FKweB0QOT04zPrNJ0jC_Zckp78k7ummI8Q8jIrpQuTEgRI4Q9e3q5hjCq3cZNrlH-inj1fv0hJXP27BXXdX5L664XaJO96H28T2GkRz28J_l1MOlnHKKb6iimS7PgKjpslUsonAqd6LzqQfAr-oJiaaufdr3QdMh8gOQopXXQzgbm1K-aEolHm0rnzoaYor4f7ZUr59iN1a2eUo7c9w0VKSK-hPir-lUmOJkEbBYnzswT6lHE7XixzdqKYTrF-oyv2CT0iipjeLHvoeuGh8IjXxBRUGZ2GN6rNBPbUyIhVumANmTnEpk4itJr1xzujWvKFgPqAv6UTQqDfptbeW_8OiIVXfqynzeNBX1tK4dVdQuSz6elSpfzW14dusIXj_WnCK6qtwxGf6XjesCIXbhuNfpPfs4NxBbb_kQoG5FoqqPxcOg5nrZqeu7eVXSR6oDb64f9MCUVwuKG2rn7TCYupe6UtbBquwkvy8zpCJpraX615y2XhQAPQESFniB_23XBYOoT8FF1ftQR5kJf1Rppe7Wzm-dYD-zm7KDc_IH7fLT1aXsSIE1iKh6n3ZqIzk2sPL_6JA_bbdtr-Q_ZSyHOWMY6QNdYFefrNY1wh6PK3a9Qy6G9r5X3lR_fdLs7ZRDDPn7FIilZz4VZhmD00UwpFMuVNHI-wAawh9PK4BS9G4ot4pmEv_RS1rjdKTmbD6mpElFzDoUANd16MD7SUbxcrcnrIpcsn-QAnoKXvOXaUqzWMFFP40F4jC8OrkN0j8eG4lVGbr58L-a-9J71nF3IgWZStAmuzYp3ANlfNO-SeT67yYNXZf-JHG7NNJXzp6_17UucFc9gWqk_93AgBfJgMidX2xjcKof-PmIU_utSFc9mx59fKQQZ-z2p8A2d91QkL7qVj_PYi91gLo74z3ucSpGiG26QvV_ep0cXh8T0rsATW7J64-yMAP3sL-pyjtYkVUtoe4_-503NKXl0bTVpnuIu6rssbBsu65ROQ0Ab0qI9YfaL5F2vLhwMek8oI0NsPtNqltT0tkh-0eysK2VKOI2s7f-aeyHTd9SxoG4rPYgmzC7kBc667wH0dj5_8bfnzStILkFYyK-JDW3UHQPt_9FgbeVNsrGvn94XcDaNtAnx6XqD9Dr-UsjMDBJJhQRvNr457zAbJUpbv7DPCh4eDDJfnfcy25L3we-d5p9u_hqCV1ra1JXjpr6cqoz9bb-q_VMY7HDJVI22v1XDYwbcQ9xxesfXps1pA-wdad0_VgniGtvAbeZMYG2d9OorL3gRS8byEvLGwe6StxDTncjvVFLSNalS6B7MmqmVEyZvxdCm2BA4zwq8py4xnpLsK7aEscYI2Sdrcr8WEvrqnRzPWn-NW97MBF4A5hIn6Uk3UgkCwzPDF3nl4_avx-EURtPE5KjQx8QDrTWcHuEvdoif3NaRbSAq1tueQby_pzPoD6n6vI18B7IekA1ik1sEM8p-VsQJTk5ZYnsw7lTHkIEroVhn5SmstkPG8k1JQT7jXiHwD3vgawlizc2bqnYe_Nvt_MIq821u9zXmIJDvFD4odDf4SpdlAOuiZoObPFSFp5u4ndlVi8xFzlsXYA2-JyyB1nLlzj2Aj4St0eKTxyi96jnO7hH_1FNSjXOKA8Q-rtSlW95jjY6Rlteqp5Q1bdblUk0NocAG5eepXQ2e_jxe2GmaF_1ZWUoPmNMkg0R6axV_w6P0yke7jHj0dH1r4vyASG_4TIG3ScU8oeyuFyMvb0LTalZNASvfBterHxovUK3-TOumjqXnO7wqbFPak7nlW4VDXFMz2nqFaLPpOgtJe19RzfFr7i9pEpGMFm-nDZ5K2Trtal7KNeUdOIAQI2vdwfgQ92OwCkQaOpDBYOGrmoileyz4PO9X1tPQuBoU55J5YwUePnYbR45cS-0WHDCR4aNwY5z0XJzm7fFVn6ZzLFNSuUkASeOzIGZAyUr5iTuKWOzK0LI4CNnY8V0-QWltE6QKAqb2Zg5JbjEnjkxczCgYJNSRA9CwNgHLGgKZA4kQEeNCd1ZoQoebCuR5qw-nN-yukz2F79akdu0uw6b4u5ihD7bq3wjkPmUuIytrWi4fR1UdV5IWqOv9ghw4tEuU1z5coUQtTQ-6gEVSVNrUBOCH7nfMMmGd5rg4lR23viSlizqqKMqUekHS7208Bh-NJKA51iigYCRieNIBLLY78TzI5jp_SnndSz3h4Wk7RSR3FILD8T6QLWh7aoyJCG7kzDcsknwo72uWPLFLVOpDzheWj3j1yT2tL9VaAkTa1SFHQcKnUqm6Iln7_lA9SFa__bWgNm6W3hessQ75TyOZ2JWpa_f-jfKxnxJ43ARTfu8VdD-2XjOJMxxSn8q13z8OEflnjZempKWQHqzA5ex1lEVu2HB9XRbRFJPQjyWOezE2A-9TijP-4Xb28i3CnoVSHgjeEjqpnQnEO2f8ofEEW7QyUTAqfy5OnvukVC_HVELcdPeX_rVqNEl9XsV1fcUoni81CZ_dm3nQj1h1McLaedpZKDSLxp2JPn1V55mcRdjX3x1y0-UgPtXH9xOFehXRvVIODH-Zd14lgp7mGehbdvGv2-Tv9JhXulMkuStFN4AgUeSGZLnD8qkX3_uNqCqGwOUhCi5obZFTRJIru1e_ewcGb7WeZhurZG1QOk8GGXLMZf-4-Y4bjx0rvLibb7dq7RVIvt9l_UfCkCrdxe31J7kLoKbqaNMmFaTXHyy90lLI9Cu5WoF&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

6a24e3c7dea02f064b1b551d8bdef2903b15b8c01e963d201c0382f09df38e8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1657329150024403-15294585096709794506-sas2-0259-2ea-sas-l7-balancer-8080-BAL-5546
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 09 Jul 2022 01:12:30 GMT
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 09 Jul 2022 01:12:30 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
216 B 33ms
32ms Ping
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 09 Jul 2022 01:12:29 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://www.tumen.kp.ru
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/232598/getBulk/ 16 KB
8 KB 418ms
417ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/232598/getBulk/v2?dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&date=2022-07-09T01%3A12%3A29.993%2B00%3A00&pd=9&pdh=1200&pdw=1600&pr1=2640655715&pr=1213804335&prr=&pv=1&pw=6&extid_loader=&extid_tag_loader=www.tumen.kp.ru&ylv=0.612099&ybv=0.612099&ytt=423863344300037&is-turbo=0&skip-token=&ad-session-id=9907131657329149716&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A240%2C%22h%22%3A400%2C%22width%22%3A240%2C%22height%22%3A400%2C%22visible%22%3A0%2C%22isBlackTheme%22%3Afalse%2C%22left%22%3A215%2C%22top%22%3A1246%2C%22fontFamily%22%3A%22ys%22%2C%22req_no%22%3A4%2C%22ad_no%22%3A1%7D&enable-flat-highlight=1&pcode-version=612099&available-width=240&available-height=400&yaru=true&pp=g&p2=fxjd&ps=bxyd&puid1=adv-1657329149670-14&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&puid3=top%3Aregion&puid5=&slotNumber=3&bids=W3siYmlkZGVyTmFtZSI6ImNyaXRlbyIsImNhbXBhaWduX2lkIjo3MjI1NzMsInJlc3BvbnNlX3RpbWUiOjI5MywiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjEyMzM1MzUifSx7ImJpZGRlck5hbWUiOiJydGJob3VzZSIsImNhbXBhaWduX2lkIjo4NTM4NjksInJlc3BvbnNlX3RpbWUiOjg3LCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoiOGQzMDhkNDIzMTZjNDBiNTE2ODgifSx7ImJpZGRlck5hbWUiOiJhZHJpdmVyIiwiY2FtcGFpZ25faWQiOjcyODI1NCwicmVzcG9uc2VfdGltZSI6MTkyLCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoiMjprcF81c2xvdCJ9LHsiYmlkZGVyTmFtZSI6Im15dGFyZ2V0IiwiY2FtcGFpZ25faWQiOjgxMDQwMiwicmVzcG9uc2VfdGltZSI6MjU2LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMjMzODUyIn0seyJiaWRkZXJOYW1lIjoiYmV0d2VlbmRpZ2l0YWwiLCJjYW1wYWlnbl9pZCI6ODEwMzQ0LCJyZXNwb25zZV90aW1lIjoxNDIsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIyNDg4MDU5In1d&utf8=%E2%9C%93&pcode-test-ids=612520%2C0%2C39%3B586085%2C0%2C8%3B597485%2C0%2C9%3B590118%2C0%2C23%3B598478%2C0%2C18%3B605344%2C0%2C41%3B610322%2C0%2C21%3B610874%2C0%2C85%3B612099%2C0%2C12&pcode-flags-map=eJyVWNtu3DYQ%2FZVin4OCulCXvFESVyIskSpJ7XpTBIO09ZsRFI1TFAjy7x1K2rWktbm2HwysoHM4nOsZ%2Fdhp3nNm4dCxHjT%2FbeDGAttbrkFIrdp29%2FH3H7t%2Fvzx%2Bf9h93Fk98N2H3dPDtyfxF%2F6maRoHye7n5w%2B7AzMgOBirelC2QbxtmIRuaK24zZOlNLzmeTdY1FJpDp0whldQMcugZ5p1BvZKw0FUXOG1oFRdoVacD%2F%2F9vaLMSUzpxR42WFVzyTWzSNuz8s40ykI14AOh5IopWvPEhOQXHi5Z0XKQ%2FLgg4Qathk5VfMWjZHsC3vKOS2ugbEV558CvsM%2FMHbuHhou6sXhHafC%2BWsj63ZenURCOtKxt1XEKQ4%2F0I8fkS1uzGxwxocuYTOd3TNdC%2BpAJiYMo2rps6KvR951yDgfLRItGTL7zJkdCkmwRAc07deBQNkwbbmGvVQetkHd%2BjiCISbo1aS%2FuAX9asBpj6dxsLNN29E5v%2BFCp%2Bc6lxgITB25uHULp1b1L1veOujhBpY7yLaYmWehjQZdpdGQhrMvm95Dh9RzZgWuzTXpnfErX2DAmwdaQgzCiEK2wJ%2BhbdirQcVgJg0HjblgS0vCqjoTENmV4OaaEKgzXB9d2XDgWJ72VeJCYUwwrZowg6%2Fol8Omf7w8LWBxmUU4mmMFmZVy33GK2mb0AsQoM589Gr2Ffv%2Fzx%2BLBCRkmYTwnosq7Ds%2BYql9Z%2FZEyjfIpCqQaJuargvtFeSJZmYTxCTkxW%2FB70gLnXMX%2FZUpKG0dzBV50G9kPbGqwB7scHURiRyxULre7QP3g9qLWo%2FMiUZsmLBkMljNWi8MLDgCTTfT9xGY7mwlFUtgHRsZp7sXEQZ%2BQZi8eNiVko7fJIs0oM5pc3MpyYs3syGFh7ZCfjR0bpHNpq70a36bHjc7Ci42qwK2hICFljYxJNd%2B5LHDzjsMA54z%2BPIs2cvXuFXuauXM7nAb%2F3ZiIemabhNVzsAf8fXXu5lSGvMJwNOLB2WEUrIi%2Bjz01xzE4hewwyMN35z06CPJrPxnq1wowCaa%2Bup8cWSglqiRHacqbdpHfTkGnBNg4Pt7A5vJt60vzIML2qtxYWMp1j7YYedBxV0SVduNbY7Vq16r90hc9IPMW910Jp17txjhwEP%2FZK%2B1MmSZO54bnXQeLwLjnKu672wtIQcSPMmB6HV9lwZyH0XJebLA3IKsgpDfJ4kSLknuC8wmagjBXeM7OAzmdWKLrsON7Rx0eNoxNDPbfbd4ioDHv2FD8cJ%2BV8gU0%2F2UwVmmU4jSYj5k5S4bAuUcwZb8%2BmeZBmix4mUDAyDCwq%2BdJ5zPgOzSMaBCvs2PcMNkHbuMLqWVXhgPaTxHROknHOuDF86jlEfqtx1tBFtDpdvjK3r4%2FL0%2BRVJKAcGAXzjdPPHNoWi2ICUzIn71hp1crrwa%2FBCp9GWXTBvxs0iuqCSdwqAKXHXmC2jYIGOfxDJ8%2FCNF1cfiaZchMHPPbEi7jCxm7dArWVGFvNHcbRlHhNsZEjNM%2FDnKxejkicjS%2FXmhXhDTEfp%2BT5XTDi0%2BpyNAiJ7%2F0XpllAX0FM3pgbOqYAbrboBtelhXRZcdHpWNo3jKZ0ygzUATW3Y7UL6VY%2FjQ3M%2FcTmeWNeJiSNQ%2FJSA98LbdzqwTonYWGawOpwDqGfNEeZtDSNFUa1A%2FYr07nlw1X7jVjjMjPvV4ucxy7nOlS9FeJX4DDIp5JtbNfSqcwMzpRKMLAcV4QbeJQ78fOer6BByYaF0zIHRmFv9RsEO7kwjAqg1i7c6ABUbi%2FMiBc%2BGCQke97uEY4i3sAJlzlc1EowunwP%2Fjwj3PI9dr8V%2BPvXbw9P6%2FpN4wXa7Q%2Fug8D8HQATwojOLdtmwM1gowFL224%2BUwRBdqHqccqN6xQHV%2FOAeuPyANckJas1Wz7%2BbXpLnL5OOCmnym%2FSM8M67cX4PQJMw3CTRT619tOfT4%2FrTKdRPGWK847me5QsjctRUXpxAYnCcJ5EWPm6c2pFc3le7HrNC%2F9CgRRZulDH2%2F0MU5Cs3TY%2F%2Bfn55%2F%2BkFZzb&use-server-side-rendering=1&pcode-icookie=JPys%2B5rHIq%2BVYOSZpzg%2BMVHSc2DsCsXbTWltzyl%2Bl6ELGaOHg6a0Uaklq4o1HvDzI6FCIBTO81x%2F0ZD%2B1UU3ge690V4%3D&top-ancestor=https%3A%2F%2Fwww.tumen.kp.ru&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxNDh9ChqjpqjkJu6BYKCO8DD3bz8cGs9jHE5mc8yh7XASjuGaP5OZ5txDYsPfzof2cbbn2GYcOxQb3tBsS_vNcilALwX0BtpWBVWRVCqVv0v4-G14Ll-JCBKEFCkNKqiKag6hhcpQHyrlJrkxjHIIUQ4zVIe6UDWgfSDkplC7SJHkBTeEmjBu2LHmkHxALucqOVWoywubNH-qMM4Lk26RVIZkiyxlBlIOoS9o9aJZsAVQI4d1HuIFuBCKnPY8ki18oV6KufYMKlCF0dCBbfOyxMqfwbb6GQUrgy0QUiyHcPJyORCJFgFVBggtjCyFJB-7mRkpLx87p4WLl8_MZkbKyYvbus0n1GzgY-Y0WzKThZkTTFEuTnpuJGwMZjZGJtHMzchk5mQygykagkAUGwlEJVcaC-cQkHKqvGghLICLdsH0A90cKuQ0hyUKtQuoLlQPXPHSg0YOMy_gWrlxUcRDgeX26KIFHMRlH-0yPJbDC6NBR370A8F4IQl5uVUM6mVuvNCKRIZT1XC8SBgHkmG8KNVn9dJy6SEHwkLTtHDqDuf2XmRYOHxFS0s4i2Lop1-QlCLDtKhZeeZTNk0WCs1y8kVBLSLZM8UQW8D8ZepAa8ruRFMo3_YhkOVhWU01nTg7i8LCokLSJMXCiQARIxIueh9hQQ-hiBBVvQpZ9S5y0uUxPAh1_iNn5ELAy8fFhlgSHDmd2czIlLmRWujpwRSl57Yzc-DkZ6G3W8HKnMxIETOiEOUNAfnKhskn1MhIcm7xw2FjRcTGwMpvF8wcaC2oOfOixcZFB5IgQrs1swDZggUlguWPYrtLtnwp-YQszuEAxFLPSDB42OjZQWW3LDyQXubwtq8vby9BALdkOf2Kpl4dMhF6VbHqBB0todDITQ55hSJdmbFDvqGGBjnsoBacdQNYb4U4YzTFZFU0UcQhDIBe6utC0pBMTuWI_5Qm-o27zpgObfzvI3_lYOyAYxoHPYOUorYjOOJHbMPprnLAcOgPtjSPPROejI7IGIpLbHFWlev6DNNgd3_vkDsYC5d2-JfTOmrHOrqNIc6oC5jApdwzjpuZmKoD737QLIXHeYw_ig7IumjwJsIp14nqTtIL0kNN9FdP5SDPJzq0L9D9hFM5Igzdnuvozt2Y_4Q1D7_OkhrivP6lImmodtCaSXKTfRk7BW90VHLQ_h43PeeoDkE-i5yRAcTqs_6UdJLej9rnVzvdCCOHPIMwB_3Xcjq8XBqCGnESsk1zVpRzOqE45B3yVgvZGNTgy_m2-c9ADd4hRTUva2Oeqb6WsSOSo9yuK9a2eNw_gGT4Oo9C0pfOz0nxizPDR4MMMcdyDNg51oUAEWCEgfuhzCDAbUUisAziAoUHJE6Ez73AriOWE3YBCe5ttowCPSrQGP6fJK0vPnoGC5M7vPyZh5EVLb0HSoPIPAwBYo9HgkEgc4HEhgoJ6sfcWHY-iIafm5sbicWSnN_P0ebJ2spzum4yksg4JqZHfk4QIOVCxoHcLpA50DGhQ8AjymvjB4YJtsC9TbQx0zMI0LPasWUWzFyY0KMqJxYYXlhTAw8Pk4UQ4ztxB1bmZqYDg5ld1Dv5i10H7pwD_F2iaQvPGedQ1kAFNgSE3SpotTrj3WdKx1gn_9pdiPcW3bkD_LigGfsVSz1xzGe31syp2TCvPROVDnnGjBYlRkx2GzZnbAfU3ceGWePTn8xJp6FuUe9NllN_UYb8EjaJ5VhdCcHBHXIly79qOEVFoSc6kRmKI7MCFb4ZaMhlUahCrbM0aVjYrT6oIgALhyBCs92W2enB4MBi9kQ-diuvFKRcwS2eiGszM9CZmViW_iwMPKAwon096ftl5C-vn5FzCLiFKNlcyQXIXlYH3E-Q-SHO1IP1PMVQI5LlcIfX3OE4v56j32TNoJph8aumbHbWCee0tWd7L8qqE1k8_3LqILfRsJwqbpNuRBdODbMQN1ozMjPR4bQtUXBhREEPn839wAlJwFtNtmY2jGixoEQjKkkCrMgtgogRLVds6NFhQPTwO2_k7kNGh3HkynuNsc9NM2_r0_5FOpusHG6bhKdILFwklwE0xC5ZFNVx25YaDwI6VOhEeb_FfcCtOrS4tG_dECbEjIjY05cljLj6jplOuWXd_VHNW9EGrVPM8Lm3bUcS_yKW01Kn_9OIB46lZT5_PcGpOg530z-cvwW3jOc_6Ja442Q8Dsw_i5Ryall1Et9jbJmLByPo9KAvtfTL95dOQmO-W14RUUNjv6g3q6UMHyKrhx0jaKChQSR-9Ug__HxzWX-iqc1jClZ_m_8b0YlXVk0U3oVDv_Deoc5-FKweB0QOT04zPrNJ0jC_Zckp78k7ummI8Q8jIrpQuTEgRI4Q9e3q5hjCq3cZNrlH-inj1fv0hJXP27BXXdX5L664XaJO96H28T2GkRz28J_l1MOlnHKKb6iimS7PgKjpslUsonAqd6LzqQfAr-oJiaaufdr3QdMh8gOQopXXQzgbm1K-aEolHm0rnzoaYor4f7ZUr59iN1a2eUo7c9w0VKSK-hPir-lUmOJkEbBYnzswT6lHE7XixzdqKYTrF-oyv2CT0iipjeLHvoeuGh8IjXxBRUGZ2GN6rNBPbUyIhVumANmTnEpk4itJr1xzujWvKFgPqAv6UTQqDfptbeW_8OiIVXfqynzeNBX1tK4dVdQuSz6elSpfzW14dusIXj_WnCK6qtwxGf6XjesCIXbhuNfpPfs4NxBbb_kQoG5FoqqPxcOg5nrZqeu7eVXSR6oDb64f9MCUVwuKG2rn7TCYupe6UtbBquwkvy8zpCJpraX615y2XhQAPQESFniB_23XBYOoT8FF1ftQR5kJf1Rppe7Wzm-dYD-zm7KDc_IH7fLT1aXsSIE1iKh6n3ZqIzk2sPL_6JA_bbdtr-Q_ZSyHOWMY6QNdYFefrNY1wh6PK3a9Qy6G9r5X3lR_fdLs7ZRDDPn7FIilZz4VZhmD00UwpFMuVNHI-wAawh9PK4BS9G4ot4pmEv_RS1rjdKTmbD6mpElFzDoUANd16MD7SUbxcrcnrIpcsn-QAnoKXvOXaUqzWMFFP40F4jC8OrkN0j8eG4lVGbr58L-a-9J71nF3IgWZStAmuzYp3ANlfNO-SeT67yYNXZf-JHG7NNJXzp6_17UucFc9gWqk_93AgBfJgMidX2xjcKof-PmIU_utSFc9mx59fKQQZ-z2p8A2d91QkL7qVj_PYi91gLo74z3ucSpGiG26QvV_ep0cXh8T0rsATW7J64-yMAP3sL-pyjtYkVUtoe4_-503NKXl0bTVpnuIu6rssbBsu65ROQ0Ab0qI9YfaL5F2vLhwMek8oI0NsPtNqltT0tkh-0eysK2VKOI2s7f-aeyHTd9SxoG4rPYgmzC7kBc667wH0dj5_8bfnzStILkFYyK-JDW3UHQPt_9FgbeVNsrGvn94XcDaNtAnx6XqD9Dr-UsjMDBJJhQRvNr457zAbJUpbv7DPCh4eDDJfnfcy25L3we-d5p9u_hqCV1ra1JXjpr6cqoz9bb-q_VMY7HDJVI22v1XDYwbcQ9xxesfXps1pA-wdad0_VgniGtvAbeZMYG2d9OorL3gRS8byEvLGwe6StxDTncjvVFLSNalS6B7MmqmVEyZvxdCm2BA4zwq8py4xnpLsK7aEscYI2Sdrcr8WEvrqnRzPWn-NW97MBF4A5hIn6Uk3UgkCwzPDF3nl4_avx-EURtPE5KjQx8QDrTWcHuEvdoif3NaRbSAq1tueQby_pzPoD6n6vI18B7IekA1ik1sEM8p-VsQJTk5ZYnsw7lTHkIEroVhn5SmstkPG8k1JQT7jXiHwD3vgawlizc2bqnYe_Nvt_MIq821u9zXmIJDvFD4odDf4SpdlAOuiZoObPFSFp5u4ndlVi8xFzlsXYA2-JyyB1nLlzj2Aj4St0eKTxyi96jnO7hH_1FNSjXOKA8Q-rtSlW95jjY6Rlteqp5Q1bdblUk0NocAG5eepXQ2e_jxe2GmaF_1ZWUoPmNMkg0R6axV_w6P0yke7jHj0dH1r4vyASG_4TIG3ScU8oeyuFyMvb0LTalZNASvfBterHxovUK3-TOumjqXnO7wqbFPak7nlW4VDXFMz2nqFaLPpOgtJe19RzfFr7i9pEpGMFm-nDZ5K2Trtal7KNeUdOIAQI2vdwfgQ92OwCkQaOpDBYOGrmoileyz4PO9X1tPQuBoU55J5YwUePnYbR45cS-0WHDCR4aNwY5z0XJzm7fFVn6ZzLFNSuUkASeOzIGZAyUr5iTuKWOzK0LI4CNnY8V0-QWltE6QKAqb2Zg5JbjEnjkxczCgYJNSRA9CwNgHLGgKZA4kQEeNCd1ZoQoebCuR5qw-nN-yukz2F79akdu0uw6b4u5ihD7bq3wjkPmUuIytrWi4fR1UdV5IWqOv9ghw4tEuU1z5coUQtTQ-6gEVSVNrUBOCH7nfMMmGd5rg4lR23viSlizqqKMqUekHS7208Bh-NJKA51iigYCRieNIBLLY78TzI5jp_SnndSz3h4Wk7RSR3FILD8T6QLWh7aoyJCG7kzDcsknwo72uWPLFLVOpDzheWj3j1yT2tL9VaAkTa1SFHQcKnUqm6Iln7_lA9SFa__bWgNm6W3hessQ75TyOZ2JWpa_f-jfKxnxJ43ARTfu8VdD-2XjOJMxxSn8q13z8OEflnjZempKWQHqzA5ex1lEVu2HB9XRbRFJPQjyWOezE2A-9TijP-4Xb28i3CnoVSHgjeEjqpnQnEO2f8ofEEW7QyUTAqfy5OnvukVC_HVELcdPeX_rVqNEl9XsV1fcUoni81CZ_dm3nQj1h1McLaedpZKDSLxp2JPn1V55mcRdjX3x1y0-UgPtXH9xOFehXRvVIODH-Zd14lgp7mGehbdvGv2-Tv9JhXulMkuStFN4AgUeSGZLnD8qkX3_uNqCqGwOUhCi5obZFTRJIru1e_ewcGb7WeZhurZG1QOk8GGXLMZf-4-Y4bjx0rvLibb7dq7RVIvt9l_UfCkCrdxe31J7kLoKbqaNMmFaTXHyy90lLI9Cu5WoF&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

31edb5e9ba7232ba4c614d3356e7ac38e0620c97760cacd7c418cb1347e9e4bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1657329150029460-6617062843634322531-sas2-0259-2ea-sas-l7-balancer-8080-BAL-8848
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 09 Jul 2022 01:12:30 GMT
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 09 Jul 2022 01:12:30 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
216 B 29ms
29ms Ping
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 09 Jul 2022 01:12:29 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://www.tumen.kp.ru
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/232598/getBulk/ 15 KB
6 KB 429ms
428ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/232598/getBulk/v2?dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&date=2022-07-09T01%3A12%3A29.997%2B00%3A00&pd=9&pdh=1200&pdw=1600&pr1=1702081378&pr=1213804335&prr=&pv=1&pw=6&extid_loader=&extid_tag_loader=www.tumen.kp.ru&ylv=0.612099&ybv=0.612099&ytt=423863344300037&is-turbo=0&skip-token=&ad-session-id=9907131657329149716&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A1130%2C%22h%22%3A250%2C%22width%22%3A1130%2C%22height%22%3A250%2C%22visible%22%3A0%2C%22isBlackTheme%22%3Afalse%2C%22left%22%3A235%2C%22top%22%3A3760%2C%22fontFamily%22%3A%22ys%22%2C%22req_no%22%3A5%2C%22ad_no%22%3A1%7D&enable-flat-highlight=1&pcode-version=612099&available-width=1130&available-height=250&yaru=true&pp=g&p2=gvdq&ps=bxyd&puid1=adv-1657329149674-292&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&puid3=top%3Aregion&puid5=&slotNumber=6&bids=W3siYmlkZGVyTmFtZSI6ImNyaXRlbyIsImNhbXBhaWduX2lkIjo3MjI1NzMsInJlc3BvbnNlX3RpbWUiOjI5OCwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjE1MjY3OTgifSx7ImJpZGRlck5hbWUiOiJydGJob3VzZSIsImNhbXBhaWduX2lkIjo4NTM4NjksInJlc3BvbnNlX3RpbWUiOjg3LCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoiRDZ0UEcyWDF3OTM1S2tIaTlxb0gifSx7ImJpZGRlck5hbWUiOiJhZHJpdmVyIiwiY2FtcGFpZ25faWQiOjcyODI1NCwicmVzcG9uc2VfdGltZSI6MTkzLCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoiMjprcF84c2xvdCJ9LHsiYmlkZGVyTmFtZSI6Im15dGFyZ2V0IiwiY2FtcGFpZ25faWQiOjgxMDQwMiwicmVzcG9uc2VfdGltZSI6MjUzLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiODAzMDA3In0seyJiaWRkZXJOYW1lIjoiYmV0d2VlbmRpZ2l0YWwiLCJjYW1wYWlnbl9pZCI6ODEwMzQ0LCJyZXNwb25zZV90aW1lIjoxNDEsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIzOTI3ODU3In1d&utf8=%E2%9C%93&pcode-test-ids=612520%2C0%2C39%3B586085%2C0%2C8%3B597485%2C0%2C9%3B590118%2C0%2C23%3B598478%2C0%2C18%3B605344%2C0%2C41%3B610322%2C0%2C21%3B610874%2C0%2C85%3B612099%2C0%2C12&pcode-flags-map=eJyVWNtu3DYQ%2FZVin4OCulCXvFESVyIskSpJ7XpTBIO09ZsRFI1TFAjy7x1K2rWktbm2HwysoHM4nOsZ%2Fdhp3nNm4dCxHjT%2FbeDGAttbrkFIrdp29%2FH3H7t%2Fvzx%2Bf9h93Fk98N2H3dPDtyfxF%2F6maRoHye7n5w%2B7AzMgOBirelC2QbxtmIRuaK24zZOlNLzmeTdY1FJpDp0whldQMcugZ5p1BvZKw0FUXOG1oFRdoVacD%2F%2F9vaLMSUzpxR42WFVzyTWzSNuz8s40ykI14AOh5IopWvPEhOQXHi5Z0XKQ%2FLgg4Qathk5VfMWjZHsC3vKOS2ugbEV558CvsM%2FMHbuHhou6sXhHafC%2BWsj63ZenURCOtKxt1XEKQ4%2F0I8fkS1uzGxwxocuYTOd3TNdC%2BpAJiYMo2rps6KvR951yDgfLRItGTL7zJkdCkmwRAc07deBQNkwbbmGvVQetkHd%2BjiCISbo1aS%2FuAX9asBpj6dxsLNN29E5v%2BFCp%2Bc6lxgITB25uHULp1b1L1veOujhBpY7yLaYmWehjQZdpdGQhrMvm95Dh9RzZgWuzTXpnfErX2DAmwdaQgzCiEK2wJ%2BhbdirQcVgJg0HjblgS0vCqjoTENmV4OaaEKgzXB9d2XDgWJ72VeJCYUwwrZowg6%2Fol8Omf7w8LWBxmUU4mmMFmZVy33GK2mb0AsQoM589Gr2Ffv%2Fzx%2BLBCRkmYTwnosq7Ds%2BYql9Z%2FZEyjfIpCqQaJuargvtFeSJZmYTxCTkxW%2FB70gLnXMX%2FZUpKG0dzBV50G9kPbGqwB7scHURiRyxULre7QP3g9qLWo%2FMiUZsmLBkMljNWi8MLDgCTTfT9xGY7mwlFUtgHRsZp7sXEQZ%2BQZi8eNiVko7fJIs0oM5pc3MpyYs3syGFh7ZCfjR0bpHNpq70a36bHjc7Ci42qwK2hICFljYxJNd%2B5LHDzjsMA54z%2BPIs2cvXuFXuauXM7nAb%2F3ZiIemabhNVzsAf8fXXu5lSGvMJwNOLB2WEUrIi%2Bjz01xzE4hewwyMN35z06CPJrPxnq1wowCaa%2Bup8cWSglqiRHacqbdpHfTkGnBNg4Pt7A5vJt60vzIML2qtxYWMp1j7YYedBxV0SVduNbY7Vq16r90hc9IPMW910Jp17txjhwEP%2FZK%2B1MmSZO54bnXQeLwLjnKu672wtIQcSPMmB6HV9lwZyH0XJebLA3IKsgpDfJ4kSLknuC8wmagjBXeM7OAzmdWKLrsON7Rx0eNoxNDPbfbd4ioDHv2FD8cJ%2BV8gU0%2F2UwVmmU4jSYj5k5S4bAuUcwZb8%2BmeZBmix4mUDAyDCwq%2BdJ5zPgOzSMaBCvs2PcMNkHbuMLqWVXhgPaTxHROknHOuDF86jlEfqtx1tBFtDpdvjK3r4%2FL0%2BRVJKAcGAXzjdPPHNoWi2ICUzIn71hp1crrwa%2FBCp9GWXTBvxs0iuqCSdwqAKXHXmC2jYIGOfxDJ8%2FCNF1cfiaZchMHPPbEi7jCxm7dArWVGFvNHcbRlHhNsZEjNM%2FDnKxejkicjS%2FXmhXhDTEfp%2BT5XTDi0%2BpyNAiJ7%2F0XpllAX0FM3pgbOqYAbrboBtelhXRZcdHpWNo3jKZ0ygzUATW3Y7UL6VY%2FjQ3M%2FcTmeWNeJiSNQ%2FJSA98LbdzqwTonYWGawOpwDqGfNEeZtDSNFUa1A%2FYr07nlw1X7jVjjMjPvV4ucxy7nOlS9FeJX4DDIp5JtbNfSqcwMzpRKMLAcV4QbeJQ78fOer6BByYaF0zIHRmFv9RsEO7kwjAqg1i7c6ABUbi%2FMiBc%2BGCQke97uEY4i3sAJlzlc1EowunwP%2Fjwj3PI9dr8V%2BPvXbw9P6%2FpN4wXa7Q%2Fug8D8HQATwojOLdtmwM1gowFL224%2BUwRBdqHqccqN6xQHV%2FOAeuPyANckJas1Wz7%2BbXpLnL5OOCmnym%2FSM8M67cX4PQJMw3CTRT619tOfT4%2FrTKdRPGWK847me5QsjctRUXpxAYnCcJ5EWPm6c2pFc3le7HrNC%2F9CgRRZulDH2%2F0MU5Cs3TY%2F%2Bfn55%2F%2BkFZzb&use-server-side-rendering=1&pcode-icookie=JPys%2B5rHIq%2BVYOSZpzg%2BMVHSc2DsCsXbTWltzyl%2Bl6ELGaOHg6a0Uaklq4o1HvDzI6FCIBTO81x%2F0ZD%2B1UU3ge690V4%3D&top-ancestor=https%3A%2F%2Fwww.tumen.kp.ru&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxNDh9ChqjpqjkJu6BYKCO8DD3bz8cGs9jHE5mc8yh7XASjuGaP5OZ5txDYsPfzof2cbbn2GYcOxQb3tBsS_vNcilALwX0BtpWBVWRVCqVv0v4-G14Ll-JCBKEFCkNKqiKag6hhcpQHyrlJrkxjHIIUQ4zVIe6UDWgfSDkplC7SJHkBTeEmjBu2LHmkHxALucqOVWoywubNH-qMM4Lk26RVIZkiyxlBlIOoS9o9aJZsAVQI4d1HuIFuBCKnPY8ki18oV6KufYMKlCF0dCBbfOyxMqfwbb6GQUrgy0QUiyHcPJyORCJFgFVBggtjCyFJB-7mRkpLx87p4WLl8_MZkbKyYvbus0n1GzgY-Y0WzKThZkTTFEuTnpuJGwMZjZGJtHMzchk5mQygykagkAUGwlEJVcaC-cQkHKqvGghLICLdsH0A90cKuQ0hyUKtQuoLlQPXPHSg0YOMy_gWrlxUcRDgeX26KIFHMRlH-0yPJbDC6NBR370A8F4IQl5uVUM6mVuvNCKRIZT1XC8SBgHkmG8KNVn9dJy6SEHwkLTtHDqDuf2XmRYOHxFS0s4i2Lop1-QlCLDtKhZeeZTNk0WCs1y8kVBLSLZM8UQW8D8ZepAa8ruRFMo3_YhkOVhWU01nTg7i8LCokLSJMXCiQARIxIueh9hQQ-hiBBVvQpZ9S5y0uUxPAh1_iNn5ELAy8fFhlgSHDmd2czIlLmRWujpwRSl57Yzc-DkZ6G3W8HKnMxIETOiEOUNAfnKhskn1MhIcm7xw2FjRcTGwMpvF8wcaC2oOfOixcZFB5IgQrs1swDZggUlguWPYrtLtnwp-YQszuEAxFLPSDB42OjZQWW3LDyQXubwtq8vby9BALdkOf2Kpl4dMhF6VbHqBB0todDITQ55hSJdmbFDvqGGBjnsoBacdQNYb4U4YzTFZFU0UcQhDIBe6utC0pBMTuWI_5Qm-o27zpgObfzvI3_lYOyAYxoHPYOUorYjOOJHbMPprnLAcOgPtjSPPROejI7IGIpLbHFWlev6DNNgd3_vkDsYC5d2-JfTOmrHOrqNIc6oC5jApdwzjpuZmKoD737QLIXHeYw_ig7IumjwJsIp14nqTtIL0kNN9FdP5SDPJzq0L9D9hFM5Igzdnuvozt2Y_4Q1D7_OkhrivP6lImmodtCaSXKTfRk7BW90VHLQ_h43PeeoDkE-i5yRAcTqs_6UdJLej9rnVzvdCCOHPIMwB_3Xcjq8XBqCGnESsk1zVpRzOqE45B3yVgvZGNTgy_m2-c9ADd4hRTUva2Oeqb6WsSOSo9yuK9a2eNw_gGT4Oo9C0pfOz0nxizPDR4MMMcdyDNg51oUAEWCEgfuhzCDAbUUisAziAoUHJE6Ez73AriOWE3YBCe5ttowCPSrQGP6fJK0vPnoGC5M7vPyZh5EVLb0HSoPIPAwBYo9HgkEgc4HEhgoJ6sfcWHY-iIafm5sbicWSnN_P0ebJ2spzum4yksg4JqZHfk4QIOVCxoHcLpA50DGhQ8AjymvjB4YJtsC9TbQx0zMI0LPasWUWzFyY0KMqJxYYXlhTAw8Pk4UQ4ztxB1bmZqYDg5ld1Dv5i10H7pwD_F2iaQvPGedQ1kAFNgSE3SpotTrj3WdKx1gn_9pdiPcW3bkD_LigGfsVSz1xzGe31syp2TCvPROVDnnGjBYlRkx2GzZnbAfU3ceGWePTn8xJp6FuUe9NllN_UYb8EjaJ5VhdCcHBHXIly79qOEVFoSc6kRmKI7MCFb4ZaMhlUahCrbM0aVjYrT6oIgALhyBCs92W2enB4MBi9kQ-diuvFKRcwS2eiGszM9CZmViW_iwMPKAwon096ftl5C-vn5FzCLiFKNlcyQXIXlYH3E-Q-SHO1IP1PMVQI5LlcIfX3OE4v56j32TNoJph8aumbHbWCee0tWd7L8qqE1k8_3LqILfRsJwqbpNuRBdODbMQN1ozMjPR4bQtUXBhREEPn839wAlJwFtNtmY2jGixoEQjKkkCrMgtgogRLVds6NFhQPTwO2_k7kNGh3HkynuNsc9NM2_r0_5FOpusHG6bhKdILFwklwE0xC5ZFNVx25YaDwI6VOhEeb_FfcCtOrS4tG_dECbEjIjY05cljLj6jplOuWXd_VHNW9EGrVPM8Lm3bUcS_yKW01Kn_9OIB46lZT5_PcGpOg530z-cvwW3jOc_6Ja442Q8Dsw_i5Ryall1Et9jbJmLByPo9KAvtfTL95dOQmO-W14RUUNjv6g3q6UMHyKrhx0jaKChQSR-9Ug__HxzWX-iqc1jClZ_m_8b0YlXVk0U3oVDv_Deoc5-FKweB0QOT04zPrNJ0jC_Zckp78k7ummI8Q8jIrpQuTEgRI4Q9e3q5hjCq3cZNrlH-inj1fv0hJXP27BXXdX5L664XaJO96H28T2GkRz28J_l1MOlnHKKb6iimS7PgKjpslUsonAqd6LzqQfAr-oJiaaufdr3QdMh8gOQopXXQzgbm1K-aEolHm0rnzoaYor4f7ZUr59iN1a2eUo7c9w0VKSK-hPir-lUmOJkEbBYnzswT6lHE7XixzdqKYTrF-oyv2CT0iipjeLHvoeuGh8IjXxBRUGZ2GN6rNBPbUyIhVumANmTnEpk4itJr1xzujWvKFgPqAv6UTQqDfptbeW_8OiIVXfqynzeNBX1tK4dVdQuSz6elSpfzW14dusIXj_WnCK6qtwxGf6XjesCIXbhuNfpPfs4NxBbb_kQoG5FoqqPxcOg5nrZqeu7eVXSR6oDb64f9MCUVwuKG2rn7TCYupe6UtbBquwkvy8zpCJpraX615y2XhQAPQESFniB_23XBYOoT8FF1ftQR5kJf1Rppe7Wzm-dYD-zm7KDc_IH7fLT1aXsSIE1iKh6n3ZqIzk2sPL_6JA_bbdtr-Q_ZSyHOWMY6QNdYFefrNY1wh6PK3a9Qy6G9r5X3lR_fdLs7ZRDDPn7FIilZz4VZhmD00UwpFMuVNHI-wAawh9PK4BS9G4ot4pmEv_RS1rjdKTmbD6mpElFzDoUANd16MD7SUbxcrcnrIpcsn-QAnoKXvOXaUqzWMFFP40F4jC8OrkN0j8eG4lVGbr58L-a-9J71nF3IgWZStAmuzYp3ANlfNO-SeT67yYNXZf-JHG7NNJXzp6_17UucFc9gWqk_93AgBfJgMidX2xjcKof-PmIU_utSFc9mx59fKQQZ-z2p8A2d91QkL7qVj_PYi91gLo74z3ucSpGiG26QvV_ep0cXh8T0rsATW7J64-yMAP3sL-pyjtYkVUtoe4_-503NKXl0bTVpnuIu6rssbBsu65ROQ0Ab0qI9YfaL5F2vLhwMek8oI0NsPtNqltT0tkh-0eysK2VKOI2s7f-aeyHTd9SxoG4rPYgmzC7kBc667wH0dj5_8bfnzStILkFYyK-JDW3UHQPt_9FgbeVNsrGvn94XcDaNtAnx6XqD9Dr-UsjMDBJJhQRvNr457zAbJUpbv7DPCh4eDDJfnfcy25L3we-d5p9u_hqCV1ra1JXjpr6cqoz9bb-q_VMY7HDJVI22v1XDYwbcQ9xxesfXps1pA-wdad0_VgniGtvAbeZMYG2d9OorL3gRS8byEvLGwe6StxDTncjvVFLSNalS6B7MmqmVEyZvxdCm2BA4zwq8py4xnpLsK7aEscYI2Sdrcr8WEvrqnRzPWn-NW97MBF4A5hIn6Uk3UgkCwzPDF3nl4_avx-EURtPE5KjQx8QDrTWcHuEvdoif3NaRbSAq1tueQby_pzPoD6n6vI18B7IekA1ik1sEM8p-VsQJTk5ZYnsw7lTHkIEroVhn5SmstkPG8k1JQT7jXiHwD3vgawlizc2bqnYe_Nvt_MIq821u9zXmIJDvFD4odDf4SpdlAOuiZoObPFSFp5u4ndlVi8xFzlsXYA2-JyyB1nLlzj2Aj4St0eKTxyi96jnO7hH_1FNSjXOKA8Q-rtSlW95jjY6Rlteqp5Q1bdblUk0NocAG5eepXQ2e_jxe2GmaF_1ZWUoPmNMkg0R6axV_w6P0yke7jHj0dH1r4vyASG_4TIG3ScU8oeyuFyMvb0LTalZNASvfBterHxovUK3-TOumjqXnO7wqbFPak7nlW4VDXFMz2nqFaLPpOgtJe19RzfFr7i9pEpGMFm-nDZ5K2Trtal7KNeUdOIAQI2vdwfgQ92OwCkQaOpDBYOGrmoileyz4PO9X1tPQuBoU55J5YwUePnYbR45cS-0WHDCR4aNwY5z0XJzm7fFVn6ZzLFNSuUkASeOzIGZAyUr5iTuKWOzK0LI4CNnY8V0-QWltE6QKAqb2Zg5JbjEnjkxczCgYJNSRA9CwNgHLGgKZA4kQEeNCd1ZoQoebCuR5qw-nN-yukz2F79akdu0uw6b4u5ihD7bq3wjkPmUuIytrWi4fR1UdV5IWqOv9ghw4tEuU1z5coUQtTQ-6gEVSVNrUBOCH7nfMMmGd5rg4lR23viSlizqqKMqUekHS7208Bh-NJKA51iigYCRieNIBLLY78TzI5jp_SnndSz3h4Wk7RSR3FILD8T6QLWh7aoyJCG7kzDcsknwo72uWPLFLVOpDzheWj3j1yT2tL9VaAkTa1SFHQcKnUqm6Iln7_lA9SFa__bWgNm6W3hessQ75TyOZ2JWpa_f-jfKxnxJ43ARTfu8VdD-2XjOJMxxSn8q13z8OEflnjZempKWQHqzA5ex1lEVu2HB9XRbRFJPQjyWOezE2A-9TijP-4Xb28i3CnoVSHgjeEjqpnQnEO2f8ofEEW7QyUTAqfy5OnvukVC_HVELcdPeX_rVqNEl9XsV1fcUoni81CZ_dm3nQj1h1McLaedpZKDSLxp2JPn1V55mcRdjX3x1y0-UgPtXH9xOFehXRvVIODH-Zd14lgp7mGehbdvGv2-Tv9JhXulMkuStFN4AgUeSGZLnD8qkX3_uNqCqGwOUhCi5obZFTRJIru1e_ewcGb7WeZhurZG1QOk8GGXLMZf-4-Y4bjx0rvLibb7dq7RVIvt9l_UfCkCrdxe31J7kLoKbqaNMmFaTXHyy90lLI9Cu5WoF&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

f5b400e99a4f5d5f1a01f3a0e464688b113ebeb1fb1d0ab31ea5296d17edf915

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1657329150069625-11178789072339041014-sas2-0259-2ea-sas-l7-balancer-8080-BAL-37
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 09 Jul 2022 01:12:30 GMT
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 09 Jul 2022 01:12:30 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 87CE 81 KB
28 KB 134ms
43ms Script
text/javascript 2a00:1450:4014:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/612099/d7c474c5d65c443d9f38.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80b::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b17537efc6d2e52bf67b12efa95f3caa98f09864165364a9d42689baf850a1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28092
x-xss-protection: 0
server: sffe
etag: "1268 / 468 of 1000 / last-modified: 1657318025"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 09 Jul 2022 01:12:30 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
66 B 73ms
73ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=e0cac2ecd5986117&pm=bmo&pxo=u6E8rQr4M6l-xLyNVUlu-GORBRK20Xh_NHspCfrtbqJ-Q-1mFGVB4_kNAe_6yrsN47LIOutjmMJ8cQ2c9M1eUWylPKnT2MeSM2p4iyEPcWDJw8xLqvOmRDaWGvrOE62pfp-n_I51NURLO6PUhU_Wiixjf0xmtXVSMQybkZALS3oV2Jm6YTBq&p5=gwdbk&ad-session-id=9907131657329149716&utg=oxum&lts=fjmtaiv&ytt=423863344300037&ybv=0.612099&ylv=0.612099&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3F&rtb-si=b&p2=gftf&rand=gjxcsug&sj=3oTuC4sY24bWeBMnit1ZzFwD7hG8vpqjol3638DF29KaWMcCht6_runR2YdKow%3D%3D&puid1=adv-1657329149666-335&pr=dyeeiod&p1=cdinl&rqs=_cF1AbUMuD_91chigvQ6wTWjVhnRAvzX

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:30 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Jul 2022 01:12:30 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 cfg Show response
data.24smi.net/ 427 B
442 B 79ms
70ms Script
text/javascript 2606:4700:10::ac43:581
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://data.24smi.net/cfg?object=19594&ver=35&pio=true&pps=true&callback=__smiCb1657329150069

Requested by

Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:581 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5877bb05114c0c0ee2bc94dcf42f5d2158179976710c0300336483031ad245b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:30 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: text/javascript; charset=utf-8
cache-control: no-store
cf-ray: 727d31140c4e9162-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 8278.js Show response
jsn.24smi.net/b/5/19594/ 15 KB
6 KB 27ms
26ms Script
application/javascript 2606:4700:10::ac43:581
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsn.24smi.net/b/5/19594/8278.js?t=1653556517

Requested by

Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:581 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed0311bbb29e7a582a420448e4b37867de3e5a27d7a3fdac5e94bb2acc78243c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:30 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 468
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 08 Jul 2022 22:44:47 GMT
server: cloudflare
etag: W/"62c8b35f-3b68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 727d31148c919162-FRA
expires: Sat, 09 Jul 2022 02:04:42 GMT

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
1 KB 79ms
29ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

55d2ab860a7100b201e762c2046bc65a5d16236a0263dee3e95c711be581b345

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 09 Jul 2022 00:59:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 09 Jul 2022 01:12:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Jul 2022 01:12:30 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
684 B 79ms
29ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Ubuntu:wght@400;500;700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eb96791feca1695290fc96c5209a0bb2476680ecec0aa02076373024c28e183a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 09 Jul 2022 00:59:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 09 Jul 2022 01:12:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Jul 2022 01:12:30 GMT

GET
H3 200 informer Show response
data.24smi.net/ 3 KB
1 KB 68ms
67ms Script
text/javascript 2606:4700:10::ac43:581
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://data.24smi.net/informer?psw=1600&psh=1200&pow=1600&poh=1200&pdpr=1&pdt=1657329150&ptz=0&pl=en-US&object=19594&template_id=8278&num=4&ref=&output=json&chash=r8N0FClrUE&extids=&page=https%3A%2F%2Fwww.tumen.kp.ru%2F&callback=__smiCb1657329150070

Requested by

Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:581 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b1f017ca5f9e48c3a36caf89af569e0cadb31c6b9c5dc460a95ce7bfaf02943

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:30 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store
access-control-allow-credentials: true
cf-ray: 727d3114cc249bb9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 pubads_impl_2022063001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 87CE 374 KB
128 KB 68ms
21ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js?cb=31068337

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

c84615457f9332569ff8501c382a395ef9fe116a9add5034b4ebc62c9bceeb3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 22:15:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10592
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130816
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 08:35:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 08 Jul 2023 22:15:58 GMT

GET
H2 200 text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ 25 KB
26 KB 59ms
59ms Font
font/woff2 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.tumen.kp.ru/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:30 GMT
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 26004
x-nginx-request-id: 2bf39b33d0e840e1
x-amz-meta-owner: {"role":"admin","login":"4eb0da"}
last-modified: Mon, 25 Apr 2022 14:02:39 GMT
server: nginx/1.17.9
etag: "7f0cdaf91230f9789ca4162aedff612e"
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31556952
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Jul 2023 06:57:12 GMT

POST
H2 200 trace Show response
yandex.ru/ads/ 0
486 B 225ms
74ms XHR
text/plain 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/trace

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1657329150498344-13069828781823187216-vla1-4679-vla-l7-balancer-8080-BAL-288
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 158 KB
56 KB 275ms
131ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

8d87c18fcb70f9b1d23c94aedc506cb6cc2640c5aebb25ca6e8e64b0cd997553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.tumen.kp.ru/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:30 GMT
content-encoding: br
last-modified: Fri, 08 Jul 2022 09:23:14 GMT
etag: "62c7cd52-dd8a"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 56714
expires: Sat, 09 Jul 2022 02:12:30 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
10 KB 98ms
50ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 19:36:30 GMT
x-content-type-options: nosniff
age: 365760
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9644
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Jul 2023 19:36:30 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 68ms
20ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 08:45:42 GMT
x-content-type-options: nosniff
age: 318408
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Jul 2023 08:45:42 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 62ms
27ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 12:56:05 GMT
x-content-type-options: nosniff
age: 389785
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Jul 2023 12:56:05 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 10 KB
10 KB 74ms
42ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 12:55:48 GMT
x-content-type-options: nosniff
age: 389802
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9840
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Jul 2023 12:55:48 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
9 KB 53ms
46ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 18:17:14 GMT
x-content-type-options: nosniff
age: 370516
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9628
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Jul 2023 18:17:14 GMT

GET
H2 200 wx1080
avatars.mds.yandex.net/get-direct/5276122/O32SDlrtt6yNSBtkNxRzWA/ 42 KB
43 KB 291ms
140ms Image
image/webp 2a02:6b8::184
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/5276122/O32SDlrtt6yNSBtkNxRzWA/wx1080
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: 6f6f01dec125d70d84a9826b928c8347d3f8549e02ddbdee1b1848990f535d5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:30 GMT
last-modified: Fri, 01 Jul 2022 10:28:05 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 43172
x-request-id: 2ab8cb3218d06554

GET
H2 200 render.html Show response
yastatic.net/safeframe-bundles/0.83/1-1-0/ Frame B1E0 24 KB
7 KB 181ms
65ms Document
text/html 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/host.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
content-length: 6262
content-type: text/html
date: Sat, 09 Jul 2022 01:12:30 GMT
etag: "eb77de48712912aadc9aa8171ac75ede"
expires: Mon, 08 Jul 2052 07:48:15 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
server: nginx/1.17.9
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 1AC0 81 KB
27 KB 112ms
43ms Script
text/javascript 2a00:1450:4014:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/612099/d7c474c5d65c443d9f38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80b::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f7d4a77e29961071a337cc5073d127fc328e2ea23fca15e9894838d72cc6822

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28091
x-xss-protection: 0
server: sffe
etag: "1268 / 880 of 1000 / last-modified: 1657317992"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 09 Jul 2022 01:12:30 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
18 B 89ms
89ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=1906a8c8f1de51db&pm=bmo&pxo=kUf75oU_EVBH5rmgHHSLHVXBym_btnoZPjmSEbG6mu1Mq6SXs7XtIohdQht5SeRv2IO6pfqHncLFfb-LgLWgXX0ysWjgJMkKVl4J1m3iVed9gaBJQKQ60vH-NP-L2nDH3L3jh0jpUv8sjqcvYcR6s8R3CkI7SOwkpk0e7TliJWcGe2AY&p5=gwefg&ad-session-id=9907131657329149716&utg=oxum&lts=fjmtaiw&ytt=423863344300037&ybv=0.612099&ylv=0.612099&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&rqs=_cF1AbUMuD_-1chi5mQ9yMl6NCilaKjY&pr=dyeeiod&puid3=top%3Aregion&rtb-si=b&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&p2=fxjd&rand=btylkss&sj=rvoRlEWYiI8yQzP-VbBhSBghKB9Ow_NPcKEWZjN5FOy6boVekbpMpA2WAl3tdg%3D%3D&puid1=adv-1657329149670-14&p1=cavko

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:30 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Jul 2022 01:12:30 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H3 200 css2
fonts.googleapis.com/ 9 KB
740 B 75ms
30ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Alegreya:wght@400;700;800&family=Roboto:wght@500&display=swap

Requested by

Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/612099/3f2865e0d5f2d3b6288d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b9626a32ba37b0590508877b518afb8e18c1623278119b425ba2e3d14d39c4fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 09 Jul 2022 01:12:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 09 Jul 2022 01:12:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Jul 2022 01:12:30 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
18 B 87ms
86ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=38353060e73a1a77&pm=cyz&p5=ljjmt&ad-session-id=9907131657329149716&lts=fjmtaiw&ytt=423863344300037&ybv=0.612099&ylv=0.612099&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&rqs=_cF1AbUMuD_-1chikKVaHz3eYtjsl-Wh&pr=dyeeiod&puid3=top%3Aregion&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&p2=gvdq&rand=etsjdqn&sj=1-AGldmrvhClGGrCjce5TsgzOnacyLrY98C_H-KXOKjAN4uHv2OTHsh1qWBCDw%3D%3D&puid1=adv-1657329149674-292&p1=clerf

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:30 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Jul 2022 01:12:30 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 5191335_5.5a1c10449bf6ba3fb79322a26dc59f6f.jpg
banners.adfox.ru/220701/adfox/1877475/ 66 KB
67 KB 290ms
61ms Image
image/jpeg 2a02:6b8::2:158
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banners.adfox.ru/220701/adfox/1877475/5191335_5.5a1c10449bf6ba3fb79322a26dc59f6f.jpg
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::2:158 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: a81ae4dd7742b736f41e6e382827ab3672728b6f7f529ad5c72d6d6e79861484

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:30 GMT
last-modified: Fri, 01 Jul 2022 12:23:23 GMT
server: nginx
x-amz-request-id: f6786d7ca8f591e2
etag: "5a1c10449bf6ba3fb79322a26dc59f6f"
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
x-amz-version-id: null
access-control-allow-origin: *
accept-ranges: bytes
content-type: image/jpeg
content-length: 67614
x-nginx-request-id: 563697f0c9bbf7c1

GET
H2 200 5191335_9.1366b90e36296da712c6488fa46b6f41.jpg
banners.adfox.ru/220419/adfox/1877475/ 26 KB
26 KB 447ms
218ms Image
image/jpeg 2a02:6b8::2:158
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banners.adfox.ru/220419/adfox/1877475/5191335_9.1366b90e36296da712c6488fa46b6f41.jpg
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::2:158 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: f76a521d8d893e573ee2def73e397a42f33f937aca5dcfeb77b2e001ea5a7ca6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:30 GMT
last-modified: Tue, 19 Apr 2022 13:08:29 GMT
server: nginx
x-amz-request-id: 2d406cbab41a5be6
etag: "1366b90e36296da712c6488fa46b6f41"
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
x-amz-version-id: null
access-control-allow-origin: *
accept-ranges: bytes
content-type: image/jpeg
content-length: 26361
x-nginx-request-id: 69056dd020e19c82

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 87CE 107 B
792 B 82ms
30ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.tumen.kp.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js?cb=31068337

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 01:12:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 87CE 107 B
549 B 79ms
28ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.tumen.kp.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js?cb=31068337

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 01:12:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 87CE 15 KB
8 KB 296ms
253ms XHR
text/plain 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3720049075959175&correlator=4073397638640768&eid=31068337%2C44761478%2C44768682%2C31061166%2C42531606%2C42531607%2C31061690&output=ldjh&gdfp_req=1&vrg=2022063001&ptt=17&impl=fifs&iu_parts=94805857%2Ckp.ru_4_small&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=1&adks=4130042211&sfv=1-0-38&ecs=20220709&fsapi=false&cust_params=kp.ru_4_small%3Dkp.ru_4_small_10&sc=1&cookie_enabled=1&cdm=www.tumen.kp.ru&abxe=1&dt=1657329150513&lmt=1657329150&dlt=1657329150043&idt=436&biw=1600&bih=1200&isw=160&ish=600&adxs=1410&adys=389&ucis=udmlhsr4q6sd&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&nhd=1&url=https%3A%2F%2Fwww.tumen.kp.ru%2F&top=https%3A%2F%2Fwww.tumen.kp.ru%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=160x600&msz=160x-1&fws=256&ohw=0&ea=0&ga_vid=530380292.1657329151&ga_sid=1657329151&ga_hid=1588720506&ga_fc=false&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js?cb=31068337

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

f754a4b355cd4b21311bdeeb776cdc7988cff142bcc885e7933e43f0cb2cb7af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8352
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 87CE 14 KB
11 KB 84ms
33ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022063001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js?cb=31068337

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

702fd591e4cc8bea70fa24228757823fc700b1e8c3dc061779af10a7b0574a12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 01:12:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10782
x-xss-protection: 0

GET
H2 200 container.html Show response
1c93cdb1133891517efd814bd17e41a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5EE1 6 KB
4 KB 113ms
28ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1c93cdb1133891517efd814bd17e41a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js?cb=31068337

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 01:12:30 GMT
expires: Sun, 09 Jul 2023 01:12:30 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 607912ce0bbdc533bd357dc99af092f34783fee7f24f7fc16ece184018a7441b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 1QzEWH3N0Hq200000000U9nJ_7kmb74hpmvxGnN6YSSj0ujDBVzTFP7400IUC95GQHzvozY-D0Q6L4QWUAOA8-i1a7Yf391Ncm0aMXb1P2T85WYO66OoQff3s0iPb-b0M2iPzJKWhBsCNfm234V1_BECp42HgumWhNSP6MGOcFuopc9YO9ZB119PodGAABsMwHUGV... Show response
yandex.ru/an/rtbcount/ 43 B
591 B 77ms
76ms XHR
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/rtbcount/1QzEWH3N0Hq200000000U9nJ_7kmb74hpmvxGnN6YSSj0ujDBVzTFP7400IUC95GQHzvozY-D0Q6L4QWUAOA8-i1a7Yf391Ncm0aMXb1P2T85WYO66OoQff3s0iPb-b0M2iPzJKWhBsCNfm234V1_BECp42HgumWhNSP6MGOcFuopc9YO9ZB119PodGAABsMwHUGVPRfFn0yPNe157d59B1YIRse2b3RkdVEpA6FMHd-CdK80nt2p0fKsiki22IdCeECcClC1B8SI2g0x6RPo2pIhjXrmBYsyoGppEzNmIhlWicVp0vE_61dpc9HY4zsCtHC2lKjTOdNDKpEo7Iko7KDIC_9zChCI8ytIN9Qo28T2b6yWcLbtWuMfWCiJ3TP8BxyOF-GvUmP47XZ_vO5vDS9hAqD9nhQDYGiOEKyoRhv2GTOtGNMXeO6bfkiVtws_0_xUJVvAol8dnri3ImJsFusN---CAtvZlqCjYk7WnUmxTxqy4tNYqz_rZEkP8EPVO3DumGRyoCsteW85oidLy-i2kVaHFENR31N_8Ip9h9VvLkvOQF5M_jPx6ncXaO6bfORs1iKTh0pdc0NUS3-yC3LavqltatC-i6-qBY1O-jx0m2JsgdR

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
last-modified: Sat, 09 Jul 2022 01:12:30 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sat, 09 Jul 2022 01:12:30 GMT

GET
H3 200 4UaBrEBBsBhlBjvfkSLlx6jx4w.woff2
fonts.gstatic.com/s/alegreya/v29/ 22 KB
22 KB 66ms
23ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/alegreya/v29/4UaBrEBBsBhlBjvfkSLlx6jx4w.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Alegreya:wght@400;700;800&family=Roboto:wght@500&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6db6653a65bc919f600c1e098b02145b5e62d137fbf99f84ad526692b65cc31c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:28:08 GMT
x-content-type-options: nosniff
age: 211462
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22952
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 18:46:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Jul 2023 14:28:08 GMT

GET
H3 200 4UaBrEBBsBhlBjvfkSLhx6g.woff2
fonts.gstatic.com/s/alegreya/v29/ 39 KB
39 KB 72ms
31ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/alegreya/v29/4UaBrEBBsBhlBjvfkSLhx6g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Alegreya:wght@400;700;800&family=Roboto:wght@500&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92f108fa97f63aa01d67c7c19599f9133ef0e60a11fba74ca137f5b699abd36b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 11:54:51 GMT
x-content-type-options: nosniff
age: 47859
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39860
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 18:47:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Jul 2023 11:54:51 GMT

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 8052 81 KB
27 KB 43ms
43ms Script
text/javascript 2a00:1450:4014:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/612099/d7c474c5d65c443d9f38.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80b::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d72e02e86cedb9eb4830a12ae6d968a9c8ffd04bf6c009812cd906d7a28e8275

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28093
x-xss-protection: 0
server: sffe
etag: "1268 / 451 of 1000 / last-modified: 1657318025"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 09 Jul 2022 01:12:30 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
18 B 80ms
79ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=ef8faee9992e591c&pm=bmo&pxo=OcQ4Zz8g8i8nTLHkrVxZ8c34oYI1XqHIsCN5-AMZQ-VdJARHxMMINwkrHXxUYck_nf8obbj2nvGfqcE5okGCQijmna9VKPJD6d8zR3Gvcf4Ny7dGwZ4MjFwsHFA7MqmUGOa8R1seMYpgEKchHWLj2kF6hG1SOpT4uDphAeZVJ3C96swfKw%3D%3D&p5=gwaok&ad-session-id=9907131657329149716&utg=oxum&lts=fjmtaiw&ytt=423863344300037&ybv=0.612099&ylv=0.612099&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&rqs=_cF1AbUMuD_-1chixi3UNaTLV7wU6gDl&pr=dyeeiod&puid3=top%3Aregion&rtb-si=b&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&p2=fbao&rand=kwwzwuc&sj=mjOp217J6Pq8o-qx8SNMs4sT5Km7CdO3300ymkEVvCUV8dfOziLt8PjwefQdkw%3D%3D&puid1=adv-1657329149673-55&p1=bufhv

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:30 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Jul 2022 01:12:30 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 87CE 17 KB
7 KB 143ms
92ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js?cb=31068337

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 09 Jul 2022 01:12:30 GMT

GET
H2 200 99982a0e5702313e25fbb91da96a1025.jpeg
img.24smi.net/100_100/9/9/ 5 KB
6 KB 38ms
28ms Image
image/jpeg 2606:4700:10::ac43:581
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.24smi.net/100_100/9/9/99982a0e5702313e25fbb91da96a1025.jpeg

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:581 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fbeab441887f45dbea5894f1482bd906ef326538f26365e52918da51228d80e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:30 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 148600
cf-polished: origSize=5741, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5581
last-modified: Thu, 07 Jul 2022 07:50:46 GMT
server: cloudflare
etag: W/"62c69056-163d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 03 May 2023 07:55:36 GMT
cache-control: max-age=25920000
accept-ranges: bytes
cf-ray: 727d3117ef0e9162-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 a6018e2ea72705b9b58dd52a5c5d3d0e.jpeg
img.24smi.net/100_100/a/6/ 5 KB
5 KB 39ms
30ms Image
image/jpeg 2606:4700:10::ac43:581
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.24smi.net/100_100/a/6/a6018e2ea72705b9b58dd52a5c5d3d0e.jpeg

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:581 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e919dd0fa02921fc140b802594793480730c79b596283a0c79b82e5950e532c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:30 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 401906
cf-polished: origSize=5574, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5395
last-modified: Mon, 04 Jul 2022 09:28:24 GMT
server: cloudflare
etag: W/"62c2b2b8-16912"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 30 Apr 2023 09:33:33 GMT
cache-control: max-age=25920000
accept-ranges: bytes
cf-ray: 727d3117ef0f9162-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 ffe5b2f81fddc1db815bb9cdef19a30c.jpeg
img.24smi.net/100_100/f/f/ 6 KB
6 KB 36ms
27ms Image
image/jpeg 2606:4700:10::ac43:581
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.24smi.net/100_100/f/f/ffe5b2f81fddc1db815bb9cdef19a30c.jpeg

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:581 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56031a061bbdb91a8f13fe33a74f98510f4862d2dfb267f9d255b44379e41939

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:30 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 46620
cf-polished: origSize=5936, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5796
last-modified: Fri, 08 Jul 2022 11:11:34 GMT
server: cloudflare
etag: W/"62c810e6-15f16"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 04 May 2023 12:15:30 GMT
cache-control: max-age=25920000
accept-ranges: bytes
cf-ray: 727d3117ef0d9162-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 90a1a65a281f64bedbea937de0808b45.jpeg
img.24smi.net/100_100/9/0/ 6 KB
6 KB 38ms
29ms Image
image/jpeg 2606:4700:10::ac43:581
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.24smi.net/100_100/9/0/90a1a65a281f64bedbea937de0808b45.jpeg

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:581 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81bc0211b96ef5fa8a1cc3167a140c990a0954b8cd0c0538cc9f721bf65f4bdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:30 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1000450
cf-polished: origSize=6266, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6131
last-modified: Mon, 27 Jun 2022 11:11:19 GMT
server: cloudflare
etag: W/"62b99057-1c461"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 23 Apr 2023 11:17:06 GMT
cache-control: max-age=25920000
accept-ranges: bytes
cf-ray: 727d3117ef109162-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 pubads_impl_2022063001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 1AC0 374 KB
128 KB 21ms
21ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

c84615457f9332569ff8501c382a395ef9fe116a9add5034b4ebc62c9bceeb3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 13:52:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40810
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130816
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 08:35:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 08 Jul 2023 13:52:20 GMT

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9693.K7RkhM4a-an70jbYTthIxKzQMLWaKrJNRVV8r4pCbxpOHwrF6-_i72LEFqYa5X8O.xUzG3grK6O4LqRTYOG8WiqP7aiA%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9693.WLPoiV12zUE0rcC1VY-NO7ZZfjcYgQCe9GWd-LjyYp5jBSU3YazHmvQpSxFGqtmpWFD2gH2nPsmOamt3fm5d8d3YL9jzGCXLbIfhxFYHiPg%2C.-7vgyBYILR83_sje7lG2igyLpxU%2C

43 B
354 B

76ms
75ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9693.WLPoiV12zUE0rcC1VY-NO7ZZfjcYgQCe9GWd-LjyYp5jBSU3YazHmvQpSxFGqtmpWFD2gH2nPsmOamt3fm5d8d3YL9jzGCXLbIfhxFYHiPg%2C.-7vgyBYILR83_sje7lG2igyLpxU%2C

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:31 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9693.WLPoiV12zUE0rcC1VY-NO7ZZfjcYgQCe9GWd-LjyYp5jBSU3YazHmvQpSxFGqtmpWFD2gH2nPsmOamt3fm5d8d3YL9jzGCXLbIfhxFYHiPg%2C.-7vgyBYILR83_sje7lG2igyLpxU%2C
date: Sat, 09 Jul 2022 01:12:31 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H/1.1 200
Ok d.png
ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/ Frame B1E0 95 B
400 B 211ms
68ms Image
image/png 2a02:6b8::5:114
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::5:114 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 09 Jul 2022 01:12:30 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=315360000; includeSubDomains
X-RT-IH: 0.0002
Content-Type: image/png
Cache-Control: private
Connection: close
X-RT-IQ: 0.0001
Content-Length: 95
Expires: Sun, 10 Jul 2022 01:12:30 GMT

GET
H3 200 pubads_impl_2022070601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 8052 373 KB
128 KB 21ms
21ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022070601.js?cb=31068338

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

d72b8eb9289bec0987d4af915f6cd81fc04863709b510aa7d98887d1cff60c49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 15:12:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35975
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130521
x-xss-protection: 0
last-modified: Wed, 06 Jul 2022 08:34:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 08 Jul 2023 15:12:55 GMT

GET
H3 200 container.html Show response
1c93cdb1133891517efd814bd17e41a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8F4C 6 KB
3 KB 62ms
20ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1c93cdb1133891517efd814bd17e41a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js?cb=31068337

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 01:12:30 GMT
expires: Sun, 09 Jul 2023 01:12:30 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 event
ads.adfox.ru/232598/ 0
18 B 71ms
70ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=ef289ff4d7fbc6ea&pm=bmu&pxo=u6E8rQr4M6l-xLyNVUlu-GORBRK20Xh_NHspCfrtbqJ-Q-1mFGVB4_kNAe_6yrsN47LIOutjmMJ8cQ2c9M1eUWylPKnT2MeSM2p4iyEPcWDJw8xLqvOmRDaWGvrOE62pfp-n_I51NURLO6PUhU_Wiixjf0xmtXVSMQybkZALS3oV2Jm6YTBq&p5=gwdbk&ad-session-id=9907131657329149716&utg=oxum&lts=fjmtaiv&ytt=423863344300037&ybv=0.612099&ylv=0.612099&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3F&rtb-si=b&p2=gftf&rand=bgthhvx&sj=3oTuC4sY24bWeBMnit1ZzFwD7hG8vpqjol3638DF29KaWMcCht6_runR2YdKow%3D%3D&puid1=adv-1657329149666-335&pr=dyeeiod&p1=cdinl&rqs=_cF1AbUMuD_91chigvQ6wTWjVhnRAvzX&resp-time=794

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:30 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Jul 2022 01:12:30 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 1AC0 107 B
122 B 75ms
29ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.tumen.kp.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 01:12:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 1AC0 107 B
122 B 70ms
28ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.tumen.kp.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 01:12:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads
securepubads.g.doubleclick.net/gampad/ Frame 1AC0 410 B
0 221ms
221ms XHR
text/plain 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2099432938358400&correlator=3920501397050103&eid=31068223%2C44761478%2C42531608%2C44764002&output=ldjh&gdfp_req=1&vrg=2022063001&ptt=17&impl=fifs&iu_parts=94805857%2Ckp.ru_5_new&enc_prev_ius=%2F0%2F1&prev_iu_szs=240x400&ifi=1&adks=56130060&sfv=1-0-38&ecs=20220709&fsapi=false&cust_params=kp.ru_5_new%3Dkp.ru_5_new_6&sc=1&cookie=ID%3D4cc059ab0a60a551-22b47cf0c8cd0079%3AT%3D1657329150%3AS%3DALNI_MYyYpOCXtZaVcdekU1QUNH17-kFWw&cdm=www.tumen.kp.ru&abxe=1&dt=1657329150888&lmt=1657329150&dlt=1657329150431&idt=417&biw=1600&bih=1200&isw=240&ish=400&adxs=215&adys=1249&ucis=o3dhmuhbh6y2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&nhd=1&url=https%3A%2F%2Fwww.tumen.kp.ru%2F&top=https%3A%2F%2Fwww.tumen.kp.ru%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=240x400&msz=240x-1&fws=256&ohw=0&ea=0&ga_vid=1766501541.1657329151&ga_sid=1657329151&ga_hid=233241755&ga_fc=false&btvi=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 224
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1AC0 13 KB
10 KB 75ms
34ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022063001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d61966ae65ba634443f06b11f63dfdf3d490aca0cfee2fbec6f9e44cc2c9e281

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 01:12:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10495
x-xss-protection: 0

GET
H2 200 container.html Show response
2ba128fbea317ed3d3b611d8744b68f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0507 6 KB
3 KB 75ms
29ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2ba128fbea317ed3d3b611d8744b68f6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 01:12:30 GMT
expires: Sun, 09 Jul 2023 01:12:30 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame ABC0 13 KB
5 KB 71ms
23ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 6309
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Jul 2022 23:27:21 GMT
expires: Sat, 08 Jul 2023 23:27:21 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 97BC 783 B
998 B 90ms
33ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6539c1eb3b9d3344dcc207c9a33273c604cf0c46535414fe35120f9e578048ba

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wVeqSn-2LOEuqyAaiKTaYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-wVeqSn-2LOEuqyAaiKTaYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 01:12:30 GMT
expires: Sat, 09 Jul 2022 01:12:30 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C3BB 624 B
976 B 87ms
33ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGO6p_M0BMAE&v=APEucNXdz6jxVhCIsD8FtilHVsnhSTJ6uDP8Q6qv7gUreMJKfyFTc_yzalZsFEsuoQJnLSeQ8OHEz8QSUph-Qc6tK9JXm3tVBjvOMUKh-Y_UXRdp2WIXU4jVLRR9zrxxSm56suxGP4YBXKdwdbaykuDpkf1ESQKz229mcqevC8kNMw_28GV3Qoo

Requested by

Host: 1c93cdb1133891517efd814bd17e41a7.safeframe.googlesyndication.com
URL: https://1c93cdb1133891517efd814bd17e41a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1c93cdb1133891517efd814bd17e41a7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 01:12:30 GMT
expires: Sat, 09 Jul 2022 01:12:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8F4C 83 KB
34 KB 125ms
73ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DkiSJGOi0PLVa3a2gypnqqmRPlfk_9maKvloXDNGpwempBNhimd4F9bYMhUbx2Rn7kEofJ67PIqCxqO2LnuXwwgVZAp_-1G-3FXCBn_3taTU33yl-2LM13jbGzh7tA6_JoZNXmGDSLyqEFypN_UEACZZS9Xg&dbm_d=AKAmf-AsjmtCs19Z5Q2CffB9LSfV2uRwZpKVpil0EPQj61MKUWOFNrCOS4IcTpk7MIJVft4_QX8YH9vROgwvRBgYfT0nn5asus0u8S3b4XY8mdVUrWshGM5K7k5OQvgqOMFw3khzuHfsTKe_qbSHW2SmqBGM0fRqhaV0vmdBR_rsJrv66nLG_F7_MEbFqgydN9vHp2R_A06l1CvyAVTl266FCEp6WxlTZ9BccNEMgUxd6tENbIDL_5tknukmzAx3zrg1wLc_V3IBy85n0uNkkirx7fVftgfJTJJkUOBuVG8NOVR5IgGH7PckmRlcLkSK8jhGCAhWIVG6BG37g35qHYwnHM9hBd4XFxM0T4ARpq-I1Mrn5XyNkd9R-1zZa7AVYSi9yMUE3Jz33BLNA0V4HnH6ISMJP7n616sJJGRb47n_KfBdhOGVSyI3tr_mre6xSJFLmdWNfzSN7ZhNGWR6NtMQzs5e26FyXEa3rSvvNsNVPyFz2b2lLSaWpluaULBTpZSY1l24AaPew9XknFc4Xn12ryCCYK5CqiKXa0CVMAVVdS5ZadLjXXtMG_vKk1V4uVuwhyqTpS8ZNKz7H5N28OAXNuS1UX5-TKWUR3shvAFxa2f28kenhtE-HjyGjjdhsXYsz5ElcwxC_euECAC2o4r_x6WJBKIxChKZ4UgM2ZipHCA2iio2IpPeLSjL9AAtljqIw_-rGSeAa6A1meITxrIRMCiRzrFYDI_OQ8kvUtwQGE1aE2qhyuERBrsQbIE07lAQYJLNFDKXjtLgnenNcFUafDvKjQlwclOMFWtkB0vRj0-dJracy_rynN2EeCsEKmyyyqa2IdUb6_Fz6NJN6APAxUIC8MLs663SFdOGOA5NJWGhO_accwr8eU-nBFaqz2pKCiil6VKpK6FSFkVFQr4uZzXljXf7BEGnXWGf4BPTlgQIlU5R6RGg1Td3xXIl53I7NJWBGG-hxntgH0YuSXtcigQKDnoq7GvrKaBxN30ZGxUF6oNuU-TYRnwaPVsR-ajyORvDw0_RzI31812ES20QhASoOmG_56fl92N_qcyXXFPyEQ7_HG2AaAtbLze1c0yz-pCLuy5vtoiFjFXQNTUbmkk5Q0Tn0rmYl7fzHBu91J0aCpdhlLYRyWmk7cAJJw2vRbrVx3KAKJ5wMvx9y-2aPF7fjIKApJ4ZKUOzguQkgHqg7_ErWr1YtWgpD1vOTepGr0XxrS9sQIgsbXrWwF-uW8idVstUMY9LHkshaV3t4SnUzyj19rxsGk7imM2IXiwoevjtWDW7aJSPdS0ODjm7nLtiBGPGCDf5335rrqYvqPkBuuw4BIPpzb_mnd-4JPh-xQAE10KlgOmf_3ELwASwBgQ_wUVbEAUsdCBcfLBjVKFoS0yyYqoIMVusa9eFlfUqxuk3LGYvI6Dsd2gYQem5oUdcpecMvsNmHJ8jIVrH-0IxoeuNskfQiMm-rfy3fzFGe9YjXOE5hF0C8SdUu3fo7kmbGIn4pu1YHwRc4dZH8gfqQKRLOYBkRg4RkXQz50BJ_pIPvctvS_3GdF_XgGAj7ST54xgDHDbDt3Im39GGbH76cqhLkAzaZym9wzW2VybrAkC_bjZiOMtxuISJ6Mrlr2y0awzpNcubpmoSkFBtnzkm5xlqbxvoMdAeVLEPC-qnRoXoSckteFmIQRdZ23qlrdRC4BU3dx_4YAUFBhibnhaOZOEQ3Bx4c8Am6DgiBtPigBWsPQChj28H0-vWR6qfn817bRcKTWVg_8jRHjRGjTyiXeXHdjTRvazuudc3wqZayjIsGxsWZ2Vwxh7SpBvyDAzzeMtvmD3oHb8ql38IWFJA51Br3R7JUtxgYhkj1kEB0u_Op8JY2Vj1nQaLMcNE_6wwMk45P13LM9DavW1flLzD1a5rUhFRkJcRzB7l0h_Q8VhnOlTkb1TfjRQWe9OKjZaz-5QNEhAyjiUiy9DeAURjUCgsx8Dv9bw4KRNeEdVzNbRPBccw6pIjT6p30D0-_obDmxe8fScQo0MSEC2O_wlPo85MNtVdnYcNwfNlLNc0tMDI9j3_CX7eXD0nDxDoFCtEvsAHweS_LuJ2lE-suyl5UXi4SfByqqdvy4cCyL6bt6BT2AY19yAeV55fp3Cp4nVqqmy8Km_poKVF8BSjEfjtO4UvYZOyFfzl0QSdqZo96fNYQ0cvudIPhLxtckjq0vkeIaYNcOX1ODIbNGpfCkXBxPhjsleHENcfaJMA9eylJHcPNDK2vox5ayvi5VSeMtQa6pqD6Zc4oum9MobBH-DB1dAMz6nkpvPcCwGdwAUR6BmXtoRxpcpz-fG_JHu6xXKQvNxb0ixlITTmxmox35PXu04jbGzpgiIFv6J5n85UdTuVz6mukmvmQz6HvsR_zkOZoWK570Opp6NaCWxX503Iw93cVGtXw_GGWHu6jruDuIjXaJVhSH6aRAW0eBhRsNE0cOY4I9ivuR-kOzO2eEafu5_oJ7c11mdMPS91QLmRU27epLQ5XSzu9_9U7KGsb8IyLY2AIcxHwJ_wgS4ourCa0beRyLyTE0pnFM7PJWd7j_bOGirQcNGYDdMuCwGfMPgAIQ2ZuF7l1hfVpGPWDmayseEGnp8Zse2GjZTUcS0ouoDltbtMPoQsVIQ-EBbjsxxeB4_sZPUmPZLpB2SVwbOc3XaGrR__PSD-TyH1z0crbu7oLd--7seZdPLyLUlcVrUCFNg7KxseFCnMa_wDvmzwd8et6tDMXVTqgwofd2Rt1EIZJKAuF0hRd4Se5_kuQ2jr-DTXJJnisUiIZCna6YEhYvFo6lRBVHei6290jyWcT1dBPnxx0kGmyTh-IxVqtM9rv0TFNw0WJRKorTEYWRyptfBpO4XBDmyl8EdvqU1mkJw67n7152GRKXo6M5iODnuyNJXUjbemTeilietIToEvRvffLcgZg0xKM9zzJI7UG0YXi78u0qAVKY-G34aDM2maDJ11WxmD-3vj_83oLZwE-5wiZPhulVEGPd7vw8rc7s1syXCuE_OjkCXoHnvXn2bVfbkDRZpw_WQkC_0e7T_hbU6vb4Qb5x-ig4HlfEhjwkiC_WmA4AqhSv6qcFyIsXxzkfRg5eWI3N39r44qfK2nlOYO3_NUFWMbxbPtoaBBk8PMGKCMf0HdDK0tTHAXpPXusPst0IhyGIrXvBwgY9EiYJN3uSwXEe9cG75LnaftHTdUXklr0L6QJERBJmZdWMGfT8bhHx3Z362YmmDeutv1nLa2Xc2QO5kofAxeyO_mHGWheR3rWAevRPziKRlMQ0eIWggRNV_o4kJcoOFXy0wblqt3-RlAMSpxtaSA0y1qxXW017JAJ675p0P-5r3gl6ipStpZ8A&cid=CAASJ-Roa_dJ26ytXMhZPKPxWrjBe6LHDDhoc5T2O-eRT_DMq6RSJ1FXYA&rfl=2%2Chttps%253A%252F%252Fwww.tumen.kp.ru%242%2Chttps%253A%252F%252Fwww.tumen.kp.ru%252F%240

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bbea7f4c398a436a6208f883f9f2b0881034c221c9a0b678d72d1e0e90806656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1c93cdb1133891517efd814bd17e41a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34426
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8F4C 42 B
63 B 101ms
56ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cpx0D7Hf6-o-n0aXJgcTKzFTKLV-IoPx1WXuSi2T6m0Uc7HkWWDOfzVzE0HY7CjdVJRIYZKV3CGzB9bf3p_OaigDDW-frd_T7Y4319yHaiajqDaBw

Requested by

Host: 1c93cdb1133891517efd814bd17e41a7.safeframe.googlesyndication.com
URL: https://1c93cdb1133891517efd814bd17e41a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1c93cdb1133891517efd814bd17e41a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

skeleton.gif
static.adsafeprotected.com/ Frame 8F4C
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/1083870/64162795/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_dspID=3&ias_campId=1008209757&ias_pubId=pub-7172733408455692&ias_chanId=1&ias_placementId=176...
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=

43 B
480 B

122ms
20ms

Image
image/gif

2600:9000:214f:be00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: 1c93cdb1133891517efd814bd17e41a7.safeframe.googlesyndication.com
URL: https://1c93cdb1133891517efd814bd17e41a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Server: 2600:9000:214f:be00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1c93cdb1133891517efd814bd17e41a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 18 Jun 2022 11:48:56 GMT
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
age: 1776216
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control: max-age=315360000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/gif
x-amz-cf-id: 2kxgZx_fine8SCZEl6oqH7_s7rfDZdJii96FMcJmD46Tf6utPBsP-g==

Redirect headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:31 GMT
x-server-name: app07.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
cache-control: no-cache
content-length: 0
server: nginx

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/ Frame 8F4C 3 KB
1 KB 68ms
27ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/window_focus_fy2021.js

Requested by

Host: 1c93cdb1133891517efd814bd17e41a7.safeframe.googlesyndication.com
URL: https://1c93cdb1133891517efd814bd17e41a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1c93cdb1133891517efd814bd17e41a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:01:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 631
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Jul 2022 01:01:59 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8F4C 137 KB
42 KB 297ms
296ms Script
text/javascript 2a00:1450:4014:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 1c93cdb1133891517efd814bd17e41a7.safeframe.googlesyndication.com
URL: https://1c93cdb1133891517efd814bd17e41a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80b::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e49548c45f00bbfa0fda642d02b5e29b407004eacc2099e348da7cb38f477052

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1c93cdb1133891517efd814bd17e41a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43254
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1657132091081416"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 09 Jul 2022 01:12:31 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/ Frame 8F4C 17 KB
7 KB 63ms
22ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 1c93cdb1133891517efd814bd17e41a7.safeframe.googlesyndication.com
URL: https://1c93cdb1133891517efd814bd17e41a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1c93cdb1133891517efd814bd17e41a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:02:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 586
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Jul 2022 01:02:44 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 8F4C 0
0 79ms
29ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRksGsg7n7TpbM1JBVn_5ezYvx4PvU1sW7Srbzt3LkZW6YIGFVtb0BICaXzR4b2196zYY-Jx1DzGl3GouiOFESTWwDzAg
Requested by: Host: 1c93cdb1133891517efd814bd17e41a7.safeframe.googlesyndication.com
URL: https://1c93cdb1133891517efd814bd17e41a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1c93cdb1133891517efd814bd17e41a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 8052 107 B
122 B 30ms
30ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.tumen.kp.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022070601.js?cb=31068338

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 01:12:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 8052 107 B
122 B 28ms
28ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.tumen.kp.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022070601.js?cb=31068338

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 01:12:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 8052 119 KB
44 KB 233ms
232ms XHR
text/plain 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4047285186638077&correlator=98509356745471&eid=31068338&output=ldjh&gdfp_req=1&vrg=2022070601&ptt=17&impl=fifs&iu_parts=94805857%2Ckp.ru_2_new&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&ifi=1&adks=3886855702&sfv=1-0-38&ecs=20220709&fsapi=false&cust_params=kp.ru_2_new%3Dkp.ru_2_new_10&sc=1&cookie=ID%3D4cc059ab0a60a551-22b47cf0c8cd0079%3AT%3D1657329150%3AS%3DALNI_MYyYpOCXtZaVcdekU1QUNH17-kFWw&cdm=www.tumen.kp.ru&abxe=1&dt=1657329150958&lmt=1657329150&dlt=1657329150620&idt=313&biw=1600&bih=1200&isw=300&ish=600&adxs=1100&adys=486&ucis=8m382q3q70ac&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&nhd=1&url=https%3A%2F%2Fwww.tumen.kp.ru%2F&top=https%3A%2F%2Fwww.tumen.kp.ru%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=300x600&msz=300x-1&fws=256&ohw=0&ea=0&ga_vid=1737713229.1657329151&ga_sid=1657329151&ga_hid=1736774709&ga_fc=false&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022070601.js?cb=31068338

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

f35dcda2667add6cda9974e6e50789b205a0d2676e13d741af0c2a1bebe17c3b

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COP6yJrQ6vgCFY2I_Qcd3MULyw&gqi=&layout=/sadbundle/%24csp%253Der3%24/9473308889628347351/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COP6yJrQ6vgCFY2I_Qcd3MULyw&gqi=&layout=/sadbundle/%24csp%253Der3%24/9473308889628347351/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44905
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Sat, 09 Jul 2022 01:12:31 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 8052 14 KB
10 KB 45ms
44ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022070601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022070601.js?cb=31068338

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e180a392db7534a12bd9e1962271f3948a0e3055e5e4d33aa0a280e7dfb96fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 01:12:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10662
x-xss-protection: 0

GET
H2 200 container.html Show response
bae702d774fa849aafdd12eb7538a159.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7A16 6 KB
3 KB 71ms
29ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bae702d774fa849aafdd12eb7538a159.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022070601.js?cb=31068338

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 01:12:31 GMT
expires: Sun, 09 Jul 2023 01:12:31 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1AC0 17 KB
6 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 09 Jul 2022 01:12:31 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 236 KB
73 KB 82ms
29ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WCBNVW

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2f5126e2db0954fe5cb69077d07bb25b4e74dc192099114005464512806ef0f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:31 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73796
x-xss-protection: 0
last-modified: Sat, 09 Jul 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 09 Jul 2022 01:12:31 GMT

GET
H3 200 edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js Show response
pagead2.googlesyndication.com/bg/ Frame ABC0 36 KB
14 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79db9ed714dce58ba264e8498b854803f736d027ad66de53f72ed0ddc367ad30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 15:06:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36349
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13936
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Jul 2023 15:06:42 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 8052 17 KB
6 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022070601.js?cb=31068338

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 09 Jul 2022 01:12:31 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame C3BB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKIAtgVJI-dujdqKYsIUpII&google_cver=1

43 B
950 B

71ms
46ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKIAtgVJI-dujdqKYsIUpII&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGO6p_M0BMAE&v=APEucNXdz6jxVhCIsD8FtilHVsnhSTJ6uDP8Q6qv7gUreMJKfyFTc_yzalZsFEsuoQJnLSeQ8OHEz8QSUph-Qc6tK9JXm3tVBjvOMUKh-Y_UXRdp2WIXU4jVLRR9zrxxSm56suxGP4YBXKdwdbaykuDpkf1ESQKz229mcqevC8kNMw_28GV3Qoo
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 727d311ae9086934-FRA
pragma: no-cache
date: Sat, 09 Jul 2022 01:12:31 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MYgJp%2Bja8hcMeipLdQWXVHyMln%2FwcGsoFwzSXGxtes9qURs3Gin8u%2Bgend6yKf%2FENTDKM7MG5aNfXs81kfog3Lp87Ff1kPl7ainO%2BP9xni4g3%2F8ATFWOu3%2Fk0lvbl%2F5Wh6SO9ZJlNh48Qg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:31 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKIAtgVJI-dujdqKYsIUpII&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame C3BB
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YsjV-xXQxrTZQfd2JxPpLQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEiQr4omnpya0x_DblSbyiI&google_cver=1

43 B
911 B

42ms
42ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEiQr4omnpya0x_DblSbyiI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGO6p_M0BMAE&v=APEucNXdz6jxVhCIsD8FtilHVsnhSTJ6uDP8Q6qv7gUreMJKfyFTc_yzalZsFEsuoQJnLSeQ8OHEz8QSUph-Qc6tK9JXm3tVBjvOMUKh-Y_UXRdp2WIXU4jVLRR9zrxxSm56suxGP4YBXKdwdbaykuDpkf1ESQKz229mcqevC8kNMw_28GV3Qoo
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 727d311c09d56934-FRA
pragma: no-cache
date: Sat, 09 Jul 2022 01:12:31 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B7KZMk2E4NSDLV9HR6rrGV4UbFkDnk1UYjsNQ8mAUvJn7MuoziNh8sGWr1c4NKUVLIcK3UH%2Fhv5rxO5veUgsxBnaKoAfJ2y1es1O%2B6C0pC5pIJaWEnU%2F50%2F4IUKfYKkcsBdUkKrPmrfNIA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:31 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEiQr4omnpya0x_DblSbyiI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame C3BB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEDivxYrv2khFhvJrnz6LCfM&google_cver=1

43 B
1018 B

28ms
27ms

Image
image/gif

185.33.221.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEDivxYrv2khFhvJrnz6LCfM&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGO6p_M0BMAE&v=APEucNXdz6jxVhCIsD8FtilHVsnhSTJ6uDP8Q6qv7gUreMJKfyFTc_yzalZsFEsuoQJnLSeQ8OHEz8QSUph-Qc6tK9JXm3tVBjvOMUKh-Y_UXRdp2WIXU4jVLRR9zrxxSm56suxGP4YBXKdwdbaykuDpkf1ESQKz229mcqevC8kNMw_28GV3Qoo

Protocol

HTTP/1.1

Server

185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 09 Jul 2022 01:12:31 GMT
X-Proxy-Origin: 217.114.218.19; 217.114.218.19; 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 3b74d736-fad3-496b-95eb-964bce7e58da
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:31 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEDivxYrv2khFhvJrnz6LCfM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C3BB
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ2NTM4MDM1NDQ1ODkwNzI0OQ%3D%3D

170 B
188 B

68ms
28ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ2NTM4MDM1NDQ1ODkwNzI0OQ%3D%3D

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 09 Jul 2022 01:12:31 GMT
X-Proxy-Origin: 217.114.218.19; 217.114.218.19; 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 33ab8a35-e7bd-466b-8a74-ffb544c58b35
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQ2NTM4MDM1NDQ1ODkwNzI0OQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0988 13 KB
0 35ms
21ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 6310
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Jul 2022 23:27:21 GMT
expires: Sat, 08 Jul 2023 23:27:21 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame F5A6 0
0 77ms
30ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Q1z4xV0GHYEp2IA66wPbxQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 515
content-security-policy: script-src 'report-sample' 'nonce-Q1z4xV0GHYEp2IA66wPbxQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 01:12:31 GMT
expires: Sat, 09 Jul 2022 01:12:31 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 97BC 0
0 89ms
87ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022063001&jk=3720049075959175&rc=
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 8F4C 170 KB
59 KB 106ms
22ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1c93cdb1133891517efd814bd17e41a7.safeframe.googlesyndication.com/
Origin: https://1c93cdb1133891517efd814bd17e41a7.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 07:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64784
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Jul 2022 07:12:47 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220706/r20110914/elements/html/ Frame 8F4C 8 KB
3 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220706/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DkiSJGOi0PLVa3a2gypnqqmRPlfk_9maKvloXDNGpwempBNhimd4F9bYMhUbx2Rn7kEofJ67PIqCxqO2LnuXwwgVZAp_-1G-3FXCBn_3taTU33yl-2LM13jbGzh7tA6_JoZNXmGDSLyqEFypN_UEACZZS9Xg&dbm_d=AKAmf-AsjmtCs19Z5Q2CffB9LSfV2uRwZpKVpil0EPQj61MKUWOFNrCOS4IcTpk7MIJVft4_QX8YH9vROgwvRBgYfT0nn5asus0u8S3b4XY8mdVUrWshGM5K7k5OQvgqOMFw3khzuHfsTKe_qbSHW2SmqBGM0fRqhaV0vmdBR_rsJrv66nLG_F7_MEbFqgydN9vHp2R_A06l1CvyAVTl266FCEp6WxlTZ9BccNEMgUxd6tENbIDL_5tknukmzAx3zrg1wLc_V3IBy85n0uNkkirx7fVftgfJTJJkUOBuVG8NOVR5IgGH7PckmRlcLkSK8jhGCAhWIVG6BG37g35qHYwnHM9hBd4XFxM0T4ARpq-I1Mrn5XyNkd9R-1zZa7AVYSi9yMUE3Jz33BLNA0V4HnH6ISMJP7n616sJJGRb47n_KfBdhOGVSyI3tr_mre6xSJFLmdWNfzSN7ZhNGWR6NtMQzs5e26FyXEa3rSvvNsNVPyFz2b2lLSaWpluaULBTpZSY1l24AaPew9XknFc4Xn12ryCCYK5CqiKXa0CVMAVVdS5ZadLjXXtMG_vKk1V4uVuwhyqTpS8ZNKz7H5N28OAXNuS1UX5-TKWUR3shvAFxa2f28kenhtE-HjyGjjdhsXYsz5ElcwxC_euECAC2o4r_x6WJBKIxChKZ4UgM2ZipHCA2iio2IpPeLSjL9AAtljqIw_-rGSeAa6A1meITxrIRMCiRzrFYDI_OQ8kvUtwQGE1aE2qhyuERBrsQbIE07lAQYJLNFDKXjtLgnenNcFUafDvKjQlwclOMFWtkB0vRj0-dJracy_rynN2EeCsEKmyyyqa2IdUb6_Fz6NJN6APAxUIC8MLs663SFdOGOA5NJWGhO_accwr8eU-nBFaqz2pKCiil6VKpK6FSFkVFQr4uZzXljXf7BEGnXWGf4BPTlgQIlU5R6RGg1Td3xXIl53I7NJWBGG-hxntgH0YuSXtcigQKDnoq7GvrKaBxN30ZGxUF6oNuU-TYRnwaPVsR-ajyORvDw0_RzI31812ES20QhASoOmG_56fl92N_qcyXXFPyEQ7_HG2AaAtbLze1c0yz-pCLuy5vtoiFjFXQNTUbmkk5Q0Tn0rmYl7fzHBu91J0aCpdhlLYRyWmk7cAJJw2vRbrVx3KAKJ5wMvx9y-2aPF7fjIKApJ4ZKUOzguQkgHqg7_ErWr1YtWgpD1vOTepGr0XxrS9sQIgsbXrWwF-uW8idVstUMY9LHkshaV3t4SnUzyj19rxsGk7imM2IXiwoevjtWDW7aJSPdS0ODjm7nLtiBGPGCDf5335rrqYvqPkBuuw4BIPpzb_mnd-4JPh-xQAE10KlgOmf_3ELwASwBgQ_wUVbEAUsdCBcfLBjVKFoS0yyYqoIMVusa9eFlfUqxuk3LGYvI6Dsd2gYQem5oUdcpecMvsNmHJ8jIVrH-0IxoeuNskfQiMm-rfy3fzFGe9YjXOE5hF0C8SdUu3fo7kmbGIn4pu1YHwRc4dZH8gfqQKRLOYBkRg4RkXQz50BJ_pIPvctvS_3GdF_XgGAj7ST54xgDHDbDt3Im39GGbH76cqhLkAzaZym9wzW2VybrAkC_bjZiOMtxuISJ6Mrlr2y0awzpNcubpmoSkFBtnzkm5xlqbxvoMdAeVLEPC-qnRoXoSckteFmIQRdZ23qlrdRC4BU3dx_4YAUFBhibnhaOZOEQ3Bx4c8Am6DgiBtPigBWsPQChj28H0-vWR6qfn817bRcKTWVg_8jRHjRGjTyiXeXHdjTRvazuudc3wqZayjIsGxsWZ2Vwxh7SpBvyDAzzeMtvmD3oHb8ql38IWFJA51Br3R7JUtxgYhkj1kEB0u_Op8JY2Vj1nQaLMcNE_6wwMk45P13LM9DavW1flLzD1a5rUhFRkJcRzB7l0h_Q8VhnOlTkb1TfjRQWe9OKjZaz-5QNEhAyjiUiy9DeAURjUCgsx8Dv9bw4KRNeEdVzNbRPBccw6pIjT6p30D0-_obDmxe8fScQo0MSEC2O_wlPo85MNtVdnYcNwfNlLNc0tMDI9j3_CX7eXD0nDxDoFCtEvsAHweS_LuJ2lE-suyl5UXi4SfByqqdvy4cCyL6bt6BT2AY19yAeV55fp3Cp4nVqqmy8Km_poKVF8BSjEfjtO4UvYZOyFfzl0QSdqZo96fNYQ0cvudIPhLxtckjq0vkeIaYNcOX1ODIbNGpfCkXBxPhjsleHENcfaJMA9eylJHcPNDK2vox5ayvi5VSeMtQa6pqD6Zc4oum9MobBH-DB1dAMz6nkpvPcCwGdwAUR6BmXtoRxpcpz-fG_JHu6xXKQvNxb0ixlITTmxmox35PXu04jbGzpgiIFv6J5n85UdTuVz6mukmvmQz6HvsR_zkOZoWK570Opp6NaCWxX503Iw93cVGtXw_GGWHu6jruDuIjXaJVhSH6aRAW0eBhRsNE0cOY4I9ivuR-kOzO2eEafu5_oJ7c11mdMPS91QLmRU27epLQ5XSzu9_9U7KGsb8IyLY2AIcxHwJ_wgS4ourCa0beRyLyTE0pnFM7PJWd7j_bOGirQcNGYDdMuCwGfMPgAIQ2ZuF7l1hfVpGPWDmayseEGnp8Zse2GjZTUcS0ouoDltbtMPoQsVIQ-EBbjsxxeB4_sZPUmPZLpB2SVwbOc3XaGrR__PSD-TyH1z0crbu7oLd--7seZdPLyLUlcVrUCFNg7KxseFCnMa_wDvmzwd8et6tDMXVTqgwofd2Rt1EIZJKAuF0hRd4Se5_kuQ2jr-DTXJJnisUiIZCna6YEhYvFo6lRBVHei6290jyWcT1dBPnxx0kGmyTh-IxVqtM9rv0TFNw0WJRKorTEYWRyptfBpO4XBDmyl8EdvqU1mkJw67n7152GRKXo6M5iODnuyNJXUjbemTeilietIToEvRvffLcgZg0xKM9zzJI7UG0YXi78u0qAVKY-G34aDM2maDJ11WxmD-3vj_83oLZwE-5wiZPhulVEGPd7vw8rc7s1syXCuE_OjkCXoHnvXn2bVfbkDRZpw_WQkC_0e7T_hbU6vb4Qb5x-ig4HlfEhjwkiC_WmA4AqhSv6qcFyIsXxzkfRg5eWI3N39r44qfK2nlOYO3_NUFWMbxbPtoaBBk8PMGKCMf0HdDK0tTHAXpPXusPst0IhyGIrXvBwgY9EiYJN3uSwXEe9cG75LnaftHTdUXklr0L6QJERBJmZdWMGfT8bhHx3Z362YmmDeutv1nLa2Xc2QO5kofAxeyO_mHGWheR3rWAevRPziKRlMQ0eIWggRNV_o4kJcoOFXy0wblqt3-RlAMSpxtaSA0y1qxXW017JAJ675p0P-5r3gl6ipStpZ8A&cid=CAASJ-Roa_dJ26ytXMhZPKPxWrjBe6LHDDhoc5T2O-eRT_DMq6RSJ1FXYA&rfl=2%2Chttps%253A%252F%252Fwww.tumen.kp.ru%242%2Chttps%253A%252F%252Fwww.tumen.kp.ru%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1c93cdb1133891517efd814bd17e41a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 00:27:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2720
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Jul 2022 00:27:11 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220706/r20110914/ Frame 8F4C 27 KB
10 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220706/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8247e71c60f01cce914615568139113018a1a129dceb0fe0af55edb0211b8fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1c93cdb1133891517efd814bd17e41a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 00:58:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 840
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10545
x-xss-protection: 0
server: cafe
etag: 4672069523611413616
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Jul 2022 00:58:31 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9DBC 13 KB
5 KB 25ms
22ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 6310
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Jul 2022 23:27:21 GMT
expires: Sat, 08 Jul 2023 23:27:21 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DD55 783 B
534 B 30ms
29ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f3b26716e197ca405ee1f91e912e542769d9a6ec490a36a4727f6a5dd7543c38

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sGIRYivXCfxwLvQU_d-Ycg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-sGIRYivXCfxwLvQU_d-Ycg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 01:12:31 GMT
expires: Sat, 09 Jul 2022 01:12:31 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 trace Show response
yandex.ru/ads/ 0
233 B 75ms
75ms XHR
text/plain 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/trace

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1657329151175672-5097800014088773745-vla1-4679-vla-l7-balancer-8080-BAL-9328
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}

GET
H2 200 v2 Show response
an.yandex.ru/adfox/232598/getBulk/ 121 KB
35 KB 304ms
166ms XHR
application/json 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/232598/getBulk/v2?available-height=400&available-width=240&bids=W3siYmlkZGVyTmFtZSI6ImNyaXRlbyIsImNhbXBhaWduX2lkIjo3MjI1NzMsInJlc3BvbnNlX3RpbWUiOjI5MywiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjEyMzM1MzUifSx7ImJpZGRlck5hbWUiOiJydGJob3VzZSIsImNhbXBhaWduX2lkIjo4NTM4NjksInJlc3BvbnNlX3RpbWUiOjg3LCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoiOGQzMDhkNDIzMTZjNDBiNTE2ODgifSx7ImJpZGRlck5hbWUiOiJhZHJpdmVyIiwiY2FtcGFpZ25faWQiOjcyODI1NCwicmVzcG9uc2VfdGltZSI6MTkyLCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoiMjprcF81c2xvdCJ9LHsiYmlkZGVyTmFtZSI6Im15dGFyZ2V0IiwiY2FtcGFpZ25faWQiOjgxMDQwMiwicmVzcG9uc2VfdGltZSI6MjU2LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMjMzODUyIn0seyJiaWRkZXJOYW1lIjoiYmV0d2VlbmRpZ2l0YWwiLCJjYW1wYWlnbl9pZCI6ODEwMzQ0LCJyZXNwb25zZV90aW1lIjoxNDIsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIyNDg4MDU5In1d&date=2022-07-09T01%3A12%3A29.993%2B00%3A00&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&enable-flat-highlight=1&extid_loader=&extid_tag_loader=www.tumen.kp.ru&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxNDh9ChqjpqjkJu6BYKCO8DD3bz8cGs9jHE5mc8yh7XASjuGaP5OZ5txDYsPfzof2cbbn2GYcOxQb3tBsS_vNcilALwX0BtpWBVWRVCqVv0v4-G14Ll-JCBKEFCkNKqiKag6hhcpQHyrlJrkxjHIIUQ4zVIe6UDWgfSDkplC7SJHkBTeEmjBu2LHmkHxALucqOVWoywubNH-qMM4Lk26RVIZkiyxlBlIOoS9o9aJZsAVQI4d1HuIFuBCKnPY8ki18oV6KufYMKlCF0dCBbfOyxMqfwbb6GQUrgy0QUiyHcPJyORCJFgFVBggtjCyFJB-7mRkpLx87p4WLl8_MZkbKyYvbus0n1GzgY-Y0WzKThZkTTFEuTnpuJGwMZjZGJtHMzchk5mQygykagkAUGwlEJVcaC-cQkHKqvGghLICLdsH0A90cKuQ0hyUKtQuoLlQPXPHSg0YOMy_gWrlxUcRDgeX26KIFHMRlH-0yPJbDC6NBR370A8F4IQl5uVUM6mVuvNCKRIZT1XC8SBgHkmG8KNVn9dJy6SEHwkLTtHDqDuf2XmRYOHxFS0s4i2Lop1-QlCLDtKhZeeZTNk0WCs1y8kVBLSLZM8UQW8D8ZepAa8ruRFMo3_YhkOVhWU01nTg7i8LCokLSJMXCiQARIxIueh9hQQ-hiBBVvQpZ9S5y0uUxPAh1_iNn5ELAy8fFhlgSHDmd2czIlLmRWujpwRSl57Yzc-DkZ6G3W8HKnMxIETOiEOUNAfnKhskn1MhIcm7xw2FjRcTGwMpvF8wcaC2oOfOixcZFB5IgQrs1swDZggUlguWPYrtLtnwp-YQszuEAxFLPSDB42OjZQWW3LDyQXubwtq8vby9BALdkOf2Kpl4dMhF6VbHqBB0todDITQ55hSJdmbFDvqGGBjnsoBacdQNYb4U4YzTFZFU0UcQhDIBe6utC0pBMTuWI_5Qm-o27zpgObfzvI3_lYOyAYxoHPYOUorYjOOJHbMPprnLAcOgPtjSPPROejI7IGIpLbHFWlev6DNNgd3_vkDsYC5d2-JfTOmrHOrqNIc6oC5jApdwzjpuZmKoD737QLIXHeYw_ig7IumjwJsIp14nqTtIL0kNN9FdP5SDPJzq0L9D9hFM5Igzdnuvozt2Y_4Q1D7_OkhrivP6lImmodtCaSXKTfRk7BW90VHLQ_h43PeeoDkE-i5yRAcTqs_6UdJLej9rnVzvdCCOHPIMwB_3Xcjq8XBqCGnESsk1zVpRzOqE45B3yVgvZGNTgy_m2-c9ADd4hRTUva2Oeqb6WsSOSo9yuK9a2eNw_gGT4Oo9C0pfOz0nxizPDR4MMMcdyDNg51oUAEWCEgfuhzCDAbUUisAziAoUHJE6Ez73AriOWE3YBCe5ttowCPSrQGP6fJK0vPnoGC5M7vPyZh5EVLb0HSoPIPAwBYo9HgkEgc4HEhgoJ6sfcWHY-iIafm5sbicWSnN_P0ebJ2spzum4yksg4JqZHfk4QIOVCxoHcLpA50DGhQ8AjymvjB4YJtsC9TbQx0zMI0LPasWUWzFyY0KMqJxYYXlhTAw8Pk4UQ4ztxB1bmZqYDg5ld1Dv5i10H7pwD_F2iaQvPGedQ1kAFNgSE3SpotTrj3WdKx1gn_9pdiPcW3bkD_LigGfsVSz1xzGe31syp2TCvPROVDnnGjBYlRkx2GzZnbAfU3ceGWePTn8xJp6FuUe9NllN_UYb8EjaJ5VhdCcHBHXIly79qOEVFoSc6kRmKI7MCFb4ZaMhlUahCrbM0aVjYrT6oIgALhyBCs92W2enB4MBi9kQ-diuvFKRcwS2eiGszM9CZmViW_iwMPKAwon096ftl5C-vn5FzCLiFKNlcyQXIXlYH3E-Q-SHO1IP1PMVQI5LlcIfX3OE4v56j32TNoJph8aumbHbWCee0tWd7L8qqE1k8_3LqILfRsJwqbpNuRBdODbMQN1ozMjPR4bQtUXBhREEPn839wAlJwFtNtmY2jGixoEQjKkkCrMgtgogRLVds6NFhQPTwO2_k7kNGh3HkynuNsc9NM2_r0_5FOpusHG6bhKdILFwklwE0xC5ZFNVx25YaDwI6VOhEeb_FfcCtOrS4tG_dECbEjIjY05cljLj6jplOuWXd_VHNW9EGrVPM8Lm3bUcS_yKW01Kn_9OIB46lZT5_PcGpOg530z-cvwW3jOc_6Ja442Q8Dsw_i5Ryall1Et9jbJmLByPo9KAvtfTL95dOQmO-W14RUUNjv6g3q6UMHyKrhx0jaKChQSR-9Ug__HxzWX-iqc1jClZ_m_8b0YlXVk0U3oVDv_Deoc5-FKweB0QOT04zPrNJ0jC_Zckp78k7ummI8Q8jIrpQuTEgRI4Q9e3q5hjCq3cZNrlH-inj1fv0hJXP27BXXdX5L664XaJO96H28T2GkRz28J_l1MOlnHKKb6iimS7PgKjpslUsonAqd6LzqQfAr-oJiaaufdr3QdMh8gOQopXXQzgbm1K-aEolHm0rnzoaYor4f7ZUr59iN1a2eUo7c9w0VKSK-hPir-lUmOJkEbBYnzswT6lHE7XixzdqKYTrF-oyv2CT0iipjeLHvoeuGh8IjXxBRUGZ2GN6rNBPbUyIhVumANmTnEpk4itJr1xzujWvKFgPqAv6UTQqDfptbeW_8OiIVXfqynzeNBX1tK4dVdQuSz6elSpfzW14dusIXj_WnCK6qtwxGf6XjesCIXbhuNfpPfs4NxBbb_kQoG5FoqqPxcOg5nrZqeu7eVXSR6oDb64f9MCUVwuKG2rn7TCYupe6UtbBquwkvy8zpCJpraX615y2XhQAPQESFniB_23XBYOoT8FF1ftQR5kJf1Rppe7Wzm-dYD-zm7KDc_IH7fLT1aXsSIE1iKh6n3ZqIzk2sPL_6JA_bbdtr-Q_ZSyHOWMY6QNdYFefrNY1wh6PK3a9Qy6G9r5X3lR_fdLs7ZRDDPn7FIilZz4VZhmD00UwpFMuVNHI-wAawh9PK4BS9G4ot4pmEv_RS1rjdKTmbD6mpElFzDoUANd16MD7SUbxcrcnrIpcsn-QAnoKXvOXaUqzWMFFP40F4jC8OrkN0j8eG4lVGbr58L-a-9J71nF3IgWZStAmuzYp3ANlfNO-SeT67yYNXZf-JHG7NNJXzp6_17UucFc9gWqk_93AgBfJgMidX2xjcKof-PmIU_utSFc9mx59fKQQZ-z2p8A2d91QkL7qVj_PYi91gLo74z3ucSpGiG26QvV_ep0cXh8T0rsATW7J64-yMAP3sL-pyjtYkVUtoe4_-503NKXl0bTVpnuIu6rssbBsu65ROQ0Ab0qI9YfaL5F2vLhwMek8oI0NsPtNqltT0tkh-0eysK2VKOI2s7f-aeyHTd9SxoG4rPYgmzC7kBc667wH0dj5_8bfnzStILkFYyK-JDW3UHQPt_9FgbeVNsrGvn94XcDaNtAnx6XqD9Dr-UsjMDBJJhQRvNr457zAbJUpbv7DPCh4eDDJfnfcy25L3we-d5p9u_hqCV1ra1JXjpr6cqoz9bb-q_VMY7HDJVI22v1XDYwbcQ9xxesfXps1pA-wdad0_VgniGtvAbeZMYG2d9OorL3gRS8byEvLGwe6StxDTncjvVFLSNalS6B7MmqmVEyZvxdCm2BA4zwq8py4xnpLsK7aEscYI2Sdrcr8WEvrqnRzPWn-NW97MBF4A5hIn6Uk3UgkCwzPDF3nl4_avx-EURtPE5KjQx8QDrTWcHuEvdoif3NaRbSAq1tueQby_pzPoD6n6vI18B7IekA1ik1sEM8p-VsQJTk5ZYnsw7lTHkIEroVhn5SmstkPG8k1JQT7jXiHwD3vgawlizc2bqnYe_Nvt_MIq821u9zXmIJDvFD4odDf4SpdlAOuiZoObPFSFp5u4ndlVi8xFzlsXYA2-JyyB1nLlzj2Aj4St0eKTxyi96jnO7hH_1FNSjXOKA8Q-rtSlW95jjY6Rlteqp5Q1bdblUk0NocAG5eepXQ2e_jxe2GmaF_1ZWUoPmNMkg0R6axV_w6P0yke7jHj0dH1r4vyASG_4TIG3ScU8oeyuFyMvb0LTalZNASvfBterHxovUK3-TOumjqXnO7wqbFPak7nlW4VDXFMz2nqFaLPpOgtJe19RzfFr7i9pEpGMFm-nDZ5K2Trtal7KNeUdOIAQI2vdwfgQ92OwCkQaOpDBYOGrmoileyz4PO9X1tPQuBoU55J5YwUePnYbR45cS-0WHDCR4aNwY5z0XJzm7fFVn6ZzLFNSuUkASeOzIGZAyUr5iTuKWOzK0LI4CNnY8V0-QWltE6QKAqb2Zg5JbjEnjkxczCgYJNSRA9CwNgHLGgKZA4kQEeNCd1ZoQoebCuR5qw-nN-yukz2F79akdu0uw6b4u5ihD7bq3wjkPmUuIytrWi4fR1UdV5IWqOv9ghw4tEuU1z5coUQtTQ-6gEVSVNrUBOCH7nfMMmGd5rg4lR23viSlizqqKMqUekHS7208Bh-NJKA51iigYCRieNIBLLY78TzI5jp_SnndSz3h4Wk7RSR3FILD8T6QLWh7aoyJCG7kzDcsknwo72uWPLFLVOpDzheWj3j1yT2tL9VaAkTa1SFHQcKnUqm6Iln7_lA9SFa__bWgNm6W3hessQ75TyOZ2JWpa_f-jfKxnxJ43ARTfu8VdD-2XjOJMxxSn8q13z8OEflnjZempKWQHqzA5ex1lEVu2HB9XRbRFJPQjyWOezE2A-9TijP-4Xb28i3CnoVSHgjeEjqpnQnEO2f8ofEEW7QyUTAqfy5OnvukVC_HVELcdPeX_rVqNEl9XsV1fcUoni81CZ_dm3nQj1h1McLaedpZKDSLxp2JPn1V55mcRdjX3x1y0-UgPtXH9xOFehXRvVIODH-Zd14lgp7mGehbdvGv2-Tv9JhXulMkuStFN4AgUeSGZLnD8qkX3_uNqCqGwOUhCi5obZFTRJIru1e_ewcGb7WeZhurZG1QOk8GGXLMZf-4-Y4bjx0rvLibb7dq7RVIvt9l_UfCkCrdxe31J7kLoKbqaNMmFaTXHyy90lLI9Cu5WoF&grab-orig-len=5120&is-turbo=0&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A240%2C%22h%22%3A400%2C%22width%22%3A240%2C%22height%22%3A400%2C%22visible%22%3A0%2C%22isBlackTheme%22%3Afalse%2C%22left%22%3A215%2C%22top%22%3A1246%2C%22fontFamily%22%3A%22ys%22%2C%22req_no%22%3A4%2C%22ad_no%22%3A1%7D&p2=fxjd&pcode-flags-map=eJyVWNtu3DYQ%2FZVin4OCulCXvFESVyIskSpJ7XpTBIO09ZsRFI1TFAjy7x1K2rWktbm2HwysoHM4nOsZ%2Fdhp3nNm4dCxHjT%2FbeDGAttbrkFIrdp29%2FH3H7t%2Fvzx%2Bf9h93Fk98N2H3dPDtyfxF%2F6maRoHye7n5w%2B7AzMgOBirelC2QbxtmIRuaK24zZOlNLzmeTdY1FJpDp0whldQMcugZ5p1BvZKw0FUXOG1oFRdoVacD%2F%2F9vaLMSUzpxR42WFVzyTWzSNuz8s40ykI14AOh5IopWvPEhOQXHi5Z0XKQ%2FLgg4Qathk5VfMWjZHsC3vKOS2ugbEV558CvsM%2FMHbuHhou6sXhHafC%2BWsj63ZenURCOtKxt1XEKQ4%2F0I8fkS1uzGxwxocuYTOd3TNdC%2BpAJiYMo2rps6KvR951yDgfLRItGTL7zJkdCkmwRAc07deBQNkwbbmGvVQetkHd%2BjiCISbo1aS%2FuAX9asBpj6dxsLNN29E5v%2BFCp%2Bc6lxgITB25uHULp1b1L1veOujhBpY7yLaYmWehjQZdpdGQhrMvm95Dh9RzZgWuzTXpnfErX2DAmwdaQgzCiEK2wJ%2BhbdirQcVgJg0HjblgS0vCqjoTENmV4OaaEKgzXB9d2XDgWJ72VeJCYUwwrZowg6%2Fol8Omf7w8LWBxmUU4mmMFmZVy33GK2mb0AsQoM589Gr2Ffv%2Fzx%2BLBCRkmYTwnosq7Ds%2BYql9Z%2FZEyjfIpCqQaJuargvtFeSJZmYTxCTkxW%2FB70gLnXMX%2FZUpKG0dzBV50G9kPbGqwB7scHURiRyxULre7QP3g9qLWo%2FMiUZsmLBkMljNWi8MLDgCTTfT9xGY7mwlFUtgHRsZp7sXEQZ%2BQZi8eNiVko7fJIs0oM5pc3MpyYs3syGFh7ZCfjR0bpHNpq70a36bHjc7Ci42qwK2hICFljYxJNd%2B5LHDzjsMA54z%2BPIs2cvXuFXuauXM7nAb%2F3ZiIemabhNVzsAf8fXXu5lSGvMJwNOLB2WEUrIi%2Bjz01xzE4hewwyMN35z06CPJrPxnq1wowCaa%2Bup8cWSglqiRHacqbdpHfTkGnBNg4Pt7A5vJt60vzIML2qtxYWMp1j7YYedBxV0SVduNbY7Vq16r90hc9IPMW910Jp17txjhwEP%2FZK%2B1MmSZO54bnXQeLwLjnKu672wtIQcSPMmB6HV9lwZyH0XJebLA3IKsgpDfJ4kSLknuC8wmagjBXeM7OAzmdWKLrsON7Rx0eNoxNDPbfbd4ioDHv2FD8cJ%2BV8gU0%2F2UwVmmU4jSYj5k5S4bAuUcwZb8%2BmeZBmix4mUDAyDCwq%2BdJ5zPgOzSMaBCvs2PcMNkHbuMLqWVXhgPaTxHROknHOuDF86jlEfqtx1tBFtDpdvjK3r4%2FL0%2BRVJKAcGAXzjdPPHNoWi2ICUzIn71hp1crrwa%2FBCp9GWXTBvxs0iuqCSdwqAKXHXmC2jYIGOfxDJ8%2FCNF1cfiaZchMHPPbEi7jCxm7dArWVGFvNHcbRlHhNsZEjNM%2FDnKxejkicjS%2FXmhXhDTEfp%2BT5XTDi0%2BpyNAiJ7%2F0XpllAX0FM3pgbOqYAbrboBtelhXRZcdHpWNo3jKZ0ygzUATW3Y7UL6VY%2FjQ3M%2FcTmeWNeJiSNQ%2FJSA98LbdzqwTonYWGawOpwDqGfNEeZtDSNFUa1A%2FYr07nlw1X7jVjjMjPvV4ucxy7nOlS9FeJX4DDIp5JtbNfSqcwMzpRKMLAcV4QbeJQ78fOer6BByYaF0zIHRmFv9RsEO7kwjAqg1i7c6ABUbi%2FMiBc%2BGCQke97uEY4i3sAJlzlc1EowunwP%2Fjwj3PI9dr8V%2BPvXbw9P6%2FpN4wXa7Q%2Fug8D8HQATwojOLdtmwM1gowFL224%2BUwRBdqHqccqN6xQHV%2FOAeuPyANckJas1Wz7%2BbXpLnL5OOCmnym%2FSM8M67cX4PQJMw3CTRT619tOfT4%2FrTKdRPGWK847me5QsjctRUXpxAYnCcJ5EWPm6c2pFc3le7HrNC%2F9CgRRZulDH2%2F0MU5Cs3TY%2F%2Bfn55%2F%2BkFZzb&pcode-icookie=JPys%2B5rHIq%2BVYOSZpzg%2BMVHSc2DsCsXbTWltzyl%2Bl6ELGaOHg6a0Uaklq4o1HvDzI6FCIBTO81x%2F0ZD%2B1UU3ge690V4%3D&pcode-test-ids=612520%2C0%2C39%3B586085%2C0%2C8%3B597485%2C0%2C9%3B590118%2C0%2C23%3B598478%2C0%2C18%3B605344%2C0%2C41%3B610322%2C0%2C21%3B610874%2C0%2C85%3B612099%2C0%2C12&pcode-version=612099&pd=9&pdh=1200&pdw=1600&pp=g&pr=1213804335&pr1=2640655715&prr=&ps=bxyd&puid1=adv-1657329149670-14&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&puid3=top%3Aregion&puid5=&pv=1&pw=6&route=ssr&skip-token=&slotNumber=3&ssr-request=true&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fwww.tumen.kp.ru&top-ancestor-undetermined=0&use-server-side-rendering=1&utf8=%E2%9C%93&yaru=true&ybv=0.612099&ylv=0.612099&ytt=423863344300037&lvlfrom=20&rqs=_cF1AbUMuD_-1chi5mQ9yMl6NCilaKjY&rtb-si=1&dmv=2&csl=&ad-session-id=9907131657329149716&rtb-answer-hash=319014069766049033&usgn=ASvnzxRgfZb7DWYLxnqZj0F_fXjkFXf52ALbs8NwaK0T&resp-time=713

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

41436b69e2f6259685aa4154207ec273a47e4b7aa905b09f10eacfd6ed97531d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:31 GMT
content-encoding: gzip
ssr: true
x-yandex-req-id: 1657329151320109-1040972489812038445100088-production-app-host-vla-pcode-280
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type: Direct
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 09 Jul 2022 01:12:31 GMT
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 09 Jul 2022 01:12:31 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
66 B 84ms
81ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=35a67cd0d0b5dd78&pm=bmt&pxo=kUf75oU_EVBH5rmgHHSLHVXBym_btnoZPjmSEbG6mu1Mq6SXs7XtIohdQht5SeRv2IO6pfqHncLFfb-LgLWgXX0ysWjgJMkKVl4J1m3iVed9gaBJQKQ60vH-NP-L2nDH3L3jh0jpUv8sjqcvYcR6s8R3CkI7SOwkpk0e7TliJWcGe2AY&p5=gwefg&ad-session-id=9907131657329149716&utg=oxum&lts=fjmtaiw&ytt=423863344300037&ybv=0.612099&ylv=0.612099&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&rqs=_cF1AbUMuD_-1chi5mQ9yMl6NCilaKjY&pr=dyeeiod&puid3=top%3Aregion&rtb-si=b&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&p2=fxjd&rand=tolfnv&sj=rvoRlEWYiI8yQzP-VbBhSBghKB9Ow_NPcKEWZjN5FOy6boVekbpMpA2WAl3tdg%3D%3D&puid1=adv-1657329149670-14&p1=cavko

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:31 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Jul 2022 01:12:31 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8F4C 41 KB
15 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 1c93cdb1133891517efd814bd17e41a7.safeframe.googlesyndication.com
URL: https://1c93cdb1133891517efd814bd17e41a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1c93cdb1133891517efd814bd17e41a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 11:50:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 393733
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Jul 2023 11:50:18 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 193 KB
69 KB 71ms
30ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8MQ0FGXD1P&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WCBNVW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

80356e3900c84718e1dd6eaa756c048b14ef02067ea43730054a8cbede08bfe3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:31 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70603
x-xss-protection: 0
expires: Sat, 09 Jul 2022 01:12:31 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 193 KB
69 KB 85ms
44ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-E8KWCYC304&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WCBNVW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

151d187ef588a5448874fd30907c4511c5280400050763694ef9031d0d10b78a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:31 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70547
x-xss-protection: 0
expires: Sat, 09 Jul 2022 01:12:31 GMT

GET
H2 200 counter.js Show response
tns-counter.ru/ncc/ 61 KB
61 KB 208ms
68ms Script
application/javascript 2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to

Full URL: https://tns-counter.ru/ncc/counter.js
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software: ms-counter-3.3.5/1.20.2 /
Resource Hash: 75d16f690db62e7b02e26bff78808ea7529f154b36340c9b6d6e1cd81b64a4ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:31 GMT
last-modified: Wed, 01 Dec 2021 16:19:49 GMT
server: ms-counter-3.3.5/1.20.2
etag: "61a7a0a5-f2ad"
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR"
cache-control: max-age=1209600
accept-ranges: bytes
content-type: application/javascript
content-length: 62125
expires: Sat, 23 Jul 2022 01:12:31 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 204 KB
70 KB 144ms
136ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

5f04f87ba7cd3beb8f840e33441bdc8cfee7fe74a49cd8abdcc8ac7727b6bbda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:31 GMT
content-encoding: br
last-modified: Fri, 08 Jul 2022 09:23:14 GMT
etag: "62c7cd52-1180a"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 71690
expires: Sat, 09 Jul 2022 02:12:31 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 74ms
21ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WCBNVW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 460
date: Sat, 09 Jul 2022 01:04:51 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 09 Jul 2022 03:04:51 GMT

GET
H/1.1 200
OK target.js Show response
target.smi2.net/client/ 3 KB
1 KB 199ms
49ms Script
application/x-javascript 46.161.36.2
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://target.smi2.net/client/target.js
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.161.36.2 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: target2-1.sselp1.imcmdb.net
Software: nginx /
Resource Hash: 2ea6594700eadc561dce18df33d16ff9d07ff631d4f6f4eae734bfe34e900f0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 09 Jul 2022 01:12:31 GMT
Content-Encoding: gzip
Last-Modified: Fri, 20 Apr 2018 15:55:37 GMT
Server: nginx
ETag: W/"5ada0d79-af9"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=259200, private
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Tue, 12 Jul 2022 01:12:31 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
191 B 71ms
21ms Image
text/plain 13.32.121.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=16803468&ns__t=1657329151224&ns_c=UTF-8&c8=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20-%20KP.Ru&c7=https%3A%2F%2Fwww.tumen.kp.ru%2F&c9=
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-17.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:31 GMT
via: 1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: Lt1v9o38Fq-YQFr69ZgWMCQPPJ4sWtPRO4kUuAqKm8BqXT1PtWvxmg==
x-cache: Miss from cloudfront

GET
H/1.1

200
OK

kptumen
counter.yadro.ru/hit;kp/kpall/reg/
Redirect Chain

https://counter.yadro.ru/hit;kp/kpall/reg/kptumen?r;s1600*1200*24;uhttps%3A//www.tumen.kp.ru/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0422%u044E%u043C%u0435%u043D%u0438%20%u0438%20%u0422%u0...
https://counter.yadro.ru/hit;kp/kpall/reg/kptumen?q;r;s1600*1200*24;uhttps%3A//www.tumen.kp.ru/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0422%u044E%u043C%u0435%u043D%u0438%20%u0438%20%u0422%...

43 B
528 B

74ms
61ms

Image
image/gif

88.212.201.204
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit;kp/kpall/reg/kptumen?q;r;s1600*1200*24;uhttps%3A//www.tumen.kp.ru/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0422%u044E%u043C%u0435%u043D%u0438%20%u0438%20%u0422%u044E%u043C%u0435%u043D%u0441%u043A%u043E%u0439%20%u043E%u0431%u043B%u0430%u0441%u0442%u0438%3A%20%u0433%u043B%u0430%u0432%u043D%u044B%u0435%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438%20%u043D%u0430%20%u0441%u0435%u0433%u043E%u0434%u043D%u044F%20%7C%20%u041A%u043E%u043C%u0441%u043E%u043C%u043E%u043B%u044C%u0441%u043A%u0430%u044F%20%u041F;0.5403549518281558

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

HTTP/1.1

Server

88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host204.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 09 Jul 2022 01:12:31 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 08 Jul 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 09 Jul 2022 01:12:31 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit;kp/kpall/reg/kptumen?q;r;s1600*1200*24;uhttps%3A//www.tumen.kp.ru/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0422%u044E%u043C%u0435%u043D%u0438%20%u0438%20%u0422%u044E%u043C%u0435%u043D%u0441%u043A%u043E%u0439%20%u043E%u0431%u043B%u0430%u0441%u0442%u0438%3A%20%u0433%u043B%u0430%u0432%u043D%u044B%u0435%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438%20%u043D%u0430%20%u0441%u0435%u0433%u043E%u0434%u043D%u044F%20%7C%20%u041A%u043E%u043C%u0441%u043E%u043C%u043E%u043B%u044C%u0441%u043A%u0430%u044F%20%u041F;0.5403549518281558
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Thu, 08 Jul 2021 21:00:00 GMT

GET
H3 200 container.html Show response
bae702d774fa849aafdd12eb7538a159.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C04F 6 KB
3 KB 20ms
20ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bae702d774fa849aafdd12eb7538a159.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022070601.js?cb=31068338

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 01:12:31 GMT
expires: Sun, 09 Jul 2023 01:12:31 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 event
ads.adfox.ru/232598/ 0
18 B 80ms
79ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=e12d84f9bdb13b84&pm=bmu&pxo=OcQ4Zz8g8i8nTLHkrVxZ8c34oYI1XqHIsCN5-AMZQ-VdJARHxMMINwkrHXxUYck_nf8obbj2nvGfqcE5okGCQijmna9VKPJD6d8zR3Gvcf4Ny7dGwZ4MjFwsHFA7MqmUGOa8R1seMYpgEKchHWLj2kF6hG1SOpT4uDphAeZVJ3C96swfKw%3D%3D&p5=gwaok&ad-session-id=9907131657329149716&utg=oxum&lts=fjmtaiw&ytt=423863344300037&ybv=0.612099&ylv=0.612099&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&rqs=_cF1AbUMuD_-1chixi3UNaTLV7wU6gDl&pr=dyeeiod&puid3=top%3Aregion&rtb-si=b&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&p2=fbao&rand=nrqjdsz&sj=mjOp217J6Pq8o-qx8SNMs4sT5Km7CdO3300ymkEVvCUV8dfOziLt8PjwefQdkw%3D%3D&puid1=adv-1657329149673-55&p1=bufhv&resp-time=628

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:31 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Jul 2022 01:12:31 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/8828632559684167007/ Frame 5219 36 KB
6 KB 71ms
28ms Document
text/html 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=TCBqRYGvr3&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

748646bc30925c61574071e2cfe947ece6be153f4d4e4b5d1d192cbe2f5e6cc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1c93cdb1133891517efd814bd17e41a7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 01:12:31 GMT
expires: Sun, 09 Jul 2023 01:12:31 GMT
last-modified: Wed, 05 May 2021 19:27:43 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8F4C 0
622 B 171ms
74ms Ping
image/gif 142.251.36.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvUFfMyOXzx6UdscggA6iJsWB83RO1Em1Wnq30MlMnksC3MDV5SBI3c1f9mbQy9es-AlWi3nzhn4GIeg6CGXKijmzqz9tp6NxShvykjcdFydOqpggTCzm8VZRoZAnVCvBGUau34zu3_UiOV_g6oL6e974U9a1ShA7A8WJQLH9STRS9ntnO-AEf4ybJYbfmekGoccv_7KK2DA_4vZdlLJPMQ6I4_sAwAdR-oshEuGvnx5_67MJeJ89XOXZbNEhaTMZBzbkPQIIxrGWq9EhlnYUwWLp40zOqBsXczZJYnch_ALwR4Iki_LfKeBueHF7ZVzU2fF0YPZc1w0OY0sbQXRX_fN3Mglou1fbjWDIUkxRHG9KzZZcnXf45o11oSqnYOIimKJp6IMm9t9KR6M359xh9M3gc3CV4j35G9ke7xLwqVQuwsMmRZnHRgWv6xq_V4KSFa0G_xzBnqnJaxgY9byCmNnSnFqbxYGcSiCTwWB_oBcU7_rmm1lEJOgO8r6ki__C9PjIAoHwpKGYUmswglFRF1i8LgV8vzSjQTsltzB5K7R4Y7S2sAr7lrrCQ-NxRDRkXQWqC-FWbZw0O6ADZr_Iskq6EA5pLOp8G_aBk4RP0JNEkNWP5K9updSzK8N9EIZWNwfsDwpmkE97v0yH4XRKnZscG18LBjpWIrDrVsDGXFLM96fw9cqQtBasBxCzDqtZ8uR9ImJuJRkqSU-SARsjSYPVHW5oM4mea_Oc3l1rkrtgPrOjlzG_6shjnJ2HPa30zk_P3G5yh1N8X_a9vdP0AMp3B08rZwPYPTJS7DclWVmLHtHWOZAhEIGWMOoVm09B3OI_hqYF7xOqDAigTefJ3NW6mErHulufKV7E3vsts6K7aMPZs4_0cjE_V-tbRUlKAVCpCDQ6GHWrYa6WVwAd09BzGzPZQHfA_srst6q7Pyrv_Tg4gu6rwhRaHzJz4_NXymonACIqWWo7GeEv0TVKUloGm7Beqw8h9A4uatICECdyjzu4iH_MJY32rgd7jwTXHM-1BAKb3Zny4CsnsNzHkNzmbp9czfUiP8I910LxgaMdnvjYFG-XPjFSR1_g0DhpOZ_pgLxrPzA5JBC6fAutkubl8t7LBb4Myf1ubmZv2c6A98262VdBgaZ5GSWo2NeVR15xYwk4YAzO5bXgwnjOmEvVMYrBGFIxtNh_LdLIvBbQ8hnYMIv5oFWo7Ma9uALxHE1ynTaI1Vs8P36BonYz5L_3tabLwI0EepsJEs_cMEscKYjO71_HIp3YjI6w&sai=AMfl-YTNEWE3uqPejuwLYbHAn1a8613y0K9j1Z9XcYRhOPfLncAV3-UJWr_t5snM9_LACTKkZeTTjLAURERKaxOezH9tXUJlvDFg4t6K-uLZHE3XIOwrf5PlTnEf33l2Ls46Vs6Fdd9FwndhpCO4H6qRcizVAqqS3CZ9bJsN2px-b2KZEvWVG37BG5d37IkRGIVhXVZEUbqygXbyraQuNKgq8N6qKZCQd00&sig=Cg0ArKJSzJXo_xV59a3BEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=201&cbvp=1&cstd=195&cisv=r20220706.33113&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.36.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s10-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1c93cdb1133891517efd814bd17e41a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Sat, 09 Jul 2022 01:12:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1

200
OK

firstevent
skydeutschland.demdex.net/ Frame 8F4C
Redirect Chain

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131962155&d_placement=339771397&d_campaign=28017826&d_bust=3941290521&gdpr=&gdpr_con...
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131962155&d_placement=339771397&d_campaign=28017826&d_bust=3941290521&gdpr=&gdp...

42 B
964 B

53ms
47ms

Image
image/gif

34.249.106.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131962155&d_placement=339771397&d_campaign=28017826&d_bust=3941290521&gdpr=&gdpr_consent=

Requested by

Host: 1c93cdb1133891517efd814bd17e41a7.safeframe.googlesyndication.com
URL: https://1c93cdb1133891517efd814bd17e41a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

HTTP/1.1

Server

34.249.106.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-249-106-217.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1c93cdb1133891517efd814bd17e41a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v036-062c2df38.edge-irl1.demdex.com 5 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: SMmWpwSMSL0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v036-0a751b2d7.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: WWdD6rc6R8o=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131962155&d_placement=339771397&d_campaign=28017826&d_bust=3941290521&gdpr=&gdpr_consent=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 8F4C 60 B
60 B 166ms
37ms Image
image/gif 85.14.248.72
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvApi=sky-dv360&extProvId=300&extPu=sky-dv360&extLi=1008209757&extPm=431953134&extCr=17611747867&gdpr=&gdpr_consent=&rnd=3941290521

Requested by

Host: 1c93cdb1133891517efd814bd17e41a7.safeframe.googlesyndication.com
URL: https://1c93cdb1133891517efd814bd17e41a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

85.14.248.72 Meerbusch, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1c93cdb1133891517efd814bd17e41a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 09 Jul 2022 01:12:30 GMT
X-ET-Code: 0
Strict-Transport-Security: max-age=31536000
Connection: close
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Cache-Control: max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Transfer-Encoding: chunked
Last-Modified: Sa, 09 Jul 2022 01:12:31 GMT
X-ET-Monitoring: 1
X-ET-Camp: 923
Content-Type: image/gif
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DD55 0
0 60ms
60ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022070601&jk=4047285186638077&rc=
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H2

200

1 Show response
mc.yandex.com/watch/26254/
Redirect Chain

https://mc.yandex.com/watch/26254?wmode=7&page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2n2z35yck7fai9c6gvqew%3Afu%3A0%3Aen%3Aut...
https://mc.yandex.com/watch/26254/1?wmode=7&page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2n2z35yck7fai9c6gvqew%3Afu%3A0%3Aen%3A...

167 B
624 B

89ms
75ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/26254/1?wmode=7&page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2n2z35yck7fai9c6gvqew%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A641159656718%3Ahid%3A24424282%3Az%3A0%3Ai%3A20220709011230%3Aet%3A1657329151%3Ac%3A1%3Arn%3A324585750%3Au%3A1657329151362652560%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1657329147906%3Aco%3A0%3Arqnl%3A1%3Ast%3A1657329151%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20-%20KP.Ru&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnl%281%29ti%282%29

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

2804963ef7106d1cb69139f949d734a2939f46ae4739b09822efa05e97501bf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:31 GMT
x-content-type-options: nosniff
last-modified: Sat, 09-Jul-2022 01:12:31 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 167
x-xss-protection: 1; mode=block
expires: Sat, 09-Jul-2022 01:12:31 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:31 GMT
last-modified: Sat, 09-Jul-2022 01:12:31 GMT
location: /watch/26254/1?wmode=7&page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2n2z35yck7fai9c6gvqew%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A641159656718%3Ahid%3A24424282%3Az%3A0%3Ai%3A20220709011230%3Aet%3A1657329151%3Ac%3A1%3Arn%3A324585750%3Au%3A1657329151362652560%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1657329147906%3Aco%3A0%3Arqnl%3A1%3Ast%3A1657329151%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20-%20KP.Ru&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnl%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sat, 09-Jul-2022 01:12:31 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame ABC0 0
9 B 22ms
21ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?SDm-Sg
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 6198 22 KB
8 KB 29ms
29ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1c93cdb1133891517efd814bd17e41a7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 393732
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 11:50:19 GMT
expires: Tue, 04 Jul 2023 11:50:19 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8F4C 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c337c5f1d728860932b69b94e38b5024498d31d432a66a57dc1300acaf6e6cd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js Show response
pagead2.googlesyndication.com/bg/ Frame 9DBC 36 KB
14 KB 26ms
21ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79db9ed714dce58ba264e8498b854803f736d027ad66de53f72ed0ddc367ad30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 15:06:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36349
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13936
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Jul 2023 15:06:42 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/ Frame BABD 19 KB
3 KB 26ms
26ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/index.html

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d5993869445146bc2f0ce8ff0f84a46111700a4dcc9f2fa88fe56e350696a51

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bae702d774fa849aafdd12eb7538a159.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 391616
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3348
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 12:25:35 GMT
expires: Tue, 04 Jul 2023 12:25:35 GMT
last-modified: Thu, 30 Jun 2022 15:17:19 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C04F 0
0 65ms
64ms Fetch
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CuUDC_tXIYuODPY2R9u8P3Iuv2AyBzJaBa6uV8PmJEPH-ifG8MBABIPHL50JglQKgAePRhdsCyAEJqQJ3hRzFBxexPuACAKgDAcgDSKoEoQJP0GMvJzqybfKbygt4vgaCI8rVh3lf2_nEV0hRSzjeAHSxfsckT9ljODIPliA8RzW-t8-UJ3TIh8NL-oE7s99vjNYImMGJu1ZSyCtcw07aZ3XPy4IVjosAL_1Ervtrdj39kXW_q0QP32WTihqjcIGzYdg_d2WR8l2VFAL3unlD7O2PwMTAqNS5ZlVGJYQ4eJ6h9n2JWwBB-NCZ8Fxpa2Jecz4ReQUNFRrcObbWdv3qlPD2bX7VyjsOuS2D1bUKlg1yhRsqx0oCz0EW2kJq7qbvWuR9I5fSN8aCJFSM7Gwvfgcv7I6a9a0krdTGQJ4YAykuqNyR8lkvr0RHVZYZXKc7fZ8ARESMMENeDoxABOTlM9aPZqRuanDFOWsjTB3Vza72wATD55PQrwPgBAGgBi6AB4Wu-qQBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ6dYU0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHYEwPQFQGYFgGAFwGyFx4KHAgAEhRwdWItNzE3MjczMzQwODQ1NTY5Mhjx_hM&sigh=dN9-hnLktf0&uach_m=[UACH]&template_id=419
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s52-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bae702d774fa849aafdd12eb7538a159.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/ Frame C04F 21 KB
8 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/abg_lite_fy2021.js

Requested by

Host: bae702d774fa849aafdd12eb7538a159.safeframe.googlesyndication.com
URL: https://bae702d774fa849aafdd12eb7538a159.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bae702d774fa849aafdd12eb7538a159.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 00:17:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3276
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 18116328616323621410
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Jul 2022 00:17:55 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 97ms
32ms XHR
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-23870775-1&cid=1467006482.1657329151&jid=43623865&gjid=1749244767&_gid=1204457821.1657329151&_u=YGBAgAABAAAAAE~&z=1962901038

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 09 Jul 2022 01:12:31 GMT
content-type: text/plain
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 96ms
51ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=292989955&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAAAABAAAAAG~&jid=1428403403&gjid=1708695273&cid=1467006482.1657329151&tid=UA-5200037-42&_gid=1204457821.1657329151&_r=1&gtm=2wg6t0WCBNVW&cg1=main&cg5=main&cd3=main&cd4=main&z=1093989107

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 82ms
44ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=292989955&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAAAABAAAAAG~&jid=1918338796&gjid=530646188&cid=1467006482.1657329151&tid=UA-23870775-31&_gid=1204457821.1657329151&_r=1&gtm=2wg6t0WCBNVW&cd1=&z=1683648881

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 60ms
22ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=292989955&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=43623865&gjid=1749244767&cid=1467006482.1657329151&tid=UA-23870775-1&_gid=1204457821.1657329151&gtm=2wg6t0WCBNVW&cg1=main&cg5=main&cd3=main&cd4=main&z=257801005

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 20:29:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 17002
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/8828632559684167007/ Frame 5219 6 KB
2 KB 21ms
20ms Stylesheet
text/css 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8828632559684167007/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=TCBqRYGvr3&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4431ed2e1a04ff61147b043d77314af2c6711194fa816b09187c945a24be7ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=TCBqRYGvr3&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 13:16:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 215757
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1805
x-xss-protection: 0
last-modified: Wed, 05 May 2021 19:27:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 06 Jul 2023 13:16:34 GMT

GET
H3 200 Enabler_01_244.js Show response
s0.2mdn.net/879366/ Frame 5219 109 KB
37 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_244.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=TCBqRYGvr3&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7052ee7e4fa3d19fa953957b23d6cd29b2311739ec0932d6e570577d19f2503

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=TCBqRYGvr3&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 06:57:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65685
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38072
x-xss-protection: 0
last-modified: Tue, 07 Jul 2020 18:35:15 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Jul 2022 06:57:46 GMT

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.4.2/ Frame 5219 59 KB
22 KB 76ms
31ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.4.2/gsap.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=TCBqRYGvr3&t=1&renderingType=2&ev=01_247

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3c5ff7e114ffe32212ee07123f9dc6aa19c09072e44fe64649c9cc747040cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 179590
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21678
timing-allow-origin: *
last-modified: Tue, 21 Jul 2020 23:12:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f177643-eca3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=chgnJuwZ96G146UHuqDvNkjYmw8jLqSmmLXdSpv2XKKMC8foNvBbByCOfzN2OlttysTUA8njD2N1s6DV4TJJYCgwywLctEWlchgoi32RAw1YdYzj6qZZpFKZqjE4aN03%2F3jA1NB%2Bb3h6tu6vrsD2lC5r"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 727d311cdd7e5b80-FRA
expires: Thu, 29 Jun 2023 01:12:31 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
348 B 92ms
28ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8MQ0FGXD1P&gtm=2oe6t0&_p=292989955&_z=ccd.v9B&cid=1467006482.1657329151&ul=en-us&sr=1600x1200&_s=1&sid=1657329151&sct=1&seg=0&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20-%20KP.Ru&en=page_view&_fv=1&_ss=1&ep.title=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8&ep.allowLinker=true
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8MQ0FGXD1P&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 48ms
29ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-E8KWCYC304&gtm=2oe6t0&_p=292989955&_z=ccd.v9B&cid=1467006482.1657329151&ul=en-us&sr=1600x1200&_s=1&sid=1657329151&sct=1&seg=0&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20-%20KP.Ru&en=page_view&_fv=1&_ss=1&ep.title=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8&ep.allowLinker=true
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E8KWCYC304&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame BABD 9 KB
3 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 13:42:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41381
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 09 Jul 2022 13:42:50 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame BABD 26 KB
10 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 23:30:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6144
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 09 Jul 2022 23:30:07 GMT

GET
H3 200 img-bg.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/assets/ Frame BABD 8 KB
8 KB 23ms
21ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/assets/img-bg.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f49cb0b6d42bf973f6c635c3d94ff982911f92113d8ffcc10ac7c36010312a1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 391616
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8172
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:17:19 GMT
server: sffe
date: Mon, 04 Jul 2022 12:25:35 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Jul 2023 12:25:35 GMT

GET
H3 200 tf-0.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/assets/ Frame BABD 5 KB
5 KB 40ms
31ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/assets/tf-0.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb90a0f9ffef3709ed2b89a838a1d8427d2c0455dd2d80172f9fad9aae005a51

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 391615
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4863
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:17:19 GMT
server: sffe
date: Mon, 04 Jul 2022 12:25:36 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Jul 2023 12:25:36 GMT

GET
H3 200 tf-1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/assets/ Frame BABD 3 KB
3 KB 48ms
39ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/assets/tf-1.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

629a26fc78b18926ea8bd3b830ef4396c843cd30f1377ce37846942b66cb93fb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 391615
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3496
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:17:19 GMT
server: sffe
date: Mon, 04 Jul 2022 12:25:36 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Jul 2023 12:25:36 GMT

GET
H3 200 tf-2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/assets/ Frame BABD 3 KB
3 KB 43ms
34ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/assets/tf-2.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

876df0b8f55006d11c5e8f40c03bdbdb268a696032c93d6f898fcf3479b03e49

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 391615
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3503
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:17:19 GMT
server: sffe
date: Mon, 04 Jul 2022 12:25:36 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Jul 2023 12:25:36 GMT

GET
H3 200 tf-3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/assets/ Frame BABD 3 KB
3 KB 41ms
33ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/assets/tf-3.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2fca556c5f7749ad4c076cc0b7e6ba29e016b951be97ce28883bb41fdd7f199

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 391616
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2979
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:17:19 GMT
server: sffe
date: Mon, 04 Jul 2022 12:25:35 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Jul 2023 12:25:35 GMT

GET
H3 200 tf-4.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/assets/ Frame BABD 3 KB
3 KB 38ms
29ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/assets/tf-4.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

799b495f7d42f6d45169610ca06274b82af3e761303a1b80208fb2ae4b84370e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 391615
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3265
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:17:19 GMT
server: sffe
date: Mon, 04 Jul 2022 12:25:36 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Jul 2023 12:25:36 GMT

GET
H3 200 img-cta.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/assets/ Frame BABD 2 KB
2 KB 87ms
78ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/assets/img-cta.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5dcff4247aabd457977aa3fa0b271f2d8ebba572e364dd16d4467508bd58584

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 391616
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1761
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:17:19 GMT
server: sffe
date: Mon, 04 Jul 2022 12:25:35 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Jul 2023 12:25:35 GMT

GET
H3 200 img-stoerer.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/assets/ Frame BABD 3 KB
3 KB 34ms
26ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/assets/img-stoerer.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8c632320bca724a4dbdb9d63df4dbff31f3db4e1635a3f7fa576fd901e749a1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 391616
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3131
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:17:19 GMT
server: sffe
date: Mon, 04 Jul 2022 12:25:35 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Jul 2023 12:25:35 GMT

GET
H3 200 gfx_white.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/assets/ Frame BABD 99 B
131 B 85ms
77ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/assets/gfx_white.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a94be541e5fa703c924b636d07e3f9801427c1b482ed2ca1ea31927f50745cf

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 391616
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:17:19 GMT
server: sffe
date: Mon, 04 Jul 2022 12:25:35 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Jul 2023 12:25:35 GMT

GET
H3 200 img-logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/assets/ Frame BABD 3 KB
3 KB 84ms
76ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/assets/img-logo.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

798b845f62453f01ea3421bf0614537a4270edb61b6cb2e3e01eff50d4350baa

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 391615
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3326
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:17:19 GMT
server: sffe
date: Mon, 04 Jul 2022 12:25:36 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Jul 2023 12:25:36 GMT

GET
H3 200 tweenmax_2.1.2_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame BABD 113 KB
39 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.1.2_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39910
x-xss-protection: 0
last-modified: Mon, 11 Mar 2019 14:29:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Jul 2022 01:12:31 GMT

GET
H3 200 TKUT_v1.1.1.min.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/assets/ Frame BABD 2 KB
1 KB 21ms
21ms Script
application/x-javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/assets/TKUT_v1.1.1.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3aa2faf4b9776272c95b568dbf35c22a27a8382fe8be903e2dceb32053577ed1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 391616
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1022
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:17:19 GMT
server: sffe
date: Mon, 04 Jul 2022 12:25:35 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Jul 2023 12:25:35 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 31ms
30ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-23870775-1&cid=1467006482.1657329151&jid=43623865&_u=YGBAgAABAAAAAE~&z=1143805873

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 81ms
32ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-23870775-1&cid=1467006482.1657329151&jid=43623865&_u=YGBAgAABAAAAAE~&z=1143805873

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1051362 Show response
mc.yandex.com/watch/ 422 B
459 B 70ms
69ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/1051362?wmode=7&page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&nohit=1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A30shymy8l87b25ks0fjeg%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A2%3Adp%3A0%3Als%3A808912011202%3Ahid%3A24424282%3Az%3A0%3Ai%3A20220709011231%3Aet%3A1657329152%3Ac%3A1%3Arn%3A1051401635%3Au%3A1657329151362652560%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1657329147906%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1657329152%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20-%20KP.Ru&t=gdpr(14)mc(p-1-h-1)clc(0-0-0)lt(67800)aw(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

d2817eb4c270c7bb75f640e93b072b8e84605b9bbffe01bb4738dc9386ebd4cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:31 GMT
x-content-type-options: nosniff
last-modified: Sat, 09-Jul-2022 01:12:31 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 422
x-xss-protection: 1; mode=block
expires: Sat, 09-Jul-2022 01:12:31 GMT

GET
H2 200 38305645 Show response
mc.yandex.com/watch/ 383 B
421 B 71ms
70ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/38305645?wmode=7&page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&nohit=1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A30shymy8l87b25ks0fjeg%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A3%3Adp%3A0%3Als%3A139612839669%3Ahid%3A24424282%3Az%3A0%3Ai%3A20220709011231%3Aet%3A1657329152%3Ac%3A1%3Arn%3A836350144%3Au%3A1657329151362652560%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1657329147906%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1657329152%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20-%20KP.Ru&t=gdpr(14)mc(p-2-h-2)clc(0-0-0)lt(67800)aw(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

2c2306b946aa59a2765c853ceebd710e967777d276bc157beec0e22dc00da9b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:31 GMT
x-content-type-options: nosniff
last-modified: Sat, 09-Jul-2022 01:12:31 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 383
x-xss-protection: 1; mode=block
expires: Sat, 09-Jul-2022 01:12:31 GMT

GET
H2 200 29474600 Show response
mc.yandex.com/watch/ 383 B
417 B 75ms
75ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/29474600?wmode=7&page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&nohit=1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A30shymy8l87b25ks0fjeg%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A4%3Adp%3A0%3Als%3A490070112712%3Ahid%3A24424282%3Az%3A0%3Ai%3A20220709011231%3Aet%3A1657329152%3Ac%3A1%3Arn%3A800191261%3Au%3A1657329151362652560%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1657329147906%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1657329152%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20-%20KP.Ru&t=gdpr(14)mc(p-5-h-3)clc(0-0-0)lt(67800)aw(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

85b90b38b1c778b6204af3ecb5e3c2c9316825cfe1fd7fdc64a6a5f0faa71c34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:31 GMT
x-content-type-options: nosniff
last-modified: Sat, 09-Jul-2022 01:12:31 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 383
x-xss-protection: 1; mode=block
expires: Sat, 09-Jul-2022 01:12:31 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 82ms
27ms XHR
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-23870775-31&cid=1467006482.1657329151&jid=1918338796&gjid=530646188&_gid=1204457821.1657329151&_u=YGDAAAABAAAAAG~&z=1123088734

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 09 Jul 2022 01:12:31 GMT
content-type: text/plain
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 trace Show response
yandex.ru/ads/ 0
235 B 75ms
74ms XHR
text/plain 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/trace

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1657329151630266-8410872371196078656-vla1-4679-vla-l7-balancer-8080-BAL-5064
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}

POST
H2 200 trace Show response
yandex.ru/ads/ 0
237 B 75ms
75ms XHR
text/plain 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/trace

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1657329151630681-10840656257809482744-vla1-4679-vla-l7-balancer-8080-BAL-5291
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}

GET
H2 200 wy150
avatars.mds.yandex.net/get-direct/5276122/O32SDlrtt6yNSBtkNxRzWA/ 6 KB
6 KB 78ms
76ms Image
image/webp 2a02:6b8::184
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/5276122/O32SDlrtt6yNSBtkNxRzWA/wy150
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: aa3b35ec63198485cff85d66b7248951e06b2aaf3855935184c46d48e6239171

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:31 GMT
last-modified: Fri, 01 Jul 2022 10:28:05 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 6092
x-request-id: d4a99d43ceefd5c8

GET
H/1.1 200
Ok lebara-aktion.de
favicon.yandex.net/favicon/ 696 B
909 B 184ms
60ms Image
image/png 2a02:6b8::36
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/lebara-aktion.de?size=32&stub=1

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

fdcc621864eab315fba4a0bd0d48c095bb5e49cccca6ac9f50cfa522fa5adffb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2 200 wy150
avatars.mds.yandex.net/get-direct/4457791/hZURDhmAHHuRfngtpZhMAQ/ 11 KB
12 KB 91ms
89ms Image
image/webp 2a02:6b8::184
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/4457791/hZURDhmAHHuRfngtpZhMAQ/wy150
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: edd84f2ecfc208ce9f1fe4f54aa3fa66cbb7ae15ba107f3f8820ca3097d6ac2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:31 GMT
last-modified: Fri, 10 Sep 2021 16:08:52 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 11558
x-request-id: 688b5070e59392ac

GET
H/1.1 200
Ok aphroditehillsrealty-pr.com
favicon.yandex.net/favicon/ 795 B
1008 B 196ms
66ms Image
image/png 2a02:6b8::36
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/aphroditehillsrealty-pr.com?size=32&stub=1

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

1c1f1fddbd0b997809bfaae0a6e7c12788f7c0861847538488040cd560df77e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H/1.1 200
OK sm.js Show response
stat.media/ 77 KB
28 KB 250ms
102ms Script
application/x-javascript 185.147.80.106
MIRAN-AS Miran DC

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/sm.js
Requested by: Host: target.smi2.net
URL: https://target.smi2.net/client/target.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.147.80.106 , Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS: smir13.imcmdb.net
Software: nginx /
Resource Hash: 9dc89e2eae45dccc1b2d7b9540adae2349bbb5d84578eadb8f0f645eac324910

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 09 Jul 2022 01:12:31 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Dec 2021 13:53:02 GMT
Server: nginx
ETag: W/"61a8cfbe-13481"
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, must-revalidate, proxy-revalidate, max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK /
target.smi2.net/init/ 95 B
463 B 51ms
49ms Image
image/png 46.161.36.2
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://target.smi2.net/init/?siteid=31456&count=site&bw=1600&bh=1200&xurl=https%3A%2F%2Fwww.tumen.kp.ru%2F&rnd=4396925013421
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.161.36.2 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: target2-1.sselp1.imcmdb.net
Software: nginx / HHVM/3.9.1
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

X-Target-Version: 2
Date: Sat, 09 Jul 2022 01:12:31 GMT
X-Target-Final: 20220709041231-0
Server: nginx
X-Target-Host: target2-1.sselp1
X-Powered-By: HHVM/3.9.1
X-Time-Request: 0.00041
Content-Type: image/png
Cache-Control: no-cache, private
Connection: keep-alive
Content-Length: 95
Expires: Sat, 09 Jul 2022 01:12:30 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
109 B 69ms
68ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:31 GMT
last-modified: Fri, 08 Jul 2022 09:23:14 GMT
etag: "62c7cd52-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sat, 09 Jul 2022 02:12:31 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FDBF 143 B
163 B 61ms
19ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: bae702d774fa849aafdd12eb7538a159.safeframe.googlesyndication.com
URL: https://bae702d774fa849aafdd12eb7538a159.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bae702d774fa849aafdd12eb7538a159.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1296
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sat, 09 Jul 2022 00:50:55 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/ Frame C04F 3 KB
1 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/window_focus_fy2021.js

Requested by

Host: bae702d774fa849aafdd12eb7538a159.safeframe.googlesyndication.com
URL: https://bae702d774fa849aafdd12eb7538a159.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bae702d774fa849aafdd12eb7538a159.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:01:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 632
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Jul 2022 01:01:59 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C04F 137 KB
42 KB 63ms
63ms Script
text/javascript 2a00:1450:4014:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: bae702d774fa849aafdd12eb7538a159.safeframe.googlesyndication.com
URL: https://bae702d774fa849aafdd12eb7538a159.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4014:80b::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e49548c45f00bbfa0fda642d02b5e29b407004eacc2099e348da7cb38f477052

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bae702d774fa849aafdd12eb7538a159.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43254
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1657132091081416"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 09 Jul 2022 01:12:31 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/26254/ 43 B
73 B 73ms
72ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/26254/1?page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&cnt-class=1&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2n2z35yck7fai9c6gvqew%3Afp%3A982%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A1%3Als%3A641159656718%3Ahid%3A24424282%3Az%3A0%3Ai%3A20220709011231%3Aet%3A1657329152%3Ac%3A1%3Arn%3A107504434%3Arqn%3A1%3Au%3A1657329151362652560%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1657329147906%3Ads%3A0%2C0%2C90%2C180%2C503%2C0%2C%2C84%2C0%2C%2C%2C%2C973%3Aco%3A0%3Arqnl%3A1%3Ast%3A1657329152&t=gdpr(14)mc(p-7-h-4)clc(0-0-0)lt(67800)aw(1)rqnt(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:31 GMT
last-modified: Sat, 09-Jul-2022 01:12:31 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 09-Jul-2022 01:12:31 GMT

GET
H2 200 26254 Show response
mc.yandex.com/watch/ 43 B
76 B 71ms
71ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/26254?page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2n2z35yck7fai9c6gvqew%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A1%3Als%3A641159656718%3Ahid%3A24424282%3Az%3A0%3Ai%3A20220709011231%3Aet%3A1657329152%3Ac%3A1%3Arn%3A217780151%3Arqn%3A2%3Au%3A1657329151362652560%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1657329147906%3Aco%3A0%3Arqnl%3A1%3Ast%3A1657329152%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20-%20KP.Ru&t=gdpr(14)mc(p-7-h-4)clc(0-0-0)lt(67800)aw(1)rqnt(2)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:31 GMT
last-modified: Sat, 09-Jul-2022 01:12:31 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 09-Jul-2022 01:12:31 GMT

GET
H3 200 x-7aydTzyDGf5pB5jP33n95ytuiMcqG17W4hZ3yQxPE.js Show response
pagead2.googlesyndication.com/bg/ Frame 6198 35 KB
13 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/x-7aydTzyDGf5pB5jP33n95ytuiMcqG17W4hZ3yQxPE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7eedac9d4f3c8319fe690798cfdf79fde72b6e88c72a1b5ed6e21677c90c4f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:33:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 193133
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13770
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 06 Jul 2023 19:33:38 GMT

GET
H2 200 840718858*** Show response
tns-counter.ru/nc01a***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/ 55 B
335 B 64ms
63ms Fetch
text/html 2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to

Full URL: https://tns-counter.ru/nc01a***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/840718858***
Requested by: Host: tns-counter.ru
URL: https://tns-counter.ru/ncc/counter.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software: ms-counter-3.3.5/1.20.2 /
Resource Hash: e5cf21b2b56f1d34740b409e6a94fddc2743001e66844094f1462079ca6e4955

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:31 GMT
last-modified: Sat, 09 Jul 2022 01:12:31 GMT
server: ms-counter-3.3.5/1.20.2
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: https://www.tumen.kp.ru
access-control-allow-credentials: true
content-length: 55

GET
H2

200

803887895
tns-counter.ru/V13b***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/
Redirect Chain

https://tns-counter.ru/V13a***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/803887895
https://tns-counter.ru/V13b***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/803887895

43 B
297 B

65ms
64ms

Image
image/gif

2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tns-counter.ru/V13b***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/803887895
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H2
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software: ms-counter-3.3.5/1.20.2 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:31 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-3.3.5/1.20.2
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:31 GMT
server: ms-counter-3.3.5/1.20.2
strict-transport-security: max-age=2678400
content-type: image/gif
location: https://tns-counter.ru/V13b***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/803887895
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/1051362/ 43 B
73 B 76ms
75ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/1051362/1?page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A30shymy8l87b25ks0fjeg%3Afp%3A982%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A2%3Adp%3A0%3Als%3A808912011202%3Ahid%3A24424282%3Az%3A0%3Ai%3A20220709011231%3Aet%3A1657329152%3Ac%3A1%3Arn%3A507824946%3Arqn%3A1%3Au%3A1657329151362652560%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1657329147906%3Ads%3A0%2C0%2C90%2C180%2C503%2C0%2C%2C84%2C0%2C%2C%2C%2C973%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1657329152&t=gdpr(14)mc(p-7-h-4)clc(0-0-0)lt(67800)aw(1)rqnt(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:31 GMT
last-modified: Sat, 09-Jul-2022 01:12:31 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 09-Jul-2022 01:12:31 GMT

GET
H2 200 1051362 Show response
mc.yandex.com/watch/ 43 B
73 B 72ms
71ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/1051362?page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A30shymy8l87b25ks0fjeg%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A2%3Adp%3A0%3Als%3A808912011202%3Ahid%3A24424282%3Az%3A0%3Ai%3A20220709011231%3Aet%3A1657329152%3Ac%3A1%3Arn%3A127392427%3Arqn%3A2%3Au%3A1657329151362652560%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1657329147906%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1657329152%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8&t=gdpr(14)mc(p-7-h-4)clc(0-0-0)lt(67800)aw(1)rqnt(2)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:31 GMT
last-modified: Sat, 09-Jul-2022 01:12:31 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 09-Jul-2022 01:12:31 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/1051362/ 43 B
73 B 69ms
68ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/1051362/1?page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A30shymy8l87b25ks0fjeg%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A2%3Adp%3A0%3Als%3A808912011202%3Ahid%3A24424282%3Az%3A0%3Ai%3A20220709011231%3Aet%3A1657329152%3Ac%3A1%3Arn%3A232570875%3Arqn%3A3%3Au%3A1657329151362652560%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1657329147906%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1657329152&t=gdpr(14)mc(p-7-h-4)clc(0-0-0)lt(67800)aw(1)rqnt(3)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:31 GMT
last-modified: Sat, 09-Jul-2022 01:12:31 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 09-Jul-2022 01:12:31 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/38305645/ 43 B
73 B 83ms
81ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/38305645/1?page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A30shymy8l87b25ks0fjeg%3Afp%3A982%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A3%3Adp%3A0%3Als%3A139612839669%3Ahid%3A24424282%3Az%3A0%3Ai%3A20220709011231%3Aet%3A1657329152%3Ac%3A1%3Arn%3A438925547%3Arqn%3A1%3Au%3A1657329151362652560%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1657329147906%3Ads%3A0%2C0%2C90%2C180%2C503%2C0%2C%2C84%2C0%2C%2C%2C%2C973%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1657329152&t=gdpr(14)mc(p-7-h-4)clc(0-0-0)lt(67800)aw(1)rqnt(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:31 GMT
last-modified: Sat, 09-Jul-2022 01:12:31 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 09-Jul-2022 01:12:31 GMT

GET
H2 200 38305645 Show response
mc.yandex.com/watch/ 43 B
73 B 88ms
87ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/38305645?page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A30shymy8l87b25ks0fjeg%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A3%3Adp%3A0%3Als%3A139612839669%3Ahid%3A24424282%3Az%3A0%3Ai%3A20220709011231%3Aet%3A1657329152%3Ac%3A1%3Arn%3A221932908%3Arqn%3A2%3Au%3A1657329151362652560%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1657329147906%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1657329152%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8&t=gdpr(14)mc(p-7-h-4)clc(0-0-0)lt(67800)aw(1)rqnt(2)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:31 GMT
last-modified: Sat, 09-Jul-2022 01:12:31 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 09-Jul-2022 01:12:31 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/38305645/ 43 B
73 B 87ms
86ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/38305645/1?page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A30shymy8l87b25ks0fjeg%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A3%3Adp%3A0%3Als%3A139612839669%3Ahid%3A24424282%3Az%3A0%3Ai%3A20220709011231%3Aet%3A1657329152%3Ac%3A1%3Arn%3A102473247%3Arqn%3A3%3Au%3A1657329151362652560%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1657329147906%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1657329152&t=gdpr(14)mc(p-7-h-4)clc(0-0-0)lt(67800)aw(1)rqnt(3)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:31 GMT
last-modified: Sat, 09-Jul-2022 01:12:31 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 09-Jul-2022 01:12:31 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/29474600/ 43 B
73 B 87ms
86ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/29474600/1?page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A30shymy8l87b25ks0fjeg%3Afp%3A982%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A4%3Adp%3A0%3Als%3A490070112712%3Ahid%3A24424282%3Az%3A0%3Ai%3A20220709011231%3Aet%3A1657329152%3Ac%3A1%3Arn%3A200930711%3Arqn%3A1%3Au%3A1657329151362652560%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1657329147906%3Ads%3A0%2C0%2C90%2C180%2C503%2C0%2C%2C84%2C0%2C%2C%2C%2C973%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1657329152&t=gdpr(14)mc(p-7-h-4)clc(0-0-0)lt(67800)aw(1)rqnt(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:31 GMT
last-modified: Sat, 09-Jul-2022 01:12:31 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 09-Jul-2022 01:12:31 GMT

GET
H2 200 29474600 Show response
mc.yandex.com/watch/ 43 B
73 B 86ms
86ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/29474600?page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A30shymy8l87b25ks0fjeg%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A4%3Adp%3A0%3Als%3A490070112712%3Ahid%3A24424282%3Az%3A0%3Ai%3A20220709011231%3Aet%3A1657329152%3Ac%3A1%3Arn%3A304460369%3Arqn%3A2%3Au%3A1657329151362652560%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1657329147906%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1657329152%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8&t=gdpr(14)mc(p-7-h-4)clc(0-0-0)lt(67800)aw(1)rqnt(2)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:31 GMT
last-modified: Sat, 09-Jul-2022 01:12:31 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 09-Jul-2022 01:12:31 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/29474600/ 43 B
73 B 80ms
79ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/29474600/1?page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A30shymy8l87b25ks0fjeg%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A4%3Adp%3A0%3Als%3A490070112712%3Ahid%3A24424282%3Az%3A0%3Ai%3A20220709011231%3Aet%3A1657329152%3Ac%3A1%3Arn%3A633704007%3Arqn%3A3%3Au%3A1657329151362652560%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1657329147906%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1657329152&t=gdpr(14)mc(p-7-h-4)clc(0-0-0)lt(67800)aw(1)rqnt(3)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:31 GMT
last-modified: Sat, 09-Jul-2022 01:12:31 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 09-Jul-2022 01:12:31 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8F4C 0
26 B 124ms
65ms Ping
image/gif 142.251.36.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvUFfMyOXzx6UdscggA6iJsWB83RO1Em1Wnq30MlMnksC3MDV5SBI3c1f9mbQy9es-AlWi3nzhn4GIeg6CGXKijmzqz9tp6NxShvykjcdFydOqpggTCzm8VZRoZAnVCvBGUau34zu3_UiOV_g6oL6e974U9a1ShA7A8WJQLH9STRS9ntnO-AEf4ybJYbfmekGoccv_7KK2DA_4vZdlLJPMQ6I4_sAwAdR-oshEuGvnx5_67MJeJ89XOXZbNEhaTMZBzbkPQIIxrGWq9EhlnYUwWLp40zOqBsXczZJYnch_ALwR4Iki_LfKeBueHF7ZVzU2fF0YPZc1w0OY0sbQXRX_fN3Mglou1fbjWDIUkxRHG9KzZZcnXf45o11oSqnYOIimKJp6IMm9t9KR6M359xh9M3gc3CV4j35G9ke7xLwqVQuwsMmRZnHRgWv6xq_V4KSFa0G_xzBnqnJaxgY9byCmNnSnFqbxYGcSiCTwWB_oBcU7_rmm1lEJOgO8r6ki__C9PjIAoHwpKGYUmswglFRF1i8LgV8vzSjQTsltzB5K7R4Y7S2sAr7lrrCQ-NxRDRkXQWqC-FWbZw0O6ADZr_Iskq6EA5pLOp8G_aBk4RP0JNEkNWP5K9updSzK8N9EIZWNwfsDwpmkE97v0yH4XRKnZscG18LBjpWIrDrVsDGXFLM96fw9cqQtBasBxCzDqtZ8uR9ImJuJRkqSU-SARsjSYPVHW5oM4mea_Oc3l1rkrtgPrOjlzG_6shjnJ2HPa30zk_P3G5yh1N8X_a9vdP0AMp3B08rZwPYPTJS7DclWVmLHtHWOZAhEIGWMOoVm09B3OI_hqYF7xOqDAigTefJ3NW6mErHulufKV7E3vsts6K7aMPZs4_0cjE_V-tbRUlKAVCpCDQ6GHWrYa6WVwAd09BzGzPZQHfA_srst6q7Pyrv_Tg4gu6rwhRaHzJz4_NXymonACIqWWo7GeEv0TVKUloGm7Beqw8h9A4uatICECdyjzu4iH_MJY32rgd7jwTXHM-1BAKb3Zny4CsnsNzHkNzmbp9czfUiP8I910LxgaMdnvjYFG-XPjFSR1_g0DhpOZ_pgLxrPzA5JBC6fAutkubl8t7LBb4Myf1ubmZv2c6A98262VdBgaZ5GSWo2NeVR15xYwk4YAzO5bXgwnjOmEvVMYrBGFIxtNh_LdLIvBbQ8hnYMIv5oFWo7Ma9uALxHE1ynTaI1Vs8P36BonYz5L_3tabLwI0EepsJEs_cMEscKYjO71_HIp3YjI6w&sai=AMfl-YTNEWE3uqPejuwLYbHAn1a8613y0K9j1Z9XcYRhOPfLncAV3-UJWr_t5snM9_LACTKkZeTTjLAURERKaxOezH9tXUJlvDFg4t6K-uLZHE3XIOwrf5PlTnEf33l2Ls46Vs6Fdd9FwndhpCO4H6qRcizVAqqS3CZ9bJsN2px-b2KZEvWVG37BG5d37IkRGIVhXVZEUbqygXbyraQuNKgq8N6qKZCQd00&sig=Cg0ArKJSzJXo_xV59a3BEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=631&vt=11&dtpt=430&dett=3&cstd=195&cisv=r20220706.33113&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.36.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s10-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1c93cdb1133891517efd814bd17e41a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 01:12:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 img-dude-mask.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/assets/ Frame BABD 4 KB
4 KB 81ms
73ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/assets/img-dude-mask.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

235defc755b859806947cbb53bbc686b37cfbe895af5b10d3ae30fa43faa3f28

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 391391
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4575
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:17:19 GMT
server: sffe
date: Mon, 04 Jul 2022 12:29:20 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Jul 2023 12:29:20 GMT

GET
H3 200 img-dude.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/assets/ Frame BABD 28 KB
28 KB 86ms
79ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/assets/img-dude.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b85363b00371f9dff3d5fddd30597d1a40507c7655757fd82063cfc30773e95

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 391615
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28889
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:17:19 GMT
server: sffe
date: Mon, 04 Jul 2022 12:25:36 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Jul 2023 12:25:36 GMT

GET
H3 200 img-phone-0-mask.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/assets/ Frame BABD 2 KB
2 KB 82ms
77ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/assets/img-phone-0-mask.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

500a5a13f7c4415cd350cabe9fd854cfabf935924591a39b88f473710f31cb7a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 187240
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2090
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:17:19 GMT
server: sffe
date: Wed, 06 Jul 2022 21:11:51 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 06 Jul 2023 21:11:51 GMT

GET
H3 200 img-phone-0.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/assets/ Frame BABD 16 KB
17 KB 57ms
52ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/assets/img-phone-0.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19df6f6395e95890f7ca6227a7c554eddb1b56af0e130f776a245f70ed177e33

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 391615
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16890
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:17:19 GMT
server: sffe
date: Mon, 04 Jul 2022 12:25:36 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Jul 2023 12:25:36 GMT

GET
H3 200 img-phone-1-mask.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/assets/ Frame BABD 5 KB
5 KB 73ms
68ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/assets/img-phone-1-mask.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a31b7755e63e25c7903e077114e3e308c05df73e01cd1d478ed954cadf7a0e98

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 391615
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5484
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:17:19 GMT
server: sffe
date: Mon, 04 Jul 2022 12:25:36 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Jul 2023 12:25:36 GMT

GET
H3 200 img-phone-1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/assets/ Frame BABD 16 KB
16 KB 76ms
72ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/assets/img-phone-1.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76c8b5bfcce9f97358e6a5802f23ddeb4d1f704777d7303c324c9ae4f709fa23

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 391615
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16455
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:17:19 GMT
server: sffe
date: Mon, 04 Jul 2022 12:25:36 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Jul 2023 12:25:36 GMT

GET
H3 200 img-phone-2-mask.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/assets/ Frame BABD 4 KB
4 KB 76ms
70ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/assets/img-phone-2-mask.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

128f8c731777eb7263d33fc034f186c3dd602acf57dd652b88c14dabb7cacf4f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 391615
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4031
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:17:19 GMT
server: sffe
date: Mon, 04 Jul 2022 12:25:36 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Jul 2023 12:25:36 GMT

GET
H3 200 img-phone-2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/assets/ Frame BABD 32 KB
32 KB 44ms
39ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/assets/img-phone-2.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aba8fea1bb5eac4266da2d3ca8e24ff08120646ad6fc6d90cb7d770f0cc3f520

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 391615
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32947
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:17:19 GMT
server: sffe
date: Mon, 04 Jul 2022 12:25:36 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Jul 2023 12:25:36 GMT

GET
H3 200 img-phone-4-mask.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/assets/ Frame BABD 814 B
846 B 77ms
72ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/assets/img-phone-4-mask.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca1837b67899f16d71bd17461ee8a5af8ceae8e88f1209e51da9a0dd307478fe

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 391615
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 814
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:17:19 GMT
server: sffe
date: Mon, 04 Jul 2022 12:25:36 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Jul 2023 12:25:36 GMT

GET
H3 200 img-phone-4.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/assets/ Frame BABD 4 KB
5 KB 72ms
68ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/assets/img-phone-4.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57cdfea2073eac8591aec41948da6e5b2a0ad1ddb9d39d1c840450814d4b80e5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 391615
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4595
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:17:19 GMT
server: sffe
date: Mon, 04 Jul 2022 12:25:36 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Jul 2023 12:25:36 GMT

GET
H3 200 img-phone-5-mask.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/assets/ Frame BABD 842 B
874 B 69ms
64ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/assets/img-phone-5-mask.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e421243a27cb9eb7bcfa06385e9fbae9d0f934827874936388f3bf3d5969db66

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 391615
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 842
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:17:19 GMT
server: sffe
date: Mon, 04 Jul 2022 12:25:36 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Jul 2023 12:25:36 GMT

GET
H3 200 img-phone-5.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/assets/ Frame BABD 4 KB
4 KB 65ms
61ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/assets/img-phone-5.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d23a3f4a917c0dbdebedc2487f5e4a565a85e0d7f566b059dd93f2637c330db

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 391615
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4112
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:17:19 GMT
server: sffe
date: Mon, 04 Jul 2022 12:25:36 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Jul 2023 12:25:36 GMT

GET
H3 200 img-phone-6-mask.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/assets/ Frame BABD 1 KB
1 KB 73ms
69ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/assets/img-phone-6-mask.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88b0b7f2c5691dd022c279aa52ea7b7f8c9da301804f192c24f83a69c851f734

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 391615
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1057
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:17:19 GMT
server: sffe
date: Mon, 04 Jul 2022 12:25:36 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Jul 2023 12:25:36 GMT

GET
H3 200 img-phone-6.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/assets/ Frame BABD 13 KB
13 KB 49ms
44ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/assets/img-phone-6.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9473308889628347351/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fae7b1a6508caaedb24db95aa22621ba070bf4ceff4fc125ffa0eca6c591217

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 391615
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13283
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 15:17:19 GMT
server: sffe
date: Mon, 04 Jul 2022 12:25:36 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Jul 2023 12:25:36 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 5219 7 KB
6 KB 47ms
32ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_244&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_244.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1081270901c8677eabe93a9f688abba9ca77a488d30b8a0b6f2cb9419ed33586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 01:12:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0

GET
H3 200 blank.png_1621953238939_blank.png
s0.2mdn.net/dynamic/2/10817374/s0.2mdn.net/creatives/assets/3690075/ Frame 5219 95 B
120 B 35ms
21ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10817374/s0.2mdn.net/creatives/assets/3690075/blank.png_1621953238939_blank.png

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9df9512d0f2332b34e43e220b6bdc675dc6b663e72406edde64fd96dc9128e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=TCBqRYGvr3&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 18:58:36 GMT
x-content-type-options: nosniff
age: 195235
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95
x-xss-protection: 0
last-modified: Tue, 25 May 2021 14:34:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 06 Jul 2023 18:58:36 GMT

GET
H3 200 DCO_Sky_ist_Wenn_160x600_1.jpg_1634118359639_DCO_Sky_ist_Wenn_160x600_1.jpg
s0.2mdn.net/dynamic/2/10817374/s0.2mdn.net/creatives/assets/3690075/ Frame 5219 14 KB
14 KB 36ms
22ms Image
image/jpeg 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10817374/s0.2mdn.net/creatives/assets/3690075/DCO_Sky_ist_Wenn_160x600_1.jpg_1634118359639_DCO_Sky_ist_Wenn_160x600_1.jpg

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1319543bd5718c8d67a80c8067f5cf89af4cde765705ee7aaa5dcea4fb68a5b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=TCBqRYGvr3&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 08:55:28 GMT
x-content-type-options: nosniff
age: 317823
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14698
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 09:46:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Jul 2023 08:55:28 GMT

GET
H3 200 DCO_Sky_ist_Wenn_SkyGo_V1_160x600_2.jpg_1634118359639_DCO_Sky_ist_Wenn_SkyGo_V1_160x600_2.jpg
s0.2mdn.net/dynamic/2/10817374/s0.2mdn.net/creatives/assets/3690075/ Frame 5219 18 KB
18 KB 37ms
23ms Image
image/jpeg 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10817374/s0.2mdn.net/creatives/assets/3690075/DCO_Sky_ist_Wenn_SkyGo_V1_160x600_2.jpg_1634118359639_DCO_Sky_ist_Wenn_SkyGo_V1_160x600_2.jpg

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4790e20dc6c6f3eb4a6bc1fd744a6c36bac3f3db7a7105fd0ac86c28e6c9f053

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=TCBqRYGvr3&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 00:35:56 GMT
x-content-type-options: nosniff
age: 88595
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18848
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 09:46:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Jul 2023 00:35:56 GMT

GET
H3 200 DCO_Sky_ist_Wenn_SkyGo_V1_160x600_3.jpg_1634203481415_DCO_Sky_ist_Wenn_SkyGo_V1_160x600_3.jpg
s0.2mdn.net/dynamic/2/10817374/s0.2mdn.net/creatives/assets/3690075/ Frame 5219 38 KB
38 KB 51ms
37ms Image
image/jpeg 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10817374/s0.2mdn.net/creatives/assets/3690075/DCO_Sky_ist_Wenn_SkyGo_V1_160x600_3.jpg_1634203481415_DCO_Sky_ist_Wenn_SkyGo_V1_160x600_3.jpg

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6918e15d33f6003358cb64a648cf2b174ebfd380f3a1e27eaed3f77c1db69269

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=TCBqRYGvr3&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 00:35:56 GMT
x-content-type-options: nosniff
age: 88595
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39142
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:24:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Jul 2023 00:35:56 GMT

GET
H3 200 sky_medium.woff
s0.2mdn.net/creatives/assets/3668815/ Frame 5219 27 KB
27 KB 38ms
21ms Font
font/woff 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3668815/sky_medium.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8828632559684167007/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4373878b9f750698b6a199ebc0eb0e550df208c5a1f9f778a346e271a2b4d733

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8828632559684167007/style.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:08:40 GMT
x-content-type-options: nosniff
age: 231
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27952
x-xss-protection: 0
last-modified: Thu, 20 Feb 2020 12:38:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Jul 2022 01:23:40 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/ Frame C04F 17 KB
7 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: bae702d774fa849aafdd12eb7538a159.safeframe.googlesyndication.com
URL: https://bae702d774fa849aafdd12eb7538a159.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bae702d774fa849aafdd12eb7538a159.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:02:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 587
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Jul 2022 01:02:44 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 5219 17 KB
6 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_244.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 09 Jul 2022 01:12:31 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FDBF
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

36ms
35ms

Document
text/html

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: bae702d774fa849aafdd12eb7538a159.safeframe.googlesyndication.com
URL: https://bae702d774fa849aafdd12eb7538a159.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 09 Jul 2022 01:12:31 GMT
expires: Sat, 09 Jul 2022 01:12:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 09 Jul 2022 01:12:31 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 l
www.google.com/ads/measurement/ Frame C04F 0
0 28ms
28ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTsp7QOsWzdNLt2TVqtW1kPcMcA3hYQBRhnTMTzlOOQb2ZVP8gtbdsrSu8W8b-ypB3SxmQivyq6WIuKqhxRSNoUODkjRw
Requested by: Host: bae702d774fa849aafdd12eb7538a159.safeframe.googlesyndication.com
URL: https://bae702d774fa849aafdd12eb7538a159.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bae702d774fa849aafdd12eb7538a159.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H/1.1 200
OK settings Show response
stat.media/counter/ 672 B
1 KB 53ms
53ms Script
application/javascript 185.147.80.106
MIRAN-AS Miran DC

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/settings?payload=COD1AQ&cb=_callbacks____0l5d6zi1b
Requested by: Host: stat.media
URL: https://stat.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.147.80.106 , Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS: smir13.imcmdb.net
Software: nginx /
Resource Hash: c59016e6cf1be2819e9759e18a3b64d92fa0ec126fdbb401161fb8c49fcbdaf8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 09 Jul 2022 01:12:32 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: application/javascript

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9DBC 0
10 B 21ms
21ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?zOq9Ig
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
DATA 200
OK truncated
/ Frame C04F 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 175c5199a2a86cdd66f0bfe390e1d1519a47f5237efad3810eb5c8d24e5807dc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js Show response
pagead2.googlesyndication.com/bg/ Frame 52D9 36 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79db9ed714dce58ba264e8498b854803f736d027ad66de53f72ed0ddc367ad30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 15:06:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36350
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13936
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Jul 2023 15:06:42 GMT

GET
H3 200 k_X99N4Bu7LAEiAV5XH-2E-AmSxVmuYLUAxNMPpeAtI.js Show response
pagead2.googlesyndication.com/bg/ Frame BABD 36 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/k_X99N4Bu7LAEiAV5XH-2E-AmSxVmuYLUAxNMPpeAtI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93f5fdf4de01bbb2c0122015e571fed84f80992c559ae60b500c4d30fa5e02d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 20:26:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 189973
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13978
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 06 Jul 2023 20:26:19 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
66 B 95ms
95ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=7f923cc6be40be2f&pm=bmp&pxo=u6E8rQr4M6l-xLyNVUlu-GORBRK20Xh_NHspCfrtbqJ-Q-1mFGVB4_kNAe_6yrsN47LIOutjmMJ8cQ2c9M1eUWylPKnT2MeSM2p4iyEPcWDJw8xLqvOmRDaWGvrOE62pfp-n_I51NURLO6PUhU_Wiixjf0xmtXVSMQybkZALS3oV2Jm6YTBq&p5=gwdbk&ad-session-id=9907131657329149716&utg=oxum&lts=fjmtaiv&ytt=423863344300037&ybv=0.612099&ylv=0.612099&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3F&rtb-si=b&p2=gftf&rand=jfxhymk&sj=3oTuC4sY24bWeBMnit1ZzFwD7hG8vpqjol3638DF29KaWMcCht6_runR2YdKow%3D%3D&puid1=adv-1657329149666-335&pr=dyeeiod&p1=cdinl&rqs=_cF1AbUMuD_91chigvQ6wTWjVhnRAvzX

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:32 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Jul 2022 01:12:32 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 87CE 0
0 75ms
74ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022063001&jk=3720049075959175&bg=!XF-lXxvNAAaLlKKnq5Q7ACkAdvg8Wh8wFKQeviSgW0eG4-U8kJ6EHQ4w9W4y6Q-RdGeriLcbMgFwbgIAAAGAUgAAAAJoAQeZAq28r7OQpxhITIJ4E795EJzTCE_1zE3J3RmKt4gOc7VQwKciukOP7fKNQYGo7eJUoO4LkbRRZCDm1wrBabO3ajXWREeOHFsGmrQrram-01_071UXjzk3uqnMhAEMFsM6D1ImUlb7yuWEuAJ6nIdCspqUqiFKsq6SZomv6IAMNu33HyUEum6uwlGiPW2NC8AyxYDLwUDJszIvRO74RVf_lpf0wWs5cJeEkZs7zPY-gmElLo6IwufB_2Ary6tyzubpPA-0f3KUHMzKWsH-frdmPOsvRiwvyldMOFxZ2o_fCxVJr3P8TnD6fwxVkD4M9VPw2g95tPachMQEO9SpJqFKMTQbTz-uJyUI156jYrFqnJ1oLpx_z635nkaaLrwrFIPJjJJxK1Drf-pT9V5ETN98cMVsbXg4OABFWHZVkXN3L8CJ183yPAIStk_Su1ptK7dmjQDy_kQePp_EWA9Um8exRU8aoZwaJynRcVXWmFC-jcY1uovkcSL9mPlphlhQQTN8QQtS1SR19-dfjkpXeEPtIFZ5vzqB4sSuQfsUO29zhQ-u0cdlpc3dX-YAthUxMon0upK3wolOQiyQbYPRobdeb2Wqy7yVBHibx1dyyAs9O5hFzjxfxN1O4gD8bNSFV-cOSOZsgfun12y-3WXouSLDoHUmwZVTi25mxWv-C2dlkknOtaOI53gzHjh_hLfA6X9-LUdojPijwBHmHdlXbWma5c3B5X5bKavRgEiGVufU3RWW9ddiO4n7xVXK1YJxVEk4V2cJAjNxhiGbvkidhIwVudFKm8SRqHDn0HPzXr6NXZm9pbnz6UnDXHCnrfMtTCDZweOHs5G1cL4Ci2e5n6xVkTOCzaLHxgUtrf2q2YiiOBryNCamcjg8EIImwBDI2foSi1bk3uPbgP_OWhLF4GjO
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H/1.1 200 /
smi2.ru/cookiematching/ 43 B
868 B 550ms
377ms Image
image/gif 82.148.14.198
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smi2.ru/cookiematching/?payload=CkEKB19zbV91aWQSJDZiMjJiOTAxLWJjNGYtNGUxYS05ODJhLWMwZjBjZmUyMWM5OBoILnNtaTIucnUiAS8ogOeEDwoqCgdfc21fdWR0Eg0xNjU3MzI5MTUyMDQ0Ggguc21pMi5ydSIBLyiA54QPCj8KB19zbV9zaWQSJGVkNjgyYTc5LTUzMGEtNDk5My1hZmNlLTg1YzBmZTdhMGU3ZBoILnNtaTIucnUiAS8oiA4%3D&rnd=1657329152122
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.148.14.198 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: ads5-2.ssel30.imcmdb.net
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache, no-cache
Date: Sat, 09 Jul 2022 01:12:32 GMT
Last-Modified: Saturday, 09-Jul-2022 01:12:32 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Connection: close
Content-Length: 43
Expires: Sat, 09 Jul 2022 01:12:32 GMT

GET
H/1.1 200
OK /
smi2.net/cookiematching/ 43 B
229 B 220ms
54ms Image
image/gif 82.202.225.240
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smi2.net/cookiematching/?payload=CkIKB19zbV91aWQSJDZiMjJiOTAxLWJjNGYtNGUxYS05ODJhLWMwZjBjZmUyMWM5OBoJLnNtaTIubmV0IgEvKIDnhA8KKwoHX3NtX3VkdBINMTY1NzMyOTE1MjA0NBoJLnNtaTIubmV0IgEvKIDnhA8KQAoHX3NtX3NpZBIkZWQ2ODJhNzktNTMwYS00OTkzLWFmY2UtODVjMGZlN2EwZTdkGgkuc21pMi5uZXQiAS8oiA4%3D&rnd=1657329152123
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.202.225.240 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: smi2adm2-1.ssel27.imcmdb.net
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 09 Jul 2022 01:12:32 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

POST
H/1.1 204
No Content view Show response
stat.media/counter/ 0
135 B 162ms
51ms XHR
text/plain 185.147.80.106
MIRAN-AS Miran DC

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/view
Requested by: Host: stat.media
URL: https://stat.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.147.80.106 , Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS: smir13.imcmdb.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
Date: Sat, 09 Jul 2022 01:12:32 GMT
Server: nginx
Connection: keep-alive

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6198 0
20 B 64ms
59ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B-spC_tXIYpDQPJiigQfipoK4BgAAAAA4AeAEAg&bg=!Xl2lXRnNAAaYcLjmuHA7ACkAdvg8WoMdE5dj5YvkIP73nydWHXEtXaVHoCvAd2Ap02MyJLzcXUXCTAIAAAGrUgAAAAFoAQeZAv71LOG7CCdhgiCFVEVEXR9-fQZrRnh0SmAp8Oz2fUb48bFlS1nNdn7fYVmVMGXXriXu61oywhwRFEixdhBKFxsSQJq4HNiIiasMYtJdfPzKdKl3Dhy6tDqTArGkJqYbRJBPVsDqRg5Wcb3m6yg1tV9ehVlIlNzNFz22GT7d3LhqorPuAEo6CM9ii3CiXVZAqQQN6d76BrHCM5xXk3zJE30P9sw7zk5O33zPSY9Zi7bqpeIiziUUQb9WMKzR1On18kcHZoYIiuHnyS7jngjwxSoWi4i0D29XqaDLktPIq7YRnkmQRJ3ZIHcHQLtPkA4kLss4zLwSP9zo3QGsUYMTKiCTLvfpF0_mCeRnGRNQjghGx0Pj1U1ILe8nVf2FMq3gOJG0bK9YcbKu7nmZeMCWKr63VyLxxsGhS5iSDfYib9Rgr8e90q5MwqbTS7OwVEsQHG0UPc_kKfwqcijiU8UjA3XyuGxaxjAtzPUeYclpRacNyIe0gJwbx0OuYJOIULu1gbXvg8sNKbtgOJWMuw_ZAdDewfXhHuhYj1UIBScmVs0_P3LM0zSQTlga1cvGpXx9SF2IQO_LD9A5mj_3WpmgdZrtSEzV-3y8bv0ijY7UBXFL6FljULnCdB1zQRf5mZY2VXMA7qitzvXpNruZRZoyPlxeeHzbYaEqTS56nrlGGWyzoc9vWokxDFGGJngD2HOF-8xU1019objfM1BA-rdWv4WOOFKCqoiD40xFK7iUX8US6VROE1H7mjzpk_sjX9zYQ9xKgwLZke9gtzvwfOnH92ZlmlJ0tN4BKt7m0eVVn_E2F9lgA0o2YZFwvF42PV_Ry-kMFyDm_TuvkX86aYw98rbRwxvySk9J5dK06l1jFaK16UaIYJUcVVSOsbfWmLyi29fLDneG0ceH6TSy4sVFhbQqkNFQifJ7H3cNfHEhUBr7UTT-Qe3oQZFD9FuzPZJxYiB_MYoPUgxJUkPYwuuxPsFytFlAxzY5rqlvS_LEvTZ0vQN1W9IFyAVFqg-lvWkA

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bundle.js Show response
yastatic.net/q/set/s/rsya-tag-users/ Frame B1E0 105 KB
37 KB 82ms
81ms Script
application/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:32 GMT
content-encoding: br
last-modified: Fri, 29 Oct 2021 11:19:01 GMT
server: nginx/1.17.9
etag: W/"82bdc8db563d3e71c35534315f8a9fd5"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Mon, 11 Jul 2022 13:12:31 GMT
cache-control: public, max-age=31556952
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
x-nginx-request-id: bc654f1be0124d19

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8F4C 42 B
64 B 59ms
58ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstG9vOGv9LzHxwXwhXfEnt_ussKgRgnz9qAEaenqfGaGwhu7L2fADLiQSRFh4-cLkT4FRa-0DKiCliUcAJNs5a9uk4jbanWW-4yEZHjL44pYtODEeRj5RTysfXIuLBcsTCDX4gs4H_Sna2e4A&sai=AMfl-YSo9udjZN1GB07nUNluxO-0e65DziSQpWMqgZh2kdsdf9nG8Oem3LkMwlZVSIqUBeN9ZN3FS7uL3x9SlSQH1BrSe9zKZitwIY_dY7dqu3UQIAv0ZHjkt7Sr4tebuKg&sig=Cg0ArKJSzKUxsWV003jAEAE&cid=CAASJ-Roa_dJ26ytXMhZPKPxWrjBe6LHDDhoc5T2O-eRT_DMq6RSJ1FXYA&id=lidar2&mcvt=1000&p=389,1410,1007,1570&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220706&bin=7&avms=nio&bs=0,0&mc=0.97&if=1&vu=1&app=0&itpl=20&adk=4130042211&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1657329150832&rpt=479&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1c93cdb1133891517efd814bd17e41a7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ Frame B1E0 158 KB
56 KB 70ms
69ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

8d87c18fcb70f9b1d23c94aedc506cb6cc2640c5aebb25ca6e8e64b0cd997553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:32 GMT
content-encoding: br
last-modified: Fri, 08 Jul 2022 09:23:14 GMT
etag: "62c7cd52-dd8a"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 56714
expires: Sat, 09 Jul 2022 02:12:32 GMT

GET
H2 200 data Show response
yandex.ru/set/s/rsya-tag-users/ Frame B1E0 403 B
632 B 294ms
294ms Fetch
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/set/s/rsya-tag-users/data?referrer=https%3A%2F%2Fwww.tumen.kp.ru%2F

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e38396d333c46da62b92a33d02a643b0493574c7c5493bb91dcfb23859da85a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: public,max-age=300
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8052 0
0 75ms
75ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022070601&jk=4047285186638077&bg=!Q0ClQATNAAaLlKKnq5Q7ACkAdvg8WhbhVYOz6agqhf5stbvFSdF4jg84xzObyS3_hjAGqVBKUWNsRgIAAAH8UgAAAAJoAQcKAFGu0VSCD_htlh8gs4l4zr0ZpW7ESGUqa_zf00jhI7wyZ-xwE6ValKgFIhL2hkKQqfrKCLenI5OvzbTpOEq4b9kUCGtVzcKENvDrfXqS0dEff0uZAqaNqNLtagzoeWU-kZcWLzrgPy-wVh7Bea9Ys11NR2bS9cnwtSLb1eIppeS725NrtrLGxOLZH-uzWpZv4co5lrw56YwnFYIVOuA-VwoykFVc9HIWcleGBcf_yqBj3AviBUSiYnnSF8z3gT56975hF4vpred1pyi300bhfiR1f4f9uN8aZNmgG9oYUNf9Hct02Xm7J6Fcfrp6IR72nVBWQU8AlH4oFJOAFQIXDj0V31KfeANnLEpPWIoTeBREY2_Bu4dmCwDzxVYng8fEIffUfGNCI4YzahgiCTRIVRrHossPmm0gUpcmI5_MHnCGHrG88SOQzC67Z1_A4vhH6pmP1k-ZIr9arf9c5dnR6LOKunedpfgCaY89Lc9ST9XMLpH5334ZRk3r3JNh06WK-PKWGTYLoGSLCQ-QZQPIjVtSSWMv2fUgzHW2Jghe8N_cFvrVCjXZAR_hLOGOrllR7NvBgm174mWe3LMJKyFujWG8UDJtHu2uT0Um6ZW-zP80DtS8qrUgyOQVrcfCNCSE1MsciXyOUPT5C9MCgHe3Xq5p1MdNeD1Cf04d8mtu_F8DG10Oy-H9Xvt46L0buZQgFWlbYzKPnLdJDeW5BXdt4BCuKte9v2jWiLanshbf2Ljdte9WwUlmtSDZBZrWcA_OfWwvk5c9Y4Y_a3BtE-u8r9CMCEZ1t1XF95wobj4efYl4ZcE0i7W9Oy3r7OaUAN7FmwGlj4Fvyp4SfYPsVvzlf_OwN1bE9pguO7Brzlaw18aq2z7s6E2uO1_ONQfW0oV7sfgOQ-xrbLlCgHhq1IoZca927luf9yhHtN81elR7kYAtp7ZkTZ9uvWUps3YW1knLC0Dn38qzHGgftcClGlcWXogMHgnBZyIx6rqt2nmEqHdCO0qQPIqWU0HF7jQ
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H2 204 event
ads.adfox.ru/232598/ 0
18 B 86ms
85ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=307aefddd919929d&pm=bmp&pxo=OcQ4Zz8g8i8nTLHkrVxZ8c34oYI1XqHIsCN5-AMZQ-VdJARHxMMINwkrHXxUYck_nf8obbj2nvGfqcE5okGCQijmna9VKPJD6d8zR3Gvcf4Ny7dGwZ4MjFwsHFA7MqmUGOa8R1seMYpgEKchHWLj2kF6hG1SOpT4uDphAeZVJ3C96swfKw%3D%3D&p5=gwaok&ad-session-id=9907131657329149716&utg=oxum&lts=fjmtaiw&ytt=423863344300037&ybv=0.612099&ylv=0.612099&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&rqs=_cF1AbUMuD_-1chixi3UNaTLV7wU6gDl&pr=dyeeiod&puid3=top%3Aregion&rtb-si=b&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&p2=fbao&rand=kmzilij&sj=mjOp217J6Pq8o-qx8SNMs4sT5Km7CdO3300ymkEVvCUV8dfOziLt8PjwefQdkw%3D%3D&puid1=adv-1657329149673-55&p1=bufhv

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:32 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Jul 2022 01:12:32 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 1Op4xthM0Hq200000000U9nJ_7kmb74hpmvxGnN6YSSj0ujDBVzTFP7400IUC95GQHzvozY-D0Q6L4QWUAOA8-i1a7Yf391Ncm0aMXb1P2T85WYO66OoQff3s0iPb-b0M2iPzJKWhBsCNfm234V1_BEC84rNmUHTHWOP1gQ_ZBEO61ZcCe54bZATOcPWMClq2yW-o... Show response
yandex.ru/an/rtbcount/ 43 B
134 B 98ms
98ms XHR
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/rtbcount/1Op4xthM0Hq200000000U9nJ_7kmb74hpmvxGnN6YSSj0ujDBVzTFP7400IUC95GQHzvozY-D0Q6L4QWUAOA8-i1a7Yf391Ncm0aMXb1P2T85WYO66OoQff3s0iPb-b0M2iPzJKWhBsCNfm234V1_BEC84rNmUHTHWOP1gQ_ZBEO61ZcCe54bZATOcPWMClq2yW-o_GV29uolG2Al68IMB6aNbG5g6tTEsVcqCUi37-PEeI13c5c1IhjPLO4abEPGKRCPMO2MGua5K1sisna5cbNx3fWNDjvaXdczwjWbNV1v4zc1oT-i3DdiIZ49xiPEYQ5-fQwnEiQ9cTaEbVakWQavsHwPMQanviaEIraaGw5A5x1iZ9l1mlJ0HQccomGNtwmVyXozWm8lB5_omBowmJMreOJ3MqR4XQmSfvatVo40wpk0cj3GmFBJTO_Frl-X_syc_oL5UJF3hO6bWbiVvklTr-Ordp7VWRRbSF12zXsRthufkl5fp_h6LUomSm-mEPnWetv4HjlH8IBbPEhPrQ5StAY-Kisc2j-mbaJsQ_ohTomqUAj_InsDZD38mDBomti3Gexs1bFi8iyO7zuuEh9pXVl9cRzO5zetC2nzRq1092agTa0?confirmTime=2100000&confirmRatio=1000000&test-tag=423861732507650&format-type=96&actual-format=8&rnd=3470171141676&pcode-active-testids=610322%2C0%2C21&banner-sizes=eyI3MjA1NzYwNjIzNTI4NjkxOCI6IjE1NjB4MjUwIn0%3D&width=1560&height=250

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
last-modified: Sat, 09 Jul 2022 01:12:32 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sat, 09 Jul 2022 01:12:32 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 3E8B 15 KB
6 KB 103ms
34ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.tumen.kp.ru

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

5e5c9149be229df7c934f8cd1acf1b3cc9e04e29cbbe6cbe0e2d726e79930cff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6144
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 01:12:32 GMT
server-processing-duration-in-ticks: 1914
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H/1.1 204
No Content view Show response
stat.media/counter/ 0
135 B 51ms
51ms XHR
text/plain 185.147.80.106
MIRAN-AS Miran DC

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/view
Requested by: Host: stat.media
URL: https://stat.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.147.80.106 , Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS: smir13.imcmdb.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
Date: Sat, 09 Jul 2022 01:12:32 GMT
Server: nginx
Connection: keep-alive

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain

https://sb.scorecardresearch.com/c2/16803468/cs.js
https://sb.scorecardresearch.com/internal-c2/default/cs.js

0
369 B

21ms
21ms

Script
application/javascript

13.32.121.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol: H2
Server: 13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:01:17 GMT
via: 1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront)
etag: "d41d8cd98f00b204e9800998ecf8427e"
last-modified: Mon, 01 Mar 2021 20:42:20 GMT
server: AmazonS3
age: 676
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-length: 0
x-amz-cf-id: G4kn1jTFtDS3z-Oxjkk2HTYLVrhxlRJGZF9AlIpiBM6rP4PWttA0Jw==

Redirect headers

location: /internal-c2/default/cs.js
date: Sat, 09 Jul 2022 01:12:32 GMT
via: 1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
content-length: 0
x-amz-cf-id: FkU9HjW66jMD0rBexfeUowJpSb7CiJGuQfdk1GLokNtYyFreeXi_qA==
x-cache: Miss from cloudfront

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame B1E0 40 KB
15 KB 117ms
47ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

00e67a6bb1601297c954a9c6438eb956f4ca87253683fb348d1bda64cee7d1ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15163
x-xss-protection: 0
server: cafe
etag: 11137310801552021614
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 09 Jul 2022 01:12:32 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/1014923426/ Frame B1E0
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=ANbIYsyTNJyK9fgPxr2c6A...
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1061912254&crd=&is_vtc=1&random=1488144436
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1061912254&crd=&is_vtc=1&random=1488144436&ipr=y

42 B
64 B

69ms
36ms

Image
image/gif

2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1061912254&crd=&is_vtc=1&random=1488144436&ipr=y

Protocol

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:32 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1061912254&crd=&is_vtc=1&random=1488144436&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/1014923426/ Frame B1E0
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=ANbIYqeTNMGJ9fgPnOK40A...
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=510370282&crd=&is_vtc=1&random=34604020
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=510370282&crd=&is_vtc=1&random=34604020&ipr=y

42 B
64 B

71ms
37ms

Image
image/gif

2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=510370282&crd=&is_vtc=1&random=34604020&ipr=y

Protocol

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:32 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=510370282&crd=&is_vtc=1&random=34604020&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3 Show response
mc.yandex.com/watch/ Frame B1E0 167 B
262 B 75ms
75ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A%3Avf%3A2n2z35yck7fai9c6gvqew%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A1482411835656%3Ahid%3A507829843%3Az%3A0%3Ai%3A20220709011232%3Aet%3A1657329153%3Ac%3A1%3Arn%3A958767420%3Arqn%3A1%3Au%3A1657329153384192611%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1657329150419%3Ads%3A0%2C115%2C65%2C1%2C1%2C0%2C%2C171%2C0%2C356%2C356%2C0%2C355%3Aco%3A0%3Ast%3A1657329153&t=clc(0-0-0)aw(1)rqnt(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

39187cb618a0ea00fb7d486e0c5058a5fa1abeb10b908f9365b6411666672f31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:32 GMT
x-content-type-options: nosniff
last-modified: Sat, 09-Jul-2022 01:12:32 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 167
x-xss-protection: 1; mode=block
expires: Sat, 09-Jul-2022 01:12:32 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ Frame B1E0 43 B
72 B 68ms
68ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 01:12:32 GMT
last-modified: Fri, 08 Jul 2022 09:23:14 GMT
etag: "62c7cd52-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sat, 09 Jul 2022 02:12:32 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C04F 42 B
64 B 67ms
66ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstnW8m081XyBGXIyEt5MbVyzFCclzDQ-FXDVdAeLQn9qnLhxoPt8tp8py8uOHjghrV7PC6BMNXcM2vZSMOEo10ypB0_571OHMLAzBkV_sbdIbcSVI8BY7FjEALtt0t6s4uwrMfUlyhmG-65dUiB1E1sgGEahT6y2FPCF9IsUMKnvaWbH9fXeUxSiQXb7hB0l25Aoti_019YwGLHUVCFmRX4JaDF8nKGzVhHOvpXcYcy-aI5spIhhjXizga9bvQ-5OxKA1cRLnQKCQoIqJQp40lX2VXebS0In7oggRPSVSa-WXuBK3MG_mMX8uhiv_oAagrfZLIM2dmLDax4LoaUdeXxTeVj83n1Woi1q-uCok3rN3Bc0aVAGzbs5Om_nAPx3N5fEgg7etymZtQp7E1P4-a6H1tCh98mVQP5U50FIjIaGQKe1ZQO1KeSyNvBbIdj7bXJf_mDvxHZxnMX5qOtMchqA1LjkkPqiL3PCMF3iE4pIn85J-UxvNoMM_bDLvVCcH_jm_DkJucrTkfS9_f7G4LCNyk010-0TUYCDpPKiGmnxHtZ0ZKTxCpZjEs3_Z6lrGFlF4SJJFJ8nNu5nBGOVNJ9UqwCVI4gD2cnQJGrVNh6VxUjC83uk_rKr0k2X0BVIBVhhcriYTQkoMGxGkTJmODEqRrj2ryJpB2q38t9Jam5653ZGtNzMpeuydZV3GcYXzh0iSRj3uTNBh3x_Zkf7czukRr26DETiZc_Vt42cgGzo-eC9gkK-sSMVHq99i8pua6rebNBSsRFLIJvpnVQyJNOj8_Lwprp1N7b0zivve8nf2Qd3yyC1PRb8g0ImXw3ZP8KTajtEYgAPXTAcKtav84U5O1r1Crt1QtJofoHzi817u7OCn40rTu0PJBj65rrzax1Eyos9Kgbwl2TYaOGqW4WTnxea6M6Z-cdpKNVRR9jZvnmjWfoKpq06FDhNM9zvR7jSMw1VAMdAwLpNeMOmkLRuLdJpLo1TY16O7UUw42usbtg62l44PVVyyE29j65gwjnTyYWP3ZqVAbUk6aS6pwGQzBdZLuSywb2lwVstqv9LVS1saDxXisZK6zAXajqOZbETf-e7yWrWPXIXdSIdhKPHfTU0qoBxSxWxMfZUNGc9GJwZrsFeo6CfaEscw&sai=AMfl-YTXhnVwvEsvLQrHp4P3BJj5K6A7orn0sHc0AgqGoXRMImr2xpdPVwwqCvhbOk9lw-PaVvqs_30H56y847NomyD_PfOXqRvi06YXWLPdqvH5tFsaZsxFB8D2haiSxJbURy9LvIza-cIh&sig=Cg0ArKJSzLDfVbY7AvsDEAE&cid=CAASF-Robi-wG7byQUAhF2tV1nSzx81tTWjr&id=lidar2&mcvt=1006&p=486,1100,1086,1400&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20220706&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=3886855702&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1657329151245&rpt=538&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bae702d774fa849aafdd12eb7538a159.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 3E8B
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=kp.ru&sn=ChromeSyncframe&so=0&topUrl=www.tumen.kp.ru&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=GCy-cnxOYmY3K0IrSmllZXAxVlpHZTZjSFlZWFhuK1dUQ0MvY2pmTTJ1NWUzaDg1QXQzR3pXTnpyZFpSMmI0ZnUrWC81YWE0WUZxd0V6TEpKZmllcWJ3VHNpNjJpSHBsOGUrbGE5MEpadWRBTE12N1JRbTJOVnhLU3pGeV...

430 B
635 B

274ms
32ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=GCy-cnxOYmY3K0IrSmllZXAxVlpHZTZjSFlZWFhuK1dUQ0MvY2pmTTJ1NWUzaDg1QXQzR3pXTnpyZFpSMmI0ZnUrWC81YWE0WUZxd0V6TEpKZmllcWJ3VHNpNjJpSHBsOGUrbGE5MEpadWRBTE12N1JRbTJOVnhLU3pGeVFkMElHUXFWS25weDlKTmpqQjhKbDVDMEJEWDZaN2VFdnN5V0hYRmg1UzJERVozK2E2eTZPTzRLSEZnbWoyS294aVdiUzVrbVd3QVl3TG5MR055d2lZQW5SSkMrVE10eDQ0UnZsb1U2dEpLU2JVZGE0WXRGNHZCZkxnRkFRems1OHYwYnVMVXlEQk5SUW0zRFZHaVVKUXRxUFRrNjNFQT09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

929da939383255198fc93e71062cfa8bd58902fe9743084fc0045f8c33c4e5e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:32 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4714
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:32 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=GCy-cnxOYmY3K0IrSmllZXAxVlpHZTZjSFlZWFhuK1dUQ0MvY2pmTTJ1NWUzaDg1QXQzR3pXTnpyZFpSMmI0ZnUrWC81YWE0WUZxd0V6TEpKZmllcWJ3VHNpNjJpSHBsOGUrbGE5MEpadWRBTE12N1JRbTJOVnhLU3pGeVFkMElHUXFWS25weDlKTmpqQjhKbDVDMEJEWDZaN2VFdnN5V0hYRmg1UzJERVozK2E2eTZPTzRLSEZnbWoyS294aVdiUzVrbVd3QVl3TG5MR055d2lZQW5SSkMrVE10eDQ0UnZsb1U2dEpLU2JVZGE0WXRGNHZCZkxnRkFRems1OHYwYnVMVXlEQk5SUW0zRFZHaVVKUXRxUFRrNjNFQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1438
content-length: 541
expires: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame B1E0 3 KB
1 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1657329152899&cv=9&fst=1657329152899&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84dc37be33cd709ef83c5b85337137edeeb24d25b725839b4a00089ccbbc8374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1117
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame B1E0 3 KB
1 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1657329152903&cv=9&fst=1657329152903&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1c817e698606701cbd992078e8f62f2f41e676c440e4973d6879c5d02ff69f85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1119
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame B1E0 3 KB
1 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1657329152907&cv=9&fst=1657329152907&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

33f7f2cc2f638afe8f26551e1cbd0af47cb23337cab7ea1ee181dfad26b41d9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1118
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame B1E0 3 KB
1 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1657329152909&cv=9&fst=1657329152909&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9897e2faf3bc5fd24ffc4ddbe7700ce0a77b2b2fd33eb1a83b71f22ea3e822f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1119
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 WP0ejI_zO0e1DGm0H1Gv7qmRPcVAMmK02W8GW8200J7-rSXY000003YScWE80Xov0gRp98YwvjPcy0AvXyZy0V050Q06m0791lt1TG6r3BW_gGSa0GN0EL5pDS07mAkm-W6e2kW7Y0iugWiGgAH_5IG10G2kxaC3LUFm2mRW3OA0W860W82819WE_OFNYz2MWzm_g... Show response
yandex.ru/an/count/ 43 B
267 B 83ms
78ms XHR
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/count/WP0ejI_zO0e1DGm0H1Gv7qmRPcVAMmK02W8GW8200J7-rSXY000003YScWE80Xov0gRp98YwvjPcy0AvXyZy0V050Q06m0791lt1TG6r3BW_gGSa0GN0EL5pDS07mAkm-W6e2kW7Y0iugWiGgAH_5IG10G2kxaC3LUFm2mRW3OA0W860W82819WE_OFNYz2MWzm_g0-aWiIydAVKkJMG4FhaXuELcOkgu9MOVGJW507O5S6AzkoZZxpyO_205eM0o826i62O5l3OnPK6e1RmjlgL1iaMy3_O5e4Ng1S9cHZG627u69pwpi2Gb_sD780PYHcpvB0Pk1d___y1m1dyyvFyxwh-xcFI6H9vOM9pNtDbSdPbSYzoDZWqBJ7e6PWCy1dw0PWQrCDJi1j8k1i3WXmDM5X4Ea95IMfuGsDXD-aSW1t_Vu0WW228807G8V___m4K03F3QvWnKJnoIiXeRbDQ2wkHgRWic4JZ43nvXIHEZD5bgu0JTCsFq4VDW1qJeokusZc89Ah7Ak6FlSqXQHXd~1=Wo8ejI_zOAq2nHW0D2khmDNThGEqYxcspTcxmB81W07xrwEoYVBcZJU80OR_dhHNa06CjgVmse20W0AO0Oosf_1Qe064g064k066l8Q_8DW1dgEqbG7W0OIRj9K1w0780VW1_8hUlW6W0igKhHYm0yOHY0N_rm-G1U2q4B05tzm6k0NVt0R01S77ACW5ZyyGq0Meu07W1PG1c0RQZSaZg0R00Qa79045m3bHSpMu1u05q0S2s0SGu0Ua3_470032W806u0YbofOCw0djJ2vHmm3IFydP2-WB_zSFY0pYdkI-0UWCcmQO3PZre0x5nIM04C_FWXkQ41i9003uFnd84C6Y4D0GleMlNvWHWyyaeRdW4PkgFUWHf9QK-w70ie7lW9JBGDWTaAbubji_c1C4u1FVt0Q05820W0I85DABlCM-uyEP8A0Ktzm6g1JWj1305828thu1o1G4q1JunVbks1Jfi8wK1kWKZ0BG5UcmZfG6s1N1YlRieu-y_6EO5l3OnPK6e1RmjlgL1h0MemV95j0MufxalW7O5lhaXuELcOkgNu4N0F0_c1U4zCahk1S1m1UrbW7G5z260zWNhCGww1S7cHYW61Mm6AxXefO6k1W--1YS-ix0a9VzZHo06OaPi-G80000002W6S01k1d___y1u1a7w1cO3F0P-W616l__Wy-FU36DY1h0X3sO6jJ3KxWQ0VKQ0G0009WRr_uyi1j8k1i3s1k04EaR00000AA-Cq7m6_pWm07u6-UwHjWS_zSFu1pWj13f7F4S0000J3XBlJ-07Vz_cHt87S24FU0TeS85aHwe7W7G7hEyvVQBWfM46DWU_DeUY1____y1e1_Fpu8Ri1y1o1_FaTfAqXy6DZ4oC3avsHy0000WI5qrGU0V_SZG0UWVuF9xW22088WW0QaWi224W23W807G8Vy1800uulMJ871NWp55ab12xiZ9WGmnNie03gnW4848k9S56nAt3Gb1NCuRRIxtavwyQiZSqWmAM1qPyEe6OCIc1MWfOXWIN4BByGcCaK022vP7ZDNsf34WTgLq5c1Tr2Gxs2RW~1?stat-id=28&test-tag=423861732540945&banner-sizes=eyI3MjA1NzYwNjIzNTI4NjkxOCI6IjE1NjB4MjUwIn0%3D&format-type=96&actual-format=8&pcodever=612099&banner-test-tags=eyI3MjA1NzYwNjIzNTI4NjkxOCI6IjMxOTUzNyJ9&pcode-active-testids=610322%2C0%2C21&width=1560&height=250&confirmTime=2116000&confirmRatio=1000000&wmode=0

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
last-modified: Sat, 09 Jul 2022 01:12:32 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sat, 09 Jul 2022 01:12:32 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame B1E0 42 B
64 B 32ms
32ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1657329152899&cv=9&fst=1657328400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=1261791307&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/947884341/ Frame B1E0 42 B
64 B 82ms
36ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/947884341/?random=1657329152899&cv=9&fst=1657328400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=1261791307&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame B1E0 42 B
64 B 32ms
30ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1657329152903&cv=9&fst=1657328400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=2115551434&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/693627671/ Frame B1E0 42 B
64 B 80ms
34ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/693627671/?random=1657329152903&cv=9&fst=1657328400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=2115551434&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame B1E0 42 B
64 B 33ms
31ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1657329152907&cv=9&fst=1657328400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=2365879411&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/947884341/ Frame B1E0 42 B
64 B 81ms
39ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/947884341/?random=1657329152907&cv=9&fst=1657328400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=2365879411&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame B1E0 42 B
64 B 34ms
33ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1657329152909&cv=9&fst=1657328400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=2237484678&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/693627671/ Frame B1E0 42 B
64 B 76ms
38ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/693627671/?random=1657329152909&cv=9&fst=1657328400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=2237484678&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 37412095 Show response
mc.yandex.com/watch/ Frame B1E0 350 B
457 B 71ms
71ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%220%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22chrome%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Agdpr%3A6%3Avf%3A2n2z35yck7fai9c6gvqew%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A2%3Adp%3A1%3Als%3A218843303981%3Ahid%3A507829843%3Az%3A0%3Ai%3A20220709011232%3Aet%3A1657329153%3Ac%3A1%3Arn%3A670448319%3Arqn%3A1%3Au%3A1657329153384192611%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1657329150419%3Ads%3A0%2C115%2C65%2C1%2C1%2C0%2C%2C171%2C0%2C356%2C356%2C0%2C355%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1657329153%3At%3A&t=gdpr(6)clc(0-0-0)lt(5400)aw(1)rqnt(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

724bc4358d0c7fb72ff14295976ac124022f530ba35abad0df21990c29c0c0ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:33 GMT
x-content-type-options: nosniff
last-modified: Sat, 09-Jul-2022 01:12:33 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 350
x-xss-protection: 1; mode=block
expires: Sat, 09-Jul-2022 01:12:33 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
66 B 76ms
76ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=f7457f1eaa8fe921&pm=bmn&pxo=u6E8rQr4M6l-xLyNVUlu-GORBRK20Xh_NHspCfrtbqJ-Q-1mFGVB4_kNAe_6yrsN47LIOutjmMJ8cQ2c9M1eUWylPKnT2MeSM2p4iyEPcWDJw8xLqvOmRDaWGvrOE62pfp-n_I51NURLO6PUhU_Wiixjf0xmtXVSMQybkZALS3oV2Jm6YTBq&p5=gwdbk&ad-session-id=9907131657329149716&utg=oxum&lts=fjmtaiv&ytt=423863344300037&ybv=0.612099&ylv=0.612099&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3F&rtb-si=b&p2=gftf&rand=lstrcsh&sj=3oTuC4sY24bWeBMnit1ZzFwD7hG8vpqjol3638DF29KaWMcCht6_runR2YdKow%3D%3D&puid1=adv-1657329149666-335&pr=dyeeiod&p1=cdinl&rqs=_cF1AbUMuD_91chigvQ6wTWjVhnRAvzX

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:33 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Jul 2022 01:12:33 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
18 B 83ms
83ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=6fe987c0c395d627&pm=bmn&pxo=OcQ4Zz8g8i8nTLHkrVxZ8c34oYI1XqHIsCN5-AMZQ-VdJARHxMMINwkrHXxUYck_nf8obbj2nvGfqcE5okGCQijmna9VKPJD6d8zR3Gvcf4Ny7dGwZ4MjFwsHFA7MqmUGOa8R1seMYpgEKchHWLj2kF6hG1SOpT4uDphAeZVJ3C96swfKw%3D%3D&p5=gwaok&ad-session-id=9907131657329149716&utg=oxum&lts=fjmtaiw&ytt=423863344300037&ybv=0.612099&ylv=0.612099&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&rqs=_cF1AbUMuD_-1chixi3UNaTLV7wU6gDl&pr=dyeeiod&puid3=top%3Aregion&rtb-si=b&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&p2=fbao&rand=evuoeje&sj=mjOp217J6Pq8o-qx8SNMs4sT5Km7CdO3300ymkEVvCUV8dfOziLt8PjwefQdkw%3D%3D&puid1=adv-1657329149673-55&p1=bufhv

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:33 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Jul 2022 01:12:33 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
66 B 77ms
76ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=66714874c231f4a6&pm=bmq&pxo=u6E8rQr4M6l-xLyNVUlu-GORBRK20Xh_NHspCfrtbqJ-Q-1mFGVB4_kNAe_6yrsN47LIOutjmMJ8cQ2c9M1eUWylPKnT2MeSM2p4iyEPcWDJw8xLqvOmRDaWGvrOE62pfp-n_I51NURLO6PUhU_Wiixjf0xmtXVSMQybkZALS3oV2Jm6YTBq&p5=gwdbk&ad-session-id=9907131657329149716&utg=oxum&lts=fjmtaiv&ytt=423863344300037&ybv=0.612099&ylv=0.612099&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3F&rtb-si=b&p2=gftf&rand=dxandyf&sj=3oTuC4sY24bWeBMnit1ZzFwD7hG8vpqjol3638DF29KaWMcCht6_runR2YdKow%3D%3D&puid1=adv-1657329149666-335&pr=dyeeiod&p1=cdinl&rqs=_cF1AbUMuD_91chigvQ6wTWjVhnRAvzX

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:35 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Jul 2022 01:12:35 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
18 B 82ms
82ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=927076239d1b7b0c&pm=bmq&pxo=OcQ4Zz8g8i8nTLHkrVxZ8c34oYI1XqHIsCN5-AMZQ-VdJARHxMMINwkrHXxUYck_nf8obbj2nvGfqcE5okGCQijmna9VKPJD6d8zR3Gvcf4Ny7dGwZ4MjFwsHFA7MqmUGOa8R1seMYpgEKchHWLj2kF6hG1SOpT4uDphAeZVJ3C96swfKw%3D%3D&p5=gwaok&ad-session-id=9907131657329149716&utg=oxum&lts=fjmtaiw&ytt=423863344300037&ybv=0.612099&ylv=0.612099&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&rqs=_cF1AbUMuD_-1chixi3UNaTLV7wU6gDl&pr=dyeeiod&puid3=top%3Aregion&rtb-si=b&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&p2=fbao&rand=dcnzcak&sj=mjOp217J6Pq8o-qx8SNMs4sT5Km7CdO3300ymkEVvCUV8dfOziLt8PjwefQdkw%3D%3D&puid1=adv-1657329149673-55&p1=bufhv

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 01:12:35 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Jul 2022 01:12:35 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

66 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 04:23:35	Name: afpix Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 04:23:35	Name: pcs3 Value: 1
.kp.ru/	1970-01-20 04:32:13	Name: w3k Value: 4576c723-8f8e-4853-b3fd-289438494929
.kp.ru/	1970-01-20 04:32:13	Name: w3t Value: eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOiI0NTc2YzcyMy04ZjhlLTQ4NTMtYjNmZC0yODk0Mzg0OTQ5MjkiLCJqdGkiOiI5MTRiZDY3Mi1iYWJiLTQ3OTAtODExNC04Nzg0NDBhMjQyMmUiLCJfdmVyc2lvbiI6MSwiX3BhdGgiOiIvIiwiX3RyYWNlIjoiY2U4MDVlZjYxYmJlMmY2OTQ4MzgwNzg5M2NmMzczZmEiLCJfcGF5bG9hZHMiOnsiZ2VvIjp7ImNvZGVyIjp7InN0cl9yZWdpb24iOiIiLCJyZWdpb24iOjAsInVwZGF0ZWQiOiIyMDIyLTA3LTA5VDAxOjEyOjI4WiIsInNvdXJjZSI6Imdlb2NvZGVyIn19LCJwcm9maWxlIjpudWxsfSwiX2dyYW50cyI6bnVsbCwiaXNzIjp7ImVzc2VudGlhbCI6ZmFsc2UsInZhbHVlcyI6WyJ3d3cudHVtZW4ua3AucnUiXX0sImV4cCI6MTY1NzkzMzk0OCwiaWF0IjoxNjU3MzI5MTQ4LCJuYmYiOjE2NTczMjkxNDgsInN1YiI6InNlc3Npb24ifQ.rAC3YNhM5U9uruVEx0aZWavERXo4jGWkVEds_870Lcu4NXF_HsKT58VUr6pQVYAStYTY12wiLJD5v5S3PzHA1akX_1apPGI3d5lIZfv70CpFcPnjEIWkpFl3dJCKyysMC-tu1h2hpvLWWjxl8LBNps_WxwALCXTOvC4yBLTDBJrVLwbTlik8kcbG9-8DyZBEnDRSG6ZjluUGwAOaShboFonQpHeGoqvJztT4a4v_w6l_atRLElXjeHSS1y_tR_CV3IlG1--OM03cIneb1ZF7-l-0E00mvyP1F3UfTxQpCpp0Asx54-TpWZjH0AU21-9pjae2yI4oKczgpiAO-puo0g
.yandex.ru/	1970-01-20 21:53:21	Name: yandexuid Value: 4591433791657329149
.kp.house/	1970-01-20 04:32:13	Name: w3a Value: eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZHQ00iLCJ6aXAiOiJERUYifQ.nP-8mNNit30qdkQqYzSFjxK9-y4J5nrhPxnc135m_uDh0eR3AyyAgcofBtHvL6sQzZrQLcNtXOEF45fypYUTCIcgCundA30zGP59e2bjS_ACWSLEff582BQEMjuOROZf_Z9z0yCK6h4FJwS3xH6S72OePY1FHbwfilyud-F5ZGRA45bgQO-ZVsjTnJficVe7tAqE7DTk9AIppnVBd7YC70awMlnpRyNtafVMgBGZOoNFMtg5W9VL18MLlgrYAxfdPrLY4Cl-Kc9RX1cV37aamWRp9iEE882TczvRQjqPOdp3Tktkhpd4uNDEEryu5sf5QDqdqucmH9i3LweW3cgKbA.eS0P6R6X0lke60J0.lrxoam01r2SkcHDRMqhbUopO.GwYDd78_dYVrUDSvCmLooA
.kp.house/	1970-01-20 04:32:13	Name: w3k Value: b7045936-65bd-4772-9c48-049538db9fb5
.kp.house/	1970-01-20 04:32:13	Name: w3t Value: eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOiJiNzA0NTkzNi02NWJkLTQ3NzItOWM0OC0wNDk1MzhkYjlmYjUiLCJqdGkiOiI1MzIwN2UyNS1iZjk2LTQ0OTktYTUzZi1jMDZkZTgwMDAyNGEiLCJzdWIiOiJzZXNzaW9uIiwiZXhwIjoxNjU3OTMzOTQ5LCJpYXQiOjE2NTczMjkxNDksIm5iZiI6MTY1NzMyOTE0OSwiX3ZlcnNpb24iOjEsIl9wYXRoIjpudWxsLCJpc3MiOnsiZXNzZW50aWFsIjp0cnVlLCJ2YWx1ZXMiOlsicHJvZCJdfSwiX3RyYWNlIjoiYzZiZmQyYjQ1ZDkzYWQ2NjZiOTBkNDdlMDY0MzQzYWEifQ.gPFffCgFWRAsQ_4ZncyKOZnFNnYQ5GxVEJas9ZfaOjw7Xii_fRbFWsIjmEdre05GNQT-T1tFMZ2AlTv27AEnEgwD41sgap5VH6JN7newldMoMZDrKbj09Wn186MBf35T3QWxg3kPFHGEuw1unZRO7Mpa1G3lJ2T_gOSDC2FWNG-ChmgcIYdCOirlIeSNpapJTZwWBLl71EH7r_mBoYsCcqb4JPERbfavUPuOthyOKM8QEN66ra5vUv_fb5KYHsZ1jMUy7wL1daYJydJmjLC1BGKmtnE9yd8CUWpDz98f0QHLLKCkdx_DxqAlvuU5Qtahp4yYWCvz0nFhxG4g0_k9ww
.exchange.buzzoola.com/	1970-01-20 05:05:21	Name: uuid Value: fc942149-7829-4c3d-6f47-e6682ce4e517
.exchange.buzzoola.com/	1970-01-20 04:42:18	Name: cookiesyncs Value: 000000000000000000000000d93dab9edf0912baf9008f35866978f1
.betweendigital.com/	1970-01-20 13:07:45	Name: dc Value: lux1
.betweendigital.com/	1970-01-20 13:07:45	Name: ss Value: 1
.betweendigital.com/	1970-01-20 13:07:45	Name: unm Value: 1
.betweendigital.com/	1970-01-20 13:07:45	Name: tuuid Value: 1a5370d3-1c60-52be-821b-b5c6e0d3603b
.betweendigital.com/	1970-01-20 13:07:45	Name: ut Value: YsjV_QAMjtgA0Ze2navgotxAHlcY_FSvW84INg==
ssp.bidvol.com/	1970-02-14 00:53:32	Name: bvuid Value: 7u1emc7rzj
.yandex.ru/	1970-01-20 21:53:21	Name: i Value: VnZuLKgbxQb4gzaVpv+1TjZMeVMkhxZGzKJm69/P45FIY9xn8LnGuL5MctciVQ6OCQSzxiAP7z6dPEx/Y62L+/eFfwg=
.24smi.net/	1970-01-20 13:07:45	Name: smi_uid Value: hIATRq2Sz
.kp.ru/	1970-01-20 13:07:45	Name: chash Value: r8N0FClrUE
.mc.yandex.com/	1970-01-20 04:22:09	Name: sync_cookie_csrf Value: 3212290350fake
.casalemedia.com/	1970-01-20 13:07:45	Name: CMID Value: YsjV-xXQxrTZQfd2JxPpLQAA
.casalemedia.com/	1970-01-20 06:31:45	Name: CMPS Value: 5151
.casalemedia.com/	1970-01-20 06:31:45	Name: CMPRO Value: 5151
.adnxs.com/	1970-01-20 06:31:45	Name: uuid2 Value: 7465380354458907249
.kp.ru/	1970-01-20 13:43:45	Name: __gads Value: ID=4cc059ab0a60a551:T=1657329150:S=ALNI_MaWWbliaF5cxPb5FrQgKozdN0Iz4w
.mc.yandex.ru/	1970-01-20 04:22:09	Name: sync_cookie_csrf Value: 145816168fake
.adnxs.com/	1970-01-20 06:31:45	Name: anj Value: dTM7k!M41.D>6NRF']wIg2InAvUZsC!]tbPl1M>e)ZlrFUfJ+tGXxo7Er'U8?74>+P3M0<A(I>mVC+I]^NG4lQq6lS3If)y3KL9D3I?-)udY1:
.doubleclick.net/	1970-01-20 13:43:45	Name: IDE Value: AHWqTUn4a6i2DL7hfpSYAigAyAhyhbBNBquZ_Fl7NnYNxOJHLSwExkpn54apQ0FpFys
.yandex.com/	1970-01-20 13:07:45	Name: yandexuid Value: 4591433791657329149
.yandex.com/	1970-01-20 13:07:45	Name: yuidss Value: 4591433791657329149
.mc.yandex.com/	1970-01-20 04:23:35	Name: sync_cookie_ok Value: synced
.casalemedia.com/	1970-01-20 06:31:45	Name: CMTS Value: 1201
.tumen.kp.ru/	1970-01-20 21:53:21	Name: _ga Value: GA1.3.1467006482.1657329151
.tumen.kp.ru/	1970-01-20 04:23:35	Name: _gid Value: GA1.3.1204457821.1657329151
.tumen.kp.ru/	1970-01-20 04:22:09	Name: _dc_gtm_UA-23870775-1 Value: 1
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 325147491657329151
.yandex.com/	1970-01-23 19:58:09	Name: i Value: cls+pwJj95b//QqMD1EZkGEawlSzS31Cu+CGWgC72poxLGjEdm0EX2sfn6rVUziaPkUjHGrljJk1vO9zEsIAuUjm27U=
.yadro.ru/	1970-01-20 13:07:30	Name: FTID Value: 1YoDN_3h7v8M1YoDN_002Q_a
.tumen.kp.ru/	1970-01-20 04:22:09	Name: _gat_UA-5200037-42 Value: 1
.tumen.kp.ru/	1970-01-20 04:22:09	Name: _gat_UA-23870775-31 Value: 1
m.exactag.com/	1970-01-20 06:31:45	Name: exactag_new_gk Value: 7a2b0504edbc48a2a0b7d253eab7068a%7C07.09.2022%2001%3A12%3A31
m.exactag.com/	1970-01-20 08:41:21	Name: exactag_new_uk Value: bbd497da75e64088b528929ce4f4b7a4%7C
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: 760178d905114722bfac16a0
.kp.ru/	1970-01-20 21:53:21	Name: _ga_8MQ0FGXD1P Value: GS1.1.1657329151.1.0.1657329151.0
.kp.ru/	1970-01-20 21:53:21	Name: _ga Value: GA1.1.1467006482.1657329151
.demdex.net/	1970-01-20 08:41:21	Name: demdex Value: 02442209062100209491864075809500140875
.kp.ru/	1970-01-20 21:53:21	Name: _ga_E8KWCYC304 Value: GS1.1.1657329151.1.0.1657329151.0
.kp.ru/	1970-01-20 13:07:45	Name: _ym_uid Value: 1657329151362652560
.kp.ru/	1970-01-20 13:07:45	Name: _ym_d Value: 1657329152
.skydeutschland.demdex.net/	1970-01-20 08:41:21	Name: skydeutschland Value: 02442209062100209491864075809500140875
.yadro.ru/	1970-01-20 13:07:30	Name: VID Value: 38-bVc3H50eM1YoDN_0020Ex
.yandex.com/	1970-01-20 13:07:45	Name: ymex Value: 1688865151.yrts.1657329151#1688865151.yrtsi.1657329151
.tns-counter.ru/	1970-01-20 13:07:45	Name: guid Value: C2556A2562C8D5FFX1657329151
.kp.ru/	1970-01-20 04:23:21	Name: _ym_isad Value: 2
.doubleclick.net/	1970-01-20 04:22:12	Name: DSID Value: NO_DATA
.stat.media/	1970-01-20 13:07:45	Name: _sm_uid Value: 6b22b901-bc4f-4e1a-982a-c0f0cfe21c98
.stat.media/	1970-01-20 13:07:45	Name: _sm_udt Value: 1657329152044
.stat.media/	1970-01-20 04:22:10	Name: _sm_sid Value: ed682a79-530a-4993-afce-85c0fe7a0e7d
.stat.media/	1970-01-20 05:05:21	Name: _sm_cm Value: 6
.smi2.ru/	1970-01-20 13:07:45	Name: _sm_uid Value: 6b22b901-bc4f-4e1a-982a-c0f0cfe21c98
.smi2.ru/	1970-01-20 13:07:45	Name: _sm_udt Value: 1657329152044
.smi2.ru/	1970-01-20 04:22:10	Name: _sm_sid Value: ed682a79-530a-4993-afce-85c0fe7a0e7d
.yandex.ru/	1970-01-20 21:53:21	Name: is_gdpr Value: 1
.yandex.ru/	1970-01-20 21:53:21	Name: is_gdpr_b Value: CI+ICxCkfRgB
.criteo.com/	1970-01-20 13:43:45	Name: uid Value: c6583447-ef55-4f7a-b920-3290b121de83
.kp.ru/	1970-01-20 13:43:45	Name: cto_bundle Value: 96_aCF8wc2hxMk1oMEV2dlVGZyUyRkdlSEE0Yk96V2tSYUNmVWpDbnZSZU9wSEhBTVV2aEpOVUc5UlZZMG1qd1RTTzFYZWpHYzFoYXMlMkZ5SXd6M1E2QWpyemIlMkZZY2pvMkZxZ3JXRSUyQjlYbFk3MlkzbyUyQmp3bWFmUlg2bmRtajVQNWttUGo4eWNpRVpXRDhCQkpUNktFWUNEZWlMemFnJTNEJTNE

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://bae702d774fa849aafdd12eb7538a159.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1(Line 12) Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/9473308889628347351/index.html".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1c93cdb1133891517efd814bd17e41a7.safeframe.googlesyndication.com
2ba128fbea317ed3d3b611d8744b68f6.safeframe.googlesyndication.com
ad.mail.ru
adfox-c2s-ams.creativecdn.com
ads.adfox.ru
ads.betweendigital.com
adservice.google.com
adservice.google.de
an.yandex.ru
avatars.mds.yandex.net
bae702d774fa849aafdd12eb7538a159.safeframe.googlesyndication.com
banners.adfox.ru
bidder.criteo.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
counter.yadro.ru
data.24smi.net
dsum-sec.casalemedia.com
exchange.buzzoola.com
favicon.yandex.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
identity.kp.house
img.24smi.net
jsn.24smi.net
m.exactag.com
matchid.adfox.yandex.ru
mc.yandex.com
mc.yandex.ru
mug.criteo.com
pagead2.googlesyndication.com
pb.adriver.ru
pda.tumen.kp.ru
pixel.adsafeprotected.com
region1.google-analytics.com
s0.2mdn.net
s01.stc.yc.kpcdn.net
s02.api.yc.kpcdn.net
s09.stc.yc.kpcdn.net
s10.stc.yc.kpcdn.net
s14.stc.yc.kpcdn.net
s16.stc.yc.kpcdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
skydeutschland.demdex.net
smi2.net
smi2.ru
ssp.bidvol.com
stat.media
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
target.smi2.net
tns-counter.ru
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.tumen.kp.ru
yandex.ru
yastatic.net
ysa-static.passport.yandex.ru
104.18.18.126
13.32.121.17
142.250.181.226
142.250.185.162
142.250.185.194
142.251.36.66
159.69.141.123
178.250.2.131
178.250.2.146
185.147.80.106
185.184.8.90
185.33.221.52
188.42.191.196
195.209.111.20
2001:4860:4802:34::36
2001:6d0:4001::226
2600:9000:214f:be00:8:48e:53c0:93a1
2606:4700:10::ac43:581
2606:4700::6811:190e
2a00:1148:db00::17
2a00:1450:4001:801::2002
2a00:1450:4001:808::2004
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::2008
2a00:1450:4001:828::200a
2a00:1450:4001:829::2001
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2006
2a00:1450:4001:82f::2003
2a00:1450:4001:830::200e
2a00:1450:400c:c1b::9c
2a00:1450:4014:80b::2002
2a02:2638:1::3
2a02:2638::1c
2a02:6b8:20::215
2a02:6b8::16b
2a02:6b8::184
2a02:6b8::1:119
2a02:6b8::1be
2a02:6b8::2:158
2a02:6b8::36
2a02:6b8::5:114
2a02:6b8::90
2a02:6b8:a::a
2a03:90c0:41:2801::254
34.249.106.217
46.161.36.2
52.31.146.195
65.108.1.48
82.148.14.198
82.202.225.240
85.14.248.72
88.212.201.204
95.181.181.12
95.181.181.82
00e67a6bb1601297c954a9c6438eb956f4ca87253683fb348d1bda64cee7d1ca
01c3133a48ff2cc94764baf35da0123b56adc3473636cb010174cbd80506801b
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e180a392db7534a12bd9e1962271f3948a0e3055e5e4d33aa0a280e7dfb96fb
1081270901c8677eabe93a9f688abba9ca77a488d30b8a0b6f2cb9419ed33586
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
128f8c731777eb7263d33fc034f186c3dd602acf57dd652b88c14dabb7cacf4f
1319543bd5718c8d67a80c8067f5cf89af4cde765705ee7aaa5dcea4fb68a5b3
151d187ef588a5448874fd30907c4511c5280400050763694ef9031d0d10b78a
175c5199a2a86cdd66f0bfe390e1d1519a47f5237efad3810eb5c8d24e5807dc
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18b94ef3c41770b428b20d5ec02a81f193450c869521969d03f1a62200abb97e
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
19df6f6395e95890f7ca6227a7c554eddb1b56af0e130f776a245f70ed177e33
1c1f1fddbd0b997809bfaae0a6e7c12788f7c0861847538488040cd560df77e8
1c817e698606701cbd992078e8f62f2f41e676c440e4973d6879c5d02ff69f85
1d386626a236bf37f510e9c0c2d85036641c5cc85bed4b320a181861477d0ec7
2017b3e9540b1e80d62709567b261ec51d23ddcddc4a789034baf750022df916
235defc755b859806947cbb53bbc686b37cfbe895af5b10d3ae30fa43faa3f28
2804963ef7106d1cb69139f949d734a2939f46ae4739b09822efa05e97501bf0
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2b17537efc6d2e52bf67b12efa95f3caa98f09864165364a9d42689baf850a1a
2c2306b946aa59a2765c853ceebd710e967777d276bc157beec0e22dc00da9b6
2c337c5f1d728860932b69b94e38b5024498d31d432a66a57dc1300acaf6e6cd
2d23a3f4a917c0dbdebedc2487f5e4a565a85e0d7f566b059dd93f2637c330db
2d32f681e01e8082f5df941a021b306e98063b7330b197ba674e71dcc5dc4d4e
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ea6594700eadc561dce18df33d16ff9d07ff631d4f6f4eae734bfe34e900f0c
2f5126e2db0954fe5cb69077d07bb25b4e74dc192099114005464512806ef0f0
31edb5e9ba7232ba4c614d3356e7ac38e0620c97760cacd7c418cb1347e9e4bc
32b0f7e66a50c24d967afd1b4c120fc5a898758db2d7d2023c8987c312c8f2fe
3394110000caa52bc9dcf892178cb4a7a8d25db76721a2290caaeb667413a4d0
33f7f2cc2f638afe8f26551e1cbd0af47cb23337cab7ea1ee181dfad26b41d9c
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
35ed988aff3c8059b4869fd94cc2885879041fbd698317a53741bca5095c3091
3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9
39187cb618a0ea00fb7d486e0c5058a5fa1abeb10b908f9365b6411666672f31
3aa2faf4b9776272c95b568dbf35c22a27a8382fe8be903e2dceb32053577ed1
3bdab4da5017468f0ddfc1a51edc3772a13aa064c83df984c152729075714847
3e0ba6e949555bd0cd8b4cc650cd5aa0b2af830b5beb89976706359dd27329a3
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fae7b1a6508caaedb24db95aa22621ba070bf4ceff4fc125ffa0eca6c591217
41436b69e2f6259685aa4154207ec273a47e4b7aa905b09f10eacfd6ed97531d
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
4373878b9f750698b6a199ebc0eb0e550df208c5a1f9f778a346e271a2b4d733
445837ee1d1da2644d2531f84c664f157828154b8b5e032dbef64c3a8308ef17
4790e20dc6c6f3eb4a6bc1fd744a6c36bac3f3db7a7105fd0ac86c28e6c9f053
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
4b1f017ca5f9e48c3a36caf89af569e0cadb31c6b9c5dc460a95ce7bfaf02943
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4be74101162d4ed978851bd6dd595e849e4209b55cdfbf43bf39fdaee81a4192
500a5a13f7c4415cd350cabe9fd854cfabf935924591a39b88f473710f31cb7a
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
541348f95206a170effd95f869a9c576be30f9408b7bfa5885aa94d29fce726b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55d2ab860a7100b201e762c2046bc65a5d16236a0263dee3e95c711be581b345
56031a061bbdb91a8f13fe33a74f98510f4862d2dfb267f9d255b44379e41939
57cdfea2073eac8591aec41948da6e5b2a0ad1ddb9d39d1c840450814d4b80e5
59e2467d94ae007fa71bc0b10f4b92f227edfa03afb5ce7c904b9ea2bcf537e9
5b85363b00371f9dff3d5fddd30597d1a40507c7655757fd82063cfc30773e95
5e5c9149be229df7c934f8cd1acf1b3cc9e04e29cbbe6cbe0e2d726e79930cff
5f04f87ba7cd3beb8f840e33441bdc8cfee7fe74a49cd8abdcc8ac7727b6bbda
5f79f2248ec9a61063edb2d147185af69a5f1dc235d2aa3cee326032d15d6149
5f82a0326043e566a49afe9721e264995b5031f4f102cf64f699b36da7d02c99
607912ce0bbdc533bd357dc99af092f34783fee7f24f7fc16ece184018a7441b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6251ec4f734c7d06fd01d32d191786319864206e9b374cfda5f055314427487c
629a26fc78b18926ea8bd3b830ef4396c843cd30f1377ce37846942b66cb93fb
6539c1eb3b9d3344dcc207c9a33273c604cf0c46535414fe35120f9e578048ba
677acc9eed10d735ed46dabd82553005a036fe19930511d9850060a4fb6d2c2b
6918e15d33f6003358cb64a648cf2b174ebfd380f3a1e27eaed3f77c1db69269
69c3207f80de1de6ee4ff239d740ea31bbc7091e7870365c49aad61b21359687
6a24e3c7dea02f064b1b551d8bdef2903b15b8c01e963d201c0382f09df38e8e
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6b0c6ad2a39e30acdd045f1e10d04d6032f0447387edd32af55f7d80b2d4f0f0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6db6653a65bc919f600c1e098b02145b5e62d137fbf99f84ad526692b65cc31c
6f49cb0b6d42bf973f6c635c3d94ff982911f92113d8ffcc10ac7c36010312a1
6f6f01dec125d70d84a9826b928c8347d3f8549e02ddbdee1b1848990f535d5c
6ff082130eb8e0fe1ba485606bab3de43a410b184c718be62c739ab9f67c6863
702fd591e4cc8bea70fa24228757823fc700b1e8c3dc061779af10a7b0574a12
71beceaa7772e86059f602d1078affcb9a5164e965bfc543ba6a16283aa21e20
724bc4358d0c7fb72ff14295976ac124022f530ba35abad0df21990c29c0c0ce
73720f862be505fc73b3884bc441d49060f787d3273bde1738114819dcbaf0a3
748646bc30925c61574071e2cfe947ece6be153f4d4e4b5d1d192cbe2f5e6cc4
75d16f690db62e7b02e26bff78808ea7529f154b36340c9b6d6e1cd81b64a4ca
76c8b5bfcce9f97358e6a5802f23ddeb4d1f704777d7303c324c9ae4f709fa23
77403385afe39467e0833e772e0221fdad7007eb96d819d6fb21c776392e81c1
798b845f62453f01ea3421bf0614537a4270edb61b6cb2e3e01eff50d4350baa
799b495f7d42f6d45169610ca06274b82af3e761303a1b80208fb2ae4b84370e
79db9ed714dce58ba264e8498b854803f736d027ad66de53f72ed0ddc367ad30
7a0fb8fc4de0bde528e5b17743e35c50492d1d1de41567cb3b83f5a63db862d0
7a94be541e5fa703c924b636d07e3f9801427c1b482ed2ca1ea31927f50745cf
7f7d4a77e29961071a337cc5073d127fc328e2ea23fca15e9894838d72cc6822
7fecc7639be7e62a5331cb184a10d8ef8a06237317e797830a717054016c4c20
80356e3900c84718e1dd6eaa756c048b14ef02067ea43730054a8cbede08bfe3
81bc0211b96ef5fa8a1cc3167a140c990a0954b8cd0c0538cc9f721bf65f4bdd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
84dc37be33cd709ef83c5b85337137edeeb24d25b725839b4a00089ccbbc8374
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8542641e7c8131c5619a1dbd3665906f93961e0ce164d64f5a869de32ebda899
8555e509d3feb7658cb064c8268e7aff6d55a58471e88c4523cf9efbe922879e
85b90b38b1c778b6204af3ecb5e3c2c9316825cfe1fd7fdc64a6a5f0faa71c34
876df0b8f55006d11c5e8f40c03bdbdb268a696032c93d6f898fcf3479b03e49
88b0b7f2c5691dd022c279aa52ea7b7f8c9da301804f192c24f83a69c851f734
8a550da83fe5faf522945c7b61350dec5c08ef10a670c1db4fc5958b5a85057b
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8d5993869445146bc2f0ce8ff0f84a46111700a4dcc9f2fa88fe56e350696a51
8d87c18fcb70f9b1d23c94aedc506cb6cc2640c5aebb25ca6e8e64b0cd997553
90b12d79ff3260c947201070508505487f9dde7b4d15341f65bfb69443778a63
9205ceae907f8417e3b4bd8463b1075526a25da4cdd2aed549b03cd6869632aa
924170a2b204eb90280acbb03496558dc98acc1b9d6fd96ae955996047ec970d
929da939383255198fc93e71062cfa8bd58902fe9743084fc0045f8c33c4e5e7
92f108fa97f63aa01d67c7c19599f9133ef0e60a11fba74ca137f5b699abd36b
93f5fdf4de01bbb2c0122015e571fed84f80992c559ae60b500c4d30fa5e02d2
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a
9dc89e2eae45dccc1b2d7b9540adae2349bbb5d84578eadb8f0f645eac324910
9df9512d0f2332b34e43e220b6bdc675dc6b663e72406edde64fd96dc9128e1b
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
a2f96d2c0ff2b96cc2421214831ffda7b4e71aee0426d60628d04173dcd699c7
a31b7755e63e25c7903e077114e3e308c05df73e01cd1d478ed954cadf7a0e98
a3c5ff7e114ffe32212ee07123f9dc6aa19c09072e44fe64649c9cc747040cab
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5877bb05114c0c0ee2bc94dcf42f5d2158179976710c0300336483031ad245b
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a81ae4dd7742b736f41e6e382827ab3672728b6f7f529ad5c72d6d6e79861484
a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4
a9d32de5e2a605dc6e26e1482de4634c5287da675138ca7e54c629f3f2ff82bc
aa3b35ec63198485cff85d66b7248951e06b2aaf3855935184c46d48e6239171
aa99cf825a3d0aa0fe6ef29ade07cea2dd50561661e91f65a8dbc06bf1c4b4d9
aba8fea1bb5eac4266da2d3ca8e24ff08120646ad6fc6d90cb7d770f0cc3f520
abb5348aeb50feab8abc0212d24ef2d4daa64f08d38e6cabce13e7a78f1ad837
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2b5ba1466d0642bd868bef2b0e13277b34376fd0a11484fc1518d67e48b727d
b8bf3d2cf309d69486e6a972b29252070bee201ea1682bb8a7dfc351c7315e9e
b8c632320bca724a4dbdb9d63df4dbff31f3db4e1635a3f7fa576fd901e749a1
b9626a32ba37b0590508877b518afb8e18c1623278119b425ba2e3d14d39c4fe
bbea7f4c398a436a6208f883f9f2b0881034c221c9a0b678d72d1e0e90806656
bd3a0d307866f965fb48e4b622e42aded0b94ec21de3759c1c284d62b92fd1c1
becefc9f93e9ea8cec1d4749c473c476c44e65a7eee7d88dda107958649413e9
c228b1ce1fedbe299baefd380e91dad1bf0d71ce972557460a1b0fcebeefb53a
c40168707694e0bb9241c2f9f4ef86dfa65513f547b6a37c151babf07fcd7d53
c59016e6cf1be2819e9759e18a3b64d92fa0ec126fdbb401161fb8c49fcbdaf8
c7eedac9d4f3c8319fe690798cfdf79fde72b6e88c72a1b5ed6e21677c90c4f1
c8247e71c60f01cce914615568139113018a1a129dceb0fe0af55edb0211b8fd
c84615457f9332569ff8501c382a395ef9fe116a9add5034b4ebc62c9bceeb3d
ca1837b67899f16d71bd17461ee8a5af8ceae8e88f1209e51da9a0dd307478fe
cb90a0f9ffef3709ed2b89a838a1d8427d2c0455dd2d80172f9fad9aae005a51
cc557f7c454f4507d1722f12a78d6cc4a10cf3db3104d761dc87cb014bbaa21c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2817eb4c270c7bb75f640e93b072b8e84605b9bbffe01bb4738dc9386ebd4cc
d2fca556c5f7749ad4c076cc0b7e6ba29e016b951be97ce28883bb41fdd7f199
d3114c4944dcf347da9b150fbd12bf83cf1a719fca0eb5480d9af4cb2f30aefc
d61966ae65ba634443f06b11f63dfdf3d490aca0cfee2fbec6f9e44cc2c9e281
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d72b8eb9289bec0987d4af915f6cd81fc04863709b510aa7d98887d1cff60c49
d72e02e86cedb9eb4830a12ae6d968a9c8ffd04bf6c009812cd906d7a28e8275
d7967a1bd0d70e43ad3a45d355bd875102055a291468a7515fbcfdb762e4be06
da09f03549a3d9ae51406d85931ec2682bc82759cf96101b982496da1139ddda
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264
e30829e30546929dbc2c8217b9d7242f57b757b8285f95c1b2fedf4cea49d292
e38396d333c46da62b92a33d02a643b0493574c7c5493bb91dcfb23859da85a4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e421243a27cb9eb7bcfa06385e9fbae9d0f934827874936388f3bf3d5969db66
e49548c45f00bbfa0fda642d02b5e29b407004eacc2099e348da7cb38f477052
e5cf21b2b56f1d34740b409e6a94fddc2743001e66844094f1462079ca6e4955
e5dcff4247aabd457977aa3fa0b271f2d8ebba572e364dd16d4467508bd58584
e7052ee7e4fa3d19fa953957b23d6cd29b2311739ec0932d6e570577d19f2503
e919dd0fa02921fc140b802594793480730c79b596283a0c79b82e5950e532c0
e9897e2faf3bc5fd24ffc4ddbe7700ce0a77b2b2fd33eb1a83b71f22ea3e822f
eb96791feca1695290fc96c5209a0bb2476680ecec0aa02076373024c28e183a
ec7ca374784bc8cf2540e39f1565bd482ddce914dd4f7e5148698e147d55043e
ed0311bbb29e7a582a420448e4b37867de3e5a27d7a3fdac5e94bb2acc78243c
ed046b5d2756f81f71273241564fa4931704a532d63fdbb7883e7dfef65ed76f
edd84f2ecfc208ce9f1fe4f54aa3fa66cbb7ae15ba107f3f8820ca3097d6ac2f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f35dcda2667add6cda9974e6e50789b205a0d2676e13d741af0c2a1bebe17c3b
f3b26716e197ca405ee1f91e912e542769d9a6ec490a36a4727f6a5dd7543c38
f4431ed2e1a04ff61147b043d77314af2c6711194fa816b09187c945a24be7ec
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5b400e99a4f5d5f1a01f3a0e464688b113ebeb1fb1d0ab31ea5296d17edf915
f754a4b355cd4b21311bdeeb776cdc7988cff142bcc885e7933e43f0cb2cb7af
f76a521d8d893e573ee2def73e397a42f33f937aca5dcfeb77b2e001ea5a7ca6
fabc35515a741521e45c951c48086cbed8392a47fff166c7e9443ca6e0cf7070
fbeab441887f45dbea5894f1482bd906ef326538f26365e52918da51228d80e3
fdcc621864eab315fba4a0bd0d48c095bb5e49cccca6ac9f50cfa522fa5adffb

www.tumen.kp.ru Open in urlscan Pro 95.181.181.82 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

304 Requests

95 %HTTPS

58 %IPv6

40 Domains

69 Subdomains

57 IPs

10 Countries

3537 kBTransfer

9013 kBSize

66 Cookies

34 Outgoing links

Page URL History

Redirected requests

304 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.tumen.kp.ru Open in urlscan Pro
95.181.181.82 Public Scan

Screenshot
Live screenshot

Full Image

304
Requests

95 %
HTTPS

58 %
IPv6

40
Domains

69
Subdomains

57
IPs

10
Countries

3537 kB
Transfer

9013 kB
Size

66
Cookies

304 HTTP transactions
11 data transactions