urlscan.io logo urlscan.io
SecurityTrails logo

feature-author.krem-new.itpeople.dev Open in urlscan Pro
89.108.124.237  Public Scan

Go To Rescan Add Verdict Report
URL: https://feature-author.krem-new.itpeople.dev/
Submission: On November 18 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 4 countries across 10 domains to perform 22 HTTP transactions. The main IP is 89.108.124.237, located in Russian Federation and belongs to AS-REG, RU. The main domain is feature-author.krem-new.itpeople.dev.
TLS certificate: Issued by R3 on November 18th 2021. Valid for: 3 months.
This is the only time feature-author.krem-new.itpeople.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

8    89.108.124.237 (Russian Federation)

ASN197695 (AS-REG, RU)
feature-author.krem-new.itpeople.dev
2    142.250.185.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f10.1e100.net
fonts.googleapis.com
1    142.250.186.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f8.1e100.net
www.googletagmanager.com
7    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
mc.yandex.ru
mc.yandex.com
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    142.250.186.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f14.1e100.net
www.google-analytics.com
1    2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    142.250.186.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f4.1e100.net
www.google.com
1    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
Domain Requested by
8 feature-author.krem-new.itpeople.dev feature-author.krem-new.itpeople.dev
5 mc.yandex.com 2 redirects feature-author.krem-new.itpeople.dev
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 mc.yandex.ru 1 redirects feature-author.krem-new.itpeople.dev
2 fonts.googleapis.com feature-author.krem-new.itpeople.dev
1 www.google.de feature-author.krem-new.itpeople.dev
1 www.google.com feature-author.krem-new.itpeople.dev
1 stats.g.doubleclick.net www.google-analytics.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.googletagmanager.com feature-author.krem-new.itpeople.dev
22 10

This site contains links to these domains. Also see Links.

Domain
itpeople.ru
Subject Issuer Validity Valid
feature-author.krem-new.itpeople.dev
R3		 2021-11-18 -
2022-02-16		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
mc.yandex.ru
Yandex CA		 2021-07-28 -
2022-01-07		 5 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://feature-author.krem-new.itpeople.dev/
Frame ID: D831973B8BC7CC02E2811A6A9DBA7A6D
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Какие бывают косметические кремы - krem.ru

Page Statistics

22
Requests

86 %
HTTPS

44 %
IPv6

10
Domains

10
Subdomains

10
IPs

4
Countries

503 kB
Transfer

1974 kB
Size

15
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://mc.yandex.com/sync_cookie_image_check?t=ti(4) HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9461.bRwb5uo7qdQ4Pin2uOiXzurKWF_mR4Z5zfB8xTN6HFgTX8ACyvw0KGlxK6ZSfuad.pHl2MUz6B_oXJyEZ9OP4PnZ28t4%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9461.GuzaOrJTJjK_QfOYtsPatlt87Q_ADgFEACXBU_PGj4DIh9YUzQWJMvTr9oMdbUsM2_OcWT7vMmNb9alX1EwaPw%2C%2C.CXf9rR9Z9d9YFhfxuL24Vv8Rtdk%2C
Request Chain 16
  • https://mc.yandex.com/watch/57568105?wmode=7&page-url=https%3A%2F%2Ffeature-author.krem-new.itpeople.dev%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afp%3A909%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A1%3Adp%3A0%3Als%3A394854642710%3Ahid%3A277165347%3Az%3A0%3Ai%3A20211118095914%3Aet%3A1637229555%3Ac%3A1%3Arn%3A548883839%3Arqn%3A1%3Au%3A1637229555982523285%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1637229553559%3Ads%3A64%2C99%2C231%2C1%2C0%2C0%2C%2C651%2C0%2C%2C%2C%2C1048%3Adsn%3A63%2C99%2C231%2C1%2C%2C0%2C%2C653%2C0%2C%2C%2C%2C1048%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1637229555%3At%3A%D0%9A%D0%B0%D0%BA%D0%B8%D0%B5%20%D0%B1%D1%8B%D0%B2%D0%B0%D1%8E%D1%82%20%D0%BA%D0%BE%D1%81%D0%BC%D0%B5%D1%82%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D0%B5%20%D0%BA%D1%80%D0%B5%D0%BC%D1%8B%20-%20krem.ru&t=gdpr(14)ti(2) HTTP 302
  • https://mc.yandex.com/watch/57568105/1?wmode=7&page-url=https%3A%2F%2Ffeature-author.krem-new.itpeople.dev%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afp%3A909%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A1%3Adp%3A0%3Als%3A394854642710%3Ahid%3A277165347%3Az%3A0%3Ai%3A20211118095914%3Aet%3A1637229555%3Ac%3A1%3Arn%3A548883839%3Arqn%3A1%3Au%3A1637229555982523285%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1637229553559%3Ads%3A64%2C99%2C231%2C1%2C0%2C0%2C%2C651%2C0%2C%2C%2C%2C1048%3Adsn%3A63%2C99%2C231%2C1%2C%2C0%2C%2C653%2C0%2C%2C%2C%2C1048%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1637229555%3At%3A%D0%9A%D0%B0%D0%BA%D0%B8%D0%B5%20%D0%B1%D1%8B%D0%B2%D0%B0%D1%8E%D1%82%20%D0%BA%D0%BE%D1%81%D0%BC%D0%B5%D1%82%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D0%B5%20%D0%BA%D1%80%D0%B5%D0%BC%D1%8B%20-%20krem.ru&t=gdpr%2814%29ti%282%29

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
feature-author.krem-new.itpeople.dev/ 		41 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://feature-author.krem-new.itpeople.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.108.124.237 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx / PHP/7.4.15
Resource Hash
b3008b14f20d09baf6993bbdadf2d8841d8d1a3c49807f9e2871613327d0ced7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Thu, 18 Nov 2021 09:59:13 GMT
content-type
text/html; charset=UTF-8
content-length
6872
x-powered-by
PHP/7.4.15
cache-control
max-age=0
pragma
no-cache
expires
Thu, 18 Nov 2021 09:59:13 GMT
vary
Accept-Encoding
content-encoding
gzip
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains; preload
css2
fonts.googleapis.com/ 		20 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&display=swap
Requested by
Host: feature-author.krem-new.itpeople.dev
URL: https://feature-author.krem-new.itpeople.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f10.1e100.net
Software
ESF /
Resource Hash
a1bcf152ceffde9e033e30e6206b34ab9dcfbfb0c39df4efaed23e834f766d97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature-author.krem-new.itpeople.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 18 Nov 2021 09:56:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 18 Nov 2021 09:59:14 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 18 Nov 2021 09:59:14 GMT
css2
fonts.googleapis.com/ 		30 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open%20Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: feature-author.krem-new.itpeople.dev
URL: https://feature-author.krem-new.itpeople.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f10.1e100.net
Software
ESF /
Resource Hash
aae54b1ef2c709c6548c0c7be4556f9b334a667b1f363e5aa54e6fd55ba9880c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature-author.krem-new.itpeople.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 18 Nov 2021 09:59:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 18 Nov 2021 09:59:14 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 18 Nov 2021 09:59:14 GMT
core.min.css
feature-author.krem-new.itpeople.dev/css/frontend/ 		748 KB
108 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://feature-author.krem-new.itpeople.dev/css/frontend/core.min.css?id=3de7e992ea4ce1685176
Requested by
Host: feature-author.krem-new.itpeople.dev
URL: https://feature-author.krem-new.itpeople.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.108.124.237 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash
c7edec97fd75e7335be3ea10754c843586cf113632430d143b38d730342028a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature-author.krem-new.itpeople.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 09:59:14 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Fri, 12 Nov 2021 08:15:58 GMT
server
nginx
etag
"bae13-5d093119fab80-gzip"
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
expires
Fri, 18 Nov 2022 09:59:14 GMT
custom.min.css
feature-author.krem-new.itpeople.dev/css/frontend/ 		461 B
570 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://feature-author.krem-new.itpeople.dev/css/frontend/custom.min.css?id=f53f2c4c235823182928
Requested by
Host: feature-author.krem-new.itpeople.dev
URL: https://feature-author.krem-new.itpeople.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.108.124.237 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash
5d9115cc2f9405e246c4f5d667350768a5ce5c9f239892fcfa1e9e5ba476a276
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature-author.krem-new.itpeople.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 09:59:14 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Fri, 12 Nov 2021 08:15:58 GMT
server
nginx
etag
"1cd-5d093119fab80-gzip"
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
258
expires
Fri, 18 Nov 2022 09:59:14 GMT
media.css
feature-author.krem-new.itpeople.dev/css/frontend/ 		162 B
455 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://feature-author.krem-new.itpeople.dev/css/frontend/media.css
Requested by
Host: feature-author.krem-new.itpeople.dev
URL: https://feature-author.krem-new.itpeople.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.108.124.237 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash
f8a3454846b07f29e81818cb9ac6de967a0613db917cf1e9dad31af5adfb7bfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature-author.krem-new.itpeople.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 09:59:14 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Tue, 16 Nov 2021 06:57:51 GMT
server
nginx
etag
"a2-5d0e2719f39c0-gzip"
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
144
expires
Fri, 18 Nov 2022 09:59:14 GMT
js
www.googletagmanager.com/gtag/ 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-34456711-29
Requested by
Host: feature-author.krem-new.itpeople.dev
URL: https://feature-author.krem-new.itpeople.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
19a63890a3f2401010d51c0c36a735fb91761e5ab6e4cb43825a8d904e3e058e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature-author.krem-new.itpeople.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 09:59:14 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36138
x-xss-protection
0
last-modified
Thu, 18 Nov 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 18 Nov 2021 09:59:14 GMT
logo.png
feature-author.krem-new.itpeople.dev/images/frontend/ 		23 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://feature-author.krem-new.itpeople.dev/images/frontend/logo.png
Requested by
Host: feature-author.krem-new.itpeople.dev
URL: https://feature-author.krem-new.itpeople.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.108.124.237 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash
538a70182085a583848f864ec4f92f945ce05a5d66c36e33adb98de845239412
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature-author.krem-new.itpeople.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 09:59:14 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 16 Aug 2021 14:26:25 GMT
server
nginx
etag
W/"5c52-5c9adfc6bc640"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains; preload
expires
Fri, 18 Nov 2022 09:59:14 GMT
core.min.js
feature-author.krem-new.itpeople.dev/js/frontend/ 		570 KB
161 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://feature-author.krem-new.itpeople.dev/js/frontend/core.min.js?id=b8d0b633df1473d08e9d
Requested by
Host: feature-author.krem-new.itpeople.dev
URL: https://feature-author.krem-new.itpeople.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.108.124.237 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash
9be1846816a91dd72c01841092224e25b4bb5710118686ea93d86572933f1fbb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature-author.krem-new.itpeople.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 09:59:14 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Fri, 12 Nov 2021 08:15:58 GMT
server
nginx
etag
"8e978-5d093119fab80-gzip"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
expires
Fri, 18 Nov 2022 09:59:14 GMT
custom.min.js
feature-author.krem-new.itpeople.dev/js/frontend/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://feature-author.krem-new.itpeople.dev/js/frontend/custom.min.js?id=68aad357a06d65a50366
Requested by
Host: feature-author.krem-new.itpeople.dev
URL: https://feature-author.krem-new.itpeople.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.108.124.237 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash
79608bb3cb94aaeb013d01eca8f1d7e7463ae7d6c448bd86d93e8d2d56d068f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature-author.krem-new.itpeople.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 09:59:14 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Fri, 12 Nov 2021 08:15:58 GMT
server
nginx
etag
"74a-5d093119fab80-gzip"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
941
expires
Fri, 18 Nov 2022 09:59:14 GMT
tag.js
mc.yandex.ru/metrika/ 		189 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: feature-author.krem-new.itpeople.dev
URL: https://feature-author.krem-new.itpeople.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
5568d248345d825506f88f50e3fb1cd7c05b8b1d2c8a43de15ea3b9314fa0341
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature-author.krem-new.itpeople.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 09:59:14 GMT
content-encoding
br
last-modified
Wed, 17 Nov 2021 12:17:49 GMT
etag
"6194c8bd-101bc"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
65980
expires
Thu, 18 Nov 2021 10:59:14 GMT
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/gif
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 		35 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open%20Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://feature-author.krem-new.itpeople.dev
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 15:57:38 GMT
x-content-type-options
nosniff
age
64896
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 17 Nov 2022 15:57:38 GMT
icon-foxic.ttf
feature-author.krem-new.itpeople.dev/fonts/frontend/ 		175 KB
91 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://feature-author.krem-new.itpeople.dev/fonts/frontend/icon-foxic.ttf?4ks414
Requested by
Host: feature-author.krem-new.itpeople.dev
URL: https://feature-author.krem-new.itpeople.dev/css/frontend/core.min.css?id=3de7e992ea4ce1685176
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
89.108.124.237 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash
9c006f5772696097f03ce309a7ef48d39b08fded4a7562a5a3fc08d28d2cf47a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://feature-author.krem-new.itpeople.dev/css/frontend/core.min.css?id=3de7e992ea4ce1685176
Origin
https://feature-author.krem-new.itpeople.dev
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 09:59:14 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Fri, 12 Nov 2021 08:15:58 GMT
server
nginx
etag
W/"2bce8-5d093119fab80"
x-frame-options
SAMEORIGIN
content-type
font/ttf
cache-control
max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains; preload
expires
Fri, 18 Nov 2022 09:59:14 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v27/ 		0
0
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check?t=ti(4)
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9461.bRwb5uo7qdQ4Pin2uOiXzurKWF_mR4Z5zfB8xTN6HFgTX8ACyvw0KGlxK6ZSfuad.pHl2MUz6B_oXJyEZ9OP4PnZ28t4%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9461.GuzaOrJTJjK_QfOYtsPatlt87Q_ADgFEACXBU_PGj4DIh9YUzQWJMvTr9oMdbUsM2_OcWT7vMmNb9alX1EwaPw%2C%2C.CXf9rR9Z9d9YFhfxuL24Vv8Rtdk%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9461.GuzaOrJTJjK_QfOYtsPatlt87Q_ADgFEACXBU_PGj4DIh9YUzQWJMvTr9oMdbUsM2_OcWT7vMmNb9alX1EwaPw%2C%2C.CXf9rR9Z9d9YFhfxuL24Vv8Rtdk%2C
Requested by
Host: feature-author.krem-new.itpeople.dev
URL: https://feature-author.krem-new.itpeople.dev/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature-author.krem-new.itpeople.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 09:59:14 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9461.GuzaOrJTJjK_QfOYtsPatlt87Q_ADgFEACXBU_PGj4DIh9YUzQWJMvTr9oMdbUsM2_OcWT7vMmNb9alX1EwaPw%2C%2C.CXf9rR9Z9d9YFhfxuL24Vv8Rtdk%2C
date
Thu, 18 Nov 2021 09:59:14 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif?t=ti(4)
Requested by
Host: feature-author.krem-new.itpeople.dev
URL: https://feature-author.krem-new.itpeople.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature-author.krem-new.itpeople.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 09:59:14 GMT
last-modified
Wed, 17 Nov 2021 12:17:49 GMT
etag
"6194c8bd-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Thu, 18 Nov 2021 10:59:14 GMT
1
mc.yandex.com/watch/57568105/
Redirect Chain
  • https://mc.yandex.com/watch/57568105?wmode=7&page-url=https%3A%2F%2Ffeature-author.krem-new.itpeople.dev%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afp%3A909%3Afu%3...
  • https://mc.yandex.com/watch/57568105/1?wmode=7&page-url=https%3A%2F%2Ffeature-author.krem-new.itpeople.dev%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afp%3A909%3Afu...
350 B
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/57568105/1?wmode=7&page-url=https%3A%2F%2Ffeature-author.krem-new.itpeople.dev%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afp%3A909%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A1%3Adp%3A0%3Als%3A394854642710%3Ahid%3A277165347%3Az%3A0%3Ai%3A20211118095914%3Aet%3A1637229555%3Ac%3A1%3Arn%3A548883839%3Arqn%3A1%3Au%3A1637229555982523285%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1637229553559%3Ads%3A64%2C99%2C231%2C1%2C0%2C0%2C%2C651%2C0%2C%2C%2C%2C1048%3Adsn%3A63%2C99%2C231%2C1%2C%2C0%2C%2C653%2C0%2C%2C%2C%2C1048%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1637229555%3At%3A%D0%9A%D0%B0%D0%BA%D0%B8%D0%B5%20%D0%B1%D1%8B%D0%B2%D0%B0%D1%8E%D1%82%20%D0%BA%D0%BE%D1%81%D0%BC%D0%B5%D1%82%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D0%B5%20%D0%BA%D1%80%D0%B5%D0%BC%D1%8B%20-%20krem.ru&t=gdpr%2814%29ti%282%29
Requested by
Host: feature-author.krem-new.itpeople.dev
URL: https://feature-author.krem-new.itpeople.dev/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
21a1b210456ea9d20d87a2959faf86139a147e8cbf01d4259b8d65fb96865eff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature-author.krem-new.itpeople.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Nov 2021 09:59:14 GMT
x-content-type-options
nosniff
last-modified
Thu, 18-Nov-2021 09:59:14 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://feature-author.krem-new.itpeople.dev
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
350
x-xss-protection
1; mode=block
expires
Thu, 18-Nov-2021 09:59:14 GMT

Redirect headers

pragma
no-cache
date
Thu, 18 Nov 2021 09:59:14 GMT
last-modified
Thu, 18-Nov-2021 09:59:14 GMT
location
/watch/57568105/1?wmode=7&page-url=https%3A%2F%2Ffeature-author.krem-new.itpeople.dev%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afp%3A909%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A1%3Adp%3A0%3Als%3A394854642710%3Ahid%3A277165347%3Az%3A0%3Ai%3A20211118095914%3Aet%3A1637229555%3Ac%3A1%3Arn%3A548883839%3Arqn%3A1%3Au%3A1637229555982523285%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1637229553559%3Ads%3A64%2C99%2C231%2C1%2C0%2C0%2C%2C651%2C0%2C%2C%2C%2C1048%3Adsn%3A63%2C99%2C231%2C1%2C%2C0%2C%2C653%2C0%2C%2C%2C%2C1048%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1637229555%3At%3A%D0%9A%D0%B0%D0%BA%D0%B8%D0%B5%20%D0%B1%D1%8B%D0%B2%D0%B0%D1%8E%D1%82%20%D0%BA%D0%BE%D1%81%D0%BC%D0%B5%D1%82%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D0%B5%20%D0%BA%D1%80%D0%B5%D0%BC%D1%8B%20-%20krem.ru&t=gdpr%2814%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://feature-author.krem-new.itpeople.dev
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Thu, 18-Nov-2021 09:59:14 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-34456711-29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature-author.krem-new.itpeople.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3488
date
Thu, 18 Nov 2021 09:01:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 18 Nov 2021 11:01:07 GMT
collect
www.google-analytics.com/j/ 		2 B
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=348323741&t=pageview&_s=1&dl=https%3A%2F%2Ffeature-author.krem-new.itpeople.dev%2F&ul=en-us&de=UTF-8&dt=%D0%9A%D0%B0%D0%BA%D0%B8%D0%B5%20%D0%B1%D1%8B%D0%B2%D0%B0%D1%8E%D1%82%20%D0%BA%D0%BE%D1%81%D0%BC%D0%B5%D1%82%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D0%B5%20%D0%BA%D1%80%D0%B5%D0%BC%D1%8B%20-%20krem.ru&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1688341495&gjid=484765145&cid=1603003471.1637229555&tid=UA-34456711-29&_gid=86316433.1637229555&_r=1&gtm=2ouba1&z=1734175774
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://feature-author.krem-new.itpeople.dev/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Nov 2021 09:59:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://feature-author.krem-new.itpeople.dev
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
457 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-34456711-29&cid=1603003471.1637229555&jid=1688341495&gjid=484765145&_gid=86316433.1637229555&_u=YEBAAUAAAAAAAC~&z=182933477
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://feature-author.krem-new.itpeople.dev/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 18 Nov 2021 09:59:15 GMT
content-type
text/plain
access-control-allow-origin
https://feature-author.krem-new.itpeople.dev
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-34456711-29&cid=1603003471.1637229555&jid=1688341495&_u=YEBAAUAAAAAAAC~&z=683686013
Requested by
Host: feature-author.krem-new.itpeople.dev
URL: https://feature-author.krem-new.itpeople.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature-author.krem-new.itpeople.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Nov 2021 09:59:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-34456711-29&cid=1603003471.1637229555&jid=1688341495&_u=YEBAAUAAAAAAAC~&z=683686013
Requested by
Host: feature-author.krem-new.itpeople.dev
URL: https://feature-author.krem-new.itpeople.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://feature-author.krem-new.itpeople.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Nov 2021 09:59:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fonts.gstatic.com
URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| ym function| gtag object| dataLayer function| onYouTubeIframeAPIReady object| lazySizes object| imageRatio function| $ function| jQuery object| bootstrap object| bodyScrollLock function| EvEmitter function| imagesLoaded function| anime object| THEME object| toastr object| Ya object| yaCounter57568105 object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

15 Cookies

Domain/Path Name / Value
feature-author.krem-new.itpeople.dev/ Name: XSRF-TOKEN
Value: eyJpdiI6IkhvWHdNeWdzSWJUUnJHTDczT2Z2UUE9PSIsInZhbHVlIjoiUU1HQTBob3RydHRHbzd0SkFvY3ZvRkcyYSs1UEVaWDcvaFRQMkZIa3RJcEYxbkRLUEg1RWx4T1YvaEN5bExKS3BJL1ZTOHVqd2g0TGhKcW1nWGMzdk90Qngzd29Qdk5DSjNMZ29vbEdQSlBWQkRhVWorUjJrekR4YnkrZFlPakYiLCJtYWMiOiI0MDU3MTAxNmY1NTVmMzhjMTA5NDJjYTYxMGU5YTM3MzFlNjUyNDM0NjY3ZTMzYWJlOTQyMjMzYTdhYmMyMTY2In0%3D
feature-author.krem-new.itpeople.dev/ Name: krem_session
Value: eyJpdiI6Ik9aRHBjVWM0SXVaZUFSZHRnN29zcEE9PSIsInZhbHVlIjoiYnBJV0JrK1Q4SjRpTDVadmMzUXErOHljMjMxeGsrRXFXM0J5YnNNWHpPNkpGN0ZscnJxQ0x1dFZuRW05L3k4NmJuN0pmaGFPS2hzMURoOEdHK2puRWYrK3lHQ2M1cStFZzVtci9Kajk5WmtlWXlzTmhrQkdQTXltOTBHMGhjdnAiLCJtYWMiOiIwYjMzZWVhMDMzZmMxYzE3ZDU2MzFiMzkxMmExZTNhNTMwMjIzMTJmNzA5YzZmOTdiZDllNjYxYzNlNmJlMjNjIn0%3D
.itpeople.dev/ Name: _ym_uid
Value: 1637229555982523285
.itpeople.dev/ Name: _ym_d
Value: 1637229555
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 1698415110fake
.itpeople.dev/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 3362826088fake
.yandex.com/ Name: yandexuid
Value: 8138570721637229554
.yandex.com/ Name: yuidss
Value: 8138570721637229554
mc.yandex.com/ Name: yabs-sid
Value: 1930432331637229554
.yandex.com/ Name: i
Value: MYtsqTHaX/elw7NSMN/ktN/MOx4Z8uSNjBTufubjBM83uTVHrG7ffXgtDapLwHcsaGGOk8Czd8EuMJ/6YnrnmANFQis=
.yandex.com/ Name: ymex
Value: 1668765554.yrts.1637229554#1668765554.yrtsi.1637229554
.itpeople.dev/ Name: _ga
Value: GA1.2.1603003471.1637229555
.itpeople.dev/ Name: _gid
Value: GA1.2.86316433.1637229555
.itpeople.dev/ Name: _gat_gtag_UA_34456711_29
Value: 1

1 Console Messages

Source Level URL
Text
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9461.GuzaOrJTJjK_QfOYtsPatlt87Q_ADgFEACXBU_PGj4DIh9YUzQWJMvTr9oMdbUsM2_OcWT7vMmNb9alX1EwaPw%2C%2C.CXf9rR9Z9d9YFhfxuL24Vv8Rtdk%2C
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

feature-author.krem-new.itpeople.dev
fonts.googleapis.com
fonts.gstatic.com
mc.yandex.com
mc.yandex.ru
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
fonts.gstatic.com
142.250.185.202
142.250.186.100
142.250.186.104
142.250.186.142
2a00:1450:4001:80e::2003
2a00:1450:4001:813::2003
2a00:1450:400c:c07::9c
2a02:6b8::1:119
89.108.124.237
19a63890a3f2401010d51c0c36a735fb91761e5ab6e4cb43825a8d904e3e058e
21a1b210456ea9d20d87a2959faf86139a147e8cbf01d4259b8d65fb96865eff
538a70182085a583848f864ec4f92f945ce05a5d66c36e33adb98de845239412
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5568d248345d825506f88f50e3fb1cd7c05b8b1d2c8a43de15ea3b9314fa0341
5d9115cc2f9405e246c4f5d667350768a5ce5c9f239892fcfa1e9e5ba476a276
79608bb3cb94aaeb013d01eca8f1d7e7463ae7d6c448bd86d93e8d2d56d068f9
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
9be1846816a91dd72c01841092224e25b4bb5710118686ea93d86572933f1fbb
9c006f5772696097f03ce309a7ef48d39b08fded4a7562a5a3fc08d28d2cf47a
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1bcf152ceffde9e033e30e6206b34ab9dcfbfb0c39df4efaed23e834f766d97
aae54b1ef2c709c6548c0c7be4556f9b334a667b1f363e5aa54e6fd55ba9880c
b3008b14f20d09baf6993bbdadf2d8841d8d1a3c49807f9e2871613327d0ced7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c7edec97fd75e7335be3ea10754c843586cf113632430d143b38d730342028a9
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f8a3454846b07f29e81818cb9ac6de967a0613db917cf1e9dad31af5adfb7bfb