www.tumen.kp.ru Open in urlscan Pro
95.181.181.82 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://m.tumen.kp.ru/
Effective URL:
https://www.tumen.kp.ru/
Submission Tags: ru h8 kuzelovi sub l4ing Search All
Submission: On August 21 via manual (August 21st 2022, 9:31:26 pm UTC) from UA — Scanned from DE

Summary HTTP 283 Redirects Links 34 Behaviour Indicators

Summary

This website contacted 57 IPs in 10 countries across 35 domains to perform 283 HTTP transactions. The main IP is 95.181.181.82, located in Russian Federation and belongs to EDGECENTERLLC, RU. The main domain is www.tumen.kp.ru.
TLS certificate: Issued by R3 on August 8th 2022. Valid for: 3 months.

This is the only time www.tumen.kp.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 4	95.181.181.82 95.181.181.82	210756 (EDGECENTE...) (EDGECENTERLLC)
11	2a02:6b8:a::a 2a02:6b8:a::a	208722 (GLOBAL_DC) (GLOBAL_DC)
25	2a03:90c0:41:... 2a03:90c0:41:2801::254	199524 (GCORE) (GCORE)
1	2a02:6b8::16b 2a02:6b8::16b	208722 (GLOBAL_DC) (GLOBAL_DC)
1	95.181.181.12 95.181.181.12	210756 (EDGECENTE...) (EDGECENTERLLC)
9	2a02:6b8:20::215 2a02:6b8:20::215	208722 (GLOBAL_DC) (GLOBAL_DC)
18	2a02:6b8::1be 2a02:6b8::1be	208722 (GLOBAL_DC) (GLOBAL_DC)
2 4	144.76.119.17 144.76.119.17	24940 (HETZNER-AS) (HETZNER-AS)
3	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
3	195.209.111.22 195.209.111.22	52007 (ADRIVER-AS) (ADRIVER-AS)
3	2a00:1148:db0... 2a00:1148:db00::17	47764 (VK-AS) (VK-AS)
3	188.42.196.115 188.42.196.115	7979 (SERVERS-COM) (SERVERS-COM)
1	65.108.236.88 65.108.236.88	24940 (HETZNER-AS) (HETZNER-AS)
6	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
2	2a02:6b8::2:158 2a02:6b8::2:158	208722 (GLOBAL_DC) (GLOBAL_DC)
10	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
1 30	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
3 19	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2a02:6b8::184 2a02:6b8::184	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2a02:6b8::36 2a02:6b8::36	208722 (GLOBAL_DC) (GLOBAL_DC)
2 12	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
3 12	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4006:812::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:6b8::5:114 2a02:6b8::5:114	208722 (GLOBAL_DC) (GLOBAL_DC)
3	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
3 4	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2 4	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	37.252.172.250 37.252.172.250	29990 (ASN-APPNEX) (ASN-APPNEX)
12	2a00:1450:400... 2a00:1450:4001:80e::2006	15169 (GOOGLE) (GOOGLE)
1 4	2001:6d0:4001... 2001:6d0:4001::226	52016 (TNSMSK-) (TNSMSK-)
4	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	46.161.36.2 46.161.36.2	49505 (SELECTEL) (SELECTEL)
1 3	13.32.99.21 13.32.99.21	16509 (AMAZON-02) (AMAZON-02)
1 2	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
2	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
4	82.148.14.194 82.148.14.194	50340 (SELECTEL-MSK) (SELECTEL-MSK)
7	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	88.212.218.22 88.212.218.22	39134 (UNITEDNET) (UNITEDNET)
1	82.202.225.240 82.202.225.240	50340 (SELECTEL-MSK) (SELECTEL-MSK)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.139 74.119.119.139	19750 (AS-CRITEO) (AS-CRITEO)
2 3	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
283	57

4 95.181.181.82 (Russian Federation) 2 redirects

ASN210756 (EDGECENTERLLC, RU)

m.tumen.kp.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.tumen.kp.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)

s01.stc.yc.kpcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s10.stc.yc.kpcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s09.stc.yc.kpcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s02.api.yc.kpcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s14.stc.yc.kpcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::16b (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

matchid.adfox.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.181.181.12 (Russian Federation)

ASN210756 (EDGECENTERLLC, RU)

identity.kp.house	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a02:6b8::1be (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

ads.adfox.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 144.76.119.17 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.17.119.76.144.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

adfox-c2s-ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 195.209.111.22 (Russian Federation)

ASN52007 (ADRIVER-AS, RU)

pb.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1148:db00::17 (Russian Federation)

ASN47764 (VK-AS, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.42.196.115 (Luxembourg)

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.108.236.88 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.88.236.108.65.clients.your-server.de

ssp.bidvol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::2:158 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

banners.adfox.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a1bed8a6f1f6460a2546120b6d18cd8a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ebcd602ef315b7dcb31a5232527e0c7a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::184 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

avatars.mds.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::36 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

favicon.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4006:812::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::5:114 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

ysa-static.passport.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.162 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.19.126 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.250 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:6d0:4001::226 (Russian Federation) 1 redirects

ASN52016 (TNSMSK-, RU)

tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.161.36.2 (Russian Federation)

ASN49505 (SELECTEL, RU)
PTR: target2-1.sselp1.imcmdb.net

target.smi2.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.99.21 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-21.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.198 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 82.148.14.194 (Russian Federation)

ASN50340 (SELECTEL-MSK, RU)
PTR: sm-server1-1.ssel24.imcmdb.net

stat.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.218.22 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: ads5-1.sser16.imcmdb.net

smi2.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.202.225.240 (Moscow, Russian Federation)

ASN50340 (SELECTEL-MSK, RU)
PTR: smi2adm2-1.ssel27.imcmdb.net

smi2.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.16.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
58	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 a1bed8a6f1f6460a2546120b6d18cd8a.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 159 6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com ebcd602ef315b7dcb31a5232527e0c7a.safeframe.googlesyndication.com	403 KB
28	doubleclick.net 5 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218 googleads.g.doubleclick.net — Cisco Umbrella Rank: 52 cm.g.doubleclick.net — Cisco Umbrella Rank: 214 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 303 stats.g.doubleclick.net — Cisco Umbrella Rank: 108	566 KB
25	kpcdn.net s01.stc.yc.kpcdn.net — Cisco Umbrella Rank: 395274 s10.stc.yc.kpcdn.net — Cisco Umbrella Rank: 424602 s09.stc.yc.kpcdn.net — Cisco Umbrella Rank: 403657 s02.api.yc.kpcdn.net — Cisco Umbrella Rank: 479144 s14.stc.yc.kpcdn.net — Cisco Umbrella Rank: 423325	628 KB
20	adfox.ru ads.adfox.ru — Cisco Umbrella Rank: 11442 banners.adfox.ru — Cisco Umbrella Rank: 74240	94 KB
17	gstatic.com fonts.gstatic.com csi.gstatic.com www.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn2.gstatic.com	245 KB
17	yandex.ru 1 redirects yandex.ru — Cisco Umbrella Rank: 1426 matchid.adfox.yandex.ru — Cisco Umbrella Rank: 30072 mc.yandex.ru — Cisco Umbrella Rank: 3880 ysa-static.passport.yandex.ru — Cisco Umbrella Rank: 25730	367 KB
15	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 10960	4 KB
15	google.com 3 redirects adservice.google.com — Cisco Umbrella Rank: 88 www.google.com — Cisco Umbrella Rank: 9	3 KB
12	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 280	104 KB
10	google.de adservice.google.de — Cisco Umbrella Rank: 8811 www.google.de — Cisco Umbrella Rank: 6076	2 KB
9	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 759 gum.criteo.com — Cisco Umbrella Rank: 407 mug.criteo.com — Cisco Umbrella Rank: 2790	9 KB
9	yastatic.net yastatic.net — Cisco Umbrella Rank: 6925	232 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 45 region1.google-analytics.com — Cisco Umbrella Rank: 3094	20 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 194	213 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 54	3 KB
4	stat.media stat.media — Cisco Umbrella Rank: 29300	29 KB
4	tns-counter.ru 1 redirects tns-counter.ru — Cisco Umbrella Rank: 11338	62 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 525	4 KB
4	buzzoola.com 2 redirects exchange.buzzoola.com — Cisco Umbrella Rank: 20664	2 KB
4	kp.ru 2 redirects m.tumen.kp.ru www.tumen.kp.ru	103 KB
3	googleadservices.com 2 redirects www.googleadservices.com — Cisco Umbrella Rank: 130	16 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 146	783 B
3	smi2.net target.smi2.net — Cisco Umbrella Rank: 129326 smi2.net — Cisco Umbrella Rank: 47513	2 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 230	3 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	216 KB
3	betweendigital.com ads.betweendigital.com — Cisco Umbrella Rank: 2016	3 KB
3	mail.ru ad.mail.ru — Cisco Umbrella Rank: 11968	1014 B
3	adriver.ru pb.adriver.ru — Cisco Umbrella Rank: 40366	909 B
3	creativecdn.com adfox-c2s-ams.creativecdn.com — Cisco Umbrella Rank: 65849	627 B
3	criteo.net static.criteo.net — Cisco Umbrella Rank: 655	40 KB
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 9849	2 KB
2	yandex.net avatars.mds.yandex.net — Cisco Umbrella Rank: 8534 favicon.yandex.net — Cisco Umbrella Rank: 10522	25 KB
1	smi2.ru smi2.ru — Cisco Umbrella Rank: 50825	866 B
1	bidvol.com ssp.bidvol.com — Cisco Umbrella Rank: 32925	476 B
1	kp.house identity.kp.house — Cisco Umbrella Rank: 415596	2 KB
283	35

	Domain	Requested by
30	tpc.googlesyndication.com	1 redirects securepubads.g.doubleclick.net tpc.googlesyndication.com a1bed8a6f1f6460a2546120b6d18cd8a.safeframe.googlesyndication.com www.tumen.kp.ru 6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com ebcd602ef315b7dcb31a5232527e0c7a.safeframe.googlesyndication.com
22	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.tumen.kp.ru tpc.googlesyndication.com a1bed8a6f1f6460a2546120b6d18cd8a.safeframe.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
18	ads.adfox.ru	yandex.ru www.tumen.kp.ru
17	s01.stc.yc.kpcdn.net	www.tumen.kp.ru s01.stc.yc.kpcdn.net
15	mc.yandex.com	2 redirects www.tumen.kp.ru mc.yandex.ru
12	s0.2mdn.net	www.tumen.kp.ru s0.2mdn.net
12	www.google.com	3 redirects tpc.googlesyndication.com a1bed8a6f1f6460a2546120b6d18cd8a.safeframe.googlesyndication.com www.tumen.kp.ru
11	yandex.ru	www.tumen.kp.ru yandex.ru yastatic.net
10	googleads.g.doubleclick.net	2 redirects a1bed8a6f1f6460a2546120b6d18cd8a.safeframe.googlesyndication.com www.tumen.kp.ru ebcd602ef315b7dcb31a5232527e0c7a.safeframe.googlesyndication.com www.googleadservices.com
10	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.tumen.kp.ru 6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com
9	yastatic.net	yandex.ru yastatic.net www.tumen.kp.ru
8	fonts.gstatic.com	fonts.googleapis.com
7	www.google.de	www.tumen.kp.ru
6	www.googletagservices.com	yastatic.net a1bed8a6f1f6460a2546120b6d18cd8a.safeframe.googlesyndication.com 6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com ebcd602ef315b7dcb31a5232527e0c7a.safeframe.googlesyndication.com
6	bidder.criteo.com	static.criteo.net
5	fonts.googleapis.com	yastatic.net 6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com s0.2mdn.net tpc.googlesyndication.com
4	stat.media	target.smi2.net stat.media
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.tumen.kp.ru
4	tns-counter.ru	1 redirects www.tumen.kp.ru tns-counter.ru
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	mc.yandex.ru	1 redirects yandex.ru www.tumen.kp.ru yastatic.net
4	exchange.buzzoola.com	2 redirects www.tumen.kp.ru
3	www.googleadservices.com	2 redirects yastatic.net
3	encrypted-tbn0.gstatic.com	6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com
3	sb.scorecardresearch.com	1 redirects www.tumen.kp.ru
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.googletagmanager.com	www.tumen.kp.ru www.googletagmanager.com
3	adservice.google.com	securepubads.g.doubleclick.net
3	adservice.google.de	securepubads.g.doubleclick.net
3	ads.betweendigital.com	yandex.ru
3	ad.mail.ru	yandex.ru
3	pb.adriver.ru	yandex.ru
3	adfox-c2s-ams.creativecdn.com	yandex.ru
3	static.criteo.net	yandex.ru www.tumen.kp.ru
3	s02.api.yc.kpcdn.net	s01.stc.yc.kpcdn.net
3	s09.stc.yc.kpcdn.net	www.tumen.kp.ru
2	gum.criteo.com	1 redirects static.criteo.net
2	region1.google-analytics.com	www.googletagmanager.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	encrypted-tbn3.gstatic.com	6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com
2	googleads4.g.doubleclick.net	www.tumen.kp.ru
2	counter.yadro.ru	1 redirects www.tumen.kp.ru
2	target.smi2.net	www.tumen.kp.ru
2	ebcd602ef315b7dcb31a5232527e0c7a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	csi.gstatic.com	securepubads.g.doubleclick.net
2	6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	a1bed8a6f1f6460a2546120b6d18cd8a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	banners.adfox.ru	www.tumen.kp.ru
2	www.tumen.kp.ru	www.tumen.kp.ru
2	m.tumen.kp.ru	2 redirects
1	mug.criteo.com
1	smi2.net	www.tumen.kp.ru
1	smi2.ru	www.tumen.kp.ru
1	encrypted-tbn2.gstatic.com	6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com
1	www.gstatic.com	6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com
1	ysa-static.passport.yandex.ru	www.tumen.kp.ru
1	favicon.yandex.net	www.tumen.kp.ru
1	avatars.mds.yandex.net	www.tumen.kp.ru
1	ssp.bidvol.com	yandex.ru
1	s14.stc.yc.kpcdn.net	www.tumen.kp.ru
1	identity.kp.house	s01.stc.yc.kpcdn.net
1	matchid.adfox.yandex.ru	yandex.ru
1	s10.stc.yc.kpcdn.net	www.tumen.kp.ru
283	64

This site contains links to these domains. Also see Links.

Domain
www.kazan.kp.ru
www.kp.ru
radiokp.ru
advert.kp.ru
parus.kp.ru
kino.kp.ru
tumen.kp.ru
ads.adfox.ru

Subject Issuer	Validity	Valid
amp.chel.kp.ru R3	`2022-08-08` - `2022-11-06`	3 months	crt.sh
*.xn--d1acpjx3f.xn--p1ai GlobalSign ECC OV SSL CA 2018	`2022-03-04` - `2022-09-01`	6 months	crt.sh
*.stc.yc.kpcdn.net R3	`2022-07-30` - `2022-10-28`	3 months	crt.sh
matchid.adfox.yandex.ru GlobalSign RSA OV SSL CA 2018	`2022-07-18` - `2023-01-10`	6 months	crt.sh
identity.kp.house R3	`2022-07-09` - `2022-10-07`	3 months	crt.sh
s01.api.yc.kpcdn.net R3	`2022-08-07` - `2022-11-05`	3 months	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2022-04-01` - `2022-09-29`	6 months	crt.sh
*.adfox.ru GlobalSign RSA OV SSL CA 2018	`2022-05-30` - `2022-11-08`	5 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-21` - `2022-09-23`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.adriver.ru GlobalSign GCC R3 DV TLS CA 2020	`2022-04-05` - `2023-04-05`	a year	crt.sh
*.mail.ru GeoTrust ECC CA 2018	`2021-10-15` - `2022-11-15`	a year	crt.sh
*.ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-15` - `2023-01-15`	a year	crt.sh
ssp.bidvol.com R3	`2022-06-29` - `2022-09-27`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-15` - `2022-09-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.s3.yandex.net GlobalSign RSA OV SSL CA 2018	`2022-03-11` - `2022-10-11`	7 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-05-21` - `2022-10-31`	5 months	crt.sh
*.avatars.yandex.net GlobalSign RSA OV SSL CA 2018	`2022-03-04` - `2023-04-05`	a year	crt.sh
favicon.yandex.net GlobalSign ECC OV SSL CA 2018	`2022-04-11` - `2022-09-10`	5 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
ysa-static.passport.yandex.net GlobalSign ECC OV SSL CA 2018	`2022-03-04` - `2023-04-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.tns-counter.ru GlobalSign ECC OV SSL CA 2018	`2021-12-10` - `2022-12-31`	a year	crt.sh
smi2.net R3	`2022-08-10` - `2022-11-08`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
stat.media R3	`2022-07-25` - `2022-10-23`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
smi2.ru R3	`2022-07-01` - `2022-09-29`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh

This page contains 24 frames:

Primary Page: https://www.tumen.kp.ru/
Frame ID: 8E07ED647EE97BABECB018F8212DF5B0
Requests: 145 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 0ECD499E2C4767EBDE5A3B5DAC71CF19
Requests: 8 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: ABB817383621A4AF7220973D4F0613F8
Requests: 11 HTTP requests in this frame

Frame: https://a1bed8a6f1f6460a2546120b6d18cd8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 2F034920701773D88DE198702DC39F98
Requests: 1 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Frame ID: 0080DA68DD3DA20FFFF9A74D45459BD1
Requests: 23 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: B09BFEF19F2147B46B7B3A8E1C9C43A1
Requests: 8 HTTP requests in this frame

Frame: https://6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: EE3443351E8EA53D5590C1992D95D6B6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 49A96132565AB0DE3DBF1039D069A34B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A44B2C16E89C3E29096265430067CB44
Requests: 2 HTTP requests in this frame

Frame: https://ebcd602ef315b7dcb31a5232527e0c7a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 1E2C5EF40CFDD10BFAFCE4384D553274
Requests: 1 HTTP requests in this frame

Frame: https://a1bed8a6f1f6460a2546120b6d18cd8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 812527CE932775D52CED9B6EE7C0588F
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 96FB8807929F19DCFAB30FB9CF70937E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 328DECD3791CF620AD5D2020322E4ED6
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYwNPDmAEwAQ&v=APEucNUn86UfMThj0a25gZTCdMgN92PgvLRtmw7Qty-tLi-2Vhm0--w_TmVgUprmxDbYigdx1_LNHSeZdhbFMr3sJ2bFM5Bwcr2yw3G7vhlw8Cv8u5zEpuLNgW_FGUuJEWi9GqBErm7UcvGP5ieSAGSP91PuJfUgnZI-1r0HSwkyXHf50acshjg
Frame ID: 4F678692275E8B6CE51DEC81D12DC619
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EA413F89E7A11043F0503CF0568889CA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DB45F87A685545EAD81A7582EF26C260
Requests: 2 HTTP requests in this frame

Frame: https://6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 2A16FE7C26265017ADBDFACD9C5EB28C
Requests: 20 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5898824741970832675/index.html
Frame ID: 571DFCC5F0325ED30B6E2770B88E1332
Requests: 15 HTTP requests in this frame

Frame: https://ebcd602ef315b7dcb31a5232527e0c7a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: E277306F2441384D1E6BF742963EA1D9
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 976EEFB89D3ED2B6868751812937166F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/index.html
Frame ID: E4A1330A08E09871C44F60090DFF0B72
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6027CFF533802D0EE93E6286B1670BA0
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js
Frame ID: DC52745FC5A920365F569E52F98C318C
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.tumen.kp.ru
Frame ID: 6CAF2E08335AFD0916CEB3AA643236F4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Новости Тюмени и Тюменской области: главные новости на сегодня | Комсомольская Правда в Тюмени - KP.RU

Page URL History Show full URLs

http://m.tumen.kp.ru/ HTTP 301
https://m.tumen.kp.ru/ HTTP 303
https://www.tumen.kp.ru/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

283
Requests

95 %
HTTPS

63 %
IPv6

35
Domains

64
Subdomains

57
IPs

10
Countries

3396 kB
Transfer

9111 kB
Size

59
Cookies

34 Outgoing links

These are links going to different origins than the main page.

URL: https://www.kazan.kp.ru/daily/21712095/4332309/

Search URL Search Domain Scan URL

URL: https://www.kp.ru/daily/euromaidan/
Title: Спецоперация на Украине

Search URL Search Domain Scan URL

URL: https://www.kp.ru/sports/
Title: Спорт

Search URL Search Domain Scan URL

URL: https://www.kp.ru/samobranka/
Title: Самобранка

Search URL Search Domain Scan URL

URL: https://www.kp.ru/expert/
Title: Выбор экспертов

Search URL Search Domain Scan URL

URL: https://www.kp.ru/doctor/
Title: Доктор

Search URL Search Domain Scan URL

URL: https://www.kp.ru/family/
Title: Семья

Search URL Search Domain Scan URL

URL: https://www.kp.ru/woman/
Title: Женские секреты

Search URL Search Domain Scan URL

URL: https://www.kp.ru/putevoditel/
Title: Путеводитель

Search URL Search Domain Scan URL

URL: https://www.kp.ru/promokod/
Title: Промокоды

Search URL Search Domain Scan URL

URL: https://www.kp.ru/putevoditel/serialy/
Title: Сериалы

Search URL Search Domain Scan URL

URL: http://www.kp.ru/best/msk/projects/
Title: Спецпроекты

Search URL Search Domain Scan URL

URL: https://www.kp.ru/putevoditel/zdorove/defitsit-zheleza-u-zhenshhin/
Title: Дефицит железа

Search URL Search Domain Scan URL

URL: https://www.kp.ru/guide/
Title: Гид потребителя

Search URL Search Domain Scan URL

URL: https://www.kp.ru/daily/217165/4265546/
Title: Все о КП

Search URL Search Domain Scan URL

URL: https://radiokp.ru/
Title: Радио КП

Search URL Search Domain Scan URL

URL: https://advert.kp.ru/
Title: Реклама

Search URL Search Domain Scan URL

URL: https://www.kp.ru/daily/theme/16369/
Title: Убийство Дугиной

Search URL Search Domain Scan URL

URL: https://www.kp.ru/daily/theme/16218/
Title: Украина: сводка

Search URL Search Domain Scan URL

URL: http://parus.kp.ru/
Title: Алый парус

Search URL Search Domain Scan URL

URL: https://kino.kp.ru/
Title: Наше кино

Search URL Search Domain Scan URL

URL: https://www.kp.ru/daily/koronavirus/
Title: COVID-19

Search URL Search Domain Scan URL

URL: https://www.kp.ru/daily/partiya_dela/
Title: Лица труда

Search URL Search Domain Scan URL

URL: https://www.kp.ru/russia/
Title: Отдых в России

Search URL Search Domain Scan URL

URL: https://www.kp.ru/incidents/
Title: Происшествия

Search URL Search Domain Scan URL

URL: https://www.kp.ru/afisha/msk/
Title: Афиша

Search URL Search Domain Scan URL

URL: https://tumen.kp.ru/incidents/
Title: Происшествия

Search URL Search Domain Scan URL

URL: https://tumen.kp.ru/society/
Title: Общество

Search URL Search Domain Scan URL

URL: https://tumen.kp.ru/health/
Title: Здоровье

Search URL Search Domain Scan URL

URL: https://tumen.kp.ru/special/
Title: Дом. Семья

Search URL Search Domain Scan URL

URL: https://tumen.kp.ru/daily/invisible/
Title: Интересное

Search URL Search Domain Scan URL

URL: https://tumen.kp.ru/sport/
Title: Спорт

Search URL Search Domain Scan URL

URL: https://ads.adfox.ru/232598/goLink?ad-session-id=2350821661117479275&hash=ce0b87eb1109dd52&puid1=adv-1661117479231-474&sj=t8-p1vM6ui9qXk-0P7h5RIdeVcC31XFfX7endZqMEYW9O-dZ8j1QCMd1ktSfdA%3D%3D&rand=ipcihpa&rqs=JtBLxzwtFBwnpAJj6VQtuNiEewnQRwpl&puid3=top%3Aregion&pr=fvalebb&p1=clerf&ytt=362840448958469&p5=ljjmt&ybv=0.634516&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&p2=gvdq&ylv=0.634516&pf=http%3A%2F%2Fads.adfox.ru%2F232598%2FgoLink%3Fp1%3Dbzbip%26p2%3Dfrfe%26p5%3Dlsrgh%26pr%3D1%26puid1%3D%26puid2%3D%26puid3%3D%26puid4%3D%26puid5%3D%26puid6%3D%26puid7%3D

Search URL Search Domain Scan URL

URL: https://ads.adfox.ru/232598/goLink?ad-session-id=2350821661117479275&hash=ce0b87eb1109dd52&puid1=adv-1661117479231-474&sj=t8-p1vM6ui9qXk-0P7h5RIdeVcC31XFfX7endZqMEYW9O-dZ8j1QCMd1ktSfdA%3D%3D&rand=ipcihpa&rqs=JtBLxzwtFBwnpAJj6VQtuNiEewnQRwpl&puid3=top%3Aregion&pr=fvalebb&p1=clerf&ytt=362840448958469&p5=ljjmt&ybv=0.634516&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&p2=gvdq&ylv=0.634516&pf=https%3A%2F%2Fwww.msk.kp.ru%2Fdaily%2Fmoskva-budushego%2F

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://m.tumen.kp.ru/ HTTP 301
https://m.tumen.kp.ru/ HTTP 303
https://www.tumen.kp.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://exchange.buzzoola.com/ssp/adfox HTTP 307
https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t

Request Chain 52

https://exchange.buzzoola.com/ssp/adfox HTTP 307
https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t

Request Chain 138

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9737.XgsFcX4r4caqQ0KlSAfMCmFWDrmFoy4rnpyzymceWSJyqfKwd3wk24o5L2uZWz4X.SZtbYz76zxyHcp2grgsFwZwG83M%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9737.5RNPEiAMYEicE30vCNC0q4hzYmUv7aUDJCvCO9KGzOJVmmim9ufP2OOzkKx0w6v2SCYvryyhyGETbRzZUbB4WL63tkvFo83tDcX_ix1ongM%2C.KrZqtAqVRS65ZwatbihkCAIsBpk%2C

Request Chain 143

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDQgWtuZgTPZ-97VScALy90&google_cver=1

Request Chain 144

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YwKkKIrDN4yCj3s9E4SaFgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDyilaSK0t7kJiwb7woPdag&google_cver=1

Request Chain 145

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEPV7c22fWJj9JTgu1OA492U&google_cver=1

Request Chain 146

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA5MDA3MzQ5NzU0MjY5ODA4Mw%3D%3D

Request Chain 162

https://counter.yadro.ru/hit;kp/kpall/reg/kptumen?r;s1600*1200*24;uhttps%3A//www.tumen.kp.ru/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0422%u044E%u043C%u0435%u043D%u0438%20%u0438%20%u0422%u044E%u043C%u0435%u043D%u0441%u043A%u043E%u0439%20%u043E%u0431%u043B%u0430%u0441%u0442%u0438%3A%20%u0433%u043B%u0430%u0432%u043D%u044B%u0435%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438%20%u043D%u0430%20%u0441%u0435%u0433%u043E%u0434%u043D%u044F%20%7C%20%u041A%u043E%u043C%u0441%u043E%u043C%u043E%u043B%u044C%u0441%u043A%u0430%u044F%20%u041F;0.7654961748722411 HTTP 302
https://counter.yadro.ru/hit;kp/kpall/reg/kptumen?q;r;s1600*1200*24;uhttps%3A//www.tumen.kp.ru/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0422%u044E%u043C%u0435%u043D%u0438%20%u0438%20%u0422%u044E%u043C%u0435%u043D%u0441%u043A%u043E%u0439%20%u043E%u0431%u043B%u0430%u0441%u0442%u0438%3A%20%u0433%u043B%u0430%u0432%u043D%u044B%u0435%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438%20%u043D%u0430%20%u0441%u0435%u0433%u043E%u0434%u043D%u044F%20%7C%20%u041A%u043E%u043C%u0441%u043E%u043C%u043E%u043B%u044C%u0441%u043A%u0430%u044F%20%u041F;0.7654961748722411

Request Chain 183

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDbxsi7jQEQ6AIY6AIyCFR5nIyM6Xl- HTTP 301
https://tpc.googlesyndication.com/simgad/1855790038366648222

Request Chain 203

https://tns-counter.ru/V13a***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/821317946 HTTP 302
https://tns-counter.ru/V13b***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/821317946

Request Chain 205

https://mc.yandex.com/watch/26254?wmode=7&page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anitzfaj0q86lk7t0iduwo%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A870%3Acn%3A1%3Adp%3A0%3Als%3A258773076729%3Ahid%3A735502519%3Az%3A0%3Ai%3A20220821213120%3Aet%3A1661117481%3Ac%3A1%3Arn%3A217306078%3Au%3A1661117481136524126%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1661117477748%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661117481%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20-%20KP.RU&t=gdpr(14)clc(0-0-0)aw(1)rqnl(1)ti(2) HTTP 302
https://mc.yandex.com/watch/26254/1?wmode=7&page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anitzfaj0q86lk7t0iduwo%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A870%3Acn%3A1%3Adp%3A0%3Als%3A258773076729%3Ahid%3A735502519%3Az%3A0%3Ai%3A20220821213120%3Aet%3A1661117481%3Ac%3A1%3Arn%3A217306078%3Au%3A1661117481136524126%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1661117477748%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661117481%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20-%20KP.RU&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnl%281%29ti%282%29

Request Chain 229

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 248

https://sb.scorecardresearch.com/c2/16803468/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/default/cs.js

Request Chain 251

https://gum.criteo.com/sid/json?origin=publishertag&domain=kp.ru&sn=ChromeSyncframe&so=0&topUrl=www.tumen.kp.ru&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=C2euOHxsdGlUWHl3VGRjekxST3FkN3c5S0t5cHg1ZnAxK05hbk9xYlZaZ0VYSHA2WHBtR0xMd1pnTG5Xb3BBd3R4S0o4WVdOakJEc3ZEVHQ3cjVrN3V1Nk1kZG85MlFDM0J6RGFQQXZQdG9WbUNzbnMxdXl1U2h1dzVaSkFERXZnbm5TcFBPV0YxK1ZJWlRTUC9DY3laUy9BV0E0d1VUZmUydlFjSzRwanM3aVhueVp2Ni9WblhwQmEzYkdoaDZreXlhZnlHak1QMjkxMVQ3dythbmZ2UWlydU9nQ3E3SmkwbVhMQURmdzFvdE1xYTE3V2hRbXdqYXlJUlZsRm1RS1NJWkxiY1ZHaHVORlROVTdZTC9sdHM2dkloZz09fA&cppv=2

Request Chain 260

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=KqQCY-DOLcTuxgL11ojACQ&random=1312107879&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1312107879&crd=&is_vtc=1&random=4162161059 HTTP 302
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1312107879&crd=&is_vtc=1&random=4162161059&ipr=y

Request Chain 261

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=KqQCY6HPLaWCmLAPipWvgA4&random=1030959938&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1030959938&crd=&is_vtc=1&random=249853881 HTTP 302
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1030959938&crd=&is_vtc=1&random=249853881&ipr=y

283 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.tumen.kp.ru/
Redirect Chain

http://m.tumen.kp.ru/
https://m.tumen.kp.ru/
https://www.tumen.kp.ru/

779 KB
100 KB

198ms
89ms

Document
text/html

95.181.181.82
EDGECENTERLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tumen.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.181.181.82 , Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: a143fa0a3b81c05da59e62a1c7fbee1baba78afe9c7138e68eaf2b7127ec4d06

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 21 Aug 2022 21:31:18 GMT
server: nginx
vary: Accept-Encoding
x-manifest-version-id: 0005E6803CA24C89

Redirect headers

content-length: 51
content-type: text/html; charset=utf-8
date: Sun, 21 Aug 2022 21:31:18 GMT
location: https://www.tumen.kp.ru/
server: nginx

GET
H2 200 header-bidding.js Show response
yandex.ru/ads/system/ 116 KB
32 KB 201ms
74ms Script
text/javascript 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/header-bidding.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e6606da2d3e7f5dd5f717577ffa98230234585c67429db3a5e86bc68513fef0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1661117478650411-13211891519733307737-vla1-2969-vla-l7-balancer-8080-BAL-6108
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 21 Aug 2022 22:31:18 GMT

GET
H2 200 context.js Show response
yandex.ru/ads/system/ 290 KB
78 KB 307ms
181ms Script
text/javascript 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

ee90dc43f87d42bc3707007080137e0fa17a0969164624b48c18c469833e1ecc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1661117478650740-14409306750121467775-vla1-2969-vla-l7-balancer-8080-BAL-5428
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 21 Aug 2022 22:31:18 GMT

GET
DATA 200
OK truncated
/ 587 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 445837ee1d1da2644d2531f84c664f157828154b8b5e032dbef64c3a8308ef17

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3394110000caa52bc9dcf892178cb4a7a8d25db76721a2290caaeb667413a4d0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6b0c6ad2a39e30acdd045f1e10d04d6032f0447387edd32af55f7d80b2d4f0f0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 88c3f8d6237466d983567ddf480dfb98.woff2
s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/ 22 KB
22 KB 71ms
24ms Font
font/woff2 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/88c3f8d6237466d983567ddf480dfb98.woff2

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

7a0fb8fc4de0bde528e5b17743e35c50492d1d1de41567cb3b83f5a63db862d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumen.kp.ru/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id: fr5-up-gc37
date: Sun, 21 Aug 2022 21:31:18 GMT
x-content-type-options: nosniff
x-server-trace-id: da65acb89b58c42a:f73281f26d394e35:da65acb89b58c42a:1
x-amz-request-id: 0b002fbe6ed0198b
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-08-21T21:14:07+00:00
content-length: 22100
x-request-id: 97bb0520-0d75-448c-922c-fd1a2e891ad8
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:45 GMT
server: nginx
etag: "88c3f8d6237466d983567ddf480dfb98"
x-amz-version-id: 0005D1CC489C28E6
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-type: font/woff2
expires: Mon, 22 Aug 2022 21:31:18 GMT

GET
H2 200 71df57f56c922e07c34676f1e3160977.woff2
s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/ 39 KB
39 KB 68ms
27ms Font
font/woff2 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/71df57f56c922e07c34676f1e3160977.woff2

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

9205ceae907f8417e3b4bd8463b1075526a25da4cdd2aed549b03cd6869632aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumen.kp.ru/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id: fr5-up-gc37
date: Sun, 21 Aug 2022 21:31:18 GMT
x-content-type-options: nosniff
x-server-trace-id: 781f01d9d68de816:24fb753a480aee70:781f01d9d68de816:1
x-amz-request-id: ef78bc4cf3675ee6
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-08-21T21:14:07+00:00
content-length: 39768
x-request-id: 39b8ae7c-e803-42f1-98b6-b45eb26e2a2c
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:45 GMT
server: nginx
etag: "71df57f56c922e07c34676f1e3160977"
x-amz-version-id: 0005D1CC48A637F4
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-type: font/woff2
expires: Mon, 22 Aug 2022 21:31:18 GMT

GET
H2 200 0b10ab6aa24fb2b424de7991b679f5e9.png
s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/ 6 KB
7 KB 68ms
25ms Image
image/png 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/0b10ab6aa24fb2b424de7991b679f5e9.png

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

abb5348aeb50feab8abc0212d24ef2d4daa64f08d38e6cabce13e7a78f1ad837

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id: fr5-up-gc37
date: Sun, 21 Aug 2022 21:31:18 GMT
x-content-type-options: nosniff
x-server-trace-id: 4ecd65e5f6109637:adcaea62d0b8004a:4ecd65e5f6109637:1
x-amz-request-id: 37a45509d095c0cd
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-08-21T21:19:14+00:00
content-length: 6368
x-request-id: 30cde2c4-42f4-41ae-9904-5e16fdeaebf0
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:49 GMT
server: nginx
etag: "0b10ab6aa24fb2b424de7991b679f5e9"
x-amz-version-id: 0005D1CC48E0B8E0
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-type: image/png
expires: Mon, 22 Aug 2022 21:31:18 GMT

GET
H2 200 favicon-16.png
www.tumen.kp.ru/boom/api/2/metrics/adaptive/ 514 B
923 B 162ms
162ms Image
image/png 95.181.181.82
EDGECENTERLLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tumen.kp.ru/boom/api/2/metrics/adaptive/favicon-16.png?target.base=digest&target.entity=root&target.spot=tumen

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.181.181.82 , Russian Federation, ASN210756 (EDGECENTERLLC, RU),

Reverse DNS

Software

nginx /

Resource Hash

da09f03549a3d9ae51406d85931ec2682bc82759cf96101b982496da1139ddda

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:31:18 GMT
x-content-type-options: nosniff
last-modified: Sat, 27 Nov 2021 21:56:51 GMT
server: nginx
x-server-trace-id: c9f7e4ff1e2d47ac:154dd4ff80c6e29e:c9f7e4ff1e2d47ac:1
x-amz-request-id: 6199bed97581f64c
x-serverless-gateway-path: /boom/api/{api}/{version}/{content+}
etag: "642c7d14314b78ed52c384a1a2ba4203"
content-type: image/png
access-control-allow-origin: *
content-length: 514
x-serverless-gateway-id: d5dscajgqq50cos2lp8d
x-amz-version-id: 0005D1CC48F877CB
x-request-id: f7e79fef-35e7-461a-ae76-f868170954f1

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: becefc9f93e9ea8cec1d4749c473c476c44e65a7eee7d88dda107958649413e9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d3114c4944dcf347da9b150fbd12bf83cf1a719fca0eb5480d9af4cb2f30aefc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 c3.svg
s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/meteo/ 2 KB
1 KB 66ms
26ms Image
image/svg+xml 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/meteo/c3.svg

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

7947a98649eaa415f52cd5ac372adac177440d0c60a50f2729b99963b28362c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id: fr5-up-gc37
date: Sun, 21 Aug 2022 21:31:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: 9c9f4ee5f963ac54:defee62e8f84e80f:9c9f4ee5f963ac54:1
x-amz-request-id: eabfe9ee12aac659
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-08-21T09:52:37+00:00
x-request-id: f081e271-0ab3-42e2-ae74-1215f3ebede9
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:56 GMT
server: nginx
etag: W/"99cf36df893d70bd51b66bf70211fd7d"
x-amz-version-id: 0005D1CC4949D812
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: image/svg+xml
expires: Mon, 22 Aug 2022 21:31:18 GMT

GET
DATA 200
OK truncated
/ 162 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6ff082130eb8e0fe1ba485606bab3de43a410b184c718be62c739ab9f67c6863

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 wr-750.webp
s10.stc.yc.kpcdn.net/share/i/12/12663959/ 61 KB
61 KB 158ms
110ms Image
image/webp 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s10.stc.yc.kpcdn.net/share/i/12/12663959/wr-750.webp
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: da24ca580aafbfcbf4309e3e8afefd7706063456bd7577e5ca4ec8aa2a9adf30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id: fr5-up-gc16
date: Sun, 21 Aug 2022 21:31:18 GMT
last-modified: Sun, 21 Aug 2022 06:01:24 GMT
server: nginx
x-amz-request-id: 1ccf9b0ce661fbf8
etag: "bd4ce6bba6fa68c4494197708c795d03"
x-amz-version-id: null
cache-control: max-age=345600
cache: MISS
accept-ranges: bytes
content-type: image/webp
content-length: 62594
expires: Thu, 25 Aug 2022 21:31:18 GMT

GET
H2 200 325472601571f31e1bf00674c368d335.gif
s09.stc.yc.kpcdn.net/share/i/beige/ 43 B
312 B 66ms
22ms Image
image/gif 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s09.stc.yc.kpcdn.net/share/i/beige/325472601571f31e1bf00674c368d335.gif
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id: fr5-up-gc29
date: Sun, 21 Aug 2022 21:31:18 GMT
last-modified: Sat, 02 Oct 2021 15:40:25 GMT
server: nginx
x-amz-request-id: 3d8352a8e5c71fef
etag: "325472601571f31e1bf00674c368d335"
x-cached-since: 2022-08-20T13:36:31+00:00
x-amz-version-id: null
cache-control: max-age=345600
cache: HIT
accept-ranges: bytes
content-type: image/gif
content-length: 43
expires: Thu, 25 Aug 2022 21:31:18 GMT

GET
H2 200 vendors~adaptive.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/ 339 KB
128 KB 76ms
48ms Script
text/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/vendors~adaptive.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

45010d9dc316dd46c088ad941df8e8de7e724b1a0719f9a565f1144daef796e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id: fr5-up-gc37
date: Sun, 21 Aug 2022 21:31:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: 576a06d95074d56b:3072fe84cca09450:576a06d95074d56b:1
x-amz-request-id: f062d82dc6646e05
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-08-21T21:19:14+00:00
x-request-id: 720f44f6-d5dd-4f32-82d0-5a93ca176ae5
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Tue, 09 Aug 2022 09:12:19 GMT
server: nginx
etag: W/"9820422f8e96134ea98070a2b05340dc"
x-amz-version-id: 0005E5CB544D5774
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Mon, 22 Aug 2022 21:31:18 GMT

GET
H2 200 adaptive.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/ 276 KB
81 KB 58ms
30ms Script
text/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/adaptive.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

fa1f5a378d1b6ed9854b1fcdaac2b1b0f94e414d76fe29b0c42f5b8bc00c3397

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id: fr5-up-gc37
date: Sun, 21 Aug 2022 21:31:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: cd339f3249456aa:13d8f5b8990eb31:cd339f3249456aa:1
x-amz-request-id: 121c314af971645b
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-08-21T21:19:14+00:00
x-request-id: 47a3a24c-a821-406a-92c4-ba611e4d30a6
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Wed, 17 Aug 2022 14:29:29 GMT
server: nginx
etag: W/"7025be4f8081e9b3517cc92091123e40"
x-amz-version-id: 0005E670B156EF51
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Mon, 22 Aug 2022 21:31:18 GMT

GET
H2 200 adaptive-topbar.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/ 67 KB
23 KB 27ms
27ms Script
text/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/adaptive-topbar.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

cdb0f9fd04b4ab17a34e015dc70a73b673e1783df5449ccf88be313d55b7e3fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id: fr5-up-gc37
date: Sun, 21 Aug 2022 21:31:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: 60ed4c231490e45e:d15eb7aacbeb2cd0:60ed4c231490e45e:1
x-amz-request-id: 912c07a8e75746b3
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-08-21T21:19:14+00:00
x-request-id: eca6cd5c-4237-42e8-90f9-1fac1efcd0f9
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Wed, 17 Aug 2022 14:29:29 GMT
server: nginx
etag: W/"2a0eaf21c393574db7915951b00dbf5e"
x-amz-version-id: 0005E670B1585791
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Mon, 22 Aug 2022 21:31:18 GMT

GET
H2 200 radio.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/ 10 KB
4 KB 29ms
28ms Script
text/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/radio.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

744c54512d1121cb37612674174ed9cf2b8e59969f31bce8af4959c75a88d1c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id: fr5-up-gc37
date: Sun, 21 Aug 2022 21:31:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: d1231514bb110d46:877ecc06d0f47e75:d1231514bb110d46:1
x-amz-request-id: f6e147172c3c50a6
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-08-21T21:19:14+00:00
x-request-id: 7be4d3ea-9abb-4df2-a629-b63b0abb6580
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Wed, 17 Aug 2022 10:56:17 GMT
server: nginx
etag: W/"2797ad5029da0568152372f034dd98ab"
x-amz-version-id: 0005E66DB6E0EDB4
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Mon, 22 Aug 2022 21:31:18 GMT

GET
H2 200 main.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/ 17 KB
7 KB 47ms
47ms Script
text/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/main.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

4dd677bb4420e6863ce111bcc768b99512bceb2e2918b980d954036529cf76ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id: fr5-up-gc37
date: Sun, 21 Aug 2022 21:31:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: fb95ced328d4b6e2:a6f4f43168ff0660:fb95ced328d4b6e2:1
x-amz-request-id: 8f28335f5869e26e
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-08-21T21:30:32+00:00
x-request-id: 1add7df6-b081-4ac5-b7ff-e9ee292167a6
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Wed, 17 Aug 2022 10:56:16 GMT
server: nginx
etag: W/"4e451e5945cf1810edde068e13089019"
x-amz-version-id: 0005E66DB6CD408E
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Mon, 22 Aug 2022 21:31:18 GMT

GET
H2 200 vendors~digest-area.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/ 97 KB
32 KB 49ms
48ms Script
text/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/vendors~digest-area.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

3379bacfc3bac0150f30d7da5354b651f052214eaf081452174d8028c5daa9e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id: fr5-up-gc37
date: Sun, 21 Aug 2022 21:31:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: e0c6b5e5ba85ce15:629b11e51cedc5aa:e0c6b5e5ba85ce15:1
x-amz-request-id: 6a75d627c8ab121b
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-08-21T21:28:57+00:00
x-request-id: 4da5cb21-db10-45f6-b078-90f7ca738fa7
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Wed, 17 Aug 2022 10:56:18 GMT
server: nginx
etag: W/"85494702894b613c3bb459b5383d5bf1"
x-amz-version-id: 0005E66DB6ED0C3E
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Mon, 22 Aug 2022 21:31:18 GMT

GET
H2 200 digest-area~digest-section~note~online-page~photo~section-video~see-also~special-article~video.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/ 22 KB
8 KB 49ms
49ms Script
text/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/digest-area~digest-section~note~online-page~photo~section-video~see-also~special-article~video.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

18f232b1fdd6b2806d850f3200aaa33d7d697c97eb04ce3936d96ed90b6478b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id: fr5-up-gc37
date: Sun, 21 Aug 2022 21:31:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: 3e237b5c12bc5c69:42eb61e02237dd5c:3e237b5c12bc5c69:1
x-amz-request-id: d9093f6145ff4dc1
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-08-21T21:19:14+00:00
x-request-id: 375ac609-6cf0-4e5b-bd29-abb27c5ca50a
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Wed, 17 Aug 2022 10:56:13 GMT
server: nginx
etag: W/"4d9c36622b89dad2275a833175705cae"
x-amz-version-id: 0005E66DB6A477ED
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Mon, 22 Aug 2022 21:31:18 GMT

GET
H2 200 digest-area~digest-section~online-page~section-video~see-also.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/ 36 KB
13 KB 49ms
49ms Script
text/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/digest-area~digest-section~online-page~section-video~see-also.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

e0638fedc4c8baed91a66850abca34f83e0b5093207b08c7ad2f6f0fb8dd45a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id: fr5-up-gc37
date: Sun, 21 Aug 2022 21:31:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: bf7971fd2f9a3b63:8bc87751842ff5a0:bf7971fd2f9a3b63:1
x-amz-request-id: 1e9f1fd9ddc992ea
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-08-21T21:28:57+00:00
x-request-id: ede0656b-4573-435e-89ce-f996d7af4285
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Wed, 17 Aug 2022 10:56:13 GMT
server: nginx
etag: W/"7c69b61b88238554c807be9898c971a4"
x-amz-version-id: 0005E66DB6A639A0
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Mon, 22 Aug 2022 21:31:18 GMT

GET
H2 200 digest-area.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/ 46 KB
13 KB 50ms
49ms Script
text/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/digest-area.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

241489ad5357595eaf948db786a1673081c5d7d7ac24f5d8e50c186e33e1888f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id: fr5-up-gc37
date: Sun, 21 Aug 2022 21:31:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: 14d126557c0ab4bf:3b1eff53809b6fc7:14d126557c0ab4bf:1
x-amz-request-id: d7696298eba65b02
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-08-21T21:28:57+00:00
x-request-id: 736e2315-b710-4f8f-93d1-f4a57ac8124e
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Wed, 17 Aug 2022 14:29:29 GMT
server: nginx
etag: W/"f0e90958bd9078fef6e4b04542a5f09b"
x-amz-version-id: 0005E670B15DAAB0
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Mon, 22 Aug 2022 21:31:18 GMT

GET
H2 200 getcookie Show response
matchid.adfox.yandex.ru/ 88 B
373 B 205ms
69ms XHR
application/json 2a02:6b8::16b
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://matchid.adfox.yandex.ru/getcookie

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::16b Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

bc86784d61c4e6532dea65891e16f3983ed2a81d326e5ef8ab446e554b9c17e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: https://www.tumen.kp.ru
date: Sun, 21 Aug 2022 21:31:18 GMT
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 88
x-content-type-options: nosniff
content-type: application/json

GET
H2 200 token.json Show response
identity.kp.house/identity/api/2/auth/ 754 B
2 KB 229ms
109ms Fetch
application/json 95.181.181.12
EDGECENTERLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://identity.kp.house/identity/api/2/auth/token.json?callback=data&client_name=prod&sub=1
Requested by: Host: s01.stc.yc.kpcdn.net
URL: https://s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/adaptive.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.181.181.12 , Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: eaa96ef6d50cf31354c2056d64422a13e0d5ea191427a8a12ecbacc101b4f43f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:31:19 GMT
content-encoding: gzip
last-modified: Sun, 21 Aug 2022 21:31:19 -0000
server: nginx
etag: "72925fedae1b5cbe0bfb6bd6185e91f0"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.tumen.kp.ru
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Set-Cookie,Cookie
content-length: 609

GET
H2 200 get.json Show response
s02.api.yc.kpcdn.net/content/api/1/pages/ 95 KB
13 KB 873ms
827ms Fetch
application/json 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://s02.api.yc.kpcdn.net/content/api/1/pages/get.json?pages.age.month=8&pages.age.year=2022&pages.direction=page&pages.number=18&pages.target.class=100&pages.target.id=49
Requested by: Host: s01.stc.yc.kpcdn.net
URL: https://s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/adaptive.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 9e727b6a63ebbbb01b2cdbbc7d9d1b3d924a5d37dda9a084b81d67fa9f22baf8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id: fr5-up-gc8
date: Sun, 21 Aug 2022 21:31:19 GMT
content-encoding: gzip
last-modified: Sun, 21 Aug 2022 21:31:19 -0000
server: nginx
etag: W/"cc467cd61341bb7325193c9ad0c2dda2"
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=600
cache: MISS
expires: Sun, 21 Aug 2022 21:41:19 GMT

GET
H2 200 get.json Show response
s02.api.yc.kpcdn.net/content/api/1/pages/ 52 B
263 B 215ms
171ms Fetch
application/json 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://s02.api.yc.kpcdn.net/content/api/1/pages/get.json?callback=cb-5537058&pages.direction=current&pages.spot=49&pages.target.class=194&pages.target.id=0&sub=1
Requested by: Host: s01.stc.yc.kpcdn.net
URL: https://s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/adaptive.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 60b34e20414d994e442cf8662baf2787ce5b2158f83145b602fe4e57bcc7275d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id: fr5-up-gc8
date: Sun, 21 Aug 2022 21:31:19 GMT
last-modified: Sun, 21 Aug 2022 21:31:19 -0000
server: nginx
etag: "c7974d8a07bc79c9930f4ba881a06fd3"
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=600
cache: MISS
accept-ranges: bytes
content-length: 52
expires: Sun, 21 Aug 2022 21:41:19 GMT

GET
H2 200 get.json Show response
s02.api.yc.kpcdn.net/content/api/1/pages/ 140 KB
29 KB 419ms
378ms Fetch
application/json 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://s02.api.yc.kpcdn.net/content/api/1/pages/get.json?callback=cb-5537058&pages.direction=current&pages.spot=49&pages.target.class=68&pages.target.id=0&sub=1
Requested by: Host: s01.stc.yc.kpcdn.net
URL: https://s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/adaptive.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 62ae7a1fcc93fc754f360bde0fdf8efc8c065b74a6415a2d19c6059a5227ae45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id: fr5-up-gc8
date: Sun, 21 Aug 2022 21:31:19 GMT
content-encoding: gzip
last-modified: Sun, 21 Aug 2022 21:31:19 -0000
server: nginx
etag: W/"a41ecb1d682423667fbb9579ecf725f7"
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=600
cache: MISS
expires: Sun, 21 Aug 2022 21:41:19 GMT

HEAD
H2 200 banner.gif
s01.stc.yc.kpcdn.net/s0/v-0005D1CC497B5068/adaptive/img/ 0
0 23ms
22ms Fetch
image/gif 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/v-0005D1CC497B5068/adaptive/img/banner.gif?adriver

Requested by

Host: s01.stc.yc.kpcdn.net
URL: https://s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/adaptive.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id: fr5-up-gc37
date: Sun, 21 Aug 2022 21:31:19 GMT
x-content-type-options: nosniff
x-server-trace-id: bdbb3cc9fec9dd23:46a9349c7ab2a486:bdbb3cc9fec9dd23:1
x-amz-request-id: a29fefe8f69bd330
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-08-21T12:14:17+00:00
content-length: 43
x-request-id: 51448e2f-0014-488e-85a2-62166dee77bb
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:59 GMT
server: nginx
etag: "325472601571f31e1bf00674c368d335"
x-amz-version-id: 0005D1CC497B5068
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-type: image/gif
expires: Mon, 22 Aug 2022 21:31:19 GMT

GET
DATA 200
OK truncated
/ 169 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 35ed988aff3c8059b4869fd94cc2885879041fbd698317a53741bca5095c3091

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 700 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 59e2467d94ae007fa71bc0b10f4b92f227edfa03afb5ce7c904b9ea2bcf537e9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 8b30c8d1c1f0427f0034cce82ade6db3.png
s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/ 3 KB
3 KB 23ms
23ms Image
image/png 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/8b30c8d1c1f0427f0034cce82ade6db3.png

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

1d386626a236bf37f510e9c0c2d85036641c5cc85bed4b320a181861477d0ec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id: fr5-up-gc37
date: Sun, 21 Aug 2022 21:31:19 GMT
x-content-type-options: nosniff
x-server-trace-id: 2cebbde651b65755:19a035405914dd18:2cebbde651b65755:1
x-amz-request-id: fddc8b0457c21297
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-08-21T21:16:29+00:00
content-length: 2873
x-request-id: 08c2b02c-6e65-4511-b3cc-c0e377f2dc70
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:46 GMT
server: nginx
etag: "8b30c8d1c1f0427f0034cce82ade6db3"
x-amz-version-id: 0005D1CC48B4B459
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-type: image/png
expires: Mon, 22 Aug 2022 21:31:19 GMT

GET
H2 200 wr-750.webp
s09.stc.yc.kpcdn.net/share/i/12/12661263/ 17 KB
17 KB 245ms
244ms Image
image/webp 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s09.stc.yc.kpcdn.net/share/i/12/12661263/wr-750.webp
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: d03d067201fd73757e5df39f1c19c146157ef052a7b5f253f18c8636a49ab5ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id: fr5-up-gc29
date: Sun, 21 Aug 2022 21:31:19 GMT
last-modified: Fri, 19 Aug 2022 06:05:10 GMT
server: nginx
x-amz-request-id: 658e0c81671147e6
etag: "a98b29afb74f8684569409f48f1d3110"
x-amz-version-id: null
cache-control: max-age=345600
cache: MISS
accept-ranges: bytes
content-type: image/webp
content-length: 16960
expires: Thu, 25 Aug 2022 21:31:19 GMT

GET
H2 200 wr-750.webp
s09.stc.yc.kpcdn.net/share/i/12/12660128/ 58 KB
58 KB 257ms
256ms Image
image/webp 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s09.stc.yc.kpcdn.net/share/i/12/12660128/wr-750.webp
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: f87fe57873f1ee44248205081299903c6ff59c619d896e570273e3f8641726e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id: fr5-up-gc29
date: Sun, 21 Aug 2022 21:31:19 GMT
last-modified: Thu, 18 Aug 2022 11:42:47 GMT
server: nginx
x-amz-request-id: c0dc6171bcc16a9a
etag: "1ab1ecd66b45f09bc474e8b57971d536"
x-amz-version-id: null
cache-control: max-age=345600
cache: MISS
accept-ranges: bytes
content-type: image/webp
content-length: 59056
expires: Thu, 25 Aug 2022 21:31:19 GMT

GET
H2 200 wr-750.webp
s14.stc.yc.kpcdn.net/share/i/12/12659829/ 42 KB
43 KB 349ms
348ms Image
image/webp 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s14.stc.yc.kpcdn.net/share/i/12/12659829/wr-750.webp
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 6c04a43f8abac85c67e53451e234edb590d787f6293f62c333c3a95d52a0b5a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id: fr5-up-gc37
date: Sun, 21 Aug 2022 21:31:19 GMT
last-modified: Thu, 18 Aug 2022 10:32:53 GMT
server: nginx
x-amz-request-id: d01b6310aa94fb00
etag: "e2a88f5560d1c23532279deb631febaa"
x-amz-version-id: null
cache-control: max-age=345600
cache: MISS
accept-ranges: bytes
content-type: image/webp
content-length: 43398
expires: Thu, 25 Aug 2022 21:31:19 GMT

GET
H2 200 cbca3b3a43c4037b14fa.js Show response
yastatic.net/partner-code-bundles/634516/ 36 KB
10 KB 215ms
78ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/634516/cbca3b3a43c4037b14fa.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

ac328a8a84ae8f231289b12001679dd2c93d99161388aa3eca4a9b64078e2987

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.tumen.kp.ru/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:31:19 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 10176
last-modified: Fri, 19 Aug 2022 14:19:07 GMT
server: nginx/1.17.9
etag: "ac2157920bddee7692d0bbba14be6e19"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Aug 2052 04:06:50 GMT

GET
H2 200 37f129ddc9a9472eb30f.js Show response
yastatic.net/partner-code-bundles/634516/ 13 KB
5 KB 240ms
130ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/634516/37f129ddc9a9472eb30f.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

69da67aee532d1772cdb33ef6cb11b550ab49752e4146dbfe83a96a0b10bcc31

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.tumen.kp.ru/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:31:19 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4467
last-modified: Fri, 19 Aug 2022 14:19:07 GMT
server: nginx/1.17.9
etag: "c07abbb9927b50b1dfd9f0480002713b"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Aug 2052 04:06:50 GMT

GET
H2 200 50f6fec73e5faaf073e7.js Show response
yastatic.net/partner-code-bundles/634516/ 86 KB
18 KB 265ms
156ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/634516/50f6fec73e5faaf073e7.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

b1b20f417556b312ce649c4124557c191dc68f5c4675837c75dae2d291601cd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.tumen.kp.ru/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:31:19 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 17974
last-modified: Fri, 19 Aug 2022 14:19:07 GMT
server: nginx/1.17.9
etag: "5d412dcc1b658f0c307663e61a91dc04"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Aug 2052 04:06:50 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 341ms
233ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.tumen.kp.ru/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:31:19 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Aug 2052 04:06:38 GMT

GET
H2 200 db43d90b1e90506e1e6a.js Show response
yastatic.net/partner-code-bundles/634516/ 550 KB
109 KB 339ms
234ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/634516/db43d90b1e90506e1e6a.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

20cd7d963d1d7b4852eb93e4c3dc66dd7af19d64d6d5cf5303ce3f068053b23b

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.tumen.kp.ru/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:31:19 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 111079
last-modified: Fri, 19 Aug 2022 14:19:07 GMT
server: nginx/1.17.9
etag: "a82b9d00414a6c76cd41ea27590c0885"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Aug 2052 04:06:50 GMT

POST
H2 200 hb Show response
ads.adfox.ru/ 219 B
203 B 307ms
162ms XHR
application/json 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adfox.ru/hb

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

340e61e16fb3429dcb0b725eeeb0c0ff08401fe675d582fa2ad2b937a73ac945

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
content-type: application/json
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

POST
H2

200

adfox Show response
exchange.buzzoola.com/ssp/
Redirect Chain

https://exchange.buzzoola.com/ssp/adfox
https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t

11 B
507 B

43ms
42ms

XHR
text/plain

144.76.119.17
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H2
Server: 144.76.119.17 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.17.119.76.144.clients.your-server.de
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:31:19 GMT
server: nginx
serverid: TODO
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.tumen.kp.ru
access-control-expose-headers: Set-Cookie, Etag
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, If-None-Match
content-length: 11

Redirect headers

date: Sun, 21 Aug 2022 21:31:19 GMT
server: nginx
access-control-allow-origin: https://www.tumen.kp.ru
etag: W/"d6f2eb70d558686179b7995864e986a43255de2d4e4b2593016086e9e534e13e"
serverid: TODO
location: /ssp/adfox?set_buzzoola_cookie=t
access-control-expose-headers: Set-Cookie, Etag
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, If-None-Match
content-length: 0

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 119 KB
39 KB 154ms
51ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

99c664c6e0f9211430ca24054ef2365aa16aabaa3ca3c3a22674d3fb0c86c1e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:31:19 GMT
content-encoding: gzip
last-modified: Tue, 16 Aug 2022 07:20:51 GMT
server: nginx
etag: W/"62fb4553-1ddb3"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 22 Aug 2022 21:31:19 GMT

POST
H2 204 bids Show response
adfox-c2s-ams.creativecdn.com/bidder/adfox/ 0
209 B 94ms
30ms XHR
application/json 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tumen.kp.ru
date: Sun, 21 Aug 2022 21:31:19 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST
content-type: application/json;charset=utf-8

POST
H/1.1 204
No Content bid.cgi Show response
pb.adriver.ru/cgi-bin/ 0
303 B 254ms
64ms XHR
text/plain 195.209.111.22
ADRIVER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pb.adriver.ru/cgi-bin/bid.cgi
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.209.111.22 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.tumen.kp.ru
Pragma: no-cache
Date: Sun, 21 Aug 2022 21:31:19 GMT
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK / Show response
ad.mail.ru/hbid_yandex/ 11 B
338 B 204ms
76ms XHR
application/json 2a00:1148:db00::17
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/hbid_yandex/
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 21 Aug 2022 21:31:19 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://www.tumen.kp.ru
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

POST
H2 200 adjson Show response
ads.betweendigital.com/ 11 B
920 B 97ms
31ms XHR
application/json 188.42.196.115
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=adfox
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H2 204 bids Show response
adfox-c2s-ams.creativecdn.com/bidder/adfox/ 0
209 B 91ms
29ms XHR
application/json 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tumen.kp.ru
date: Sun, 21 Aug 2022 21:31:19 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST
content-type: application/json;charset=utf-8

POST
H/1.1 204
No Content bid.cgi Show response
pb.adriver.ru/cgi-bin/ 0
303 B 254ms
64ms XHR
text/plain 195.209.111.22
ADRIVER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pb.adriver.ru/cgi-bin/bid.cgi
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.209.111.22 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.tumen.kp.ru
Pragma: no-cache
Date: Sun, 21 Aug 2022 21:31:19 GMT
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK / Show response
ad.mail.ru/hbid_yandex/ 11 B
338 B 213ms
85ms XHR
application/json 2a00:1148:db00::17
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/hbid_yandex/
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 21 Aug 2022 21:31:19 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://www.tumen.kp.ru
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

POST
H2 200 adjson Show response
ads.betweendigital.com/ 11 B
920 B 97ms
32ms XHR
application/json 188.42.196.115
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=adfox
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H2

200

adfox Show response
exchange.buzzoola.com/ssp/
Redirect Chain

https://exchange.buzzoola.com/ssp/adfox
https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t

11 B
507 B

51ms
51ms

XHR
text/plain

144.76.119.17
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H2
Server: 144.76.119.17 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.17.119.76.144.clients.your-server.de
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:31:19 GMT
server: nginx
serverid: TODO
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.tumen.kp.ru
access-control-expose-headers: Set-Cookie, Etag
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, If-None-Match
content-length: 11

Redirect headers

date: Sun, 21 Aug 2022 21:31:19 GMT
server: nginx
access-control-allow-origin: https://www.tumen.kp.ru
etag: W/"8fe931854444b5416e10778060c8397fd5692303feeafc880c4efe46ee472859"
serverid: TODO
location: /ssp/adfox?set_buzzoola_cookie=t
access-control-expose-headers: Set-Cookie, Etag
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, If-None-Match
content-length: 0

POST
H2 200 pl999 Show response
ssp.bidvol.com/rtb/ 11 B
476 B 264ms
169ms XHR
application/json 65.108.236.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.bidvol.com/rtb/pl999
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 65.108.236.88 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.236.108.65.clients.your-server.de
Software: nginx/1.23.0 /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:19 GMT
server: nginx/1.23.0
surrogate-control: no-store
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
content-length: 11
x-request-id: 54709b4e-1076-4632-9963-6cc6e94b58bd
expires: 0

POST
H2 200 hb Show response
ads.adfox.ru/ 218 B
202 B 301ms
161ms XHR
application/json 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adfox.ru/hb

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

78e77be833be1aa2e8798d5ba26aab01971974812e6a929344a7b4c4d22f611b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
content-type: application/json
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

POST
H2 200 hb Show response
ads.adfox.ru/ 221 B
531 B 220ms
81ms XHR
application/json 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adfox.ru/hb

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

14243de82bf925d8eb6c7606027f482c961ff53da8c9153c12f7bbeaaadf458f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
content-type: application/json
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

POST
H2 204 bids Show response
adfox-c2s-ams.creativecdn.com/bidder/adfox/ 0
209 B 90ms
30ms XHR
application/json 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tumen.kp.ru
date: Sun, 21 Aug 2022 21:31:19 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST
content-type: application/json;charset=utf-8

POST
H/1.1 204
No Content bid.cgi Show response
pb.adriver.ru/cgi-bin/ 0
303 B 255ms
65ms XHR
text/plain 195.209.111.22
ADRIVER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pb.adriver.ru/cgi-bin/bid.cgi
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.209.111.22 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.tumen.kp.ru
Pragma: no-cache
Date: Sun, 21 Aug 2022 21:31:19 GMT
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK / Show response
ad.mail.ru/hbid_yandex/ 11 B
338 B 209ms
74ms XHR
application/json 2a00:1148:db00::17
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/hbid_yandex/
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 21 Aug 2022 21:31:19 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://www.tumen.kp.ru
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

POST
H2 200 adjson Show response
ads.betweendigital.com/ 11 B
920 B 97ms
34ms XHR
application/json 188.42.196.115
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=adfox
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

GET
H2 200 vendors~autobahn.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/ 86 KB
26 KB 24ms
24ms Script
text/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/vendors~autobahn.js

Requested by

Host: s01.stc.yc.kpcdn.net
URL: https://s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/adaptive.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

bc96dd512627a5ff3462e1079dbcd5c5150bab5b724a0d143986cdde8ca4a9a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id: fr5-up-gc37
date: Sun, 21 Aug 2022 21:31:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: bf3320070e4b2f0f:d69b721535fa49b8:bf3320070e4b2f0f:1
x-amz-request-id: 2d92d6d9c37b7bd0
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-08-21T21:19:06+00:00
x-request-id: 26bed3d7-8691-4b44-ae85-70caf01a379e
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Wed, 17 Aug 2022 10:56:18 GMT
server: nginx
etag: W/"2ebd6104a26022c88fb99bb889a0f5dc"
x-amz-version-id: 0005E66DB6E9C405
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Mon, 22 Aug 2022 21:31:19 GMT

GET
H2 200 autobahn.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/ 405 B
486 B 22ms
22ms Script
text/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/autobahn.js

Requested by

Host: s01.stc.yc.kpcdn.net
URL: https://s01.stc.yc.kpcdn.net/s0/2.1.97/adaptive/adaptive.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

fd61b939d60a34fe92950d8fb53ed0449e7cd55ed78c000ec51aec0136d1c157

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-id: fr5-up-gc37
date: Sun, 21 Aug 2022 21:31:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: 7bef12c20ad69e64:84c27ba469396f21:7bef12c20ad69e64:1
x-amz-request-id: 08e21730a7761b89
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-08-21T21:19:16+00:00
x-request-id: e1b07505-0c38-4e0d-a145-acecf903262d
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Wed, 17 Aug 2022 10:56:15 GMT
server: nginx
etag: W/"30e012cc6946dd7c361a18014746dece"
x-amz-version-id: 0005E66DB6BC2EDF
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Mon, 22 Aug 2022 21:31:19 GMT

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/232598/getBulk/ 14 KB
8 KB 315ms
315ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/232598/getBulk/v2?dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3F&date=2022-08-21T21%3A31%3A19.271%2B00%3A00&pd=21&pdh=1200&pdw=1600&pr1=1323782784&pr=1794283843&prr=&pv=21&pw=0&extid_loader=&extid_tag_loader=www.tumen.kp.ru&ylv=0.634516&ybv=0.634516&ytt=362840448958469&is-turbo=0&skip-token=&ad-session-id=2350821661117479275&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.8%2C%22isInIframe%22%3Afalse%2C%22w%22%3A160%2C%22h%22%3A0%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A49%2C%22left%22%3A1410%2C%22top%22%3A389%2C%22fontFamily%22%3A%22ys%22%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=634516&available-width=160&yaru=true&pp=g&p2=gftf&ps=bxyd&puid1=adv-1661117479225-973&puid2=&puid3=&puid5=&slotNumber=2&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=628986%2C0%2C63%3B634789%2C0%2C97%3B634378%2C0%2C74%3B633794%2C0%2C75%3B622565%2C0%2C-1%3B629073%2C0%2C67&pcode-flags-map=eJytWF2P3DQU%2FSureQaU72T65kk8M9YmcbA9MztFyCrqIpAqhGALSFUlQAjxgIT4J32gUqEfvyH7jzh2Mh%2FJ7np3q%2B7bZHOu7%2FU99%2Fg4zyaCNpQova5IowX9dEWl0mSuqNCsFrwsJw8%2Bezb54dGTp%2BeTBxMlVnTy0eTi%2FPsL9hi%2F4zSN%2FGTy%2FPOPJmxRc0F1xaSkhS6IIrohglRSz7nQa1ZQjog659WMD2Ke%2F%2FTtIOTUi%2BLYhlwTiZQqvqY6XxIhqdJzwStdsvrUmVbi%2B5GX7mPQmsxKxCBNw%2BqFnm11wTf1XaIkWeCKQiUTKHbGlCCK3ifYbqftttuiSCFvCZAGmbcP0K9p0tFrUq6Gq%2Fse%2FgboIEiyw46sJNU13dgKFrXpC4KZquRKrOn2lkyCLIsSRyzJqgY79UFiof2K8foDJZaT%2B%2BdVCLI58HfDigV4uGFqiZbppiTbGclPwetamXGhwkXuJJiiE%2FsMGw4KNMQkarC6pGT%2FQFKEHHEiGfY0DOIjRoyDdXwt3GUOQ5QcFKBnYGRJFnrdCN0IxgVTWz0nueLD2vxRpCTJ9pGkssOypkKie8MiwijxsiE2SsLQYlc1KzkpoD5GNUjVHEMvvnt6fgSLgiycdsnbDZNGssaYcQeOQGifpLTWfCYpGDFq3DePvnhyPkCG6F43QnN2BqGr9ZKyxVLpWrmXjOJw6ltgzle10orrs6WTJ1GWZkFkIVtSF%2FRMixVEqyKsdmqnlwZhPwADwdXzVVnKXKBcJ94Pg9DblzgT%2FBT7g%2FL0QrDCjUzjLLk2YV0wqQSbOeGB7yVdvQ9pHdh0zahhyFhFFtSJjfyo57DFYjnLvRkXhkeCFGwlT%2B4YYUtM3l3CmpQbMtKJK8gw7VtbzM35KRteg4uKVZSv1AAajCQ5jiIv7Gpucl5QIyGS1sq9XowwPXvnHLtMzbjs1jOz64ZHaRpchbO50bKNmdvbGHJDhF0CV46i0LsJjYlTTFqfMedXz%2FTxwrEHX2ChUElR68q4jTURjIy2LBjD%2BgaNJkLQDQFBiruOBiLtumWsiK4oHM6%2B4VQI6FXJF8cx4gE%2B86Kuc3tNhYVYM7ppuHA3PUmTXrLM67rGiZhTiclYOGFpAJyFSdnAKORLajLUDRX5iGfwCwNk7E%2B7WgtaUrgMqAF2aiPgfdCwXvbu4ekyaGfXBch63qcxmuuRusdZFsQdV3YTXcBt5Urn0qmd8dRPsyMtYRK1oz2wtbmpW7oWnYax7w%2BwVn%2BkPfANwRtSFDBK7iBR3Lfa6j12TG0bqkN31tD8%2BGiwKpFjhyWbsRJccS83TZMbkRrmKS9Z7p6uQ4xqVSo2I3WNtHEazxkaz0wRcABuHZ5mQZoe5dEH6WiCM%2B897JIXRGHHgYUgs8D9LsTFO7wLF%2FpwkG%2FsB57r%2FWs0249vQHQFstpw2GwwLlGozCgZq82ew5vnp8ZPY3BuSTqOkwHfltTaH9wrrG11ov04SLqEKkHYXaUMNwkv66hm7LGgc8jY0swky904jHHU8xqVisoomKD1zq41gs7cNgEq4PVCsBtqWDeBXYQtgj6BGYca4Oicp1niT%2F1on49kJg3GpdHHfOnOIomCjqmW2VjOUtEUAJt7CzQI473nZLI%2FAM050t3iQAxngBA2oKO0ELpYNRhN3OMKa7llJ4yCD82S94nnjcy25%2FcFjE41k1RvfGw%2BuDOrsVxdTSkI%2Fa6mihaM2CCdJbkn%2FOZkOhf2XjmpBf%2BgGRV0TqBxu8y6jxR3DGfmBbJazji8w62Y3kkfCI3j03R4gQLcxA786eETiDVYC2F0RlYExviaA3zSC%2BroDjvNDtdhRNjieol7fn7tvSyN3GDsnTxEkGKoFddcoHd4UsjidHy%2Fwp0vzaajW6B5cqwNS6assBxtIVTxVHG3LoRw5dnBWF9dGqZ9WGz35AbCQBXAuTlUnanSeQTibh8nXeN2X4tslP6gIFDMfCUVZsCG0oqeDbvY%2Ft2%2Ba19f%2Fnn5R%2FvypH3Vvr38rX13%2BXP7pn1x%2BTt%2Bvzpp37YvTi5%2FaV%2B0%2F17%2Bipfwz5ftf%2B1rPHgD7D94EY8R46%2F7JTZI48evL776%2BPH5l4%2BePrm4IYwhhf1KUJNquCfdtwN7Dxh%2B%2BfBSc8d%2F%2Fj%2BzCBHZ&use-server-side-rendering=1&pcode-icookie=9wMGzWFiMHtgECEWtdku6d%2Fw%2Fw7vvoL%2FT4qfxUgBXLJr2Ml3cAV07s3WA%2BwbIUMQTTCPMCf24l0NVKhVoQCm0mAXfAE%3D&top-ancestor=https%3A%2F%2Fwww.tumen.kp.ru&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxNDh9CiKjpKisKOmBEFCneJjv7a9rvsY81cJKoRevTgnOjfhG9z4kx_DvVR--WkphSTxV1xKUuMjO3t4oQE8M6DHQxoyBjFKCtslvk79X8Js_mRBKKGWUoUEGMkbtSCAn2sSWaNV0antiqgm5GkaiTyyJbgAPAaKmS4yLFEldcLLEkKQNu2hNwA-gy7lOTZVY6sIW5E-XpHVhsiyS2sS6yFJWgNQE6gKuXzQLtsAGNazzkC7AEgo1_Xm0LnyJLcBc6YoOZOyoBMB0q7LEJV7BdIUZBauCKZFAXw6p63I5EDEtAroKQHpoNYCkCJeDDYmwCBevk09YxMHpQMIrDEjrtohUs0GEjdfhrKxONl4wZPl4GfmZOJkdnCysspWfhdXBy-oAQzYBlig2ykUlXxpjrwkUNVVdtKQLvGgXzDbQrYlGTXtYTIlxgbQk-oErXXrQqmHUBdqoti-KdCiw3B6daYEGYdlHvwxP1XAS06ADf_QDwXQhCXG51QzqZW660DLJDKe64XiRsA8kk3RR6s_qpeXSQw1zoUm3cFoO5_ZeZlg4fJmWltSLYuhnW0ApZYZppmblmU_ZNFkoNMvBLwq4Mso90wyxxcxfpg60puxONAXl2z4Esjwsq6mmE2dnoTB2WakgSbHzwkfIwsTHGCIsqAmFDFHVq4mqd5ELlsfwINX5j5SFD76wCB8nImVwpAwOBwtr5UfiZGQEQ5aRX5qNG5s4O6O0C2vlZUOCiAWZrHAC5ZUNQ0SqkVHm3BmGw82BkJOZQ1xasnILOlHw1kWLmY8BsSQCaVdlB9GJCTn85Q_6dte6fGlFpJze4QB8qWeXDx5ORi50XM6FB8LLHM729eWtShBALFlOv0xTrx6ZCLVUse4EbVpCoVXTeeSVIliZqUe-ISVkathxLXjrBmCqFeKN0dAnq0wTRTzCAPRS35KYE6uayhP_OU1sG3e9MR3y-N9H_pKDqQeOaT30DEKO2p7gSB-xyU53nQeGQ32wpX3smfBk90TGFD6xxVtVrusjmwb7-3uP3EFbuIzDv5reUzvW0W0M8UZdYGKXcs84bmZiqoXA_aBdCo_zGH9kOhDroglMhFOuE9W9pBeEhxrTXz2Vhzyf6NC-wPITTuWJMCx7rk137vb6J2x4-PWW1OTz-peK5kTvoTWT5HTSy9gpeLunkoP897jpOUd1CPJZ5I0MyEufbaekl_R-1D6_xulGYvLIM7Bz0H8tp8PLJVlcI15CNt2cFe2cTgqPvEPcarGOQU1QzrfNfwZ6AocU3bysjXl05WvZOyJ5yu1yxdoWT_sHkAxf51EqeOnCnBR-sVV4qHgQcS_HAJpjXRAgAoww8DCUmSX4XUwSyyA-lEKIeRE892K7jlhOuCSUuHe7KzI0AqAy_z8pW18ijMxOVn94xasQC4cgowqUBpF5GBLEHo8Mg0TlQ8wpwITiMTeNzgfR8PPz8zM5ndn5_RxtnqytPKfrJiNJxDExPQpzAh8JHw83UmmJyo2aFTV8IVlhtwufCbaAqzbRzcbILMHIIY25smPkw4BGoDix2PASzQ08PKxOQozvzB3Wys_GADobl6zq5K9wHfhzDsSE6S2KclJqAu39Mf3WkHjkyyVZi4W71ga0OWhLdNazKfXCsshUTkUnv9odGL1wB_y4mGGfZmtUEfPYj-jntGwYN3YrPfKMURA5egzSbsze2A7k3cOGUfvT2-ql05C28PcGq-F-MYb4EqVTyHH6c0jwu-NLln_N1IWKUk9kIjNQrHKADM8BCtIoypRQ6i0NGhYuVwiq8LGKSSJwSLsrFyPo3JgcKpGNyyUcgJQvuFMlorodzAwOVvalPzuzEEoWwTbDgvOnfgmGVE3z7ZX2jnTJVd_W_QQ1zZ-ltY2HdUfa-gGarJD9cD3DpL4-v-zlBpEdob0G2Gue1kXrPm7tnV0jaPp30ORzrKbEnvvoJG6rZmFjZcDmXhLiQ4-MER4n4WUupcR_6bercqIXxIQcFTjot3JxFua6t-SF4DMIoJYV_ub3obiQh9OH7uvuMCBiQcgVKuo5BJlxFjXcMeF7WpyjRBP2gUPJjVdLWcoPb6ekMnMG3f6mugjQL3LmL4Yfxmz9--alUb_1A5H6hc0YER_xdMJc-YTQg8YI2jowrHWbkr57trdkjPXESmh2-lUAHpc1F3pQQUWFUFaZzhxInZKIEC7kOdGgRotwRt6Zrqb9s40lJDITuaiGhlqAT3FSlSKdIbe-4rckyZZOCwww7IU-9QX3DkT7mMW3aD_Pdzs1TTLfEYdQSLvO5tirFgzRRcuPFgFSBChKviuxv-w4t5WHPNKX7RDJAEU8C-NxXsGal6hFpY9Xhe87_KlGsgKvu_KjYxBAKdBD4Ntu2Lzc1N-iYmfGzsQQZDTBKrhYqR_oNvq39n7Kt4Pv92jKZcbmSVTSkW-Ho6aSaRLQnMSpP3G33Q3CraNPQ62Hb9uaPIEuOtBLp95yvsSpDTdv3nVIvRG09kiOX7EzrkPAWlk_3bE-7Ez1TJTtyAx3fmDJT_vU2dS1-VVtbEV_k9e10WHt6pXFf4XpKUvy1OpNMDIEE_0mFM0wZ1HPkSYr7NbWn69h9-9Nb1mdjoZFR_O2kBRyzAtusQNwbCH4rkEK19F6EmuOCm_BA1nY6dkObBx3rR0yNfruAP5qwgXEJely1TaYN8bidalCfC1fsZuYN9AMKZ5IFkqnqP7hrH3l9Ytwfj9icolqcqiY78mVeM_iTkzNbZ-b_od7VHy929bsJyfW0cTfB0dEO_wOlpC_ek4cniBqz9qmErXVVIR6QvNf_lLgLu2rUPPY4fO6NMpWiMnU1jN3XVHmi7mUhVWKaP7nSWQp1aH-sVCz15d6SK64LwgfIXWz1ClcoMBEg44S7b_9Wj_2Fe9CRMNVaAe-H1qhW_nUCpaxOLgu41H6zzcIrAU43mMBORtk7CLNd_O6Di2GMjIsWUf1Fya4N2UMH18Cow8F7KfK6GNi30V15GE_2qWjbB-St234g1vvMVvJr2sjR59l8ydQTmQfv-SWlPyNm2Cspql_FGS34UnwOLyRL5vIrsHOyuoQO__ULU9hU6HCyMaPK-wQaRp_RH379gFRJn-tVm7Nh4YxnZ8-2Zpm4IsjH2d_E5w62INU3rpwi_2Axe4lBQScuWxjEVYbENQA_kuc0nq0k771R6eCxvfPNZmQ1CtOWlmimR_Y1pu29l-IimQARv3HOZ91ImjXjqkjC81looeILKHyfaUXOeV9oIbr3nU9Zuo3UhqHKzy2daCeIbfSzGNPTOXdb3wlNfVzzrX4uPOvR3aVdvksTdN9yRFl-qpY6mWlR0kV8eN_9vOyv1Whuwmoi-f88s_SzmXfOD2BPx_aG6bQbqPBGqgCuV2iviYjmrsUMUbAynxWxNVHqxtJlP9ZbHUDTEXDyc_EwsjC46iCPDyc_Lzl68-DbyFYS31uG9_D8BicDZIxTF6qRYNoD_nmUm32wKK8x2cPm-EuvbwTQ-uqzWX-0HXOjWNqP9pEocVjfz9Cklum5nyl6rwEYB9MWtLygr0Uj-evwTi2--ekT0s7c5WbWgzOYnjG-ZytzK1VqiKLOWZodr83xcct20o5Fsu4dszrbm5uGD94P-MMrVI9okH3JH_mYsPlzMXvxKcImZExK2o78z8sP9WXUlEDVy4udcfDf6VfJjgTJ28w9PVtMusyn4er7xInjdQtUyCEiJyVzezidj_qtqACLjyP61_m5YG0qJupKof_kknW-P-WKwJCsRhSnHhG8LDWmxJ-kkcd-XS92054mW16sn8JvLrcqlkfshOSVDSuUF1PLwPLx-hYCO9SXuMPab-gWvON0VbxfnRTrbS97BDcFKjFwCvMtBBKsxtnCtEM7A7iGxZob_DT_3U8ZCmcZ8CX2EF3h2UdeKEswodF054-OrzhPLh-aFsjhkV6uOqezbYKOytwVPNDcV8YElNSxBNCGgOvB4zYnjC_tAz_VekUsLEMw3EcN4eWyoutwLwnpj97TNnbtTZX1zIpOTKV_1IMMlOHsxEs2WbRdJv6E16tP6wFX3xRdoDy2rXiOKcWVQxtS09LtPkBjx8wd_tupMengf5hyVZEfJ4cxj9Kzd0wpbJ_V3QqhjaE0TD-_d46htPuO5a1_xLTJdHnbgijWWfOadz3nDaT2Kz-HSRtOVD2SbR10RtDorazp9Q8exg6nM7fPVKNm_8SWYskWF358fSsgqs8y08ObvZ5NrQheeFr11qNbnwfxm9nTPc9Nn1EhhkfM_qH0DQhmZoUrQmk24WDnTnr-Pcuf7IDf8OQ0kfaz0eFGXLYpCH6nnUfiqf-QzFsqkTTslPlKhHLphdMgJoWuYlAAg-IAC_UUoAWvczM9fPXafuxk31bKDiQzV3jkREK3Dz_EQXvJ2YpduIiYbvdTdmJZnrIbpbE6xO935eL8E63dH9zZ-sIkc9VmedL558uY9gumxVTOEGUHyJAtX3ZFqbhD0hXBmKbKpXyh5GPTYqVpgvfS1NYhMutImCpChV2bPB4MDNLY1u0_PyOdQMu8UhYzx0Q2laCU6xyY-RGzoExq6AiNvsixAMPKScHhmP81ZZb3bhLiaKwg5ONV4lLLJUXIzczsk1pMWLl3wc-fAtJBTISlZsJoCgwoP4OFJhIvqXailPWlQ2Rqk3XMpp2FG1nA2u8VTFB-jhYov3yji_eum3t86Zs84Aai9Rf3zyhg_Qml7ZouvUqskyE9g2Ll75xI0SHlgmTrPAkcKHJh_yvWIq0TCUMZGEUfelZWI3ztfruOB69Wpc1OwVdXa6Lfj8STND10znnpFGugMPeEqQkocYC_LbTJhIkqBf2KJUclOgLWgQ9cNojcfjfjVioTttBuTjhokuSq8GYcbHBFMUOnqylyXtL3NxgSk-foWQF2SvKWnJoXSdpS7OPNCX195N_eev_Uvm21hlywhLG8vfXLYmL7QX0lnD8VIrLm4nhorFrVA42Jk2bHN9HizJ1FD6GrPixh2W6y-g2Wan5CZ2mkX10J30T5GiwGxcbDO2a56xDI06tpr0YfOqftbTH3x0_lcEz&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

75147d863f4ebbda561d4a767dd460591d92d6ad6bc13987ca624e74389c161a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:31:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1661117479345139-16786224751289763870-vla1-2969-vla-l7-balancer-8080-BAL-6229
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sun, 21 Aug 2022 21:31:19 GMT
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sun, 21 Aug 2022 21:31:19 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
217 B 86ms
28ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=127&profileId=184&cb=7851885338

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 21 Aug 2022 21:31:19 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://www.tumen.kp.ru
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
216 B 87ms
29ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=127&profileId=184&cb=84543933879

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 21 Aug 2022 21:31:19 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://www.tumen.kp.ru
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
216 B 87ms
29ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=127&profileId=184&cb=53712284192

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 21 Aug 2022 21:31:18 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://www.tumen.kp.ru
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/232598/getBulk/ 152 KB
41 KB 577ms
577ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/232598/getBulk/v2?dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3F&date=2022-08-21T21%3A31%3A19.551%2B00%3A00&pd=21&pdh=1200&pdw=1600&pr1=3936961405&pr=1794283843&prr=&pv=21&pw=0&extid_loader=&extid_tag_loader=www.tumen.kp.ru&ylv=0.634516&ybv=0.634516&ytt=362840448958469&is-turbo=0&skip-token=&ad-session-id=2350821661117479275&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.8%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1560%2C%22h%22%3A250%2C%22width%22%3A1560%2C%22height%22%3A250%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A49%2C%22left%22%3A20%2C%22top%22%3A120%2C%22fontFamily%22%3A%22ys%22%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=634516&available-width=1560&available-height=250&yaru=true&pp=g&p2=fban&ps=bxyd&puid1=adv-1661117479225-996&puid2=&puid3=&puid5=&slotNumber=1&bids=W3siYmlkZGVyTmFtZSI6ImFkZm94X2Fkc21hcnQiLCJjYW1wYWlnbl9pZCI6MTU5MjA0MCwicmVzcG9uc2VfdGltZSI6MzA2LCJlcnJvciI6eyJjb2RlIjoxfX0seyJiaWRkZXJOYW1lIjoiYnV6em9vbGEiLCJjYW1wYWlnbl9pZCI6ODkwNDUwLCJyZXNwb25zZV90aW1lIjoxNjMsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIxMjI3MTY5In1d&utf8=%E2%9C%93&pcode-test-ids=628986%2C0%2C63%3B634789%2C0%2C97%3B634378%2C0%2C74%3B633794%2C0%2C75%3B622565%2C0%2C-1%3B629073%2C0%2C67&pcode-flags-map=eJytWF2P3DQU%2FSureQaU72T65kk8M9YmcbA9MztFyCrqIpAqhGALSFUlQAjxgIT4J32gUqEfvyH7jzh2Mh%2FJ7np3q%2B7bZHOu7%2FU99%2Fg4zyaCNpQova5IowX9dEWl0mSuqNCsFrwsJw8%2Bezb54dGTp%2BeTBxMlVnTy0eTi%2FPsL9hi%2F4zSN%2FGTy%2FPOPJmxRc0F1xaSkhS6IIrohglRSz7nQa1ZQjog659WMD2Ke%2F%2FTtIOTUi%2BLYhlwTiZQqvqY6XxIhqdJzwStdsvrUmVbi%2B5GX7mPQmsxKxCBNw%2BqFnm11wTf1XaIkWeCKQiUTKHbGlCCK3ifYbqftttuiSCFvCZAGmbcP0K9p0tFrUq6Gq%2Fse%2FgboIEiyw46sJNU13dgKFrXpC4KZquRKrOn2lkyCLIsSRyzJqgY79UFiof2K8foDJZaT%2B%2BdVCLI58HfDigV4uGFqiZbppiTbGclPwetamXGhwkXuJJiiE%2FsMGw4KNMQkarC6pGT%2FQFKEHHEiGfY0DOIjRoyDdXwt3GUOQ5QcFKBnYGRJFnrdCN0IxgVTWz0nueLD2vxRpCTJ9pGkssOypkKie8MiwijxsiE2SsLQYlc1KzkpoD5GNUjVHEMvvnt6fgSLgiycdsnbDZNGssaYcQeOQGifpLTWfCYpGDFq3DePvnhyPkCG6F43QnN2BqGr9ZKyxVLpWrmXjOJw6ltgzle10orrs6WTJ1GWZkFkIVtSF%2FRMixVEqyKsdmqnlwZhPwADwdXzVVnKXKBcJ94Pg9DblzgT%2FBT7g%2FL0QrDCjUzjLLk2YV0wqQSbOeGB7yVdvQ9pHdh0zahhyFhFFtSJjfyo57DFYjnLvRkXhkeCFGwlT%2B4YYUtM3l3CmpQbMtKJK8gw7VtbzM35KRteg4uKVZSv1AAajCQ5jiIv7Gpucl5QIyGS1sq9XowwPXvnHLtMzbjs1jOz64ZHaRpchbO50bKNmdvbGHJDhF0CV46i0LsJjYlTTFqfMedXz%2FTxwrEHX2ChUElR68q4jTURjIy2LBjD%2BgaNJkLQDQFBiruOBiLtumWsiK4oHM6%2B4VQI6FXJF8cx4gE%2B86Kuc3tNhYVYM7ppuHA3PUmTXrLM67rGiZhTiclYOGFpAJyFSdnAKORLajLUDRX5iGfwCwNk7E%2B7WgtaUrgMqAF2aiPgfdCwXvbu4ekyaGfXBch63qcxmuuRusdZFsQdV3YTXcBt5Urn0qmd8dRPsyMtYRK1oz2wtbmpW7oWnYax7w%2BwVn%2BkPfANwRtSFDBK7iBR3Lfa6j12TG0bqkN31tD8%2BGiwKpFjhyWbsRJccS83TZMbkRrmKS9Z7p6uQ4xqVSo2I3WNtHEazxkaz0wRcABuHZ5mQZoe5dEH6WiCM%2B897JIXRGHHgYUgs8D9LsTFO7wLF%2FpwkG%2FsB57r%2FWs0249vQHQFstpw2GwwLlGozCgZq82ew5vnp8ZPY3BuSTqOkwHfltTaH9wrrG11ov04SLqEKkHYXaUMNwkv66hm7LGgc8jY0swky904jHHU8xqVisoomKD1zq41gs7cNgEq4PVCsBtqWDeBXYQtgj6BGYca4Oicp1niT%2F1on49kJg3GpdHHfOnOIomCjqmW2VjOUtEUAJt7CzQI473nZLI%2FAM050t3iQAxngBA2oKO0ELpYNRhN3OMKa7llJ4yCD82S94nnjcy25%2FcFjE41k1RvfGw%2BuDOrsVxdTSkI%2Fa6mihaM2CCdJbkn%2FOZkOhf2XjmpBf%2BgGRV0TqBxu8y6jxR3DGfmBbJazji8w62Y3kkfCI3j03R4gQLcxA786eETiDVYC2F0RlYExviaA3zSC%2BroDjvNDtdhRNjieol7fn7tvSyN3GDsnTxEkGKoFddcoHd4UsjidHy%2Fwp0vzaajW6B5cqwNS6assBxtIVTxVHG3LoRw5dnBWF9dGqZ9WGz35AbCQBXAuTlUnanSeQTibh8nXeN2X4tslP6gIFDMfCUVZsCG0oqeDbvY%2Ft2%2Ba19f%2Fnn5R%2FvypH3Vvr38rX13%2BXP7pn1x%2BTt%2Bvzpp37YvTi5%2FaV%2B0%2F17%2Bipfwz5ftf%2B1rPHgD7D94EY8R46%2F7JTZI48evL776%2BPH5l4%2BePrm4IYwhhf1KUJNquCfdtwN7Dxh%2B%2BfBSc8d%2F%2Fj%2BzCBHZ&use-server-side-rendering=1&pcode-icookie=9wMGzWFiMHtgECEWtdku6d%2Fw%2Fw7vvoL%2FT4qfxUgBXLJr2Ml3cAV07s3WA%2BwbIUMQTTCPMCf24l0NVKhVoQCm0mAXfAE%3D&top-ancestor=https%3A%2F%2Fwww.tumen.kp.ru&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxNDh9CiKjpKisKOmBEFCneJjv7a9rvsY81cJKoRevTgnOjfhG9z4kx_DvVR--WkphSTxV1xKUuMjO3t4oQE8M6DHQxoyBjFKCtslvk79X8Js_mRBKKGWUoUEGMkbtSCAn2sSWaNV0antiqgm5GkaiTyyJbgAPAaKmS4yLFEldcLLEkKQNu2hNwA-gy7lOTZVY6sIW5E-XpHVhsiyS2sS6yFJWgNQE6gKuXzQLtsAGNazzkC7AEgo1_Xm0LnyJLcBc6YoOZOyoBMB0q7LEJV7BdIUZBauCKZFAXw6p63I5EDEtAroKQHpoNYCkCJeDDYmwCBevk09YxMHpQMIrDEjrtohUs0GEjdfhrKxONl4wZPl4GfmZOJkdnCysspWfhdXBy-oAQzYBlig2ykUlXxpjrwkUNVVdtKQLvGgXzDbQrYlGTXtYTIlxgbQk-oErXXrQqmHUBdqoti-KdCiw3B6daYEGYdlHvwxP1XAS06ADf_QDwXQhCXG51QzqZW660DLJDKe64XiRsA8kk3RR6s_qpeXSQw1zoUm3cFoO5_ZeZlg4fJmWltSLYuhnW0ApZYZppmblmU_ZNFkoNMvBLwq4Mso90wyxxcxfpg60puxONAXl2z4Esjwsq6mmE2dnoTB2WakgSbHzwkfIwsTHGCIsqAmFDFHVq4mqd5ELlsfwINX5j5SFD76wCB8nImVwpAwOBwtr5UfiZGQEQ5aRX5qNG5s4O6O0C2vlZUOCiAWZrHAC5ZUNQ0SqkVHm3BmGw82BkJOZQ1xasnILOlHw1kWLmY8BsSQCaVdlB9GJCTn85Q_6dte6fGlFpJze4QB8qWeXDx5ORi50XM6FB8LLHM729eWtShBALFlOv0xTrx6ZCLVUse4EbVpCoVXTeeSVIliZqUe-ISVkathxLXjrBmCqFeKN0dAnq0wTRTzCAPRS35KYE6uayhP_OU1sG3e9MR3y-N9H_pKDqQeOaT30DEKO2p7gSB-xyU53nQeGQ32wpX3smfBk90TGFD6xxVtVrusjmwb7-3uP3EFbuIzDv5reUzvW0W0M8UZdYGKXcs84bmZiqoXA_aBdCo_zGH9kOhDroglMhFOuE9W9pBeEhxrTXz2Vhzyf6NC-wPITTuWJMCx7rk137vb6J2x4-PWW1OTz-peK5kTvoTWT5HTSy9gpeLunkoP897jpOUd1CPJZ5I0MyEufbaekl_R-1D6_xulGYvLIM7Bz0H8tp8PLJVlcI15CNt2cFe2cTgqPvEPcarGOQU1QzrfNfwZ6AocU3bysjXl05WvZOyJ5yu1yxdoWT_sHkAxf51EqeOnCnBR-sVV4qHgQcS_HAJpjXRAgAoww8DCUmSX4XUwSyyA-lEKIeRE892K7jlhOuCSUuHe7KzI0AqAy_z8pW18ijMxOVn94xasQC4cgowqUBpF5GBLEHo8Mg0TlQ8wpwITiMTeNzgfR8PPz8zM5ndn5_RxtnqytPKfrJiNJxDExPQpzAh8JHw83UmmJyo2aFTV8IVlhtwufCbaAqzbRzcbILMHIIY25smPkw4BGoDix2PASzQ08PKxOQozvzB3Wys_GADobl6zq5K9wHfhzDsSE6S2KclJqAu39Mf3WkHjkyyVZi4W71ga0OWhLdNazKfXCsshUTkUnv9odGL1wB_y4mGGfZmtUEfPYj-jntGwYN3YrPfKMURA5egzSbsze2A7k3cOGUfvT2-ql05C28PcGq-F-MYb4EqVTyHH6c0jwu-NLln_N1IWKUk9kIjNQrHKADM8BCtIoypRQ6i0NGhYuVwiq8LGKSSJwSLsrFyPo3JgcKpGNyyUcgJQvuFMlorodzAwOVvalPzuzEEoWwTbDgvOnfgmGVE3z7ZX2jnTJVd_W_QQ1zZ-ltY2HdUfa-gGarJD9cD3DpL4-v-zlBpEdob0G2Gue1kXrPm7tnV0jaPp30ORzrKbEnvvoJG6rZmFjZcDmXhLiQ4-MER4n4WUupcR_6bercqIXxIQcFTjot3JxFua6t-SF4DMIoJYV_ub3obiQh9OH7uvuMCBiQcgVKuo5BJlxFjXcMeF7WpyjRBP2gUPJjVdLWcoPb6ekMnMG3f6mugjQL3LmL4Yfxmz9--alUb_1A5H6hc0YER_xdMJc-YTQg8YI2jowrHWbkr57trdkjPXESmh2-lUAHpc1F3pQQUWFUFaZzhxInZKIEC7kOdGgRotwRt6Zrqb9s40lJDITuaiGhlqAT3FSlSKdIbe-4rckyZZOCwww7IU-9QX3DkT7mMW3aD_Pdzs1TTLfEYdQSLvO5tirFgzRRcuPFgFSBChKviuxv-w4t5WHPNKX7RDJAEU8C-NxXsGal6hFpY9Xhe87_KlGsgKvu_KjYxBAKdBD4Ntu2Lzc1N-iYmfGzsQQZDTBKrhYqR_oNvq39n7Kt4Pv92jKZcbmSVTSkW-Ho6aSaRLQnMSpP3G33Q3CraNPQ62Hb9uaPIEuOtBLp95yvsSpDTdv3nVIvRG09kiOX7EzrkPAWlk_3bE-7Ez1TJTtyAx3fmDJT_vU2dS1-VVtbEV_k9e10WHt6pXFf4XpKUvy1OpNMDIEE_0mFM0wZ1HPkSYr7NbWn69h9-9Nb1mdjoZFR_O2kBRyzAtusQNwbCH4rkEK19F6EmuOCm_BA1nY6dkObBx3rR0yNfruAP5qwgXEJely1TaYN8bidalCfC1fsZuYN9AMKZ5IFkqnqP7hrH3l9Ytwfj9icolqcqiY78mVeM_iTkzNbZ-b_od7VHy929bsJyfW0cTfB0dEO_wOlpC_ek4cniBqz9qmErXVVIR6QvNf_lLgLu2rUPPY4fO6NMpWiMnU1jN3XVHmi7mUhVWKaP7nSWQp1aH-sVCz15d6SK64LwgfIXWz1ClcoMBEg44S7b_9Wj_2Fe9CRMNVaAe-H1qhW_nUCpaxOLgu41H6zzcIrAU43mMBORtk7CLNd_O6Di2GMjIsWUf1Fya4N2UMH18Cow8F7KfK6GNi30V15GE_2qWjbB-St234g1vvMVvJr2sjR59l8ydQTmQfv-SWlPyNm2Cspql_FGS34UnwOLyRL5vIrsHOyuoQO__ULU9hU6HCyMaPK-wQaRp_RH379gFRJn-tVm7Nh4YxnZ8-2Zpm4IsjH2d_E5w62INU3rpwi_2Axe4lBQScuWxjEVYbENQA_kuc0nq0k771R6eCxvfPNZmQ1CtOWlmimR_Y1pu29l-IimQARv3HOZ91ImjXjqkjC81looeILKHyfaUXOeV9oIbr3nU9Zuo3UhqHKzy2daCeIbfSzGNPTOXdb3wlNfVzzrX4uPOvR3aVdvksTdN9yRFl-qpY6mWlR0kV8eN_9vOyv1Whuwmoi-f88s_SzmXfOD2BPx_aG6bQbqPBGqgCuV2iviYjmrsUMUbAynxWxNVHqxtJlP9ZbHUDTEXDyc_EwsjC46iCPDyc_Lzl68-DbyFYS31uG9_D8BicDZIxTF6qRYNoD_nmUm32wKK8x2cPm-EuvbwTQ-uqzWX-0HXOjWNqP9pEocVjfz9Cklum5nyl6rwEYB9MWtLygr0Uj-evwTi2--ekT0s7c5WbWgzOYnjG-ZytzK1VqiKLOWZodr83xcct20o5Fsu4dszrbm5uGD94P-MMrVI9okH3JH_mYsPlzMXvxKcImZExK2o78z8sP9WXUlEDVy4udcfDf6VfJjgTJ28w9PVtMusyn4er7xInjdQtUyCEiJyVzezidj_qtqACLjyP61_m5YG0qJupKof_kknW-P-WKwJCsRhSnHhG8LDWmxJ-kkcd-XS92054mW16sn8JvLrcqlkfshOSVDSuUF1PLwPLx-hYCO9SXuMPab-gWvON0VbxfnRTrbS97BDcFKjFwCvMtBBKsxtnCtEM7A7iGxZob_DT_3U8ZCmcZ8CX2EF3h2UdeKEswodF054-OrzhPLh-aFsjhkV6uOqezbYKOytwVPNDcV8YElNSxBNCGgOvB4zYnjC_tAz_VekUsLEMw3EcN4eWyoutwLwnpj97TNnbtTZX1zIpOTKV_1IMMlOHsxEs2WbRdJv6E16tP6wFX3xRdoDy2rXiOKcWVQxtS09LtPkBjx8wd_tupMengf5hyVZEfJ4cxj9Kzd0wpbJ_V3QqhjaE0TD-_d46htPuO5a1_xLTJdHnbgijWWfOadz3nDaT2Kz-HSRtOVD2SbR10RtDorazp9Q8exg6nM7fPVKNm_8SWYskWF358fSsgqs8y08ObvZ5NrQheeFr11qNbnwfxm9nTPc9Nn1EhhkfM_qH0DQhmZoUrQmk24WDnTnr-Pcuf7IDf8OQ0kfaz0eFGXLYpCH6nnUfiqf-QzFsqkTTslPlKhHLphdMgJoWuYlAAg-IAC_UUoAWvczM9fPXafuxk31bKDiQzV3jkREK3Dz_EQXvJ2YpduIiYbvdTdmJZnrIbpbE6xO935eL8E63dH9zZ-sIkc9VmedL558uY9gumxVTOEGUHyJAtX3ZFqbhD0hXBmKbKpXyh5GPTYqVpgvfS1NYhMutImCpChV2bPB4MDNLY1u0_PyOdQMu8UhYzx0Q2laCU6xyY-RGzoExq6AiNvsixAMPKScHhmP81ZZb3bhLiaKwg5ONV4lLLJUXIzczsk1pMWLl3wc-fAtJBTISlZsJoCgwoP4OFJhIvqXailPWlQ2Rqk3XMpp2FG1nA2u8VTFB-jhYov3yji_eum3t86Zs84Aai9Rf3zyhg_Qml7ZouvUqskyE9g2Ll75xI0SHlgmTrPAkcKHJh_yvWIq0TCUMZGEUfelZWI3ztfruOB69Wpc1OwVdXa6Lfj8STND10znnpFGugMPeEqQkocYC_LbTJhIkqBf2KJUclOgLWgQ9cNojcfjfjVioTttBuTjhokuSq8GYcbHBFMUOnqylyXtL3NxgSk-foWQF2SvKWnJoXSdpS7OPNCX195N_eev_Uvm21hlywhLG8vfXLYmL7QX0lnD8VIrLm4nhorFrVA42Jk2bHN9HizJ1FD6GrPixh2W6y-g2Wan5CZ2mkX10J30T5GiwGxcbDO2a56xDI06tpr0YfOqftbTH3x0_lcEz&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

3b62965d5271ec014b0e0a87ca5612570ee7322c6ad76c4a7c69e08e0247445f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:31:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
ssr: true
x-yandex-req-id: 1661117479583979-13368474120014701748-vla1-2969-vla-l7-balancer-8080-BAL-9788
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type: Direct
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sun, 21 Aug 2022 21:31:20 GMT
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sun, 21 Aug 2022 21:31:20 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
216 B 29ms
28ms Ping
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 21 Aug 2022 21:31:19 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://www.tumen.kp.ru
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
365 B 50ms
49ms Image
image/gif 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:31:19 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
strict-transport-security: max-age=31536000; preload;
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Wed, 16 Aug 2023 21:31:19 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
365 B 49ms
48ms Image
image/gif 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:31:19 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
strict-transport-security: max-age=31536000; preload;
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Wed, 16 Aug 2023 21:31:19 GMT

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/232598/getBulk/ 16 KB
8 KB 274ms
273ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/232598/getBulk/v2?dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&date=2022-08-21T21%3A31%3A19.559%2B00%3A00&pd=21&pdh=1200&pdw=1600&pr1=3459996123&pr=1794283843&prr=&pv=21&pw=0&extid_loader=&extid_tag_loader=www.tumen.kp.ru&ylv=0.634516&ybv=0.634516&ytt=362840448958469&is-turbo=0&skip-token=&ad-session-id=2350821661117479275&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.8%2C%22isInIframe%22%3Afalse%2C%22w%22%3A240%2C%22h%22%3A400%2C%22width%22%3A240%2C%22height%22%3A400%2C%22visible%22%3A0%2C%22fullscreenHeaderHeight%22%3A49%2C%22left%22%3A215%2C%22top%22%3A1298%2C%22fontFamily%22%3A%22ys%22%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A2%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=634516&available-width=240&available-height=400&yaru=true&pp=g&p2=fxjd&ps=bxyd&puid1=adv-1661117479229-901&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&puid3=top%3Aregion&puid5=&slotNumber=3&bids=W3siYmlkZGVyTmFtZSI6ImNyaXRlbyIsImNhbXBhaWduX2lkIjo3MjI1NzMsInJlc3BvbnNlX3RpbWUiOjMxNCwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjEyMzM1MzUifSx7ImJpZGRlck5hbWUiOiJydGJob3VzZSIsImNhbXBhaWduX2lkIjo4NTM4NjksInJlc3BvbnNlX3RpbWUiOjExNywiZXJyb3IiOnsiY29kZSI6NH0sInBsYWNlbWVudF9pZCI6IjhkMzA4ZDQyMzE2YzQwYjUxNjg4In0seyJiaWRkZXJOYW1lIjoiYWRyaXZlciIsImNhbXBhaWduX2lkIjo3MjgyNTQsInJlc3BvbnNlX3RpbWUiOjI1NywiZXJyb3IiOnsiY29kZSI6NH0sInBsYWNlbWVudF9pZCI6IjI6a3BfNXNsb3QifSx7ImJpZGRlck5hbWUiOiJteXRhcmdldCIsImNhbXBhaWduX2lkIjo4MTA0MDIsInJlc3BvbnNlX3RpbWUiOjIwMiwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjIzMzg1MiJ9LHsiYmlkZGVyTmFtZSI6ImJldHdlZW5kaWdpdGFsIiwiY2FtcGFpZ25faWQiOjgxMDM0NCwicmVzcG9uc2VfdGltZSI6MTIwLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMjQ4ODA1OSJ9XQ%3D%3D&utf8=%E2%9C%93&pcode-test-ids=628986%2C0%2C63%3B634789%2C0%2C97%3B634378%2C0%2C74%3B633794%2C0%2C75%3B622565%2C0%2C-1%3B629073%2C0%2C67&pcode-flags-map=eJytWF2P3DQU%2FSureQaU72T65kk8M9YmcbA9MztFyCrqIpAqhGALSFUlQAjxgIT4J32gUqEfvyH7jzh2Mh%2FJ7np3q%2B7bZHOu7%2FU99%2Fg4zyaCNpQova5IowX9dEWl0mSuqNCsFrwsJw8%2Bezb54dGTp%2BeTBxMlVnTy0eTi%2FPsL9hi%2F4zSN%2FGTy%2FPOPJmxRc0F1xaSkhS6IIrohglRSz7nQa1ZQjog659WMD2Ke%2F%2FTtIOTUi%2BLYhlwTiZQqvqY6XxIhqdJzwStdsvrUmVbi%2B5GX7mPQmsxKxCBNw%2BqFnm11wTf1XaIkWeCKQiUTKHbGlCCK3ifYbqftttuiSCFvCZAGmbcP0K9p0tFrUq6Gq%2Fse%2FgboIEiyw46sJNU13dgKFrXpC4KZquRKrOn2lkyCLIsSRyzJqgY79UFiof2K8foDJZaT%2B%2BdVCLI58HfDigV4uGFqiZbppiTbGclPwetamXGhwkXuJJiiE%2FsMGw4KNMQkarC6pGT%2FQFKEHHEiGfY0DOIjRoyDdXwt3GUOQ5QcFKBnYGRJFnrdCN0IxgVTWz0nueLD2vxRpCTJ9pGkssOypkKie8MiwijxsiE2SsLQYlc1KzkpoD5GNUjVHEMvvnt6fgSLgiycdsnbDZNGssaYcQeOQGifpLTWfCYpGDFq3DePvnhyPkCG6F43QnN2BqGr9ZKyxVLpWrmXjOJw6ltgzle10orrs6WTJ1GWZkFkIVtSF%2FRMixVEqyKsdmqnlwZhPwADwdXzVVnKXKBcJ94Pg9DblzgT%2FBT7g%2FL0QrDCjUzjLLk2YV0wqQSbOeGB7yVdvQ9pHdh0zahhyFhFFtSJjfyo57DFYjnLvRkXhkeCFGwlT%2B4YYUtM3l3CmpQbMtKJK8gw7VtbzM35KRteg4uKVZSv1AAajCQ5jiIv7Gpucl5QIyGS1sq9XowwPXvnHLtMzbjs1jOz64ZHaRpchbO50bKNmdvbGHJDhF0CV46i0LsJjYlTTFqfMedXz%2FTxwrEHX2ChUElR68q4jTURjIy2LBjD%2BgaNJkLQDQFBiruOBiLtumWsiK4oHM6%2B4VQI6FXJF8cx4gE%2B86Kuc3tNhYVYM7ppuHA3PUmTXrLM67rGiZhTiclYOGFpAJyFSdnAKORLajLUDRX5iGfwCwNk7E%2B7WgtaUrgMqAF2aiPgfdCwXvbu4ekyaGfXBch63qcxmuuRusdZFsQdV3YTXcBt5Urn0qmd8dRPsyMtYRK1oz2wtbmpW7oWnYax7w%2BwVn%2BkPfANwRtSFDBK7iBR3Lfa6j12TG0bqkN31tD8%2BGiwKpFjhyWbsRJccS83TZMbkRrmKS9Z7p6uQ4xqVSo2I3WNtHEazxkaz0wRcABuHZ5mQZoe5dEH6WiCM%2B897JIXRGHHgYUgs8D9LsTFO7wLF%2FpwkG%2FsB57r%2FWs0249vQHQFstpw2GwwLlGozCgZq82ew5vnp8ZPY3BuSTqOkwHfltTaH9wrrG11ov04SLqEKkHYXaUMNwkv66hm7LGgc8jY0swky904jHHU8xqVisoomKD1zq41gs7cNgEq4PVCsBtqWDeBXYQtgj6BGYca4Oicp1niT%2F1on49kJg3GpdHHfOnOIomCjqmW2VjOUtEUAJt7CzQI473nZLI%2FAM050t3iQAxngBA2oKO0ELpYNRhN3OMKa7llJ4yCD82S94nnjcy25%2FcFjE41k1RvfGw%2BuDOrsVxdTSkI%2Fa6mihaM2CCdJbkn%2FOZkOhf2XjmpBf%2BgGRV0TqBxu8y6jxR3DGfmBbJazji8w62Y3kkfCI3j03R4gQLcxA786eETiDVYC2F0RlYExviaA3zSC%2BroDjvNDtdhRNjieol7fn7tvSyN3GDsnTxEkGKoFddcoHd4UsjidHy%2Fwp0vzaajW6B5cqwNS6assBxtIVTxVHG3LoRw5dnBWF9dGqZ9WGz35AbCQBXAuTlUnanSeQTibh8nXeN2X4tslP6gIFDMfCUVZsCG0oqeDbvY%2Ft2%2Ba19f%2Fnn5R%2FvypH3Vvr38rX13%2BXP7pn1x%2BTt%2Bvzpp37YvTi5%2FaV%2B0%2F17%2Bipfwz5ftf%2B1rPHgD7D94EY8R46%2F7JTZI48evL776%2BPH5l4%2BePrm4IYwhhf1KUJNquCfdtwN7Dxh%2B%2BfBSc8d%2F%2Fj%2BzCBHZ&use-server-side-rendering=1&pcode-icookie=9wMGzWFiMHtgECEWtdku6d%2Fw%2Fw7vvoL%2FT4qfxUgBXLJr2Ml3cAV07s3WA%2BwbIUMQTTCPMCf24l0NVKhVoQCm0mAXfAE%3D&top-ancestor=https%3A%2F%2Fwww.tumen.kp.ru&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxNDh9CiKjpKisKOmBEFCneJjv7a9rvsY81cJKoRevTgnOjfhG9z4kx_DvVR--WkphSTxV1xKUuMjO3t4oQE8M6DHQxoyBjFKCtslvk79X8Js_mRBKKGWUoUEGMkbtSCAn2sSWaNV0antiqgm5GkaiTyyJbgAPAaKmS4yLFEldcLLEkKQNu2hNwA-gy7lOTZVY6sIW5E-XpHVhsiyS2sS6yFJWgNQE6gKuXzQLtsAGNazzkC7AEgo1_Xm0LnyJLcBc6YoOZOyoBMB0q7LEJV7BdIUZBauCKZFAXw6p63I5EDEtAroKQHpoNYCkCJeDDYmwCBevk09YxMHpQMIrDEjrtohUs0GEjdfhrKxONl4wZPl4GfmZOJkdnCysspWfhdXBy-oAQzYBlig2ykUlXxpjrwkUNVVdtKQLvGgXzDbQrYlGTXtYTIlxgbQk-oErXXrQqmHUBdqoti-KdCiw3B6daYEGYdlHvwxP1XAS06ADf_QDwXQhCXG51QzqZW660DLJDKe64XiRsA8kk3RR6s_qpeXSQw1zoUm3cFoO5_ZeZlg4fJmWltSLYuhnW0ApZYZppmblmU_ZNFkoNMvBLwq4Mso90wyxxcxfpg60puxONAXl2z4Esjwsq6mmE2dnoTB2WakgSbHzwkfIwsTHGCIsqAmFDFHVq4mqd5ELlsfwINX5j5SFD76wCB8nImVwpAwOBwtr5UfiZGQEQ5aRX5qNG5s4O6O0C2vlZUOCiAWZrHAC5ZUNQ0SqkVHm3BmGw82BkJOZQ1xasnILOlHw1kWLmY8BsSQCaVdlB9GJCTn85Q_6dte6fGlFpJze4QB8qWeXDx5ORi50XM6FB8LLHM729eWtShBALFlOv0xTrx6ZCLVUse4EbVpCoVXTeeSVIliZqUe-ISVkathxLXjrBmCqFeKN0dAnq0wTRTzCAPRS35KYE6uayhP_OU1sG3e9MR3y-N9H_pKDqQeOaT30DEKO2p7gSB-xyU53nQeGQ32wpX3smfBk90TGFD6xxVtVrusjmwb7-3uP3EFbuIzDv5reUzvW0W0M8UZdYGKXcs84bmZiqoXA_aBdCo_zGH9kOhDroglMhFOuE9W9pBeEhxrTXz2Vhzyf6NC-wPITTuWJMCx7rk137vb6J2x4-PWW1OTz-peK5kTvoTWT5HTSy9gpeLunkoP897jpOUd1CPJZ5I0MyEufbaekl_R-1D6_xulGYvLIM7Bz0H8tp8PLJVlcI15CNt2cFe2cTgqPvEPcarGOQU1QzrfNfwZ6AocU3bysjXl05WvZOyJ5yu1yxdoWT_sHkAxf51EqeOnCnBR-sVV4qHgQcS_HAJpjXRAgAoww8DCUmSX4XUwSyyA-lEKIeRE892K7jlhOuCSUuHe7KzI0AqAy_z8pW18ijMxOVn94xasQC4cgowqUBpF5GBLEHo8Mg0TlQ8wpwITiMTeNzgfR8PPz8zM5ndn5_RxtnqytPKfrJiNJxDExPQpzAh8JHw83UmmJyo2aFTV8IVlhtwufCbaAqzbRzcbILMHIIY25smPkw4BGoDix2PASzQ08PKxOQozvzB3Wys_GADobl6zq5K9wHfhzDsSE6S2KclJqAu39Mf3WkHjkyyVZi4W71ga0OWhLdNazKfXCsshUTkUnv9odGL1wB_y4mGGfZmtUEfPYj-jntGwYN3YrPfKMURA5egzSbsze2A7k3cOGUfvT2-ql05C28PcGq-F-MYb4EqVTyHH6c0jwu-NLln_N1IWKUk9kIjNQrHKADM8BCtIoypRQ6i0NGhYuVwiq8LGKSSJwSLsrFyPo3JgcKpGNyyUcgJQvuFMlorodzAwOVvalPzuzEEoWwTbDgvOnfgmGVE3z7ZX2jnTJVd_W_QQ1zZ-ltY2HdUfa-gGarJD9cD3DpL4-v-zlBpEdob0G2Gue1kXrPm7tnV0jaPp30ORzrKbEnvvoJG6rZmFjZcDmXhLiQ4-MER4n4WUupcR_6bercqIXxIQcFTjot3JxFua6t-SF4DMIoJYV_ub3obiQh9OH7uvuMCBiQcgVKuo5BJlxFjXcMeF7WpyjRBP2gUPJjVdLWcoPb6ekMnMG3f6mugjQL3LmL4Yfxmz9--alUb_1A5H6hc0YER_xdMJc-YTQg8YI2jowrHWbkr57trdkjPXESmh2-lUAHpc1F3pQQUWFUFaZzhxInZKIEC7kOdGgRotwRt6Zrqb9s40lJDITuaiGhlqAT3FSlSKdIbe-4rckyZZOCwww7IU-9QX3DkT7mMW3aD_Pdzs1TTLfEYdQSLvO5tirFgzRRcuPFgFSBChKviuxv-w4t5WHPNKX7RDJAEU8C-NxXsGal6hFpY9Xhe87_KlGsgKvu_KjYxBAKdBD4Ntu2Lzc1N-iYmfGzsQQZDTBKrhYqR_oNvq39n7Kt4Pv92jKZcbmSVTSkW-Ho6aSaRLQnMSpP3G33Q3CraNPQ62Hb9uaPIEuOtBLp95yvsSpDTdv3nVIvRG09kiOX7EzrkPAWlk_3bE-7Ez1TJTtyAx3fmDJT_vU2dS1-VVtbEV_k9e10WHt6pXFf4XpKUvy1OpNMDIEE_0mFM0wZ1HPkSYr7NbWn69h9-9Nb1mdjoZFR_O2kBRyzAtusQNwbCH4rkEK19F6EmuOCm_BA1nY6dkObBx3rR0yNfruAP5qwgXEJely1TaYN8bidalCfC1fsZuYN9AMKZ5IFkqnqP7hrH3l9Ytwfj9icolqcqiY78mVeM_iTkzNbZ-b_od7VHy929bsJyfW0cTfB0dEO_wOlpC_ek4cniBqz9qmErXVVIR6QvNf_lLgLu2rUPPY4fO6NMpWiMnU1jN3XVHmi7mUhVWKaP7nSWQp1aH-sVCz15d6SK64LwgfIXWz1ClcoMBEg44S7b_9Wj_2Fe9CRMNVaAe-H1qhW_nUCpaxOLgu41H6zzcIrAU43mMBORtk7CLNd_O6Di2GMjIsWUf1Fya4N2UMH18Cow8F7KfK6GNi30V15GE_2qWjbB-St234g1vvMVvJr2sjR59l8ydQTmQfv-SWlPyNm2Cspql_FGS34UnwOLyRL5vIrsHOyuoQO__ULU9hU6HCyMaPK-wQaRp_RH379gFRJn-tVm7Nh4YxnZ8-2Zpm4IsjH2d_E5w62INU3rpwi_2Axe4lBQScuWxjEVYbENQA_kuc0nq0k771R6eCxvfPNZmQ1CtOWlmimR_Y1pu29l-IimQARv3HOZ91ImjXjqkjC81looeILKHyfaUXOeV9oIbr3nU9Zuo3UhqHKzy2daCeIbfSzGNPTOXdb3wlNfVzzrX4uPOvR3aVdvksTdN9yRFl-qpY6mWlR0kV8eN_9vOyv1Whuwmoi-f88s_SzmXfOD2BPx_aG6bQbqPBGqgCuV2iviYjmrsUMUbAynxWxNVHqxtJlP9ZbHUDTEXDyc_EwsjC46iCPDyc_Lzl68-DbyFYS31uG9_D8BicDZIxTF6qRYNoD_nmUm32wKK8x2cPm-EuvbwTQ-uqzWX-0HXOjWNqP9pEocVjfz9Cklum5nyl6rwEYB9MWtLygr0Uj-evwTi2--ekT0s7c5WbWgzOYnjG-ZytzK1VqiKLOWZodr83xcct20o5Fsu4dszrbm5uGD94P-MMrVI9okH3JH_mYsPlzMXvxKcImZExK2o78z8sP9WXUlEDVy4udcfDf6VfJjgTJ28w9PVtMusyn4er7xInjdQtUyCEiJyVzezidj_qtqACLjyP61_m5YG0qJupKof_kknW-P-WKwJCsRhSnHhG8LDWmxJ-kkcd-XS92054mW16sn8JvLrcqlkfshOSVDSuUF1PLwPLx-hYCO9SXuMPab-gWvON0VbxfnRTrbS97BDcFKjFwCvMtBBKsxtnCtEM7A7iGxZob_DT_3U8ZCmcZ8CX2EF3h2UdeKEswodF054-OrzhPLh-aFsjhkV6uOqezbYKOytwVPNDcV8YElNSxBNCGgOvB4zYnjC_tAz_VekUsLEMw3EcN4eWyoutwLwnpj97TNnbtTZX1zIpOTKV_1IMMlOHsxEs2WbRdJv6E16tP6wFX3xRdoDy2rXiOKcWVQxtS09LtPkBjx8wd_tupMengf5hyVZEfJ4cxj9Kzd0wpbJ_V3QqhjaE0TD-_d46htPuO5a1_xLTJdHnbgijWWfOadz3nDaT2Kz-HSRtOVD2SbR10RtDorazp9Q8exg6nM7fPVKNm_8SWYskWF358fSsgqs8y08ObvZ5NrQheeFr11qNbnwfxm9nTPc9Nn1EhhkfM_qH0DQhmZoUrQmk24WDnTnr-Pcuf7IDf8OQ0kfaz0eFGXLYpCH6nnUfiqf-QzFsqkTTslPlKhHLphdMgJoWuYlAAg-IAC_UUoAWvczM9fPXafuxk31bKDiQzV3jkREK3Dz_EQXvJ2YpduIiYbvdTdmJZnrIbpbE6xO935eL8E63dH9zZ-sIkc9VmedL558uY9gumxVTOEGUHyJAtX3ZFqbhD0hXBmKbKpXyh5GPTYqVpgvfS1NYhMutImCpChV2bPB4MDNLY1u0_PyOdQMu8UhYzx0Q2laCU6xyY-RGzoExq6AiNvsixAMPKScHhmP81ZZb3bhLiaKwg5ONV4lLLJUXIzczsk1pMWLl3wc-fAtJBTISlZsJoCgwoP4OFJhIvqXailPWlQ2Rqk3XMpp2FG1nA2u8VTFB-jhYov3yji_eum3t86Zs84Aai9Rf3zyhg_Qml7ZouvUqskyE9g2Ll75xI0SHlgmTrPAkcKHJh_yvWIq0TCUMZGEUfelZWI3ztfruOB69Wpc1OwVdXa6Lfj8STND10znnpFGugMPeEqQkocYC_LbTJhIkqBf2KJUclOgLWgQ9cNojcfjfjVioTttBuTjhokuSq8GYcbHBFMUOnqylyXtL3NxgSk-foWQF2SvKWnJoXSdpS7OPNCX195N_eev_Uvm21hlywhLG8vfXLYmL7QX0lnD8VIrLm4nhorFrVA42Jk2bHN9HizJ1FD6GrPixh2W6y-g2Wan5CZ2mkX10J30T5GiwGxcbDO2a56xDI06tpr0YfOqftbTH3x0_lcEz&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

706e6997ece60525215d4b4eff85639f2c4c3fc2b9fb8d2202641d81a56d76e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:31:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1661117479592017-12354214619533073575-vla1-2969-vla-l7-balancer-8080-BAL-7947
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sun, 21 Aug 2022 21:31:19 GMT
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sun, 21 Aug 2022 21:31:19 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
216 B 28ms
27ms Ping
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 21 Aug 2022 21:31:19 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://www.tumen.kp.ru
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/232598/getBulk/ 17 KB
8 KB 713ms
712ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/232598/getBulk/v2?dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&date=2022-08-21T21%3A31%3A19.562%2B00%3A00&pd=21&pdh=1200&pdw=1600&pr1=3762348494&pr=1794283843&prr=&pv=21&pw=0&extid_loader=&extid_tag_loader=www.tumen.kp.ru&ylv=0.634516&ybv=0.634516&ytt=362840448958469&is-turbo=0&skip-token=&ad-session-id=2350821661117479275&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.8%2C%22isInIframe%22%3Afalse%2C%22w%22%3A300%2C%22h%22%3A600%2C%22width%22%3A300%2C%22height%22%3A600%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A49%2C%22left%22%3A1100%2C%22top%22%3A486%2C%22fontFamily%22%3A%22ys%22%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A3%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=634516&available-width=300&available-height=600&yaru=true&pp=hrs&p2=fbao&ps=bxyd&puid1=adv-1661117479230-254&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&puid3=top%3Aregion&puid5=&slotNumber=4&bids=W3siYmlkZGVyTmFtZSI6ImNyaXRlbyIsImNhbXBhaWduX2lkIjo3MjI1NzMsInJlc3BvbnNlX3RpbWUiOjMxOCwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjExNDA4OTgifSx7ImJpZGRlck5hbWUiOiJydGJob3VzZSIsImNhbXBhaWduX2lkIjo4NTM4NjksInJlc3BvbnNlX3RpbWUiOjExNywiZXJyb3IiOnsiY29kZSI6NH0sInBsYWNlbWVudF9pZCI6IjcxNTczNzcwOTQwYjcyYzA0Mjg5In0seyJiaWRkZXJOYW1lIjoiYWRyaXZlciIsImNhbXBhaWduX2lkIjo3MjgyNTQsInJlc3BvbnNlX3RpbWUiOjI1OCwiZXJyb3IiOnsiY29kZSI6NH0sInBsYWNlbWVudF9pZCI6ImtwXzJzbG90XzFzY3IifSx7ImJpZGRlck5hbWUiOiJteXRhcmdldCIsImNhbXBhaWduX2lkIjo4MTA0MDIsInJlc3BvbnNlX3RpbWUiOjIxMiwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjIzMzg0MiJ9LHsiYmlkZGVyTmFtZSI6ImJldHdlZW5kaWdpdGFsIiwiY2FtcGFpZ25faWQiOjgxMDM0NCwicmVzcG9uc2VfdGltZSI6MTIwLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMjQ4ODA1MiJ9LHsiYmlkZGVyTmFtZSI6ImFkZm94X2Fkc21hcnQiLCJjYW1wYWlnbl9pZCI6MTU5MjA0MCwicmVzcG9uc2VfdGltZSI6MzA2LCJlcnJvciI6eyJjb2RlIjoxfX0seyJiaWRkZXJOYW1lIjoiYnV6em9vbGEiLCJjYW1wYWlnbl9pZCI6ODkwNDUwLCJyZXNwb25zZV90aW1lIjoxNzIsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIxMjI3MTY2In0seyJiaWRkZXJOYW1lIjoiYmlkdm9sIiwiY2FtcGFpZ25faWQiOjE4NzEwMTYsInJlc3BvbnNlX3RpbWUiOjI2NSwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjIxNTM1In0seyJiaWRkZXJOYW1lIjoiYWRmb3hfaW1oby12aWRlbyIsImNhbXBhaWduX2lkIjoxNzg5NTgxLCJyZXNwb25zZV90aW1lIjozMDYsImVycm9yIjp7ImNvZGUiOjF9fV0%3D&utf8=%E2%9C%93&pcode-test-ids=628986%2C0%2C63%3B634789%2C0%2C97%3B634378%2C0%2C74%3B633794%2C0%2C75%3B622565%2C0%2C-1%3B629073%2C0%2C67&pcode-flags-map=eJytWF2P3DQU%2FSureQaU72T65kk8M9YmcbA9MztFyCrqIpAqhGALSFUlQAjxgIT4J32gUqEfvyH7jzh2Mh%2FJ7np3q%2B7bZHOu7%2FU99%2Fg4zyaCNpQova5IowX9dEWl0mSuqNCsFrwsJw8%2Bezb54dGTp%2BeTBxMlVnTy0eTi%2FPsL9hi%2F4zSN%2FGTy%2FPOPJmxRc0F1xaSkhS6IIrohglRSz7nQa1ZQjog659WMD2Ke%2F%2FTtIOTUi%2BLYhlwTiZQqvqY6XxIhqdJzwStdsvrUmVbi%2B5GX7mPQmsxKxCBNw%2BqFnm11wTf1XaIkWeCKQiUTKHbGlCCK3ifYbqftttuiSCFvCZAGmbcP0K9p0tFrUq6Gq%2Fse%2FgboIEiyw46sJNU13dgKFrXpC4KZquRKrOn2lkyCLIsSRyzJqgY79UFiof2K8foDJZaT%2B%2BdVCLI58HfDigV4uGFqiZbppiTbGclPwetamXGhwkXuJJiiE%2FsMGw4KNMQkarC6pGT%2FQFKEHHEiGfY0DOIjRoyDdXwt3GUOQ5QcFKBnYGRJFnrdCN0IxgVTWz0nueLD2vxRpCTJ9pGkssOypkKie8MiwijxsiE2SsLQYlc1KzkpoD5GNUjVHEMvvnt6fgSLgiycdsnbDZNGssaYcQeOQGifpLTWfCYpGDFq3DePvnhyPkCG6F43QnN2BqGr9ZKyxVLpWrmXjOJw6ltgzle10orrs6WTJ1GWZkFkIVtSF%2FRMixVEqyKsdmqnlwZhPwADwdXzVVnKXKBcJ94Pg9DblzgT%2FBT7g%2FL0QrDCjUzjLLk2YV0wqQSbOeGB7yVdvQ9pHdh0zahhyFhFFtSJjfyo57DFYjnLvRkXhkeCFGwlT%2B4YYUtM3l3CmpQbMtKJK8gw7VtbzM35KRteg4uKVZSv1AAajCQ5jiIv7Gpucl5QIyGS1sq9XowwPXvnHLtMzbjs1jOz64ZHaRpchbO50bKNmdvbGHJDhF0CV46i0LsJjYlTTFqfMedXz%2FTxwrEHX2ChUElR68q4jTURjIy2LBjD%2BgaNJkLQDQFBiruOBiLtumWsiK4oHM6%2B4VQI6FXJF8cx4gE%2B86Kuc3tNhYVYM7ppuHA3PUmTXrLM67rGiZhTiclYOGFpAJyFSdnAKORLajLUDRX5iGfwCwNk7E%2B7WgtaUrgMqAF2aiPgfdCwXvbu4ekyaGfXBch63qcxmuuRusdZFsQdV3YTXcBt5Urn0qmd8dRPsyMtYRK1oz2wtbmpW7oWnYax7w%2BwVn%2BkPfANwRtSFDBK7iBR3Lfa6j12TG0bqkN31tD8%2BGiwKpFjhyWbsRJccS83TZMbkRrmKS9Z7p6uQ4xqVSo2I3WNtHEazxkaz0wRcABuHZ5mQZoe5dEH6WiCM%2B897JIXRGHHgYUgs8D9LsTFO7wLF%2FpwkG%2FsB57r%2FWs0249vQHQFstpw2GwwLlGozCgZq82ew5vnp8ZPY3BuSTqOkwHfltTaH9wrrG11ov04SLqEKkHYXaUMNwkv66hm7LGgc8jY0swky904jHHU8xqVisoomKD1zq41gs7cNgEq4PVCsBtqWDeBXYQtgj6BGYca4Oicp1niT%2F1on49kJg3GpdHHfOnOIomCjqmW2VjOUtEUAJt7CzQI473nZLI%2FAM050t3iQAxngBA2oKO0ELpYNRhN3OMKa7llJ4yCD82S94nnjcy25%2FcFjE41k1RvfGw%2BuDOrsVxdTSkI%2Fa6mihaM2CCdJbkn%2FOZkOhf2XjmpBf%2BgGRV0TqBxu8y6jxR3DGfmBbJazji8w62Y3kkfCI3j03R4gQLcxA786eETiDVYC2F0RlYExviaA3zSC%2BroDjvNDtdhRNjieol7fn7tvSyN3GDsnTxEkGKoFddcoHd4UsjidHy%2Fwp0vzaajW6B5cqwNS6assBxtIVTxVHG3LoRw5dnBWF9dGqZ9WGz35AbCQBXAuTlUnanSeQTibh8nXeN2X4tslP6gIFDMfCUVZsCG0oqeDbvY%2Ft2%2Ba19f%2Fnn5R%2FvypH3Vvr38rX13%2BXP7pn1x%2BTt%2Bvzpp37YvTi5%2FaV%2B0%2F17%2Bipfwz5ftf%2B1rPHgD7D94EY8R46%2F7JTZI48evL776%2BPH5l4%2BePrm4IYwhhf1KUJNquCfdtwN7Dxh%2B%2BfBSc8d%2F%2Fj%2BzCBHZ&use-server-side-rendering=1&pcode-icookie=9wMGzWFiMHtgECEWtdku6d%2Fw%2Fw7vvoL%2FT4qfxUgBXLJr2Ml3cAV07s3WA%2BwbIUMQTTCPMCf24l0NVKhVoQCm0mAXfAE%3D&top-ancestor=https%3A%2F%2Fwww.tumen.kp.ru&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxNDh9CiKjpKisKOmBEFCneJjv7a9rvsY81cJKoRevTgnOjfhG9z4kx_DvVR--WkphSTxV1xKUuMjO3t4oQE8M6DHQxoyBjFKCtslvk79X8Js_mRBKKGWUoUEGMkbtSCAn2sSWaNV0antiqgm5GkaiTyyJbgAPAaKmS4yLFEldcLLEkKQNu2hNwA-gy7lOTZVY6sIW5E-XpHVhsiyS2sS6yFJWgNQE6gKuXzQLtsAGNazzkC7AEgo1_Xm0LnyJLcBc6YoOZOyoBMB0q7LEJV7BdIUZBauCKZFAXw6p63I5EDEtAroKQHpoNYCkCJeDDYmwCBevk09YxMHpQMIrDEjrtohUs0GEjdfhrKxONl4wZPl4GfmZOJkdnCysspWfhdXBy-oAQzYBlig2ykUlXxpjrwkUNVVdtKQLvGgXzDbQrYlGTXtYTIlxgbQk-oErXXrQqmHUBdqoti-KdCiw3B6daYEGYdlHvwxP1XAS06ADf_QDwXQhCXG51QzqZW660DLJDKe64XiRsA8kk3RR6s_qpeXSQw1zoUm3cFoO5_ZeZlg4fJmWltSLYuhnW0ApZYZppmblmU_ZNFkoNMvBLwq4Mso90wyxxcxfpg60puxONAXl2z4Esjwsq6mmE2dnoTB2WakgSbHzwkfIwsTHGCIsqAmFDFHVq4mqd5ELlsfwINX5j5SFD76wCB8nImVwpAwOBwtr5UfiZGQEQ5aRX5qNG5s4O6O0C2vlZUOCiAWZrHAC5ZUNQ0SqkVHm3BmGw82BkJOZQ1xasnILOlHw1kWLmY8BsSQCaVdlB9GJCTn85Q_6dte6fGlFpJze4QB8qWeXDx5ORi50XM6FB8LLHM729eWtShBALFlOv0xTrx6ZCLVUse4EbVpCoVXTeeSVIliZqUe-ISVkathxLXjrBmCqFeKN0dAnq0wTRTzCAPRS35KYE6uayhP_OU1sG3e9MR3y-N9H_pKDqQeOaT30DEKO2p7gSB-xyU53nQeGQ32wpX3smfBk90TGFD6xxVtVrusjmwb7-3uP3EFbuIzDv5reUzvW0W0M8UZdYGKXcs84bmZiqoXA_aBdCo_zGH9kOhDroglMhFOuE9W9pBeEhxrTXz2Vhzyf6NC-wPITTuWJMCx7rk137vb6J2x4-PWW1OTz-peK5kTvoTWT5HTSy9gpeLunkoP897jpOUd1CPJZ5I0MyEufbaekl_R-1D6_xulGYvLIM7Bz0H8tp8PLJVlcI15CNt2cFe2cTgqPvEPcarGOQU1QzrfNfwZ6AocU3bysjXl05WvZOyJ5yu1yxdoWT_sHkAxf51EqeOnCnBR-sVV4qHgQcS_HAJpjXRAgAoww8DCUmSX4XUwSyyA-lEKIeRE892K7jlhOuCSUuHe7KzI0AqAy_z8pW18ijMxOVn94xasQC4cgowqUBpF5GBLEHo8Mg0TlQ8wpwITiMTeNzgfR8PPz8zM5ndn5_RxtnqytPKfrJiNJxDExPQpzAh8JHw83UmmJyo2aFTV8IVlhtwufCbaAqzbRzcbILMHIIY25smPkw4BGoDix2PASzQ08PKxOQozvzB3Wys_GADobl6zq5K9wHfhzDsSE6S2KclJqAu39Mf3WkHjkyyVZi4W71ga0OWhLdNazKfXCsshUTkUnv9odGL1wB_y4mGGfZmtUEfPYj-jntGwYN3YrPfKMURA5egzSbsze2A7k3cOGUfvT2-ql05C28PcGq-F-MYb4EqVTyHH6c0jwu-NLln_N1IWKUk9kIjNQrHKADM8BCtIoypRQ6i0NGhYuVwiq8LGKSSJwSLsrFyPo3JgcKpGNyyUcgJQvuFMlorodzAwOVvalPzuzEEoWwTbDgvOnfgmGVE3z7ZX2jnTJVd_W_QQ1zZ-ltY2HdUfa-gGarJD9cD3DpL4-v-zlBpEdob0G2Gue1kXrPm7tnV0jaPp30ORzrKbEnvvoJG6rZmFjZcDmXhLiQ4-MER4n4WUupcR_6bercqIXxIQcFTjot3JxFua6t-SF4DMIoJYV_ub3obiQh9OH7uvuMCBiQcgVKuo5BJlxFjXcMeF7WpyjRBP2gUPJjVdLWcoPb6ekMnMG3f6mugjQL3LmL4Yfxmz9--alUb_1A5H6hc0YER_xdMJc-YTQg8YI2jowrHWbkr57trdkjPXESmh2-lUAHpc1F3pQQUWFUFaZzhxInZKIEC7kOdGgRotwRt6Zrqb9s40lJDITuaiGhlqAT3FSlSKdIbe-4rckyZZOCwww7IU-9QX3DkT7mMW3aD_Pdzs1TTLfEYdQSLvO5tirFgzRRcuPFgFSBChKviuxv-w4t5WHPNKX7RDJAEU8C-NxXsGal6hFpY9Xhe87_KlGsgKvu_KjYxBAKdBD4Ntu2Lzc1N-iYmfGzsQQZDTBKrhYqR_oNvq39n7Kt4Pv92jKZcbmSVTSkW-Ho6aSaRLQnMSpP3G33Q3CraNPQ62Hb9uaPIEuOtBLp95yvsSpDTdv3nVIvRG09kiOX7EzrkPAWlk_3bE-7Ez1TJTtyAx3fmDJT_vU2dS1-VVtbEV_k9e10WHt6pXFf4XpKUvy1OpNMDIEE_0mFM0wZ1HPkSYr7NbWn69h9-9Nb1mdjoZFR_O2kBRyzAtusQNwbCH4rkEK19F6EmuOCm_BA1nY6dkObBx3rR0yNfruAP5qwgXEJely1TaYN8bidalCfC1fsZuYN9AMKZ5IFkqnqP7hrH3l9Ytwfj9icolqcqiY78mVeM_iTkzNbZ-b_od7VHy929bsJyfW0cTfB0dEO_wOlpC_ek4cniBqz9qmErXVVIR6QvNf_lLgLu2rUPPY4fO6NMpWiMnU1jN3XVHmi7mUhVWKaP7nSWQp1aH-sVCz15d6SK64LwgfIXWz1ClcoMBEg44S7b_9Wj_2Fe9CRMNVaAe-H1qhW_nUCpaxOLgu41H6zzcIrAU43mMBORtk7CLNd_O6Di2GMjIsWUf1Fya4N2UMH18Cow8F7KfK6GNi30V15GE_2qWjbB-St234g1vvMVvJr2sjR59l8ydQTmQfv-SWlPyNm2Cspql_FGS34UnwOLyRL5vIrsHOyuoQO__ULU9hU6HCyMaPK-wQaRp_RH379gFRJn-tVm7Nh4YxnZ8-2Zpm4IsjH2d_E5w62INU3rpwi_2Axe4lBQScuWxjEVYbENQA_kuc0nq0k771R6eCxvfPNZmQ1CtOWlmimR_Y1pu29l-IimQARv3HOZ91ImjXjqkjC81looeILKHyfaUXOeV9oIbr3nU9Zuo3UhqHKzy2daCeIbfSzGNPTOXdb3wlNfVzzrX4uPOvR3aVdvksTdN9yRFl-qpY6mWlR0kV8eN_9vOyv1Whuwmoi-f88s_SzmXfOD2BPx_aG6bQbqPBGqgCuV2iviYjmrsUMUbAynxWxNVHqxtJlP9ZbHUDTEXDyc_EwsjC46iCPDyc_Lzl68-DbyFYS31uG9_D8BicDZIxTF6qRYNoD_nmUm32wKK8x2cPm-EuvbwTQ-uqzWX-0HXOjWNqP9pEocVjfz9Cklum5nyl6rwEYB9MWtLygr0Uj-evwTi2--ekT0s7c5WbWgzOYnjG-ZytzK1VqiKLOWZodr83xcct20o5Fsu4dszrbm5uGD94P-MMrVI9okH3JH_mYsPlzMXvxKcImZExK2o78z8sP9WXUlEDVy4udcfDf6VfJjgTJ28w9PVtMusyn4er7xInjdQtUyCEiJyVzezidj_qtqACLjyP61_m5YG0qJupKof_kknW-P-WKwJCsRhSnHhG8LDWmxJ-kkcd-XS92054mW16sn8JvLrcqlkfshOSVDSuUF1PLwPLx-hYCO9SXuMPab-gWvON0VbxfnRTrbS97BDcFKjFwCvMtBBKsxtnCtEM7A7iGxZob_DT_3U8ZCmcZ8CX2EF3h2UdeKEswodF054-OrzhPLh-aFsjhkV6uOqezbYKOytwVPNDcV8YElNSxBNCGgOvB4zYnjC_tAz_VekUsLEMw3EcN4eWyoutwLwnpj97TNnbtTZX1zIpOTKV_1IMMlOHsxEs2WbRdJv6E16tP6wFX3xRdoDy2rXiOKcWVQxtS09LtPkBjx8wd_tupMengf5hyVZEfJ4cxj9Kzd0wpbJ_V3QqhjaE0TD-_d46htPuO5a1_xLTJdHnbgijWWfOadz3nDaT2Kz-HSRtOVD2SbR10RtDorazp9Q8exg6nM7fPVKNm_8SWYskWF358fSsgqs8y08ObvZ5NrQheeFr11qNbnwfxm9nTPc9Nn1EhhkfM_qH0DQhmZoUrQmk24WDnTnr-Pcuf7IDf8OQ0kfaz0eFGXLYpCH6nnUfiqf-QzFsqkTTslPlKhHLphdMgJoWuYlAAg-IAC_UUoAWvczM9fPXafuxk31bKDiQzV3jkREK3Dz_EQXvJ2YpduIiYbvdTdmJZnrIbpbE6xO935eL8E63dH9zZ-sIkc9VmedL558uY9gumxVTOEGUHyJAtX3ZFqbhD0hXBmKbKpXyh5GPTYqVpgvfS1NYhMutImCpChV2bPB4MDNLY1u0_PyOdQMu8UhYzx0Q2laCU6xyY-RGzoExq6AiNvsixAMPKScHhmP81ZZb3bhLiaKwg5ONV4lLLJUXIzczsk1pMWLl3wc-fAtJBTISlZsJoCgwoP4OFJhIvqXailPWlQ2Rqk3XMpp2FG1nA2u8VTFB-jhYov3yji_eum3t86Zs84Aai9Rf3zyhg_Qml7ZouvUqskyE9g2Ll75xI0SHlgmTrPAkcKHJh_yvWIq0TCUMZGEUfelZWI3ztfruOB69Wpc1OwVdXa6Lfj8STND10znnpFGugMPeEqQkocYC_LbTJhIkqBf2KJUclOgLWgQ9cNojcfjfjVioTttBuTjhokuSq8GYcbHBFMUOnqylyXtL3NxgSk-foWQF2SvKWnJoXSdpS7OPNCX195N_eev_Uvm21hlywhLG8vfXLYmL7QX0lnD8VIrLm4nhorFrVA42Jk2bHN9HizJ1FD6GrPixh2W6y-g2Wan5CZ2mkX10J30T5GiwGxcbDO2a56xDI06tpr0YfOqftbTH3x0_lcEz&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

390f8310f2f5339696a641868baaabe2463bf9ad5640bc28d63b77da01b03314

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:31:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1661117479645305-11474253532050322974-vla1-2969-vla-l7-balancer-8080-BAL-7265
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sun, 21 Aug 2022 21:31:20 GMT
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sun, 21 Aug 2022 21:31:20 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
216 B 28ms
28ms Ping
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 21 Aug 2022 21:31:19 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://www.tumen.kp.ru
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/232598/getBulk/ 15 KB
6 KB 174ms
174ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/232598/getBulk/v2?dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&date=2022-08-21T21%3A31%3A19.566%2B00%3A00&pd=21&pdh=1200&pdw=1600&pr1=3307587542&pr=1794283843&prr=&pv=21&pw=0&extid_loader=&extid_tag_loader=www.tumen.kp.ru&ylv=0.634516&ybv=0.634516&ytt=362840448958469&is-turbo=0&skip-token=&ad-session-id=2350821661117479275&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.8%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1130%2C%22h%22%3A250%2C%22width%22%3A1130%2C%22height%22%3A250%2C%22visible%22%3A0%2C%22fullscreenHeaderHeight%22%3A49%2C%22left%22%3A235%2C%22top%22%3A3990%2C%22fontFamily%22%3A%22ys%22%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A4%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=634516&available-width=1130&available-height=250&yaru=true&pp=g&p2=gvdq&ps=bxyd&puid1=adv-1661117479231-474&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&puid3=top%3Aregion&puid5=&slotNumber=5&bids=W3siYmlkZGVyTmFtZSI6ImNyaXRlbyIsImNhbXBhaWduX2lkIjo3MjI1NzMsInJlc3BvbnNlX3RpbWUiOjMyMSwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjE1MjY3OTgifSx7ImJpZGRlck5hbWUiOiJydGJob3VzZSIsImNhbXBhaWduX2lkIjo4NTM4NjksInJlc3BvbnNlX3RpbWUiOjExOCwiZXJyb3IiOnsiY29kZSI6NH0sInBsYWNlbWVudF9pZCI6IkQ2dFBHMlgxdzkzNUtrSGk5cW9IIn0seyJiaWRkZXJOYW1lIjoiYWRyaXZlciIsImNhbXBhaWduX2lkIjo3MjgyNTQsInJlc3BvbnNlX3RpbWUiOjI1OCwiZXJyb3IiOnsiY29kZSI6NH0sInBsYWNlbWVudF9pZCI6IjI6a3BfOHNsb3QifSx7ImJpZGRlck5hbWUiOiJteXRhcmdldCIsImNhbXBhaWduX2lkIjo4MTA0MDIsInJlc3BvbnNlX3RpbWUiOjIxMSwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjgwMzAwNyJ9LHsiYmlkZGVyTmFtZSI6ImJldHdlZW5kaWdpdGFsIiwiY2FtcGFpZ25faWQiOjgxMDM0NCwicmVzcG9uc2VfdGltZSI6MTIxLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMzkyNzg1NyJ9XQ%3D%3D&utf8=%E2%9C%93&pcode-test-ids=628986%2C0%2C63%3B634789%2C0%2C97%3B634378%2C0%2C74%3B633794%2C0%2C75%3B622565%2C0%2C-1%3B629073%2C0%2C67&pcode-flags-map=eJytWF2P3DQU%2FSureQaU72T65kk8M9YmcbA9MztFyCrqIpAqhGALSFUlQAjxgIT4J32gUqEfvyH7jzh2Mh%2FJ7np3q%2B7bZHOu7%2FU99%2Fg4zyaCNpQova5IowX9dEWl0mSuqNCsFrwsJw8%2Bezb54dGTp%2BeTBxMlVnTy0eTi%2FPsL9hi%2F4zSN%2FGTy%2FPOPJmxRc0F1xaSkhS6IIrohglRSz7nQa1ZQjog659WMD2Ke%2F%2FTtIOTUi%2BLYhlwTiZQqvqY6XxIhqdJzwStdsvrUmVbi%2B5GX7mPQmsxKxCBNw%2BqFnm11wTf1XaIkWeCKQiUTKHbGlCCK3ifYbqftttuiSCFvCZAGmbcP0K9p0tFrUq6Gq%2Fse%2FgboIEiyw46sJNU13dgKFrXpC4KZquRKrOn2lkyCLIsSRyzJqgY79UFiof2K8foDJZaT%2B%2BdVCLI58HfDigV4uGFqiZbppiTbGclPwetamXGhwkXuJJiiE%2FsMGw4KNMQkarC6pGT%2FQFKEHHEiGfY0DOIjRoyDdXwt3GUOQ5QcFKBnYGRJFnrdCN0IxgVTWz0nueLD2vxRpCTJ9pGkssOypkKie8MiwijxsiE2SsLQYlc1KzkpoD5GNUjVHEMvvnt6fgSLgiycdsnbDZNGssaYcQeOQGifpLTWfCYpGDFq3DePvnhyPkCG6F43QnN2BqGr9ZKyxVLpWrmXjOJw6ltgzle10orrs6WTJ1GWZkFkIVtSF%2FRMixVEqyKsdmqnlwZhPwADwdXzVVnKXKBcJ94Pg9DblzgT%2FBT7g%2FL0QrDCjUzjLLk2YV0wqQSbOeGB7yVdvQ9pHdh0zahhyFhFFtSJjfyo57DFYjnLvRkXhkeCFGwlT%2B4YYUtM3l3CmpQbMtKJK8gw7VtbzM35KRteg4uKVZSv1AAajCQ5jiIv7Gpucl5QIyGS1sq9XowwPXvnHLtMzbjs1jOz64ZHaRpchbO50bKNmdvbGHJDhF0CV46i0LsJjYlTTFqfMedXz%2FTxwrEHX2ChUElR68q4jTURjIy2LBjD%2BgaNJkLQDQFBiruOBiLtumWsiK4oHM6%2B4VQI6FXJF8cx4gE%2B86Kuc3tNhYVYM7ppuHA3PUmTXrLM67rGiZhTiclYOGFpAJyFSdnAKORLajLUDRX5iGfwCwNk7E%2B7WgtaUrgMqAF2aiPgfdCwXvbu4ekyaGfXBch63qcxmuuRusdZFsQdV3YTXcBt5Urn0qmd8dRPsyMtYRK1oz2wtbmpW7oWnYax7w%2BwVn%2BkPfANwRtSFDBK7iBR3Lfa6j12TG0bqkN31tD8%2BGiwKpFjhyWbsRJccS83TZMbkRrmKS9Z7p6uQ4xqVSo2I3WNtHEazxkaz0wRcABuHZ5mQZoe5dEH6WiCM%2B897JIXRGHHgYUgs8D9LsTFO7wLF%2FpwkG%2FsB57r%2FWs0249vQHQFstpw2GwwLlGozCgZq82ew5vnp8ZPY3BuSTqOkwHfltTaH9wrrG11ov04SLqEKkHYXaUMNwkv66hm7LGgc8jY0swky904jHHU8xqVisoomKD1zq41gs7cNgEq4PVCsBtqWDeBXYQtgj6BGYca4Oicp1niT%2F1on49kJg3GpdHHfOnOIomCjqmW2VjOUtEUAJt7CzQI473nZLI%2FAM050t3iQAxngBA2oKO0ELpYNRhN3OMKa7llJ4yCD82S94nnjcy25%2FcFjE41k1RvfGw%2BuDOrsVxdTSkI%2Fa6mihaM2CCdJbkn%2FOZkOhf2XjmpBf%2BgGRV0TqBxu8y6jxR3DGfmBbJazji8w62Y3kkfCI3j03R4gQLcxA786eETiDVYC2F0RlYExviaA3zSC%2BroDjvNDtdhRNjieol7fn7tvSyN3GDsnTxEkGKoFddcoHd4UsjidHy%2Fwp0vzaajW6B5cqwNS6assBxtIVTxVHG3LoRw5dnBWF9dGqZ9WGz35AbCQBXAuTlUnanSeQTibh8nXeN2X4tslP6gIFDMfCUVZsCG0oqeDbvY%2Ft2%2Ba19f%2Fnn5R%2FvypH3Vvr38rX13%2BXP7pn1x%2BTt%2Bvzpp37YvTi5%2FaV%2B0%2F17%2Bipfwz5ftf%2B1rPHgD7D94EY8R46%2F7JTZI48evL776%2BPH5l4%2BePrm4IYwhhf1KUJNquCfdtwN7Dxh%2B%2BfBSc8d%2F%2Fj%2BzCBHZ&use-server-side-rendering=1&pcode-icookie=9wMGzWFiMHtgECEWtdku6d%2Fw%2Fw7vvoL%2FT4qfxUgBXLJr2Ml3cAV07s3WA%2BwbIUMQTTCPMCf24l0NVKhVoQCm0mAXfAE%3D&top-ancestor=https%3A%2F%2Fwww.tumen.kp.ru&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxNDh9CiKjpKisKOmBEFCneJjv7a9rvsY81cJKoRevTgnOjfhG9z4kx_DvVR--WkphSTxV1xKUuMjO3t4oQE8M6DHQxoyBjFKCtslvk79X8Js_mRBKKGWUoUEGMkbtSCAn2sSWaNV0antiqgm5GkaiTyyJbgAPAaKmS4yLFEldcLLEkKQNu2hNwA-gy7lOTZVY6sIW5E-XpHVhsiyS2sS6yFJWgNQE6gKuXzQLtsAGNazzkC7AEgo1_Xm0LnyJLcBc6YoOZOyoBMB0q7LEJV7BdIUZBauCKZFAXw6p63I5EDEtAroKQHpoNYCkCJeDDYmwCBevk09YxMHpQMIrDEjrtohUs0GEjdfhrKxONl4wZPl4GfmZOJkdnCysspWfhdXBy-oAQzYBlig2ykUlXxpjrwkUNVVdtKQLvGgXzDbQrYlGTXtYTIlxgbQk-oErXXrQqmHUBdqoti-KdCiw3B6daYEGYdlHvwxP1XAS06ADf_QDwXQhCXG51QzqZW660DLJDKe64XiRsA8kk3RR6s_qpeXSQw1zoUm3cFoO5_ZeZlg4fJmWltSLYuhnW0ApZYZppmblmU_ZNFkoNMvBLwq4Mso90wyxxcxfpg60puxONAXl2z4Esjwsq6mmE2dnoTB2WakgSbHzwkfIwsTHGCIsqAmFDFHVq4mqd5ELlsfwINX5j5SFD76wCB8nImVwpAwOBwtr5UfiZGQEQ5aRX5qNG5s4O6O0C2vlZUOCiAWZrHAC5ZUNQ0SqkVHm3BmGw82BkJOZQ1xasnILOlHw1kWLmY8BsSQCaVdlB9GJCTn85Q_6dte6fGlFpJze4QB8qWeXDx5ORi50XM6FB8LLHM729eWtShBALFlOv0xTrx6ZCLVUse4EbVpCoVXTeeSVIliZqUe-ISVkathxLXjrBmCqFeKN0dAnq0wTRTzCAPRS35KYE6uayhP_OU1sG3e9MR3y-N9H_pKDqQeOaT30DEKO2p7gSB-xyU53nQeGQ32wpX3smfBk90TGFD6xxVtVrusjmwb7-3uP3EFbuIzDv5reUzvW0W0M8UZdYGKXcs84bmZiqoXA_aBdCo_zGH9kOhDroglMhFOuE9W9pBeEhxrTXz2Vhzyf6NC-wPITTuWJMCx7rk137vb6J2x4-PWW1OTz-peK5kTvoTWT5HTSy9gpeLunkoP897jpOUd1CPJZ5I0MyEufbaekl_R-1D6_xulGYvLIM7Bz0H8tp8PLJVlcI15CNt2cFe2cTgqPvEPcarGOQU1QzrfNfwZ6AocU3bysjXl05WvZOyJ5yu1yxdoWT_sHkAxf51EqeOnCnBR-sVV4qHgQcS_HAJpjXRAgAoww8DCUmSX4XUwSyyA-lEKIeRE892K7jlhOuCSUuHe7KzI0AqAy_z8pW18ijMxOVn94xasQC4cgowqUBpF5GBLEHo8Mg0TlQ8wpwITiMTeNzgfR8PPz8zM5ndn5_RxtnqytPKfrJiNJxDExPQpzAh8JHw83UmmJyo2aFTV8IVlhtwufCbaAqzbRzcbILMHIIY25smPkw4BGoDix2PASzQ08PKxOQozvzB3Wys_GADobl6zq5K9wHfhzDsSE6S2KclJqAu39Mf3WkHjkyyVZi4W71ga0OWhLdNazKfXCsshUTkUnv9odGL1wB_y4mGGfZmtUEfPYj-jntGwYN3YrPfKMURA5egzSbsze2A7k3cOGUfvT2-ql05C28PcGq-F-MYb4EqVTyHH6c0jwu-NLln_N1IWKUk9kIjNQrHKADM8BCtIoypRQ6i0NGhYuVwiq8LGKSSJwSLsrFyPo3JgcKpGNyyUcgJQvuFMlorodzAwOVvalPzuzEEoWwTbDgvOnfgmGVE3z7ZX2jnTJVd_W_QQ1zZ-ltY2HdUfa-gGarJD9cD3DpL4-v-zlBpEdob0G2Gue1kXrPm7tnV0jaPp30ORzrKbEnvvoJG6rZmFjZcDmXhLiQ4-MER4n4WUupcR_6bercqIXxIQcFTjot3JxFua6t-SF4DMIoJYV_ub3obiQh9OH7uvuMCBiQcgVKuo5BJlxFjXcMeF7WpyjRBP2gUPJjVdLWcoPb6ekMnMG3f6mugjQL3LmL4Yfxmz9--alUb_1A5H6hc0YER_xdMJc-YTQg8YI2jowrHWbkr57trdkjPXESmh2-lUAHpc1F3pQQUWFUFaZzhxInZKIEC7kOdGgRotwRt6Zrqb9s40lJDITuaiGhlqAT3FSlSKdIbe-4rckyZZOCwww7IU-9QX3DkT7mMW3aD_Pdzs1TTLfEYdQSLvO5tirFgzRRcuPFgFSBChKviuxv-w4t5WHPNKX7RDJAEU8C-NxXsGal6hFpY9Xhe87_KlGsgKvu_KjYxBAKdBD4Ntu2Lzc1N-iYmfGzsQQZDTBKrhYqR_oNvq39n7Kt4Pv92jKZcbmSVTSkW-Ho6aSaRLQnMSpP3G33Q3CraNPQ62Hb9uaPIEuOtBLp95yvsSpDTdv3nVIvRG09kiOX7EzrkPAWlk_3bE-7Ez1TJTtyAx3fmDJT_vU2dS1-VVtbEV_k9e10WHt6pXFf4XpKUvy1OpNMDIEE_0mFM0wZ1HPkSYr7NbWn69h9-9Nb1mdjoZFR_O2kBRyzAtusQNwbCH4rkEK19F6EmuOCm_BA1nY6dkObBx3rR0yNfruAP5qwgXEJely1TaYN8bidalCfC1fsZuYN9AMKZ5IFkqnqP7hrH3l9Ytwfj9icolqcqiY78mVeM_iTkzNbZ-b_od7VHy929bsJyfW0cTfB0dEO_wOlpC_ek4cniBqz9qmErXVVIR6QvNf_lLgLu2rUPPY4fO6NMpWiMnU1jN3XVHmi7mUhVWKaP7nSWQp1aH-sVCz15d6SK64LwgfIXWz1ClcoMBEg44S7b_9Wj_2Fe9CRMNVaAe-H1qhW_nUCpaxOLgu41H6zzcIrAU43mMBORtk7CLNd_O6Di2GMjIsWUf1Fya4N2UMH18Cow8F7KfK6GNi30V15GE_2qWjbB-St234g1vvMVvJr2sjR59l8ydQTmQfv-SWlPyNm2Cspql_FGS34UnwOLyRL5vIrsHOyuoQO__ULU9hU6HCyMaPK-wQaRp_RH379gFRJn-tVm7Nh4YxnZ8-2Zpm4IsjH2d_E5w62INU3rpwi_2Axe4lBQScuWxjEVYbENQA_kuc0nq0k771R6eCxvfPNZmQ1CtOWlmimR_Y1pu29l-IimQARv3HOZ91ImjXjqkjC81looeILKHyfaUXOeV9oIbr3nU9Zuo3UhqHKzy2daCeIbfSzGNPTOXdb3wlNfVzzrX4uPOvR3aVdvksTdN9yRFl-qpY6mWlR0kV8eN_9vOyv1Whuwmoi-f88s_SzmXfOD2BPx_aG6bQbqPBGqgCuV2iviYjmrsUMUbAynxWxNVHqxtJlP9ZbHUDTEXDyc_EwsjC46iCPDyc_Lzl68-DbyFYS31uG9_D8BicDZIxTF6qRYNoD_nmUm32wKK8x2cPm-EuvbwTQ-uqzWX-0HXOjWNqP9pEocVjfz9Cklum5nyl6rwEYB9MWtLygr0Uj-evwTi2--ekT0s7c5WbWgzOYnjG-ZytzK1VqiKLOWZodr83xcct20o5Fsu4dszrbm5uGD94P-MMrVI9okH3JH_mYsPlzMXvxKcImZExK2o78z8sP9WXUlEDVy4udcfDf6VfJjgTJ28w9PVtMusyn4er7xInjdQtUyCEiJyVzezidj_qtqACLjyP61_m5YG0qJupKof_kknW-P-WKwJCsRhSnHhG8LDWmxJ-kkcd-XS92054mW16sn8JvLrcqlkfshOSVDSuUF1PLwPLx-hYCO9SXuMPab-gWvON0VbxfnRTrbS97BDcFKjFwCvMtBBKsxtnCtEM7A7iGxZob_DT_3U8ZCmcZ8CX2EF3h2UdeKEswodF054-OrzhPLh-aFsjhkV6uOqezbYKOytwVPNDcV8YElNSxBNCGgOvB4zYnjC_tAz_VekUsLEMw3EcN4eWyoutwLwnpj97TNnbtTZX1zIpOTKV_1IMMlOHsxEs2WbRdJv6E16tP6wFX3xRdoDy2rXiOKcWVQxtS09LtPkBjx8wd_tupMengf5hyVZEfJ4cxj9Kzd0wpbJ_V3QqhjaE0TD-_d46htPuO5a1_xLTJdHnbgijWWfOadz3nDaT2Kz-HSRtOVD2SbR10RtDorazp9Q8exg6nM7fPVKNm_8SWYskWF358fSsgqs8y08ObvZ5NrQheeFr11qNbnwfxm9nTPc9Nn1EhhkfM_qH0DQhmZoUrQmk24WDnTnr-Pcuf7IDf8OQ0kfaz0eFGXLYpCH6nnUfiqf-QzFsqkTTslPlKhHLphdMgJoWuYlAAg-IAC_UUoAWvczM9fPXafuxk31bKDiQzV3jkREK3Dz_EQXvJ2YpduIiYbvdTdmJZnrIbpbE6xO935eL8E63dH9zZ-sIkc9VmedL558uY9gumxVTOEGUHyJAtX3ZFqbhD0hXBmKbKpXyh5GPTYqVpgvfS1NYhMutImCpChV2bPB4MDNLY1u0_PyOdQMu8UhYzx0Q2laCU6xyY-RGzoExq6AiNvsixAMPKScHhmP81ZZb3bhLiaKwg5ONV4lLLJUXIzczsk1pMWLl3wc-fAtJBTISlZsJoCgwoP4OFJhIvqXailPWlQ2Rqk3XMpp2FG1nA2u8VTFB-jhYov3yji_eum3t86Zs84Aai9Rf3zyhg_Qml7ZouvUqskyE9g2Ll75xI0SHlgmTrPAkcKHJh_yvWIq0TCUMZGEUfelZWI3ztfruOB69Wpc1OwVdXa6Lfj8STND10znnpFGugMPeEqQkocYC_LbTJhIkqBf2KJUclOgLWgQ9cNojcfjfjVioTttBuTjhokuSq8GYcbHBFMUOnqylyXtL3NxgSk-foWQF2SvKWnJoXSdpS7OPNCX195N_eev_Uvm21hlywhLG8vfXLYmL7QX0lnD8VIrLm4nhorFrVA42Jk2bHN9HizJ1FD6GrPixh2W6y-g2Wan5CZ2mkX10J30T5GiwGxcbDO2a56xDI06tpr0YfOqftbTH3x0_lcEz&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

241a27256d57c298a48e81c98e1c1d218f153b814feb196f7a6d261f4c78c7bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:31:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1661117479645826-13852906384128671293-vla1-2969-vla-l7-balancer-8080-BAL-5762
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sun, 21 Aug 2022 21:31:19 GMT
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sun, 21 Aug 2022 21:31:19 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 0ECD 83 KB
28 KB 83ms
31ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/634516/50f6fec73e5faaf073e7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef7ba5e1b255053d409880374b1d1e76e52c337275c3171fe0f7f9b663526270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:31:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28488
x-xss-protection: 0
server: sffe
etag: "1310 / 821 of 1000 / last-modified: 1660946721"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 21 Aug 2022 21:31:19 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
54 B 87ms
87ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=d82e2d4619438654&pm=bmo&pxo=b1-I39oxNaWy0KPlvAZlI6rwkdwnTQHSQ_dTOONXD7QL8Hlftnu0i7DzC_NKpChMMgcGMu261mRr1h17-26Jv2SMTQxTQdIezOX9USh81NMlMf1LuUqK8f2nMMfkMk8tTR24I5lD5pNL3BbRNo568R-B7FGUJOg0JFTTJ52NBf0EeYjBaA%3D%3D&p5=gwdbk&ad-session-id=2350821661117479275&utg=oxum&lts=fjvaojv&ytt=362840448958469&ybv=0.634516&ylv=0.634516&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3F&rtb-si=b&p2=gftf&rand=mzuvxzc&sj=-Wk0Ll2dB4dXHNo7mszdU-yUZS0mAezPvX-idJy3wPdaXmAcZ5m46HaqBd7YKg%3D%3D&puid1=adv-1661117479225-973&pr=fvalebb&p1=cdinl&rqs=JtBLxzwtFBwnpAJjqpNtjkIztRsXjRv3

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 21 Aug 2022 21:31:19 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
1 KB 84ms
33ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Alegreya:wght@400;700;800&family=Roboto:wght@500&display=swap

Requested by

Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/634516/db43d90b1e90506e1e6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b9626a32ba37b0590508877b518afb8e18c1623278119b425ba2e3d14d39c4fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 21 Aug 2022 21:31:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 21 Aug 2022 21:31:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 21 Aug 2022 21:31:19 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
18 B 87ms
86ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=387a3107944dc2d5&pm=cyz&p5=ljjmt&ad-session-id=2350821661117479275&lts=fjvaojv&ytt=362840448958469&ybv=0.634516&ylv=0.634516&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&rqs=JtBLxzwtFBwnpAJj6VQtuNiEewnQRwpl&pr=fvalebb&puid3=top%3Aregion&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&p2=gvdq&rand=ijhsxpe&sj=t8-p1vM6ui9qXk-0P7h5RIdeVcC31XFfX7endZqMEYW9O-dZ8j1QCMd1ktSfdA%3D%3D&puid1=adv-1661117479231-474&p1=clerf

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 21 Aug 2022 21:31:19 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 5191335_5.5a1c10449bf6ba3fb79322a26dc59f6f.jpg
banners.adfox.ru/220701/adfox/1877475/ 66 KB
67 KB 438ms
133ms Image
image/jpeg 2a02:6b8::2:158
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banners.adfox.ru/220701/adfox/1877475/5191335_5.5a1c10449bf6ba3fb79322a26dc59f6f.jpg
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::2:158 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: a81ae4dd7742b736f41e6e382827ab3672728b6f7f529ad5c72d6d6e79861484

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:31:20 GMT
last-modified: Fri, 01 Jul 2022 12:23:23 GMT
server: nginx
x-amz-request-id: 485a4973d6e7533c
etag: "5a1c10449bf6ba3fb79322a26dc59f6f"
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
x-amz-version-id: null
access-control-allow-origin: *
accept-ranges: bytes
content-type: image/jpeg
content-length: 67614
x-nginx-request-id: a52973d55895dd16

GET
H2 200 5191335_9.1366b90e36296da712c6488fa46b6f41.jpg
banners.adfox.ru/220419/adfox/1877475/ 26 KB
26 KB 547ms
242ms Image
image/jpeg 2a02:6b8::2:158
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banners.adfox.ru/220419/adfox/1877475/5191335_9.1366b90e36296da712c6488fa46b6f41.jpg
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::2:158 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: f76a521d8d893e573ee2def73e397a42f33f937aca5dcfeb77b2e001ea5a7ca6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:31:20 GMT
last-modified: Tue, 19 Apr 2022 13:08:29 GMT
server: nginx
x-amz-request-id: fddc84035247fe8a
etag: "1366b90e36296da712c6488fa46b6f41"
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
x-amz-version-id: null
access-control-allow-origin: *
accept-ranges: bytes
content-type: image/jpeg
content-length: 26361
x-nginx-request-id: 4e8f9a13e725e6ed

GET
H2 200 pubads_impl_2022081501.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 0ECD 384 KB
131 KB 70ms
21ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

6fb2352555371675225ce7b1e1832ac4b1ad8e83dc396d10b70a42dac24addc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 20:40:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3069
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133600
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:36:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 21 Aug 2023 20:40:10 GMT

GET
H2 200 4UaBrEBBsBhlBjvfkSLlx6jx4w.woff2
fonts.gstatic.com/s/alegreya/v29/ 22 KB
23 KB 239ms
23ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/alegreya/v29/4UaBrEBBsBhlBjvfkSLlx6jx4w.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Alegreya:wght@400;700;800&family=Roboto:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6db6653a65bc919f600c1e098b02145b5e62d137fbf99f84ad526692b65cc31c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 14:31:44 GMT
x-content-type-options: nosniff
age: 370776
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22952
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 18:46:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Aug 2023 14:31:44 GMT

GET
H2 200 4UaBrEBBsBhlBjvfkSLhx6g.woff2
fonts.gstatic.com/s/alegreya/v29/ 39 KB
39 KB 260ms
44ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/alegreya/v29/4UaBrEBBsBhlBjvfkSLhx6g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Alegreya:wght@400;700;800&family=Roboto:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92f108fa97f63aa01d67c7c19599f9133ef0e60a11fba74ca137f5b699abd36b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 08:11:36 GMT
x-content-type-options: nosniff
age: 134384
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39860
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 18:47:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Aug 2023 08:11:36 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 270ms
65ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Alegreya:wght@400;700;800&family=Roboto:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 12:56:05 GMT
x-content-type-options: nosniff
age: 549315
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Aug 2023 12:56:05 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 10 KB
10 KB 260ms
58ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Alegreya:wght@400;700;800&family=Roboto:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 12:55:48 GMT
x-content-type-options: nosniff
age: 549332
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9840
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Aug 2023 12:55:48 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame ABB8 83 KB
28 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/634516/50f6fec73e5faaf073e7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b9b5af48e8a2ac9bb2389281786be629dfd71bc35bfb12b4d1af6e9dcf9cc2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:31:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28483
x-xss-protection: 0
server: sffe
etag: "1310 / 44 of 1000 / last-modified: 1660946721"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 21 Aug 2022 21:31:19 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
18 B 91ms
91ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=10fd94424c5348fc&pm=bmo&pxo=u3Aq8ZKt_QXIbpWqFv7Z7QgFaLNX3ZHf6TPqb4jNYrX5OJInn9K7HgwOE-3ws0CtZo1N_yyaQMctqYwX4VwUmu4Fz-ANFfnUzDNanAd4sNlA4YyCmd7M83JM4Fvqk3E0AWSMJQNkfMSRhCkZIFWSflknr-4swZ_RKMlTu7sLKBxd3uWH&p5=gwefg&ad-session-id=2350821661117479275&utg=oxum&lts=fjvaojv&ytt=362840448958469&ybv=0.634516&ylv=0.634516&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&rqs=JtBLxzwtFBwnpAJj9e_wh4BQds0wfXep&pr=fvalebb&puid3=top%3Aregion&rtb-si=b&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&p2=fxjd&rand=jtmqbvn&sj=f3Jkp7KZP1s632iJN9xikP8TgP5HMPhFS8QclZDLHW02fE9wlfqwOhcH-nrAKA%3D%3D&puid1=adv-1661117479229-901&p1=cavko

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 21 Aug 2022 21:31:19 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 0ECD 107 B
792 B 88ms
35ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.tumen.kp.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 21 Aug 2022 21:31:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 0ECD 107 B
549 B 82ms
31ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.tumen.kp.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 21 Aug 2022 21:31:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 0ECD 15 KB
8 KB 369ms
325ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1245854457398898&correlator=748209905945871&eid=31062930&output=ldjh&gdfp_req=1&vrg=2022081501&ptt=17&impl=fifs&iu_parts=94805857%2Ckp.ru_4_small&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=1&adks=4130042211&sfv=1-0-38&fsapi=false&cust_params=kp.ru_4_small%3Dkp.ru_4_small_7&sc=1&cookie_enabled=1&cdm=www.tumen.kp.ru&abxe=1&dt=1661117480068&lmt=1661117480&dlt=1661117479635&idt=278&adxs=1410&adys=389&biw=1600&bih=1200&isw=160&ish=600&scr_x=0&scr_y=0&btvi=0&ucis=chvgucv9qfvg&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fwww.tumen.kp.ru%2F&top=https%3A%2F%2Fwww.tumen.kp.ru%2F&frm=23&vis=1&psz=160x600&msz=160x-1&fws=256&ohw=0&ea=0&ga_vid=73233607.1661117480&ga_sid=1661117480&ga_hid=253577626&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

5870a3c541d2914a173d7441227b987b0c4b82929d7244e22d9a3953599e0b00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:31:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7949
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 0ECD 14 KB
11 KB 109ms
54ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022081501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1f392c6261976d6a124453ce57ff1e4b0ee8cdd389c195519cc41dd049693fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 21 Aug 2022 21:31:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11200
x-xss-protection: 0

GET
H2 200 container.html Show response
a1bed8a6f1f6460a2546120b6d18cd8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2F03 6 KB
4 KB 97ms
30ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a1bed8a6f1f6460a2546120b6d18cd8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 21 Aug 2022 21:31:20 GMT
expires: Mon, 21 Aug 2023 21:31:20 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 607912ce0bbdc533bd357dc99af092f34783fee7f24f7fc16ece184018a7441b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 pubads_impl_2022081501.js Show response
securepubads.g.doubleclick.net/gpt/ Frame ABB8 384 KB
131 KB 21ms
21ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

6fb2352555371675225ce7b1e1832ac4b1ad8e83dc396d10b70a42dac24addc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 20:40:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3070
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133600
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:36:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 21 Aug 2023 20:40:10 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 0ECD 17 KB
7 KB 87ms
34ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:31:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 21 Aug 2022 21:31:20 GMT

GET
H2 200 text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ 25 KB
26 KB 69ms
69ms Font
font/woff2 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.tumen.kp.ru/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:31:20 GMT
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 26004
x-nginx-request-id: 921b268b7635c22e
x-amz-meta-owner: {"role":"admin","login":"4eb0da"}
last-modified: Mon, 25 Apr 2022 14:02:39 GMT
server: nginx/1.17.9
etag: "7f0cdaf91230f9789ca4162aedff612e"
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31556952
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Aug 2023 03:20:03 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 158 KB
56 KB 283ms
141ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

57cec8cb1c21ca4fe77d7bea18d3c0ed021451f77ced06a20aed3457758cef0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.tumen.kp.ru/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:31:20 GMT
content-encoding: br
last-modified: Mon, 15 Aug 2022 15:05:51 GMT
etag: "62fa369f-de6c"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 56940
expires: Sun, 21 Aug 2022 22:31:20 GMT

GET
H2 200 y300
avatars.mds.yandex.net/get-direct/4376118/vW7xju_s-um4rcdAgy-gog/ 23 KB
23 KB 251ms
123ms Image
image/webp 2a02:6b8::184
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/4376118/vW7xju_s-um4rcdAgy-gog/y300
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: ce2b20b494c35ea84e96f3ea4d4b689bfbb362c86c287ab20915ef8f4531d734

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:31:20 GMT
last-modified: Fri, 04 Mar 2022 09:58:36 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23292
x-request-id: 1fc67b95f91cf156

GET
H/1.1 200
Ok axcapital.ae
favicon.yandex.net/favicon/ 1 KB
2 KB 211ms
70ms Image
image/png 2a02:6b8::36
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/axcapital.ae?size=32&stub=1

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

f91433cc68751743758f6f05305ae4502b2e8566a88fa3fe79b2a2a6cf7e9a59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2 200 d02a7e999eab85d7d74a.js Show response
yastatic.net/partner-code-bundles/634516/ 39 KB
11 KB 68ms
68ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/634516/d02a7e999eab85d7d74a.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

a1552feb4b5fb278a311065529c1400fba11d04257a8dbd08d0f4305aeeb5b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.tumen.kp.ru/
Origin: https://www.tumen.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:31:20 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 10988
last-modified: Fri, 19 Aug 2022 14:19:07 GMT
server: nginx/1.17.9
etag: "88095f79ebd1cd2ff20d0d4503fc9487"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Aug 2052 04:06:52 GMT

GET
H2 200 render.html Show response
yastatic.net/safeframe-bundles/0.83/1-1-0/ Frame 0080 24 KB
7 KB 211ms
76ms Document
text/html 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/host.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
content-length: 6262
content-type: text/html
date: Sun, 21 Aug 2022 21:31:20 GMT
etag: "eb77de48712912aadc9aa8171ac75ede"
expires: Wed, 21 Aug 2052 04:03:46 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
server: nginx/1.17.9
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame B09B 83 KB
28 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/634516/50f6fec73e5faaf073e7.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d05137d13f5a76da2788bb2da3c0c9c9a08a4c3d490ecd68f2a1da369f33afe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:31:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28559
x-xss-protection: 0
server: sffe
etag: "1310 / 103 of 1000 / last-modified: 1660946906"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 21 Aug 2022 21:31:20 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
66 B 81ms
81ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=7b7d29705150aefa&pm=bmo&pxo=uTXfailA9cPP9MgV0bM_A_QdqQnoTXHZYG8Nr5Fp9ncOY1JxNF2MTuW28KPvGSK_SipI8ad71stUqtEPClcXnq4IoYvF1NzXpoXU0SwNREvtDEPUgsQK3oTNpOpy439lcufBac2c2JPhsnAv-xN1tRslI2h3pVoEngynS9JDmnO5Lq6WTw%3D%3D&p5=gwaok&ad-session-id=2350821661117479275&utg=oxum&lts=fjvaojv&ytt=362840448958469&ybv=0.634516&ylv=0.634516&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&rqs=JtBLxzwtFBwnpAJjkMspRvr1z5asShOC&pr=fvalebb&puid3=top%3Aregion&rtb-si=b&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&p2=fbao&rand=ecpbubj&sj=hK9DOIbdADiqWSggKKqinApF_glqbP8Lx3Rht0YiEb_CWjOheRMo_NytzgH4Tg%3D%3D&puid1=adv-1661117479230-254&p1=bufhv

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 21 Aug 2022 21:31:20 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame ABB8 63 KB
24 KB 22ms
21ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

d2051a9373e01b111211247251572fb685a8fa7e9fea2255619256d4714e0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1524
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24193
x-xss-protection: 0
server: cafe
etag: 6858204432399944515
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 21 Aug 2022 22:05:56 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame ABB8 107 B
122 B 78ms
31ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.tumen.kp.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 21 Aug 2022 21:31:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame ABB8 107 B
122 B 80ms
32ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.tumen.kp.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 21 Aug 2022 21:31:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame ABB8 115 KB
34 KB 391ms
390ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=480539799936302&correlator=2780442290464955&eid=31068458%2C31068927%2C31069041%2C31061691%2C31061692&output=ldjh&gdfp_req=1&vrg=2022081501&ptt=17&impl=fifs&iu_parts=94805857%2Ckp.ru_5_new&enc_prev_ius=%2F0%2F1&prev_iu_szs=240x400&ifi=1&adks=56130060&sfv=1-0-38&fsapi=false&cust_params=kp.ru_5_new%3Dkp.ru_5_new_7&sc=1&cookie_enabled=1&cdm=www.tumen.kp.ru&abxe=1&dt=1661117480358&lmt=1661117480&dlt=1661117479837&idt=505&adxs=215&adys=1298&biw=1600&bih=1200&isw=240&ish=400&scr_x=0&scr_y=0&btvi=1&ucis=zc1j6uvxmbbb&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fwww.tumen.kp.ru%2F&top=https%3A%2F%2Fwww.tumen.kp.ru%2F&rumc=480539799936302&rume=1&frm=23&vis=1&psz=240x400&msz=240x-1&fws=256&ohw=0&ea=0&ga_vid=869192715.1661117480&ga_sid=1661117480&ga_hid=778611891&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

f15e500cee8043a682a05f5224f20f0d3a3d0c3f35a5dbb19b5ce94724a89817

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:31:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34382
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame ABB8 14 KB
11 KB 108ms
63ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022081501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66ad1c636e919351c86895ea3f4f01d96705531d6427cb9dc11c026fe2294e55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 21 Aug 2022 21:31:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11185
x-xss-protection: 0

GET
H2 200 container.html Show response
6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EE34 6 KB
3 KB 95ms
34ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 21 Aug 2022 21:31:20 GMT
expires: Mon, 21 Aug 2023 21:31:20 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 49A9 13 KB
5 KB 68ms
21ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3014
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 21 Aug 2022 20:41:06 GMT
expires: Mon, 21 Aug 2023 20:41:06 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A44B 783 B
1 KB 87ms
34ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1c2ef4d09fa856c0140a94576b6eb9befdff39a8e994c346eaf02d132424ea5b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vnCPlsQKVinazVeKdQCPrQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-vnCPlsQKVinazVeKdQCPrQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 21 Aug 2022 21:31:20 GMT
expires: Sun, 21 Aug 2022 21:31:20 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 pubads_impl_2022081801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame B09B 384 KB
131 KB 21ms
21ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081801.js?cb=31069060

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

c921b4351a1ae90dcc7a30a01fbc1e169d57e9f4451d55a840438fb13e7c1cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:43:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20856
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133681
x-xss-protection: 0
last-modified: Thu, 18 Aug 2022 08:36:47 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 21 Aug 2023 15:43:44 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame ABB8 0
20 B 103ms
56ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&su=www.tumen.kp.ru&doc=complete&pg_h=400&pg_w=240&pg_hs=400&c=1&aa_c=0&av_h=400&av_w=240&av_a=96000&b=0&all_b=0&d=1&all_d=1&ard=1&all_ard=1&dt=d

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame ABB8 0
327 B 156ms
64ms Ping
image/gif 2a00:1450:4006:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~l73ugix8&c=480539799936302&e=31068458%2C31068927%2C31069041%2C31061691%2C31061692&ctx=1&met.9=1.97~2.e2~9.0~3_1.ek~7_1.0&met.10=1_1.IJYEEAAIgO4FGICYdSgA&met.1=1.l73ugihp~14.5~15.0~16.5~17.5~18.5~19.6~20.6~21.6&met.3=113.fk_2~112.fj_3
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4006:812::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:20 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame B09B 107 B
122 B 32ms
32ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.tumen.kp.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081801.js?cb=31069060

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 21 Aug 2022 21:31:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame B09B 107 B
122 B 31ms
31ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.tumen.kp.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081801.js?cb=31069060

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 21 Aug 2022 21:31:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame B09B 118 KB
44 KB 424ms
423ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=490681984290065&correlator=3659150828722867&eid=31068829%2C31069060%2C21068767%2C44770639%2C31068919&output=ldjh&gdfp_req=1&vrg=2022081801&ptt=17&impl=fifs&iu_parts=94805857%2Ckp.ru_2_new&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&ifi=1&adks=3886855702&sfv=1-0-38&fsapi=false&cust_params=kp.ru_2_new%3Dkp.ru_2_new_12&sc=1&cookie_enabled=1&cdm=www.tumen.kp.ru&abxe=1&dt=1661117480461&lmt=1661117480&dlt=1661117480301&idt=139&adxs=1100&adys=486&biw=1600&bih=1200&isw=300&ish=600&scr_x=0&scr_y=0&btvi=0&ucis=ws76tvbjz5hw&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fwww.tumen.kp.ru%2F&top=https%3A%2F%2Fwww.tumen.kp.ru%2F&frm=23&vis=1&psz=300x600&msz=300x-1&fws=256&ohw=0&ea=0&ga_vid=276992746.1661117480&ga_sid=1661117480&ga_hid=985135977&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081801.js?cb=31069060

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

5e4d3c38e0392366ee5763b010c680825685502e897d7cf871a9208de2b470b9

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIK-7Orw2PkCFUfpuwgdFdUBvA&gqi=&layout=/sadbundle/%24csp%253Der3%24/3163706257327840831/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIK-7Orw2PkCFUfpuwgdFdUBvA&gqi=&layout=/sadbundle/%24csp%253Der3%24/3163706257327840831/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44612
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Sun, 21 Aug 2022 21:31:20 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B09B 14 KB
11 KB 54ms
54ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022081801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081801.js?cb=31069060

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea19acf85c05cc6c1119f4d75d6a2e75e66bec1f8c306b1a05f5d739c15532a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 21 Aug 2022 21:31:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11074
x-xss-protection: 0

GET
H2 200 container.html Show response
ebcd602ef315b7dcb31a5232527e0c7a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1E2C 6 KB
3 KB 51ms
36ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ebcd602ef315b7dcb31a5232527e0c7a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081801.js?cb=31069060

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 21 Aug 2022 21:31:20 GMT
expires: Mon, 21 Aug 2023 21:31:20 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
a1bed8a6f1f6460a2546120b6d18cd8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8125 6 KB
3 KB 75ms
31ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a1bed8a6f1f6460a2546120b6d18cd8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 21 Aug 2022 21:31:20 GMT
expires: Mon, 21 Aug 2023 21:31:20 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 event
ads.adfox.ru/232598/ 0
18 B 83ms
82ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=151e8ee1df18168e&pm=bmu&pxo=b1-I39oxNaWy0KPlvAZlI6rwkdwnTQHSQ_dTOONXD7QL8Hlftnu0i7DzC_NKpChMMgcGMu261mRr1h17-26Jv2SMTQxTQdIezOX9USh81NMlMf1LuUqK8f2nMMfkMk8tTR24I5lD5pNL3BbRNo568R-B7FGUJOg0JFTTJ52NBf0EeYjBaA%3D%3D&p5=gwdbk&ad-session-id=2350821661117479275&utg=oxum&lts=fjvaojv&ytt=362840448958469&ybv=0.634516&ylv=0.634516&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3F&rtb-si=b&p2=gftf&rand=gckekyi&sj=-Wk0Ll2dB4dXHNo7mszdU-yUZS0mAezPvX-idJy3wPdaXmAcZ5m46HaqBd7YKg%3D%3D&puid1=adv-1661117479225-973&pr=fvalebb&p1=cdinl&rqs=JtBLxzwtFBwnpAJjqpNtjkIztRsXjRv3&resp-time=850

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 21 Aug 2022 21:31:20 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 1MrObjBW0Hu200000000U9nJLBlWVTn6LqJ6S0NxNQliIcjdI_KbJCaCGE094mcLSBph7TkNni2GoWWKprp1FbCN95ug0-JL9W29LaOGsGcI1G8cXfcCef4GzaB69oOGrah6MVeGrbx63Nlv68w2-MSPcO4YLnb1MkyoCiWmCFrbdCN4m32N2IIobEaKK7ejqoyW-... Show response
yandex.ru/an/rtbcount/ 43 B
483 B 74ms
74ms XHR
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/rtbcount/1MrObjBW0Hu200000000U9nJLBlWVTn6LqJ6S0NxNQliIcjdI_KbJCaCGE094mcLSBph7TkNni2GoWWKprp1FbCN95ug0-JL9W29LaOGsGcI1G8cXfcCef4GzaB69oOGrah6MVeGrbx63Nlv68w2-MSPcO4YLnb1MkyoCiWmCFrbdCN4m32N2IIobEaKK7ejqoyW-opJVo1uolG2AFAAIU1lxAtI5UoC3FSz0tYFFsDb-ClK8Gnq23ChK6alioAGdCeCCc8kCnF8SY2f0BARPIDpTgLnvOtJynLECglPh3WXroUaS1MiyYwO_CdiuCGFTkOi5WMl4YUVYgho4ZUdyhm2HwyifnHlLwS0LzsG-3oJC8C0tuKiqg4GnIjOfcvYtC72Te25yIOBn9iVx1-od3q30c_itxA0F3k1jRNXH4FRWQ05h9mdMJS_uG2hky3QiA29vIQhseghkslStSE-ie8ysi7Mm3A1RTc2zRlEBE_kafd1TkLmy0AstPiUlkbwyUdFUiQLR32p3x1vd61ZViJ6wrhfOXMObLTiMfgUPFwI3UQAdt3MHFR3yfMJClFVsCzYPpCpDZ4rDDl0tg2mWvtn1Bl80_Q71wwUx7pnRcBM3_Q5nWqSMzyR0022Ywec

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
last-modified: Sun, 21 Aug 2022 21:31:20 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sun, 21 Aug 2022 21:31:20 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame ABB8 17 KB
6 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:31:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 21 Aug 2022 21:31:20 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B09B 17 KB
6 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081801.js?cb=31069060

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:31:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 21 Aug 2022 21:31:20 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A44B 0
0 57ms
57ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022081501&jk=1245854457398898&rc=
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H/1.1 200
Ok d.png
ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/ Frame 0080 95 B
400 B 214ms
67ms Image
image/png 2a02:6b8::5:114
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::5:114 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sun, 21 Aug 2022 21:31:20 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=315360000; includeSubDomains
X-RT-IH: 0.0001
Content-Type: image/png
Cache-Control: private
Connection: close
X-RT-IQ: 0.0001
Content-Length: 95
Expires: Mon, 22 Aug 2022 21:31:20 GMT

GET
H3 200 BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js Show response
pagead2.googlesyndication.com/bg/ Frame 49A9 36 KB
14 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05c5075000686afbe94405f7a3e0b905f02af001ec3174556fd1e07aa0c7c59f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 13:10:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 116470
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14190
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 20 Aug 2023 13:10:10 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 96FB 13 KB
5 KB 29ms
27ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3014
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 21 Aug 2022 20:41:06 GMT
expires: Mon, 21 Aug 2023 20:41:06 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 328D 783 B
536 B 86ms
33ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e135dbbab0c302a372df8295141cb5aea488ad8ce99cb9d4aaac3cec4b5307fc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-p-44n7V9crxUkUFONUfzSw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-p-44n7V9crxUkUFONUfzSw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 21 Aug 2022 21:31:20 GMT
expires: Sun, 21 Aug 2022 21:31:20 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4F67 624 B
974 B 95ms
34ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYwNPDmAEwAQ&v=APEucNUn86UfMThj0a25gZTCdMgN92PgvLRtmw7Qty-tLi-2Vhm0--w_TmVgUprmxDbYigdx1_LNHSeZdhbFMr3sJ2bFM5Bwcr2yw3G7vhlw8Cv8u5zEpuLNgW_FGUuJEWi9GqBErm7UcvGP5ieSAGSP91PuJfUgnZI-1r0HSwkyXHf50acshjg

Requested by

Host: a1bed8a6f1f6460a2546120b6d18cd8a.safeframe.googlesyndication.com
URL: https://a1bed8a6f1f6460a2546120b6d18cd8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a1bed8a6f1f6460a2546120b6d18cd8a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 Aug 2022 21:31:20 GMT
expires: Sun, 21 Aug 2022 21:31:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8125 80 KB
34 KB 114ms
54ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A_Ev08mD2rIygznzv-gk-C5fyJqoj0kIM5JfnyhzdPSPEk-orUbpaycGJlDlC3HNwAZA5cs8mmwYwEOwg0HC6lLl8Gaw&cry=1&dbm_d=AKAmf-CitES9JJsgmaUv2-ir4zsxGffQFWLyUq5ycepNv5JdGXBvVxy8BKM02h7NFdarf74NedOpIyNBSNgcdRF3-QwtkdzGov_TVyNpKdPActuFsXO3zdMuFitUoOts3ixtVbEG6okGI33-kWIDIYOJ4dsY8csyh_9_XDzHuEzBjFFkh97U5XUUplg74uLr_Iyz5IM8QMOdtjs287GVfyVrC1HDcJ9VBnnSbp-8ImSh1BHbomEHNj9O7vHoXBtJp8WrRtAtEN94eaBtcPpkguUcHRSgTDLMPCNo9yKsoF1Z-oHgVg7oujrtgVgDsRI_P0_wE2LGe0gIdCcxsoz5EeqEPQ9y5rv9vR8h2IJHywgiTifROLTwkIWjc2WnlaxxSw0rYuQjT0cF4wrd4v4G5Ob8qLrQnFFRPpbh7n9D3HdWKpMQqfs2YUI-WaUs33hkK3x7M44WUPiIBD9Chv-lyKQFqB_6M3SeQiCVyvYg5D351nx_QuSDIAqNkJP80v4pSvu7VtaZd1n9XNxzGKF0c-UNh-az_G54pDOdfQXxf3XxSk3M2IeJiNMHKoAB7UiDDXeHKQ6xgnWeESk1zQIHGVQxxdk6A4w4QgrUcEaPMUC6J9TZGuXWVSYC2nLfMFEwRkVTEfDw85CH7jvjetAsqOONInNi5eqrSslk-FeA6KBGXFfUKMlHafATE6XNqosqOou60tVLkSPWffJixQN4Cyi2fGZv_QvR_2m-195NMi7Oj__Uod5naarziOSN06BNcwZb6XTP_0v0WFpwzUvbs4Z-Ivz4t1vPqJT0zJwAHpUOk58OlPsnuWWW4J43G_u008UCIyF4zWfDK7STzPaOY2u6-grL9OPTNopJdAPI23cVhbaJSArW5wWUIeN9f588JHv3N86v2sFl-69s32nTBEj5FzAw6tPbF4zSx9spkdxeCKgLpXBl-vgjpc-KIteaGozibDEKlLJm5Wlc9j9Hn2Sco2GtFjnY7TTgvhu_pdEMY2cYeUFG90RFkWVvAC33Z_bMZ7YUXBqDDAhkgdiSqcej4YBwSL4F1iHZngthF6HnM47a9T2lyHR5MrQV5oLni0dhxaCGaedJsbhYBqEvEaop3H6wGa7SlAdOTI2Pb79ybKUkyWK0PbFUpohH756TGd32nV-GX6z2Cgmw75F2r_YJgeNDXiUaopozXrYAc_acSGYHwMI7Juc2DfF5ddTnR4J2QWC37NCsED8SSxbQId2HJA7Rgy-X4XGeqbhYPAcFjZkR38iL4QK-hkgIch08wQXPHQBi-QV1ULUebmMQ3zQhvD_qUja4VbovGCla-vWs3ZdOAtcP4ZCtmQvaiEyXKboyWmQCaTUmdI-1S8upxVE02sj47o1H5HLy4_opr4scA0EO48s_PaM-JAECzbSiTDk3ZSsHl41KJad7OKtCkg5cuNlpUfUNH3b-A8bkgZmHfp3cx_dBe54R2oqwjZK3puGbnP_ox2rOwxYTK2mZ5YJPqiQQ4JUpClwYWUx6F_HmTATuKQ6KTgJ-F28YQboavNnkK4qSfyRpQkaMx4iidtyAqHMbQGf5piJsDLw5kDUIw4RM5osayAHcrXVqrV434VV7yHyeUfXrUY1KWjbStROXSg-o9gCMg69VBsmGKP786lzBJbhjwiuOwG4BesTtcfI0OSOVuzgyaGr66_twyhPulmPDonPxgy-muZSePeWDnBFwk5c0kJaVtkH0xvlgjq01PwjtpoZEeqh3deim4wIJb48ogWJTFKMXqpQoO-e2ZWQ4Pm04Qb5jKJOChxz1zqIbGBja6wfwchAJZPp-aDj0nuNLVSyVGeVqg1pFdptS_X04GD-L5BgNSRUlo2Ez2Bwh2BdLVN3t6-Ki23OR6oyD2Z3aP-62RLW4-QzNhMp9shdDsmo38VepeSK3FvI5BxCe05ytYt7fEe7K4g2FrlOwGHBgRJRUE08CdEsn6jkMaYDckwWEkiTMo7a3fICoK3Uv1ejY7-23yhhw7fJxwdO43beULsw6OXyTmgFPdskRci1BaX0YL20J-0J0omKLr48ELhX7HGtT1U9T9osIw9ZJRnibB-9pGYsLn9LZ1X7MQCSqbnfM3nDBjYYoS9WslvAHMKkQ5sXe9z3LgqyzsnwkBCsQZ_b8SLpeEHcIIZ_Nedb6Q56VF_aQ6YaX6R9ByACtaxkNspdisfzpY7tVMkughSVnj6Ru5MdoGCy8Cesc2z0vVngxSXWe-wTLY9jNJX8ouWT0oD4_UeRPu4oH-QnJMRRtY0OPoKv0-RK_R3XgOq71QjzlRiWnljx4dGXUp1WtoZ0aCapta8lc1T_8UAKceiPPeIMkjNGXshB9JPI6hsUkHFzJZ-BiwtD6YJQM86SxzPsBCFGpaap3gKhB6P9bEhEPjCyIMF8Clm93_L_ov1z7vceQ3wTMLFtGAPy-6Q7JGnu2KQZJEe5w3Ie0tO1dXVBDKg6l5mqgmrtekig_MNWlG7PUZmzlG75E2Klsaccdp6HHMd9FpGy7TUvLOh3OP7qMg5k3sgGJ7Fh1zet_hUx4-2KI0ldbLO6Npp-SHIjTV5r9gY3EvZMuxHuuvdbZpMnPixMXhzHZ1H5Ivg8xUHMJtbKeV0RFY3TYoqqU0kvCt1Ks6Vmq2et9fYgTIMzeTwFOSvcPyJ0IlVkfHXfGXLl1m0tElyuVGMDPRpMvO6RnUuA2zz_DolXW8U7i8AHES9P0JUwPDRZ0PQIqKSRpLXR1JY2GlBKEc2Jpf0DwC2a4t5WpyaA3ghKXe3uSJpxYxqfOggIyW1uj26b7r7M-VhA5VrUYQ8oq7SZxEdIRCQh2cJmwRrzLTARp09gIemjsUTIkLCtRNGr_xRjJKCFnvjFoBj7dN7V5y27q0vSMr9GZKUEiDTMZK3a1bbFMapoE5Kqo2tWxlVgQAtOkM9qJcBPk-RAbkOK1-aRT3Uy1W-BNWL2sZl67PWjbg28w_k2DdkkpdeXZMsYHkSv-4TzRH-rW2zOvbGcVZ7sa0vWHOltw_WCsbGm2ABtvxc7DinlGL3QqGLyvJZYuvuz1wq--XuIru-mY05VvuBRCM258C_LNS2J7me3wwIIu7Crabf8pd6vPDG1lAe25tMfzCClk4w5-zKHwd3gs8K0OMgykoIwSOAfFrULmA2g53M9gNrLneXciOWiNvaweSc_rh0Izo-wWJILsAthmaNnzUJr_HRkNDQfCwDBg&cid=CAASJ-RoRJmGe-qO3zAIlUA9JrUVugp9Kw-iZDVi59stGp6ILnP3ipfMhA&rfl=2%2Chttps%253A%252F%252Fwww.tumen.kp.ru%242%2Chttps%253A%252F%252Fwww.tumen.kp.ru%252F%240

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd777040af92b80ce53195b04bfcc455fc13eb9f131816a48a6c060298d3ab46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1bed8a6f1f6460a2546120b6d18cd8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34322
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8125 42 B
63 B 62ms
55ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DHA9N88M4Lkfhhm52G1qKJN0nWmZkIFXUM-IYeq0eghmlbvM9r4nb0cwnNxUDxrfeMmALNZ-bxlD3tnw1rh9PmmEHv_LogtevSJ_DHgZmjmVLGemQ

Requested by

Host: a1bed8a6f1f6460a2546120b6d18cd8a.safeframe.googlesyndication.com
URL: https://a1bed8a6f1f6460a2546120b6d18cd8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1bed8a6f1f6460a2546120b6d18cd8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 8125 3 KB
1 KB 28ms
21ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/window_focus_fy2021.js

Requested by

Host: a1bed8a6f1f6460a2546120b6d18cd8a.safeframe.googlesyndication.com
URL: https://a1bed8a6f1f6460a2546120b6d18cd8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1bed8a6f1f6460a2546120b6d18cd8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:14:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1018
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Sep 2022 21:14:22 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 8125 17 KB
7 KB 29ms
22ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a1bed8a6f1f6460a2546120b6d18cd8a.safeframe.googlesyndication.com
URL: https://a1bed8a6f1f6460a2546120b6d18cd8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1bed8a6f1f6460a2546120b6d18cd8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:17:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 831
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Sep 2022 21:17:29 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8125 0
0 58ms
31ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSnHJDOpH7XaWaM-4YRLlJr-LwmLylDbNgc8Amf_quoLFnmhCV9SjGUUty2TiyS1wGv_dU2KS5E3JHxpkeFb9paEnykWA
Requested by: Host: a1bed8a6f1f6460a2546120b6d18cd8a.safeframe.googlesyndication.com
URL: https://a1bed8a6f1f6460a2546120b6d18cd8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1bed8a6f1f6460a2546120b6d18cd8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8125 140 KB
43 KB 35ms
30ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a1bed8a6f1f6460a2546120b6d18cd8a.safeframe.googlesyndication.com
URL: https://a1bed8a6f1f6460a2546120b6d18cd8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1bed8a6f1f6460a2546120b6d18cd8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:31:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44050
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660737283953252"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 21 Aug 2022 21:31:20 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 240 KB
74 KB 90ms
34ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WCBNVW

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d8e0fe51325ed812a49bbeb7910c747407c0b92fc64634a583dddb12b28e3cea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:31:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75728
x-xss-protection: 0
last-modified: Sun, 21 Aug 2022 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 21 Aug 2022 21:31:20 GMT

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9737.XgsFcX4r4caqQ0KlSAfMCmFWDrmFoy4rnpyzymceWSJyqfKwd3wk24o5L2uZWz4X.SZtbYz76zxyHcp2grgsFwZwG83M%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9737.5RNPEiAMYEicE30vCNC0q4hzYmUv7aUDJCvCO9KGzOJVmmim9ufP2OOzkKx0w6v2SCYvryyhyGETbRzZUbB4WL63tkvFo83tDcX_ix1ongM%2C.KrZqtAqVRS65ZwatbihkCAIsBpk%2C

43 B
367 B

66ms
65ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9737.5RNPEiAMYEicE30vCNC0q4hzYmUv7aUDJCvCO9KGzOJVmmim9ufP2OOzkKx0w6v2SCYvryyhyGETbRzZUbB4WL63tkvFo83tDcX_ix1ongM%2C.KrZqtAqVRS65ZwatbihkCAIsBpk%2C

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:31:21 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9737.5RNPEiAMYEicE30vCNC0q4hzYmUv7aUDJCvCO9KGzOJVmmim9ufP2OOzkKx0w6v2SCYvryyhyGETbRzZUbB4WL63tkvFo83tDcX_ix1ongM%2C.KrZqtAqVRS65ZwatbihkCAIsBpk%2C
date: Sun, 21 Aug 2022 21:31:20 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EA41 13 KB
5 KB 27ms
26ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3014
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 21 Aug 2022 20:41:06 GMT
expires: Mon, 21 Aug 2023 20:41:06 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DB45 783 B
537 B 34ms
34ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bdcc907fad66ec108bfe0ec231d728d9aacbb937ed3185fd0d0e9d764b4d2e8b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Krj5ZkgfWS79V9O5qvw7Tg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 515
content-security-policy: script-src 'report-sample' 'nonce-Krj5ZkgfWS79V9O5qvw7Tg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 21 Aug 2022 21:31:20 GMT
expires: Sun, 21 Aug 2022 21:31:20 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js Show response
pagead2.googlesyndication.com/bg/ Frame 96FB 36 KB
14 KB 27ms
23ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05c5075000686afbe94405f7a3e0b905f02af001ec3174556fd1e07aa0c7c59f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 13:10:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 116470
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14190
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 20 Aug 2023 13:10:10 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 328D 0
0 58ms
56ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022081501&jk=480539799936302&rc=
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 4F67
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDQgWtuZgTPZ-97VScALy90&google_cver=1

43 B
912 B

69ms
45ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDQgWtuZgTPZ-97VScALy90&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYwNPDmAEwAQ&v=APEucNUn86UfMThj0a25gZTCdMgN92PgvLRtmw7Qty-tLi-2Vhm0--w_TmVgUprmxDbYigdx1_LNHSeZdhbFMr3sJ2bFM5Bwcr2yw3G7vhlw8Cv8u5zEpuLNgW_FGUuJEWi9GqBErm7UcvGP5ieSAGSP91PuJfUgnZI-1r0HSwkyXHf50acshjg
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 73e6799f4d239217-FRA
pragma: no-cache
date: Sun, 21 Aug 2022 21:31:20 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HVTVFz4hT0f%2BHEJxaB9hlMhgJl5LWyv8scdWq1koTq7EXXH4MO3tBxfjrnY5F6ZWjw%2Bl%2B5RxQBF9HS11GnZKKk0iqN%2Fr3hrqFeVhI%2Frt5v3CaNIRIXyiAoQj1DNm6HCGo3tuUGNPnWKtEw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:20 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDQgWtuZgTPZ-97VScALy90&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 4F67
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YwKkKIrDN4yCj3s9E4SaFgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDyilaSK0t7kJiwb7woPdag&google_cver=1

43 B
908 B

37ms
37ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDyilaSK0t7kJiwb7woPdag&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYwNPDmAEwAQ&v=APEucNUn86UfMThj0a25gZTCdMgN92PgvLRtmw7Qty-tLi-2Vhm0--w_TmVgUprmxDbYigdx1_LNHSeZdhbFMr3sJ2bFM5Bwcr2yw3G7vhlw8Cv8u5zEpuLNgW_FGUuJEWi9GqBErm7UcvGP5ieSAGSP91PuJfUgnZI-1r0HSwkyXHf50acshjg
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 73e679a03dfb9217-FRA
pragma: no-cache
date: Sun, 21 Aug 2022 21:31:21 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9RZlMIAi8FOig5rsvnUEplRSL1lBpuXN%2F45UCrvGbkMcYjGINNPMolDNpKegUD0Ujg09QUIJZrcNG65CE9%2FeegWFQMrA2HPY0xqYmzwLuFmK8cIHnYO8Fb2mzkH0z7%2BNo0OvpvQzbrTpzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:20 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDyilaSK0t7kJiwb7woPdag&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 4F67
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEPV7c22fWJj9JTgu1OA492U&google_cver=1

43 B
1020 B

72ms
24ms

Image
image/gif

37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEPV7c22fWJj9JTgu1OA492U&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYwNPDmAEwAQ&v=APEucNUn86UfMThj0a25gZTCdMgN92PgvLRtmw7Qty-tLi-2Vhm0--w_TmVgUprmxDbYigdx1_LNHSeZdhbFMr3sJ2bFM5Bwcr2yw3G7vhlw8Cv8u5zEpuLNgW_FGUuJEWi9GqBErm7UcvGP5ieSAGSP91PuJfUgnZI-1r0HSwkyXHf50acshjg

Protocol

HTTP/1.1

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Aug 2022 21:31:20 GMT
X-Proxy-Origin: 217.114.215.132; 217.114.215.132; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: febd7383-0293-47b5-86f4-99f7b5f63dee
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:20 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEPV7c22fWJj9JTgu1OA492U&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4F67
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA5MDA3MzQ5NzU0MjY5ODA4Mw%3D%3D

170 B
188 B

83ms
34ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA5MDA3MzQ5NzU0MjY5ODA4Mw%3D%3D

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 21 Aug 2022 21:31:20 GMT
X-Proxy-Origin: 217.114.215.132; 217.114.215.132; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 277a737f-a6b3-484f-83ae-9c320fa45d58
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA5MDA3MzQ5NzU0MjY5ODA4Mw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 8125 106 KB
38 KB 71ms
21ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a1bed8a6f1f6460a2546120b6d18cd8a.safeframe.googlesyndication.com/
Origin: https://a1bed8a6f1f6460a2546120b6d18cd8a.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 07:50:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49224
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 22 Aug 2022 07:50:56 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/elements/html/ Frame 8125 8 KB
3 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A_Ev08mD2rIygznzv-gk-C5fyJqoj0kIM5JfnyhzdPSPEk-orUbpaycGJlDlC3HNwAZA5cs8mmwYwEOwg0HC6lLl8Gaw&cry=1&dbm_d=AKAmf-CitES9JJsgmaUv2-ir4zsxGffQFWLyUq5ycepNv5JdGXBvVxy8BKM02h7NFdarf74NedOpIyNBSNgcdRF3-QwtkdzGov_TVyNpKdPActuFsXO3zdMuFitUoOts3ixtVbEG6okGI33-kWIDIYOJ4dsY8csyh_9_XDzHuEzBjFFkh97U5XUUplg74uLr_Iyz5IM8QMOdtjs287GVfyVrC1HDcJ9VBnnSbp-8ImSh1BHbomEHNj9O7vHoXBtJp8WrRtAtEN94eaBtcPpkguUcHRSgTDLMPCNo9yKsoF1Z-oHgVg7oujrtgVgDsRI_P0_wE2LGe0gIdCcxsoz5EeqEPQ9y5rv9vR8h2IJHywgiTifROLTwkIWjc2WnlaxxSw0rYuQjT0cF4wrd4v4G5Ob8qLrQnFFRPpbh7n9D3HdWKpMQqfs2YUI-WaUs33hkK3x7M44WUPiIBD9Chv-lyKQFqB_6M3SeQiCVyvYg5D351nx_QuSDIAqNkJP80v4pSvu7VtaZd1n9XNxzGKF0c-UNh-az_G54pDOdfQXxf3XxSk3M2IeJiNMHKoAB7UiDDXeHKQ6xgnWeESk1zQIHGVQxxdk6A4w4QgrUcEaPMUC6J9TZGuXWVSYC2nLfMFEwRkVTEfDw85CH7jvjetAsqOONInNi5eqrSslk-FeA6KBGXFfUKMlHafATE6XNqosqOou60tVLkSPWffJixQN4Cyi2fGZv_QvR_2m-195NMi7Oj__Uod5naarziOSN06BNcwZb6XTP_0v0WFpwzUvbs4Z-Ivz4t1vPqJT0zJwAHpUOk58OlPsnuWWW4J43G_u008UCIyF4zWfDK7STzPaOY2u6-grL9OPTNopJdAPI23cVhbaJSArW5wWUIeN9f588JHv3N86v2sFl-69s32nTBEj5FzAw6tPbF4zSx9spkdxeCKgLpXBl-vgjpc-KIteaGozibDEKlLJm5Wlc9j9Hn2Sco2GtFjnY7TTgvhu_pdEMY2cYeUFG90RFkWVvAC33Z_bMZ7YUXBqDDAhkgdiSqcej4YBwSL4F1iHZngthF6HnM47a9T2lyHR5MrQV5oLni0dhxaCGaedJsbhYBqEvEaop3H6wGa7SlAdOTI2Pb79ybKUkyWK0PbFUpohH756TGd32nV-GX6z2Cgmw75F2r_YJgeNDXiUaopozXrYAc_acSGYHwMI7Juc2DfF5ddTnR4J2QWC37NCsED8SSxbQId2HJA7Rgy-X4XGeqbhYPAcFjZkR38iL4QK-hkgIch08wQXPHQBi-QV1ULUebmMQ3zQhvD_qUja4VbovGCla-vWs3ZdOAtcP4ZCtmQvaiEyXKboyWmQCaTUmdI-1S8upxVE02sj47o1H5HLy4_opr4scA0EO48s_PaM-JAECzbSiTDk3ZSsHl41KJad7OKtCkg5cuNlpUfUNH3b-A8bkgZmHfp3cx_dBe54R2oqwjZK3puGbnP_ox2rOwxYTK2mZ5YJPqiQQ4JUpClwYWUx6F_HmTATuKQ6KTgJ-F28YQboavNnkK4qSfyRpQkaMx4iidtyAqHMbQGf5piJsDLw5kDUIw4RM5osayAHcrXVqrV434VV7yHyeUfXrUY1KWjbStROXSg-o9gCMg69VBsmGKP786lzBJbhjwiuOwG4BesTtcfI0OSOVuzgyaGr66_twyhPulmPDonPxgy-muZSePeWDnBFwk5c0kJaVtkH0xvlgjq01PwjtpoZEeqh3deim4wIJb48ogWJTFKMXqpQoO-e2ZWQ4Pm04Qb5jKJOChxz1zqIbGBja6wfwchAJZPp-aDj0nuNLVSyVGeVqg1pFdptS_X04GD-L5BgNSRUlo2Ez2Bwh2BdLVN3t6-Ki23OR6oyD2Z3aP-62RLW4-QzNhMp9shdDsmo38VepeSK3FvI5BxCe05ytYt7fEe7K4g2FrlOwGHBgRJRUE08CdEsn6jkMaYDckwWEkiTMo7a3fICoK3Uv1ejY7-23yhhw7fJxwdO43beULsw6OXyTmgFPdskRci1BaX0YL20J-0J0omKLr48ELhX7HGtT1U9T9osIw9ZJRnibB-9pGYsLn9LZ1X7MQCSqbnfM3nDBjYYoS9WslvAHMKkQ5sXe9z3LgqyzsnwkBCsQZ_b8SLpeEHcIIZ_Nedb6Q56VF_aQ6YaX6R9ByACtaxkNspdisfzpY7tVMkughSVnj6Ru5MdoGCy8Cesc2z0vVngxSXWe-wTLY9jNJX8ouWT0oD4_UeRPu4oH-QnJMRRtY0OPoKv0-RK_R3XgOq71QjzlRiWnljx4dGXUp1WtoZ0aCapta8lc1T_8UAKceiPPeIMkjNGXshB9JPI6hsUkHFzJZ-BiwtD6YJQM86SxzPsBCFGpaap3gKhB6P9bEhEPjCyIMF8Clm93_L_ov1z7vceQ3wTMLFtGAPy-6Q7JGnu2KQZJEe5w3Ie0tO1dXVBDKg6l5mqgmrtekig_MNWlG7PUZmzlG75E2Klsaccdp6HHMd9FpGy7TUvLOh3OP7qMg5k3sgGJ7Fh1zet_hUx4-2KI0ldbLO6Npp-SHIjTV5r9gY3EvZMuxHuuvdbZpMnPixMXhzHZ1H5Ivg8xUHMJtbKeV0RFY3TYoqqU0kvCt1Ks6Vmq2et9fYgTIMzeTwFOSvcPyJ0IlVkfHXfGXLl1m0tElyuVGMDPRpMvO6RnUuA2zz_DolXW8U7i8AHES9P0JUwPDRZ0PQIqKSRpLXR1JY2GlBKEc2Jpf0DwC2a4t5WpyaA3ghKXe3uSJpxYxqfOggIyW1uj26b7r7M-VhA5VrUYQ8oq7SZxEdIRCQh2cJmwRrzLTARp09gIemjsUTIkLCtRNGr_xRjJKCFnvjFoBj7dN7V5y27q0vSMr9GZKUEiDTMZK3a1bbFMapoE5Kqo2tWxlVgQAtOkM9qJcBPk-RAbkOK1-aRT3Uy1W-BNWL2sZl67PWjbg28w_k2DdkkpdeXZMsYHkSv-4TzRH-rW2zOvbGcVZ7sa0vWHOltw_WCsbGm2ABtvxc7DinlGL3QqGLyvJZYuvuz1wq--XuIru-mY05VvuBRCM258C_LNS2J7me3wwIIu7Crabf8pd6vPDG1lAe25tMfzCClk4w5-zKHwd3gs8K0OMgykoIwSOAfFrULmA2g53M9gNrLneXciOWiNvaweSc_rh0Izo-wWJILsAthmaNnzUJr_HRkNDQfCwDBg&cid=CAASJ-RoRJmGe-qO3zAIlUA9JrUVugp9Kw-iZDVi59stGp6ILnP3ipfMhA&rfl=2%2Chttps%253A%252F%252Fwww.tumen.kp.ru%242%2Chttps%253A%252F%252Fwww.tumen.kp.ru%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1bed8a6f1f6460a2546120b6d18cd8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:23:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 442
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 18418590997839133011
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Sep 2022 21:23:58 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/ Frame 8125 30 KB
12 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1bed8a6f1f6460a2546120b6d18cd8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:24:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 400
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11819
x-xss-protection: 0
server: cafe
etag: 10563440404697844360
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Sep 2022 21:24:40 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 49A9 0
10 B 22ms
21ms Image
text/plain 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?jtlyOw
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:31:20 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DB45 0
0 56ms
56ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022081801&jk=490681984290065&rc=
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 200 BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js Show response
pagead2.googlesyndication.com/bg/ Frame EA41 36 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05c5075000686afbe94405f7a3e0b905f02af001ec3174556fd1e07aa0c7c59f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 13:10:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 116470
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14190
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 20 Aug 2023 13:10:10 GMT

GET
H3 200 container.html Show response
6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2A16 6 KB
3 KB 29ms
29ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 21 Aug 2022 21:31:20 GMT
expires: Mon, 21 Aug 2023 21:31:20 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 event
ads.adfox.ru/232598/ 0
18 B 87ms
87ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=77910cfe07a9cb19&pm=bmu&pxo=u3Aq8ZKt_QXIbpWqFv7Z7QgFaLNX3ZHf6TPqb4jNYrX5OJInn9K7HgwOE-3ws0CtZo1N_yyaQMctqYwX4VwUmu4Fz-ANFfnUzDNanAd4sNlA4YyCmd7M83JM4Fvqk3E0AWSMJQNkfMSRhCkZIFWSflknr-4swZ_RKMlTu7sLKBxd3uWH&p5=gwefg&ad-session-id=2350821661117479275&utg=oxum&lts=fjvaojv&ytt=362840448958469&ybv=0.634516&ylv=0.634516&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&rqs=JtBLxzwtFBwnpAJj9e_wh4BQds0wfXep&pr=fvalebb&puid3=top%3Aregion&rtb-si=b&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&p2=fxjd&rand=iwpbekl&sj=f3Jkp7KZP1s632iJN9xikP8TgP5HMPhFS8QclZDLHW02fE9wlfqwOhcH-nrAKA%3D%3D&puid1=adv-1661117479229-901&p1=cavko&resp-time=956

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 21 Aug 2022 21:31:20 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 197 KB
71 KB 75ms
32ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8MQ0FGXD1P&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WCBNVW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

003fd2be4ce418c095e78b312cedab2a1511eb18635b9d9e53851cd8324f46c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:31:20 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72179
x-xss-protection: 0
expires: Sun, 21 Aug 2022 21:31:20 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 197 KB
71 KB 84ms
41ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-E8KWCYC304&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WCBNVW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

478a33877bad2043e02f2fa44a23b306dc5fa5bd677f0b9c3fdb9c9d94af8485

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:31:20 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72191
x-xss-protection: 0
expires: Sun, 21 Aug 2022 21:31:20 GMT

GET
H2 200 counter.js Show response
tns-counter.ru/ncc/ 61 KB
61 KB 175ms
57ms Script
application/javascript 2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to

Full URL: https://tns-counter.ru/ncc/counter.js
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software: ms-counter-3.3.5/1.20.2 /
Resource Hash: 75d16f690db62e7b02e26bff78808ea7529f154b36340c9b6d6e1cd81b64a4ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:31:20 GMT
last-modified: Wed, 01 Dec 2021 16:19:49 GMT
server: ms-counter-3.3.5/1.20.2
etag: "61a7a0a5-f2ad"
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR"
cache-control: max-age=1209600
accept-ranges: bytes
content-type: application/javascript
content-length: 62125
expires: Sun, 04 Sep 2022 21:31:20 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 205 KB
70 KB 64ms
64ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

4feb8a4baf1ab6d4efee5b984ea48ff22af46b19c3b6c21964607fe61eea837c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:31:20 GMT
content-encoding: br
last-modified: Mon, 15 Aug 2022 15:05:51 GMT
etag: "62fa369f-118b8"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 71864
expires: Sun, 21 Aug 2022 22:31:20 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 73ms
22ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WCBNVW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1523
date: Sun, 21 Aug 2022 21:05:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 21 Aug 2022 23:05:57 GMT

GET
H/1.1 200
OK target.js Show response
target.smi2.net/client/ 3 KB
1 KB 160ms
54ms Script
application/x-javascript 46.161.36.2
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://target.smi2.net/client/target.js
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.161.36.2 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: target2-1.sselp1.imcmdb.net
Software: nginx /
Resource Hash: 2ea6594700eadc561dce18df33d16ff9d07ff631d4f6f4eae734bfe34e900f0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sun, 21 Aug 2022 21:31:20 GMT
Content-Encoding: gzip
Last-Modified: Fri, 20 Apr 2018 15:55:37 GMT
Server: nginx
ETag: W/"5ada0d79-af9"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=259200, private
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 24 Aug 2022 21:31:20 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
191 B 71ms
24ms Image
text/plain 13.32.99.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=16803468&ns__t=1661117480803&ns_c=UTF-8&c8=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20-%20KP.RU&c7=https%3A%2F%2Fwww.tumen.kp.ru%2F&c9=
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-21.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:31:20 GMT
via: 1.1 d63ea68c8b7458d49fe25f66ef7f0a5e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: sXnJBoLcxQwUASsUUrE6K9Pvk5DIsXNBi54PX9N0-YPdWVvrCxZE-g==
x-cache: Miss from cloudfront

GET
H/1.1

200
OK

kptumen
counter.yadro.ru/hit;kp/kpall/reg/
Redirect Chain

https://counter.yadro.ru/hit;kp/kpall/reg/kptumen?r;s1600*1200*24;uhttps%3A//www.tumen.kp.ru/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0422%u044E%u043C%u0435%u043D%u0438%20%u0438%20%u0422%u0...
https://counter.yadro.ru/hit;kp/kpall/reg/kptumen?q;r;s1600*1200*24;uhttps%3A//www.tumen.kp.ru/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0422%u044E%u043C%u0435%u043D%u0438%20%u0438%20%u0422%...

43 B
528 B

56ms
56ms

Image
image/gif

88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit;kp/kpall/reg/kptumen?q;r;s1600*1200*24;uhttps%3A//www.tumen.kp.ru/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0422%u044E%u043C%u0435%u043D%u0438%20%u0438%20%u0422%u044E%u043C%u0435%u043D%u0441%u043A%u043E%u0439%20%u043E%u0431%u043B%u0430%u0441%u0442%u0438%3A%20%u0433%u043B%u0430%u0432%u043D%u044B%u0435%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438%20%u043D%u0430%20%u0441%u0435%u0433%u043E%u0434%u043D%u044F%20%7C%20%u041A%u043E%u043C%u0441%u043E%u043C%u043E%u043B%u044C%u0441%u043A%u0430%u044F%20%u041F;0.7654961748722411

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

HTTP/1.1

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host198.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Aug 2022 21:31:21 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 21 Aug 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 21 Aug 2022 21:31:20 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit;kp/kpall/reg/kptumen?q;r;s1600*1200*24;uhttps%3A//www.tumen.kp.ru/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0422%u044E%u043C%u0435%u043D%u0438%20%u0438%20%u0422%u044E%u043C%u0435%u043D%u0441%u043A%u043E%u0439%20%u043E%u0431%u043B%u0430%u0441%u0442%u0438%3A%20%u0433%u043B%u0430%u0432%u043D%u044B%u0435%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438%20%u043D%u0430%20%u0441%u0435%u0433%u043E%u0434%u043D%u044F%20%7C%20%u041A%u043E%u043C%u0441%u043E%u043C%u043E%u043B%u044C%u0441%u043A%u0430%u044F%20%u041F;0.7654961748722411
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Sat, 21 Aug 2021 21:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8125 41 KB
15 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: a1bed8a6f1f6460a2546120b6d18cd8a.safeframe.googlesyndication.com
URL: https://a1bed8a6f1f6460a2546120b6d18cd8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1bed8a6f1f6460a2546120b6d18cd8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 14:07:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 372237
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Aug 2023 14:07:23 GMT

GET
DATA 200
OK truncated
/ Frame 8125 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c2b953cb7332ef4bda5208c47e2de99dad242c6f74738a4f1ea1358e14ab8ac9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/5898824741970832675/ Frame 571D 25 KB
5 KB 66ms
22ms Document
text/html 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5898824741970832675/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6f650eb38f7510ca1b365201d37f30e9a5939514808a726d60b53c2ecedac75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a1bed8a6f1f6460a2546120b6d18cd8a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 378130
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5273
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 17 Aug 2022 12:29:10 GMT
expires: Thu, 17 Aug 2023 12:29:10 GMT
last-modified: Wed, 18 May 2022 12:27:17 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8125 0
622 B 125ms
69ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvIkPsWljYat5imyH4Zn6-4gNjTwow8Do_yB4cUHiit-c8aHe90FD2qZG7lTjO1qGDWO6MCu-S9PloMx_9sMqHUDBWJHAmSWb5L0sDRwwgAHTM5IaMDf1Uf-yRG2zxWoqhubssSCk5h42mlNPdtCdWAz96RhfetWdJCGVn0SX093oRISaKv6CJ3aWN8LeQd44htuJm3j24VCBvbfoX61h361AXjYJ38dLJO_lhsSsSf_2QjhCpFYDecdKurdNZ9kAE7zJblulYqN2eWvZX3a5jlsWGGy97lzVpXOSQC02XAc7zLEC7GINAkJcHNuKpZ3pNd_7IU6dYhGGdqc5bLRPRusQmvaoSI3rA9aEJhfbi1uOERSBUpjec2WmampfOWYFbDMMGu1UgAcKEKMEiQ3Oyc42W0BnIsZ5Zqxg8nFHAxL8PMh3_0YEzZn-Z_otUJB4EZaF11Yvp3n5PzO98JSXIZkyaGESd4MihpyWfSOB3RgJd7q1uRnz1DmCrgjXPCP1U0yRfesKIa8XaLo6HEHy3P7Fv4RvDp87o1uGmWcl_OL1V66a5HIuwm2JUaWHfDllqSuDp4PqXLKvCv8IkOHmWRU2fk85T0qXwbTMhonsjBvAd_DMeM0PL-81PFB4qcLmX1yFFVVgTLIILBTvAZOcgtQO-mpD5Xq4-awrI4ze5NiLUxSTeJTVQ8yyUg6b_c9SBW-kEqjkgdabUBuY1gByU5RWjgULnaj4xzK3S1zA-Uo6aAA6JRj3HTWLGO-OY3kVY2EcRQw10-4uXnQIj9ZCJZ2Sy3SG6D2LcdGDOJI7uuDforWME6lbv56OQvvCWPvTb1VYC5YlyYJ_2xt7fgdCIfxrhz8V6t3HLyu8_v3Api7-lSVJBvp443njBUD-tMEnKADB9zWUTg-yFF10UFK1rFOOB-EJWvbbzq2Z-PKSWik395BjElPakNSHOlGGe83LCM9_Iyk6WpnHtQCZnJp4wH_-zSeeOs71fNRHiau07HzZgqJsi4wY9qEOxYA5A8kU85GQj_4nIKG_Gi9gciO3HRb_StsiogmlQusq5YXSWxPermZmqRWTRnkt1mfq-OOknoAVpWXjhrc82uM7Ankmb52zlJ971dIJ6haYNQxeevP8H-BXtXW8q_v6rbfvXKZVK7y6FrP9GWvsxzsuaMDr1HuHoGLMshDMglPmkKtGs2hMiOGPnjux0ZLG01qbEplq1sDTbFJ_l2TTX2cuQE3sE&sai=AMfl-YSSqYIUpqsw8j2htgoVl3uDlSmHk0DGgVfZtkeGNnIFpVgS239dpAKJtj2g587ZhNeqBaCv_TicXU9QRzFtZxx4QFshsaQLWQgKLSIpKyChXdS3kvQpguK96rM_5kuHs2BSwOFmWu_q09QrLT0qmH4XoKmw63rM6gsv8jMKWApDKHUbKGHcEaxe6tvi9A4fxHePRH5fQQVlhJDo-GpGuCnr6qt0AaY&sig=Cg0ArKJSzPvCxvy55xKdEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=182&cbvp=1&cstd=179&cisv=r20220817.47487&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1bed8a6f1f6460a2546120b6d18cd8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Sun, 21 Aug 2022 21:31:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 container.html Show response
ebcd602ef315b7dcb31a5232527e0c7a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E277 6 KB
3 KB 30ms
29ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ebcd602ef315b7dcb31a5232527e0c7a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081801.js?cb=31069060

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 21 Aug 2022 21:31:20 GMT
expires: Mon, 21 Aug 2023 21:31:20 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 event
ads.adfox.ru/232598/ 0
18 B 79ms
79ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=1d014a5d33e2b225&pm=bmu&pxo=uTXfailA9cPP9MgV0bM_A_QdqQnoTXHZYG8Nr5Fp9ncOY1JxNF2MTuW28KPvGSK_SipI8ad71stUqtEPClcXnq4IoYvF1NzXpoXU0SwNREvtDEPUgsQK3oTNpOpy439lcufBac2c2JPhsnAv-xN1tRslI2h3pVoEngynS9JDmnO5Lq6WTw%3D%3D&p5=gwaok&ad-session-id=2350821661117479275&utg=oxum&lts=fjvaojv&ytt=362840448958469&ybv=0.634516&ylv=0.634516&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&rqs=JtBLxzwtFBwnpAJjkMspRvr1z5asShOC&pr=fvalebb&puid3=top%3Aregion&rtb-si=b&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&p2=fbao&rand=niukbcv&sj=hK9DOIbdADiqWSggKKqinApF_glqbP8Lx3Rht0YiEb_CWjOheRMo_NytzgH4Tg%3D%3D&puid1=adv-1661117479230-254&p1=bufhv&resp-time=640

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 21 Aug 2022 21:31:20 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 2A16 2 KB
535 B 77ms
31ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: 6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com
URL: https://6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 21 Aug 2022 21:03:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 21 Aug 2022 21:31:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 21 Aug 2022 21:31:21 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 2A16 2 KB
902 B 21ms
21ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com
URL: https://6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:27:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 242
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Sep 2022 21:27:18 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 2A16 0
0 65ms
65ms Fetch
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CIjkTKKQCY_mDGe3U7_UPo6uX4AvVhajJa8zJlNaJD8_Dvt3LGBABIPHL50JglYKAgJQHoAHjwKvHA8gBCakCALYDUSLXsD7gAgCoAwHIA8sEqgSQAk_QVxexfvB6atJtEgxuCrxLfcZMxDzSP8Z4bzHDhMxWPOUu3HSDLhJxosyxg907vvwipCV7haU-JQrZe9zMpzK4ZQ9aOmcVJ1JIZW0gFBce3ffSXsI9bHyAHehVudLkP_jbsM2zXRHltwS0S8cgZNoTHDiYe7HZ6UHHPsPtcJ4MJPkaZoiuOgs52OiCJlR0ITj6NRSr4spgyqALRbEqrwBbo9rVnKk23zAb3FKaknSS6-V3vor1NQ7nqP5rAmgnUcjouPtNBGLN-eIXdE5Wmipvjw412uF9-_B7-6SkQbjEwokg7TUJDrUTrT9P2ebFy8S15HHSII1Td0BwHxTIVVBj8YlpZoRiISwQNdD4zodkwASylae9uwLgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH0f-MJqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBCA4w7SCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTC4gUAdAVAYAXAbIXHgocCAASFHB1Yi03MTcyNzMzNDA4NDU1NjkyGPH-Ew&sigh=3PUHP3-PDlE&uach_m=[UACH]&template_id=494
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/ Frame 2A16 23 KB
9 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/abg_lite_fy2021.js

Requested by

Host: 6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com
URL: https://6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:21:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 611
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9668
x-xss-protection: 0
server: cafe
etag: 3250940068065303693
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Sep 2022 21:21:09 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 2A16 3 KB
1 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/window_focus_fy2021.js

Requested by

Host: 6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com
URL: https://6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:14:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1018
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Sep 2022 21:14:22 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 2A16 17 KB
7 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com
URL: https://6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:17:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 831
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Sep 2022 21:17:29 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2A16 140 KB
43 KB 414ms
413ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com
URL: https://6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:31:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44050
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660737283953252"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 21 Aug 2022 21:31:21 GMT

GET
H2 200 16838d5bcb4c763c91f5404f5ca97705.js Show response
www.gstatic.com/mysidia/ Frame 2A16 33 KB
14 KB 79ms
22ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/16838d5bcb4c763c91f5404f5ca97705.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com
URL: https://6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93b23044262887fc2d7651deb7749b1d5b9dd942922da55a84fec5dfb38e024f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 03:40:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 323422
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13605
x-xss-protection: 0
last-modified: Tue, 16 Aug 2022 13:11:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 16 Nov 2022 03:40:59 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 2A16 16 KB
16 KB 83ms
28ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRyp-dHoqLQnKpGDogcZ5DW_RCCoJFMTcS5csInbH_9n7NQUe_T&usqp=CAI

Requested by

Host: 6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com
URL: https://6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec1da9c9499e44d23c66b4913e33f798df99c9fb9b9bac561059c6133a253037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 07:49:43 GMT
x-content-type-options: nosniff
age: 49298
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16152
x-xss-protection: 0
last-modified: Thu, 14 Jan 2021 15:26:20 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 21 Aug 2023 07:49:43 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 2A16 13 KB
13 KB 78ms
23ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTdVVxOcRcQXnI_AlZvnuaBBWMOnCDdGM-0WPYDiRUFOrb9WlsH&usqp=CAI

Requested by

Host: 6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com
URL: https://6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

750c6e1ef8c0edf15d14568e66beb80acb75a31177f5750ee7eb7ffc9e935e79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 18:38:39 GMT
x-content-type-options: nosniff
age: 96762
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12836
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 11:04:48 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 20 Aug 2023 18:38:39 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 2A16 12 KB
12 KB 77ms
22ms Image
image/jpeg 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTbAIrd9p4PIdkanaX-XgKEBazEO7_QwH4U-A30MSUU4QAZ7S0t&usqp=CAI

Requested by

Host: 6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com
URL: https://6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

445cce036352fd309ae11d8f0e4ed4e4a978fbbdbdb3c8f9b6a373b0a0cd7206

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:49:29 GMT
x-content-type-options: nosniff
age: 20512
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12058
x-xss-protection: 0
last-modified: Fri, 18 Feb 2022 08:18:00 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 21 Aug 2023 15:49:29 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 2A16 10 KB
10 KB 76ms
21ms Image
image/jpeg 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQt85s1qGJydXKpWEhxdLeGZaXC7QRg_VSQqM6cDZSWISo7JTo&usqp=CAI

Requested by

Host: 6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com
URL: https://6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d6993666a421d597d65eff6c04606c3c5ca8ce0bb0b22c88ef6fa52f82c2024

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 05:50:29 GMT
x-content-type-options: nosniff
age: 574852
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9871
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 03:11:30 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 15 Aug 2023 05:50:29 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 2A16 13 KB
13 KB 100ms
45ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSb05CQM9lxycO8d-WQoTnXZOYQfZAEg3jrO3nvCN5nt_LUlA&usqp=CAI

Requested by

Host: 6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com
URL: https://6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56c1ddc6c421b01f185c87afd5d1cb02e00b67488c355055afd4beae860b41e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 13:50:16 GMT
x-content-type-options: nosniff
age: 27665
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13300
x-xss-protection: 0
last-modified: Sat, 13 Mar 2021 11:04:00 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 21 Aug 2023 13:50:16 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 2A16 12 KB
12 KB 81ms
26ms Image
image/jpeg 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSXQOqJiDkYZTNhdXGFbTG3KaalKDQD56Lm14dzlQbwtx3BNWnB&usqp=CAI

Requested by

Host: 6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com
URL: https://6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

040ffb4567331430db312a0b397b1717cb985eaeae39f0bac9586d65477f360d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 10:25:59 GMT
x-content-type-options: nosniff
age: 299122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12361
x-xss-protection: 0
last-modified: Fri, 10 Jun 2022 02:37:14 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 18 Aug 2023 10:25:59 GMT

GET
H3

200

1855790038366648222
tpc.googlesyndication.com/simgad/ Frame 2A16
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDbxsi7jQEQ6AIY6AIyCFR5nIyM6Xl-
https://tpc.googlesyndication.com/simgad/1855790038366648222

2 KB
2 KB

22ms
21ms

Image
image/png

2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1855790038366648222

Requested by

Host: 6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com
URL: https://6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11d02526cbaad695117721d111752936444366ac35fec7d36bf8d5fb2aab3094

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 06:04:02 GMT
x-content-type-options: nosniff
age: 401239
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1882
x-xss-protection: 0
last-modified: Wed, 17 Apr 2019 14:59:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 17 Aug 2023 06:04:02 GMT

Redirect headers

date: Sun, 21 Aug 2022 01:01:38 GMT
x-content-type-options: nosniff
server: cafe
age: 73782
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://tpc.googlesyndication.com/simgad/1855790038366648222
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 20 Sep 2022 01:01:38 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 976E 22 KB
8 KB 21ms
21ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a1bed8a6f1f6460a2546120b6d18cd8a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 372236
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 17 Aug 2022 14:07:24 GMT
expires: Thu, 17 Aug 2023 14:07:24 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 88ms
30ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-23870775-1&cid=655319195.1661117481&jid=1762617179&gjid=1413112481&_gid=703072933.1661117481&_u=YGBAgAABAAAAAE~&z=1442845654

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 21 Aug 2022 21:31:21 GMT
content-type: text/plain
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 76ms
30ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1837582534&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAAAABAAAAAG~&jid=1626852671&gjid=1745400891&cid=655319195.1661117481&tid=UA-5200037-42&_gid=703072933.1661117481&_r=1&gtm=2wg8h0WCBNVW&cg1=main&cg5=main&cd3=main&cd4=main&z=2006725206

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 73ms
29ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1837582534&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAAAABAAAAAG~&jid=952822833&gjid=1863029895&cid=655319195.1661117481&tid=UA-23870775-31&_gid=703072933.1661117481&_r=1&gtm=2wg8h0WCBNVW&cd1=&z=948316634

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 66ms
23ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1837582534&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=1762617179&gjid=1413112481&cid=655319195.1661117481&tid=UA-23870775-1&_gid=703072933.1661117481&gtm=2wg8h0WCBNVW&cg1=main&cg5=main&cd3=main&cd4=main&z=1045722451

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 20 Aug 2022 23:57:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 77623
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
339 B 81ms
30ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-E8KWCYC304&gtm=2oe8h0&_p=1837582534&cid=655319195.1661117481&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1661117481&sct=1&seg=0&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20-%20KP.RU&en=page_view&_fv=1&_ss=1&ep.title=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8&ep.allowLinker=true
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E8KWCYC304&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 64ms
30ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8MQ0FGXD1P&gtm=2oe8h0&_p=1837582534&cid=655319195.1661117481&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1661117481&sct=1&seg=0&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20-%20KP.RU&en=page_view&_fv=1&_ss=1&ep.title=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8&ep.allowLinker=true
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8MQ0FGXD1P&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 96FB 0
10 B 21ms
21ms Image
text/plain 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?PWrZAQ
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:31:21 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 55cf990f37ec56e67c14c15188d8cf27.js Show response
s0.2mdn.net/sadbundle/5898824741970832675/ Frame 571D 79 KB
20 KB 22ms
22ms Script
application/x-javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5898824741970832675/55cf990f37ec56e67c14c15188d8cf27.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5898824741970832675/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

391b9c991f135590863d3144429459bf9e6ee939c6c04abddd0a851d1ed40a57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5898824741970832675/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 12:29:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 378131
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20589
x-xss-protection: 0
last-modified: Wed, 18 May 2022 12:27:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Aug 2023 12:29:10 GMT

GET
H/1.1 200
OK sm.js Show response
stat.media/ 77 KB
28 KB 253ms
129ms Script
application/x-javascript 82.148.14.194
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/sm.js
Requested by: Host: target.smi2.net
URL: https://target.smi2.net/client/target.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 82.148.14.194 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: sm-server1-1.ssel24.imcmdb.net
Software: nginx /
Resource Hash: 9dc89e2eae45dccc1b2d7b9540adae2349bbb5d84578eadb8f0f645eac324910

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sun, 21 Aug 2022 21:31:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Dec 2021 13:53:02 GMT
Server: nginx
ETag: W/"61a8cfbe-13481"
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, must-revalidate, proxy-revalidate, max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK /
target.smi2.net/init/ 95 B
463 B 53ms
52ms Image
image/png 46.161.36.2
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://target.smi2.net/init/?siteid=31456&count=site&bw=1600&bh=1200&xurl=https%3A%2F%2Fwww.tumen.kp.ru%2F&rnd=2960781486255
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.161.36.2 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: target2-1.sselp1.imcmdb.net
Software: nginx / HHVM/3.9.1
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

X-Target-Version: 2
Date: Sun, 21 Aug 2022 21:31:21 GMT
X-Target-Final: 20220822003121-0
Server: nginx
X-Target-Host: target2-1.sselp1
X-Powered-By: HHVM/3.9.1
X-Time-Request: 0.00108
Content-Type: image/png
Cache-Control: no-cache, private
Connection: keep-alive
Content-Length: 95
Expires: Sun, 21 Aug 2022 21:31:20 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/ Frame E4A1 16 KB
4 KB 22ms
21ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/index.html

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0d9a43a44410166fc5ff483dace5234c3d9e35e190069b1b974ef505df89753

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ebcd602ef315b7dcb31a5232527e0c7a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 22785
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3892
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Sun, 21 Aug 2022 15:11:36 GMT
expires: Mon, 21 Aug 2023 15:11:36 GMT
last-modified: Wed, 20 Jul 2022 01:11:45 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E277 0
0 65ms
64ms Fetch
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CrLLDKKQCY4KKH8fS7_UPlaqH4AuA6OTea-XEy4GXEI2xluSSMRABIPHL50JglYKAgJQHoAGyisGqAcgBCakCu1LRT3DSqT7gAgCoAwHIA0iqBIwCT9BH4bxUza5mUnyfZ_wvGAcQmx2jTrgRiGVk_MIZPiSPD7mQ8oZIeT_juXjJpvk--S-DYoiTby3FriJmXaj2TKf86ft7Tcw8YJBkS4KiyuAe337vwGxVeLtVhoNSvBZCBF2YIQhBHKJ9qVG62qiqIGCusom9qQsuZk4Yak5qtdoDp9hKVjIwqgVfX2tJjAvi0N8Z9DE4HJt9RXsbEYAooEkc_589oNcLURpE67oVFcwl5L2gUZgZdmYKvh5aNDjvJkyxkCJwD-gC3qSXYVXq1z1SwKJrmv_wdWnHZGxA4G5TfOlQ4wJKMssuT73pzaKTO-g6kVk-QwwPLrp8MNd9eadJyOcZsyVKy7X-L8AE7pD485QE4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB7b1vtUCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQs4Bb0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwGiDAgqBgoE-Z6xAtgTCtAVAZgWAYAXAbIXHgocCAASFHB1Yi03MTcyNzMzNDA4NDU1NjkyGPH-Ew&sigh=CczLncDL074&uach_m=[UACH]&template_id=419
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebcd602ef315b7dcb31a5232527e0c7a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/ Frame E277 23 KB
9 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/abg_lite_fy2021.js

Requested by

Host: ebcd602ef315b7dcb31a5232527e0c7a.safeframe.googlesyndication.com
URL: https://ebcd602ef315b7dcb31a5232527e0c7a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebcd602ef315b7dcb31a5232527e0c7a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:21:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 612
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9668
x-xss-protection: 0
server: cafe
etag: 3250940068065303693
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Sep 2022 21:21:09 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
124 B 62ms
62ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:31:21 GMT
last-modified: Mon, 15 Aug 2022 15:05:51 GMT
etag: "62fa369f-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sun, 21 Aug 2022 22:31:21 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 90ms
30ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-23870775-31&cid=655319195.1661117481&jid=952822833&gjid=1863029895&_gid=703072933.1661117481&_u=YGDAAAABAAAAAG~&z=1587384594

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 21 Aug 2022 21:31:21 GMT
content-type: text/plain
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 47ms
47ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-23870775-1&cid=655319195.1661117481&jid=1762617179&_u=YGBAgAABAAAAAE~&z=384772649

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 86ms
33ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-23870775-1&cid=655319195.1661117481&jid=1762617179&_u=YGBAgAABAAAAAE~&z=384772649

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 818266847*** Show response
tns-counter.ru/nc01a***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/ 55 B
334 B 57ms
57ms Fetch
text/html 2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to

Full URL: https://tns-counter.ru/nc01a***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/818266847***
Requested by: Host: tns-counter.ru
URL: https://tns-counter.ru/ncc/counter.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software: ms-counter-3.3.5/1.20.2 /
Resource Hash: 42388d0b9baf3559b365f836b695d33ede274136f000af5b1e47b0e8d97ab2ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:31:21 GMT
last-modified: Sun, 21 Aug 2022 21:31:21 GMT
server: ms-counter-3.3.5/1.20.2
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: https://www.tumen.kp.ru
access-control-allow-credentials: true
content-length: 55

GET
H2

200

821317946
tns-counter.ru/V13b***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/
Redirect Chain

https://tns-counter.ru/V13a***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/821317946
https://tns-counter.ru/V13b***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/821317946

43 B
297 B

59ms
58ms

Image
image/gif

2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tns-counter.ru/V13b***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/821317946
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H2
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software: ms-counter-3.3.5/1.20.2 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:21 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-3.3.5/1.20.2
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:21 GMT
server: ms-counter-3.3.5/1.20.2
strict-transport-security: max-age=2678400
content-type: image/gif
location: https://tns-counter.ru/V13b***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/821317946
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
DATA 200
OK truncated
/ Frame 2A16 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d39f50472325df4a4476a1ce8697321bbe344dbe5508c6e94af86129b05e180d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

1 Show response
mc.yandex.com/watch/26254/
Redirect Chain

https://mc.yandex.com/watch/26254?wmode=7&page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anitzfaj0q86lk7t0iduwo%3Afu%3A0%3Aen%3Aut...
https://mc.yandex.com/watch/26254/1?wmode=7&page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anitzfaj0q86lk7t0iduwo%3Afu%3A0%3Aen%3A...

167 B
594 B

67ms
67ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/26254/1?wmode=7&page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anitzfaj0q86lk7t0iduwo%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A870%3Acn%3A1%3Adp%3A0%3Als%3A258773076729%3Ahid%3A735502519%3Az%3A0%3Ai%3A20220821213120%3Aet%3A1661117481%3Ac%3A1%3Arn%3A217306078%3Au%3A1661117481136524126%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1661117477748%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661117481%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20-%20KP.RU&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnl%281%29ti%282%29

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

866fdf09a0430e8522b2a492c3b0433aa5986d284885fc610ffb84a3439bbdc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 21-Aug-2022 21:31:21 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 167
x-xss-protection: 1; mode=block
expires: Sun, 21-Aug-2022 21:31:21 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:21 GMT
last-modified: Sun, 21-Aug-2022 21:31:21 GMT
location: /watch/26254/1?wmode=7&page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anitzfaj0q86lk7t0iduwo%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A870%3Acn%3A1%3Adp%3A0%3Als%3A258773076729%3Ahid%3A735502519%3Az%3A0%3Ai%3A20220821213120%3Aet%3A1661117481%3Ac%3A1%3Arn%3A217306078%3Au%3A1661117481136524126%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1661117477748%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661117481%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20-%20KP.RU&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnl%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sun, 21-Aug-2022 21:31:21 GMT

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame E4A1 9 KB
3 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 09:41:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42583
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 22 Aug 2022 09:41:38 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame E4A1 26 KB
10 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:14:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19024
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 22 Aug 2022 16:14:17 GMT

GET
H3 200 e6f40d138158e41bbc4290d1d8f9ae48.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/ Frame E4A1 84 KB
22 KB 23ms
22ms Script
application/x-javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/e6f40d138158e41bbc4290d1d8f9ae48.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63b31da7c560861dc044a6b35c1b51b9664daf1008174e88053ca298a429c8ac

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 414680
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22268
x-xss-protection: 0
last-modified: Wed, 20 Jul 2022 01:11:45 GMT
server: sffe
date: Wed, 17 Aug 2022 02:20:01 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 17 Aug 2023 02:20:01 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame EA41 0
10 B 26ms
25ms Image
text/plain 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?HeKSRA
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:31:21 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js Show response
pagead2.googlesyndication.com/bg/ Frame 976E 36 KB
14 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05c5075000686afbe94405f7a3e0b905f02af001ec3174556fd1e07aa0c7c59f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 13:10:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 116471
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14190
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 20 Aug 2023 13:10:10 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6027 143 B
163 B 79ms
29ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: ebcd602ef315b7dcb31a5232527e0c7a.safeframe.googlesyndication.com
URL: https://ebcd602ef315b7dcb31a5232527e0c7a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ebcd602ef315b7dcb31a5232527e0c7a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1204
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sun, 21 Aug 2022 21:11:17 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame E277 3 KB
1 KB 25ms
21ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/window_focus_fy2021.js

Requested by

Host: ebcd602ef315b7dcb31a5232527e0c7a.safeframe.googlesyndication.com
URL: https://ebcd602ef315b7dcb31a5232527e0c7a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebcd602ef315b7dcb31a5232527e0c7a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:14:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1019
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Sep 2022 21:14:22 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E277 140 KB
43 KB 193ms
190ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ebcd602ef315b7dcb31a5232527e0c7a.safeframe.googlesyndication.com
URL: https://ebcd602ef315b7dcb31a5232527e0c7a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebcd602ef315b7dcb31a5232527e0c7a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:31:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44050
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660737283953252"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 21 Aug 2022 21:31:21 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 571D 4 KB
593 B 32ms
31ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:500|Roboto:900

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5898824741970832675/55cf990f37ec56e67c14c15188d8cf27.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1d352797c9473d7a0f0d88d182633330a8a7058a68cd6c052a8a2e2e6ffba4e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 21 Aug 2022 20:16:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 21 Aug 2022 21:31:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 21 Aug 2022 21:31:21 GMT

GET
H3 200 95ee97f940f4554061bb1a1cda14e276.jpg
s0.2mdn.net/sadbundle/5898824741970832675/media/ Frame 571D 12 KB
12 KB 24ms
23ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5898824741970832675/media/95ee97f940f4554061bb1a1cda14e276.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5898824741970832675/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b738f99519db9a9844cb92a9ccac7ecc2d129b163c03e33e66da125c12abd769

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5898824741970832675/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 12:29:11 GMT
x-content-type-options: nosniff
age: 378130
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12589
x-xss-protection: 0
last-modified: Wed, 18 May 2022 12:27:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Aug 2023 12:29:11 GMT

GET
H3 200 a2146fe0527ed2dda0bed0dd01864c25.png
s0.2mdn.net/sadbundle/5898824741970832675/media/ Frame 571D 2 KB
2 KB 27ms
26ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5898824741970832675/media/a2146fe0527ed2dda0bed0dd01864c25.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5898824741970832675/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4aea19556dc90eb53beb857d6dc516fc5c3665537fd4c6731e643f3b69f4bcd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5898824741970832675/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 12:29:11 GMT
x-content-type-options: nosniff
age: 378130
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2523
x-xss-protection: 0
last-modified: Wed, 18 May 2022 12:27:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Aug 2023 12:29:11 GMT

GET
H3 200 6f0bfb3ddfac39690e8141cfb50b9437.png
s0.2mdn.net/sadbundle/5898824741970832675/media/ Frame 571D 2 KB
2 KB 27ms
27ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5898824741970832675/media/6f0bfb3ddfac39690e8141cfb50b9437.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5898824741970832675/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9ba215c474686628ad12b265375aee5414874ff881e9d768d9dc504352ca6fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5898824741970832675/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 12:29:11 GMT
x-content-type-options: nosniff
age: 378130
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2152
x-xss-protection: 0
last-modified: Wed, 18 May 2022 12:27:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Aug 2023 12:29:11 GMT

GET
H3 200 8750cdbc9857501df5a2f9d28c6260e6.png
s0.2mdn.net/sadbundle/5898824741970832675/media/ Frame 571D 2 KB
2 KB 27ms
26ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5898824741970832675/media/8750cdbc9857501df5a2f9d28c6260e6.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5898824741970832675/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73700c617669c8ac7132612621fd54c22883ab58f29ceae5438c9f0bba0538e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5898824741970832675/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 12:29:11 GMT
x-content-type-options: nosniff
age: 378130
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2457
x-xss-protection: 0
last-modified: Wed, 18 May 2022 12:27:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Aug 2023 12:29:11 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E4A1 2 KB
540 B 35ms
35ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/e6f40d138158e41bbc4290d1d8f9ae48.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0e53fe7669a287b3f57bb942dcf1a1fc61c969891ddce211874c475996f8a029

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 21 Aug 2022 21:04:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 21 Aug 2022 21:31:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 21 Aug 2022 21:31:21 GMT

GET
H3 200 835951689f5eccbfe1f83a4ee3647939.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/media/ Frame E4A1 30 KB
30 KB 26ms
25ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/media/835951689f5eccbfe1f83a4ee3647939.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4ec8c02ce1156b46862a31790e01b86c2c1c40299b2636c553803d22f566b47

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 414716
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30602
x-xss-protection: 0
last-modified: Wed, 20 Jul 2022 01:11:45 GMT
server: sffe
date: Wed, 17 Aug 2022 02:19:25 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 17 Aug 2023 02:19:25 GMT

GET
H3 404 undefinedpo641w
s0.2mdn.net/sadbundle/5898824741970832675/ Frame 571D 43 B
64 B 446ms
445ms Image
image/gif 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5898824741970832675/undefinedpo641w

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5898824741970832675/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5898824741970832675/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:31:21 GMT
x-content-type-options: nosniff
server: sffe
x-dns-prefetch-control: off
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Sun, 21 Aug 2022 21:31:21 GMT

GET
H3 200 7006b1472b644e7727310d7fb9dfa7a1.png
s0.2mdn.net/sadbundle/5898824741970832675/media/ Frame 571D 4 KB
4 KB 30ms
30ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5898824741970832675/media/7006b1472b644e7727310d7fb9dfa7a1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5898824741970832675/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09b033112e64a07ff950cb2790acc18538ee2a5b0e7ac8398f14ee4eb6235f92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5898824741970832675/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 12:29:11 GMT
x-content-type-options: nosniff
age: 378130
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3920
x-xss-protection: 0
last-modified: Wed, 18 May 2022 12:27:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Aug 2023 12:29:11 GMT

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 571D 15 KB
15 KB 98ms
43ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500|Roboto:900

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 03:39:12 GMT
x-content-type-options: nosniff
age: 323529
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15752
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Aug 2023 03:39:12 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 571D 16 KB
16 KB 76ms
21ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500|Roboto:900

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 12:56:05 GMT
x-content-type-options: nosniff
age: 549316
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Aug 2023 12:56:05 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E4A1 15 KB
16 KB 46ms
42ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 535589
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Aug 2023 16:44:52 GMT

GET
H3 200 155dcdf3ddeff9bb6e907995757ca0fa.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/media/ Frame E4A1 20 KB
20 KB 22ms
22ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/media/155dcdf3ddeff9bb6e907995757ca0fa.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81f5a77969e0be31aca8599391449b284d3faf2322bed3e186fcdfdd80c4a781

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 414716
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20858
x-xss-protection: 0
last-modified: Wed, 20 Jul 2022 01:11:45 GMT
server: sffe
date: Wed, 17 Aug 2022 02:19:25 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 17 Aug 2023 02:19:25 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/26254/ 43 B
73 B 61ms
60ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/26254/1?page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&cnt-class=1&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Anitzfaj0q86lk7t0iduwo%3Afp%3A921%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A870%3Acn%3A1%3Adp%3A1%3Als%3A258773076729%3Ahid%3A735502519%3Az%3A0%3Ai%3A20220821213121%3Aet%3A1661117481%3Ac%3A1%3Arn%3A189768450%3Arqn%3A1%3Au%3A1661117481136524126%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1661117477748%3Ads%3A0%2C0%2C89%2C168%2C529%2C0%2C%2C54%2C0%2C%2C%2C%2C949%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1661117481&t=gdpr(14)mc(p-7-h-4)clc(0-0-0)lt(57900)aw(1)rqnt(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:21 GMT
last-modified: Sun, 21-Aug-2022 21:31:21 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 21-Aug-2022 21:31:21 GMT

GET
H2 200 26254 Show response
mc.yandex.com/watch/ 43 B
73 B 71ms
71ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/26254?page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Anitzfaj0q86lk7t0iduwo%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A870%3Acn%3A1%3Adp%3A1%3Als%3A258773076729%3Ahid%3A735502519%3Az%3A0%3Ai%3A20220821213121%3Aet%3A1661117481%3Ac%3A1%3Arn%3A663887752%3Arqn%3A2%3Au%3A1661117481136524126%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1661117477748%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1661117481%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20-%20KP.RU&t=gdpr(14)mc(p-7-h-4)clc(0-0-0)lt(57900)aw(1)rqnt(2)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:21 GMT
last-modified: Sun, 21-Aug-2022 21:31:21 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 21-Aug-2022 21:31:21 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6027
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

41ms
41ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: ebcd602ef315b7dcb31a5232527e0c7a.safeframe.googlesyndication.com
URL: https://ebcd602ef315b7dcb31a5232527e0c7a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 Aug 2022 21:31:21 GMT
expires: Sun, 21 Aug 2022 21:31:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 Aug 2022 21:31:21 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK settings Show response
stat.media/counter/ 672 B
1 KB 62ms
61ms Script
application/javascript 82.148.14.194
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/settings?payload=COD1AQ&cb=_callbacks____0l73ugjos
Requested by: Host: stat.media
URL: https://stat.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 82.148.14.194 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: sm-server1-1.ssel24.imcmdb.net
Software: nginx /
Resource Hash: 79b61584d0a301be71c6a153f3a0c8cbcf937e31e6a6f38e2789c2a54482189b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sun, 21 Aug 2022 21:31:21 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: application/javascript

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0ECD 0
0 61ms
60ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022081501&jk=1245854457398898&bg=!29il2JzNAAYUOm8VNDo7ACkAdvg8WgtQyoVkDvhmHOGbI19ZAjCMVCG7WZce50mg-efvZd1MmF0H4wIAAADgUgAAAAFoAQeZAuw6JQ02ewXbK5vT63R6ildlYSpUJHqxnm0YckCEA-uUxvkYFjcPu7kmtAI6bYHfkWUdpJG6Hz5kbRrc5klfMnJ1BfWI2dZ3Ngr9GKFN5xghq9K53Zkoyspmrpw71sVXnA-vnOjBUvEjfCFX2q4ZuAubIlemG_oC5RY8gl8CWerPfpwDATZBr575ZXXhAutUC2V4XoUP-SQ1KYkkW81Zj85-cdNhlgXKD4l2Xoj09Y4zRkJttds_EaYCKmNBlEnAnwTv1wiAvHQPTJmFR5zY2_wrsfXwlpLQgkgBYh-uw1uDuO2wso5fUNFCSo4ieV_a87o-dsO-o1INSc9d6soxOYwNZa1MmZG3qs-MSI5xyq8Kxp_pgE9Eg-68kNgmEWxqOUN2Sc08XjdVsVqGBiWt5mGbCsJzAfGy777kzy_KK8TSHkDSUfJuIdiYbEVF0a2F8dLdYCUv47Px48KBnb4i7Zr77a90_YlJi0qj-qWhOVq4nscPGQEzmPpq1KajMnNQGhBVyqZxhVzM-28Kg-6-n6rtWQwEdTpyBWnDFwSnisxdGDSxNMmD-iYyxl_LOovWyXUUcbJk-8MGBe36GcITKWQw3XWdtak8GjJNU9gDaKD-QRhXQMapK9QK1DVwvIU8bhGQRwZNQZv8oJDVyzh6r7QC1RYH_WPvwfzRY7o7aLLN0yjTrOOO_SgKCxVpze_CQyjD_a-FxV2t4lOkbwPUj6AE_InINbJ9OuEvmuSrSq9D1pj-iOJVwZI6ZhAIFP3hPaafq2YlcvFxRQfIePDo2g9q3vRraJqog8Q7vfKTO4pNFx0EJGalnE_P5nqBkFC5cFkHm_xorGsHmnUhafks5BOtght9MOGcvIP6P-7eNleDyw5oqnvk-zenf2JaypkNF81XVLCaRSmhVojyA55EjcLLlkXiN290X0mtZ-FLzi_BMZd2eghL6O9mrtSWRLcOFxUXZq57TOJUTITd7a_Ks1SqizvE4uBUEeUif1_O
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 2A16 20 KB
20 KB 22ms
22ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 22:12:48 GMT
x-content-type-options: nosniff
age: 429513
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Aug 2023 22:12:48 GMT

GET
H3 200 oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js Show response
pagead2.googlesyndication.com/bg/ Frame DC52 36 KB
14 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0e46d0eff446c60d926ab68094e9951ad61d82539991999a5379124cc74ff95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16398
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14118
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 21 Aug 2023 16:58:03 GMT

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 2A16 63 KB
24 KB 21ms
21ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: 6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com
URL: https://6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

d2051a9373e01b111211247251572fb685a8fa7e9fea2255619256d4714e0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:05:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1525
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24193
x-xss-protection: 0
server: cafe
etag: 6858204432399944515
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 21 Aug 2022 22:05:56 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame E277 17 KB
7 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ebcd602ef315b7dcb31a5232527e0c7a.safeframe.googlesyndication.com
URL: https://ebcd602ef315b7dcb31a5232527e0c7a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebcd602ef315b7dcb31a5232527e0c7a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:17:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 832
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Sep 2022 21:17:29 GMT

GET
H3 200 oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js Show response
pagead2.googlesyndication.com/bg/ Frame E4A1 36 KB
14 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0e46d0eff446c60d926ab68094e9951ad61d82539991999a5379124cc74ff95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16398
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14118
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 21 Aug 2023 16:58:03 GMT

GET
H/1.1 200 /
smi2.ru/cookiematching/ 43 B
866 B 179ms
58ms Image
image/gif 88.212.218.22
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smi2.ru/cookiematching/?payload=CkEKB19zbV91aWQSJDE4NGRkOWFkLTM4NjgtNDhmYS04NjJkLTg5NWQ2NTBlMWRlYxoILnNtaTIucnUiAS8ogOeEDwoqCgdfc21fdWR0Eg0xNjYxMTE3NDgxNDIxGgguc21pMi5ydSIBLyiA54QPCj8KB19zbV9zaWQSJGEyNWY2MDdmLTk3MWQtNGIxOC05MTU3LWQ5MWQ0NmM4NDc2NRoILnNtaTIucnUiAS8oiA4%3D&rnd=1661117481515
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.212.218.22 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS: ads5-1.sser16.imcmdb.net
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache, no-cache
Date: Sun, 21 Aug 2022 21:31:21 GMT
Last-Modified: Sunday, 21-Aug-2022 21:31:21 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Connection: close
Content-Length: 43
Expires: Sun, 21 Aug 2022 21:31:21 GMT

GET
H/1.1 200
OK /
smi2.net/cookiematching/ 43 B
229 B 179ms
59ms Image
image/gif 82.202.225.240
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smi2.net/cookiematching/?payload=CkIKB19zbV91aWQSJDE4NGRkOWFkLTM4NjgtNDhmYS04NjJkLTg5NWQ2NTBlMWRlYxoJLnNtaTIubmV0IgEvKIDnhA8KKwoHX3NtX3VkdBINMTY2MTExNzQ4MTQyMRoJLnNtaTIubmV0IgEvKIDnhA8KQAoHX3NtX3NpZBIkYTI1ZjYwN2YtOTcxZC00YjE4LTkxNTctZDkxZDQ2Yzg0NzY1Ggkuc21pMi5uZXQiAS8oiA4%3D&rnd=1661117481515
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.202.225.240 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: smi2adm2-1.ssel27.imcmdb.net
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sun, 21 Aug 2022 21:31:21 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

POST
H/1.1 204
No Content view Show response
stat.media/counter/ 0
135 B 182ms
59ms XHR
text/plain 82.148.14.194
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/view
Requested by: Host: stat.media
URL: https://stat.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 82.148.14.194 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: sm-server1-1.ssel24.imcmdb.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
Date: Sun, 21 Aug 2022 21:31:21 GMT
Server: nginx
Connection: keep-alive

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 976E 0
20 B 60ms
60ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B92MtKKQCY_HeJ9mF9u8PyIOe6AUAAAAAOAHgBAI&bg=!gYKlgsbNAAYUOm8VNDo7ACkAdvg8Wn0qvlBMcG8hhwdV0zqGO8FwEtwNWzBo244kBdzIMBxmxYF2QQIAAADxUgAAAAFoAQeZA0qMZ4p6h6l7cFpi5tnKWxCl09YBi5SNKJZI7qnCehDcLtcj--pmEoNaIERFjgwYYZEOsU118E6OOYuR-btWMzuU1pnfi2tCcuIAkvXnA4FUj4RYWEtnb9cSLdobHKErQk0Ei9BbTyztZbz0NSwmW7tXrnXEV0wFRZvNTsw0-Pcu1IpxMjq-wlDQvdH3yVkQEopqR9EuoP18j3o0anXE-Dc5bUL7vY9hKwB6C7xKRfdQ5EIzvrg0plaJKgFVhCx22QCtY_0FX2Bef_40aYQ40xRvttkrhZDe45tLvDSe4wW9PEgvjlrf6BETBBuYe46bM-HEFTshnnGz9LbGObPjHf-ODYM4Y-kXn6n_OUZxcYuHPmmJlgh2n5s6W54IEISzCl2DwicLS0xoe_tfLMNvXbATGAW0t4csXHDBOT5pmDBurEfLxMmp3IepW7cLysqnbVut746PKQ160TKOy1TyyBXMXxwS_WVKgN8MJr5jBVz4eHAXJDS6MBzcsNgJpYXwqOVqZYiTLGgGmAjuh2fiVYNwQD_s_gr6micJjnRM4DuUCXuMIDer3x8qeCZQ1AuKIfwu4b5aCdtPL4PYMxUDGidLcF_cOYTy_7WjgmLliUNIfhfWf1ki3VaFZpgS-4x4927KT613ZWxr5sS39xYTTG5UamutWp5SZ4xrAk1nb3uqFxMIlkClAtzpQBHPq6-yYsV4vYNfpt1cicV1tiDtVUeHuPsg5qSIKB1ZGp53x3AVx-jcnlqTWvVL2QGpLcV3A1IBKU4xhhc9SyAU2fdpAIcOBcZ0GLYX1RIpkXd4sKkLFlphjxupycBGvkO8YPmE64Geu97CnsxUCWb143T3WRx56KzJBZZ_L-9e20-xqJG6O6yUd0DrNKXTiqyMJciTvOHkAQ7_MJ_TZqPdQOBkyHcrGG-9KBYIj7xfydQcN-sDDzI7FvageQT8Wxwfsvqgr3V7d51gf9B4PMUxdJy2kE9JyccUMl4w66AVx_vCoNb2iJlhz3QlaSXRpUij0BGnLSsV8SB6lt7oO6QAnkrfeQn_bN4qWvS_WcM4TQpfDFqG__9DC8yekga7u_3MJs56uD4kzg0IbRD9r0bgVGPjozlYnpveMoWm4hoUVw

Requested by

Host: a1bed8a6f1f6460a2546120b6d18cd8a.safeframe.googlesyndication.com
URL: https://a1bed8a6f1f6460a2546120b6d18cd8a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 2A16 0
17 B 143ms
66ms Ping
image/gif 2a00:1450:4006:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~l73ugjtv&chm=1&c=480539799936302&ctx=2&qqid=CPm35urw2PkCFW3quwgdo9UFvA&met.4=fb.4m~lb.bo~ol.im~idt.21~dt.-c0&met.3=733.h4~742.h4~555.hx~556.hz_2~749.ik_2~735.jt_1~740.jy~113.lp_4~112.lo_5&met.1=1.l73ugj86~6.1~7.1~8.1~9.1~10.1~12.2~13.v~14.v~15.24~16.hy~17.hy~18.i2~19.ib~20.ib~21.im&met.7=CBsQCBgBKAEwHzieBWgCcB540BqAAaQYiAHOL7ABAbgBAw~CBIQBxgBIKcBKKcBMPUBOE5QqAFY1gFgqAFo1gFw9QF4pwaAAfsDiAHWDaoBGQoXR29vZ2xlIFNhbnMgRGlzcGxheTo0MDCwAQG4AQM~CBwQChgBIKwBKKwBMMEBOBZorAFwwQF4lwmAAesGiAHBDLABAbgBAw~CCEQBBgBIKwBKKwBMO0BOEE~CAkQChgBIK0BKK0BMMMBOBZorQFwwgF48E2AAcRLiAHzuwGwAQG4AQM~CB4QChgBIK4BKK4BMMMBOBZorgFwwwF4-wyAAc8KiAGxFbABAbgBAw~CBwQChgBIK4BKK4BMMYBOBhorwFwxAF42z2AAa87iAH4iwGwAQG4AQM~CCoQChgBIK4BKK4BMNsEOK0D~CBsQChgBIK4BKK4BMIQCOFY~CBsQAhgBILABKLABMJQCOGU~CBsQAhgBILABKLABMIMCOFM~CBsQAhgBILABKLABMIECOFI~CBsQAhgBILABKLABMIACOFA~CBsQAhgBILABKLABMJsCOGo~CBsQAhgBILEBKLEBMJACOF8~CAQQAhgBILEBKKICMLgCOIgBaKMCcLgCeIYRgAHaDogB2g6QAbEBmAHIAbABAbgBAw~CBMQAhgBIJsFKJsFMLIFOBdomwVwsQV43KQBgAGwogGIAbCiAaoBFwoRZ29vZ2xlc2Fuc2Rpc3BsYXkQFRgCsAEBuAED~CCgQChgBILQFKLQFMMsFOBhotAVwyQV4rb8BgAGBvQGIAcv4A7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4006:812::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:21 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame E277 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f294d1ffe673d5980be45113e6081de7e6b92ff201ad687070e6570dbbb59d93

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 event
ads.adfox.ru/232598/ 0
66 B 81ms
81ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=dd16a03a06785667&pm=bmp&pxo=b1-I39oxNaWy0KPlvAZlI6rwkdwnTQHSQ_dTOONXD7QL8Hlftnu0i7DzC_NKpChMMgcGMu261mRr1h17-26Jv2SMTQxTQdIezOX9USh81NMlMf1LuUqK8f2nMMfkMk8tTR24I5lD5pNL3BbRNo568R-B7FGUJOg0JFTTJ52NBf0EeYjBaA%3D%3D&p5=gwdbk&ad-session-id=2350821661117479275&utg=oxum&lts=fjvaojv&ytt=362840448958469&ybv=0.634516&ylv=0.634516&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3F&rtb-si=b&p2=gftf&rand=kmxgwgx&sj=-Wk0Ll2dB4dXHNo7mszdU-yUZS0mAezPvX-idJy3wPdaXmAcZ5m46HaqBd7YKg%3D%3D&puid1=adv-1661117479225-973&pr=fvalebb&p1=cdinl&rqs=JtBLxzwtFBwnpAJjqpNtjkIztRsXjRv3

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 21 Aug 2022 21:31:21 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame ABB8 0
0 61ms
60ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022081501&jk=480539799936302&bg=!u7iluPzNAAYUOm8VNDo7ACkAdvg8WtsVbjBy7bL8WnohV5MVK1ZL27AQe4MZrbk-XW27ua8XJQdNNAIAAAHLUgAAAAFoAQeZAwbW_M0Z6PCdM3uouLq-SUTvMqRCXroxfpuAIKFUNkxKuBv_tAeURaERfFR9E6_iYdosAj_wBbPLiJ7EJ_gKUX0xczdny__zZdp3hvQOZ2J4AUDyIQkTZQp_4rB7pQ5PP8xP10xWyMRRY9_wWZ0dp8vpv6-p6mOrl50eT5xPAzrgkpULuEAUDNBUsrR9zp9YYU1eFAxXv-vx-BUfmgRDnHtla06csblG5Ee6I8KVGcprmvJfcXOTQ2glbA0d9TsdnzL23dyd5hVn-NkBuoMwrRhzSRu0ky9gNtwX_S5vH6ktduepW1IohNByJgiDTZ-qXIKrPUJyOSBRTvgrCchJH8d7Zlm-8RtFzQi4il8ENxcKvEaLNVtdZaKBNPQV5Mcdwhw9h7Z5ZJp7P8jcA8WGKEtGHfGC_4xPjolm_4FpwR6VJpPkNm4ascdVsWPzSLJao71OYUd-KL81na5lZNHQGYBX_qZmTCKTLXWZ2XEBh6tc-pKGvvUdHZMFY1qWNSiDP0PJds1SCkv2D_8pajHAFoMS4mO-gNR5lL-bemkiDy7pzkELT0EqInVX7JWWa4bLJ7lb3jhyV5-aWpyOvc0ObHESXukab_1l6RaE3UVIiRoLE5qHV0OaeCLF7DHhCIJVVJAiw6BIvHjlzS0hphgrz7dhndAmkykl49dckfL69R7cTusI8XtH8FZxU3xI94pr92mmrwtNNI1LvGjUMzbwquqx4yQBFX8M6DcomvfWap_GmHNM--rFLgQo9Yr5cfoNfsW2xZzr7-MkwQPaIJimQRBsqWoAluEg2RDjLdnneKzbXZ8mKK8SxnKuulAHJEkSm3LoC7qwKzWeIhgBEE0X8ljodOpjxaTTVUFx-FTlMx4j_0ILJOu97fQoqAjcF9G5rKuH8p--4x8ZHcQv6lcT-tFdaWeFf9_v1Qst7I0dmfwZ5oTNIw998dZdypIVXDyuI-f-L2GQZslhcIL44JwnEzaLUyceyNTuzVXFBgCN37dTUxyFypU7RPtqvJusI1D_hnGvITpYMpA
Requested by: Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8125 0
26 B 109ms
62ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvIkPsWljYat5imyH4Zn6-4gNjTwow8Do_yB4cUHiit-c8aHe90FD2qZG7lTjO1qGDWO6MCu-S9PloMx_9sMqHUDBWJHAmSWb5L0sDRwwgAHTM5IaMDf1Uf-yRG2zxWoqhubssSCk5h42mlNPdtCdWAz96RhfetWdJCGVn0SX093oRISaKv6CJ3aWN8LeQd44htuJm3j24VCBvbfoX61h361AXjYJ38dLJO_lhsSsSf_2QjhCpFYDecdKurdNZ9kAE7zJblulYqN2eWvZX3a5jlsWGGy97lzVpXOSQC02XAc7zLEC7GINAkJcHNuKpZ3pNd_7IU6dYhGGdqc5bLRPRusQmvaoSI3rA9aEJhfbi1uOERSBUpjec2WmampfOWYFbDMMGu1UgAcKEKMEiQ3Oyc42W0BnIsZ5Zqxg8nFHAxL8PMh3_0YEzZn-Z_otUJB4EZaF11Yvp3n5PzO98JSXIZkyaGESd4MihpyWfSOB3RgJd7q1uRnz1DmCrgjXPCP1U0yRfesKIa8XaLo6HEHy3P7Fv4RvDp87o1uGmWcl_OL1V66a5HIuwm2JUaWHfDllqSuDp4PqXLKvCv8IkOHmWRU2fk85T0qXwbTMhonsjBvAd_DMeM0PL-81PFB4qcLmX1yFFVVgTLIILBTvAZOcgtQO-mpD5Xq4-awrI4ze5NiLUxSTeJTVQ8yyUg6b_c9SBW-kEqjkgdabUBuY1gByU5RWjgULnaj4xzK3S1zA-Uo6aAA6JRj3HTWLGO-OY3kVY2EcRQw10-4uXnQIj9ZCJZ2Sy3SG6D2LcdGDOJI7uuDforWME6lbv56OQvvCWPvTb1VYC5YlyYJ_2xt7fgdCIfxrhz8V6t3HLyu8_v3Api7-lSVJBvp443njBUD-tMEnKADB9zWUTg-yFF10UFK1rFOOB-EJWvbbzq2Z-PKSWik395BjElPakNSHOlGGe83LCM9_Iyk6WpnHtQCZnJp4wH_-zSeeOs71fNRHiau07HzZgqJsi4wY9qEOxYA5A8kU85GQj_4nIKG_Gi9gciO3HRb_StsiogmlQusq5YXSWxPermZmqRWTRnkt1mfq-OOknoAVpWXjhrc82uM7Ankmb52zlJ971dIJ6haYNQxeevP8H-BXtXW8q_v6rbfvXKZVK7y6FrP9GWvsxzsuaMDr1HuHoGLMshDMglPmkKtGs2hMiOGPnjux0ZLG01qbEplq1sDTbFJ_l2TTX2cuQE3sE&sai=AMfl-YSSqYIUpqsw8j2htgoVl3uDlSmHk0DGgVfZtkeGNnIFpVgS239dpAKJtj2g587ZhNeqBaCv_TicXU9QRzFtZxx4QFshsaQLWQgKLSIpKyChXdS3kvQpguK96rM_5kuHs2BSwOFmWu_q09QrLT0qmH4XoKmw63rM6gsv8jMKWApDKHUbKGHcEaxe6tvi9A4fxHePRH5fQQVlhJDo-GpGuCnr6qt0AaY&sig=Cg0ArKJSzPvCxvy55xKdEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1040&vt=11&dtpt=858&dett=3&cstd=179&cisv=r20220817.47487&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1bed8a6f1f6460a2546120b6d18cd8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 21 Aug 2022 21:31:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 6CAF 15 KB
6 KB 125ms
45ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.tumen.kp.ru

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

2b00ce902e9ef9e7031d76c62a72c1cb0054185e6691e9a72757a31cead715a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.tumen.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6145
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 21 Aug 2022 21:31:21 GMT
server-processing-duration-in-ticks: 2232
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H/1.1 204
No Content view Show response
stat.media/counter/ 0
135 B 60ms
59ms XHR
text/plain 82.148.14.194
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/view
Requested by: Host: stat.media
URL: https://stat.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 82.148.14.194 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: sm-server1-1.ssel24.imcmdb.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
Date: Sun, 21 Aug 2022 21:31:21 GMT
Server: nginx
Connection: keep-alive

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain

https://sb.scorecardresearch.com/c2/16803468/cs.js
https://sb.scorecardresearch.com/internal-c2/default/cs.js

0
368 B

23ms
22ms

Script
application/javascript

13.32.99.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol: H2
Server: 13.32.99.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-21.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:13:28 GMT
via: 1.1 d63ea68c8b7458d49fe25f66ef7f0a5e.cloudfront.net (CloudFront)
etag: "d41d8cd98f00b204e9800998ecf8427e"
last-modified: Mon, 01 Mar 2021 20:42:20 GMT
server: AmazonS3
age: 1074
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-length: 0
x-amz-cf-id: SLxwm4AbQpQTz7_lb7WY0U4Z07LyU4ugGRnL99Zcpt45OuyfLgdLTA==

Redirect headers

location: /internal-c2/default/cs.js
date: Sun, 21 Aug 2022 21:31:21 GMT
via: 1.1 d63ea68c8b7458d49fe25f66ef7f0a5e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
content-length: 0
x-amz-cf-id: E0Mnye0f7o4KJtzWK7JV9rgN8z75J_J87Y-2v1L_3nCRl4aIxwLwrg==
x-cache: Miss from cloudfront

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B09B 0
0 63ms
63ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022081801&jk=490681984290065&bg=!V1SlVBDNAAYUOm8VNDo7ACkAdvg8WgQKlc5bLCtw7nC243xYGs1Szvc2NyYW2Xvrp0kqeO5Bco359QIAAAF1UgAAAAFoAQeZAu9xvxwgXpymFFe_ChmDWtKbXZqbEOJ6ru3KCw-Z_rBtTSP3LI11wJ9EK5YYcnA_O3vpeJlBKv3Wr9W6p71cGYA49tMQ7_7xbZF7jokmGqFdQGsEo96d18ZheC5lWfLzPZDqxgP5nVePtQgqbYwiEUGlbhMyHn_489X3IakJwPbnosXYlP4y6IEt3K9JKvQ6U4hLRLU5eaR3TcJc4q0ifn6hoOMctUm3HOpxwbsHoSdWC056V1U_NEiVgObPdRZW-hokJKyboEBK8p4SyMCDJxy3SAzlTI6Gyg2tffb_QOJg0QqlGMm1HsO6Q9V9AmWu8fCC0vh488cVkTAnZvtDkoynn1sirXtgnOK142Fb7mguVz_Thon5JYKKnxmLmv7FKIN1xmG0IZ1Wl6k-5dfURBDFnrLY4cTzD_WzGpCUMcxlkW5Nel1mQI9bH_-ykFMYhxqMiEJ8TiKVhmcbW-rGjDOO_rAcElqPYlTUtdhaV_aExBMeIrFpLja0I_MrhQRHjOXwTT-Z4rpB-6WVLV3ZJMJrJGP8zWe_uQ-Y-L1yI-V63xIICRq9fGI0iZDt9XanLCbPyVvp7iDQ15QUX-ZkEdqM1mRVQK1CbIOUSsPyxSsHAVQLKo_R4LwWu7n4ixDwbnM7QCS8nRHPhtvtwwb8DlfrMeBVKd7vPqbSzNi7BsGwOa4U7YWRegcq_BNERzMNud8U-tfm_zNWxXf-EXI--sRfBP9qWVr86zZX2puX8RjTC1xlU0mRAio6Cyb1q94scye2pbI2-znYgs3ImgmJF1o3da08NTIwC-cFUR-Icb-J0E0yMc1CuiPK01WdTSQQNN4xxvkV1-CkcnFsOpVMA_mJ974QNdcUKFlJiOkOhzJh0cgY4UgYcykn5-D82ZEjUv_J0bqFEtckMyRRNttA_Lh7dcIJyt9zuHBMDjyEwevlvyVisOxIGlrKum1UNZHaYEH47UMTGV7B3-O4emd9ydiEcnESeGBkiSDahtLwyRet
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H2 204 event
ads.adfox.ru/232598/ 0
18 B 95ms
94ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=aa116a80b4253ae5&pm=bmp&pxo=u3Aq8ZKt_QXIbpWqFv7Z7QgFaLNX3ZHf6TPqb4jNYrX5OJInn9K7HgwOE-3ws0CtZo1N_yyaQMctqYwX4VwUmu4Fz-ANFfnUzDNanAd4sNlA4YyCmd7M83JM4Fvqk3E0AWSMJQNkfMSRhCkZIFWSflknr-4swZ_RKMlTu7sLKBxd3uWH&p5=gwefg&ad-session-id=2350821661117479275&utg=oxum&lts=fjvaojv&ytt=362840448958469&ybv=0.634516&ylv=0.634516&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&rqs=JtBLxzwtFBwnpAJj9e_wh4BQds0wfXep&pr=fvalebb&puid3=top%3Aregion&rtb-si=b&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&p2=fxjd&rand=ehmprbz&sj=f3Jkp7KZP1s632iJN9xikP8TgP5HMPhFS8QclZDLHW02fE9wlfqwOhcH-nrAKA%3D%3D&puid1=adv-1661117479229-901&p1=cavko

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 21 Aug 2022 21:31:21 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 6CAF
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=kp.ru&sn=ChromeSyncframe&so=0&topUrl=www.tumen.kp.ru&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=C2euOHxsdGlUWHl3VGRjekxST3FkN3c5S0t5cHg1ZnAxK05hbk9xYlZaZ0VYSHA2WHBtR0xMd1pnTG5Xb3BBd3R4S0o4WVdOakJEc3ZEVHQ3cjVrN3V1Nk1kZG85MlFDM0J6RGFQQXZQdG9WbUNzbnMxdXl1U2h1dzVaSk...

435 B
630 B

320ms
108ms

Fetch
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=C2euOHxsdGlUWHl3VGRjekxST3FkN3c5S0t5cHg1ZnAxK05hbk9xYlZaZ0VYSHA2WHBtR0xMd1pnTG5Xb3BBd3R4S0o4WVdOakJEc3ZEVHQ3cjVrN3V1Nk1kZG85MlFDM0J6RGFQQXZQdG9WbUNzbnMxdXl1U2h1dzVaSkFERXZnbm5TcFBPV0YxK1ZJWlRTUC9DY3laUy9BV0E0d1VUZmUydlFjSzRwanM3aVhueVp2Ni9WblhwQmEzYkdoaDZreXlhZnlHak1QMjkxMVQ3dythbmZ2UWlydU9nQ3E3SmkwbVhMQURmdzFvdE1xYTE3V2hRbXdqYXlJUlZsRm1RS1NJWkxiY1ZHaHVORlROVTdZTC9sdHM2dkloZz09fA&cppv=2

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Resource Hash

9742d39db94493bd2d16d32d5ca0e7ecece72289601789d7528491cab3638961

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:22 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 5687
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:21 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=C2euOHxsdGlUWHl3VGRjekxST3FkN3c5S0t5cHg1ZnAxK05hbk9xYlZaZ0VYSHA2WHBtR0xMd1pnTG5Xb3BBd3R4S0o4WVdOakJEc3ZEVHQ3cjVrN3V1Nk1kZG85MlFDM0J6RGFQQXZQdG9WbUNzbnMxdXl1U2h1dzVaSkFERXZnbm5TcFBPV0YxK1ZJWlRTUC9DY3laUy9BV0E0d1VUZmUydlFjSzRwanM3aVhueVp2Ni9WblhwQmEzYkdoaDZreXlhZnlHak1QMjkxMVQ3dythbmZ2UWlydU9nQ3E3SmkwbVhMQURmdzFvdE1xYTE3V2hRbXdqYXlJUlZsRm1RS1NJWkxiY1ZHaHVORlROVTdZTC9sdHM2dkloZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1477
content-length: 541
expires: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8125 42 B
64 B 59ms
59ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssBUJn95QPNGatAxROIHieMYwbVFdRjpyVB_djtW8ZRFe0e_PXJkH0gpfYisJcJRbaNB2eYGhV865vRKm9Sc-cpPSCBm12CNX6xAx_EmzhFCLZwoiMJ4KYyAfYnfaye7mZnYzqbGfHU73j6TQ&sai=AMfl-YT4z144XvYJuH0xZJyAIn5Mq38BlQhMYidfYABwJzVmxT76aMdH5FXXvkdNdXpjYg-TstcAdczS0RZrici3dE-7JW-_yhrclA-CDFlaU_TKOipVeewA-OOJKEeeVMA&sig=Cg0ArKJSzOdNvdTO7oVXEAE&cid=CAASJ-RoRJmGe-qO3zAIlUA9JrUVugp9Kw-iZDVi59stGp6ILnP3ipfMhA&id=lidar2&mcvt=1000&p=389,1529,429,1570&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220817&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4130042211&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661117480481&rpt=377&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a1bed8a6f1f6460a2546120b6d18cd8a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bundle.js Show response
yastatic.net/q/set/s/rsya-tag-users/ Frame 0080 105 KB
37 KB 94ms
94ms Script
application/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Requested by

Host: www.tumen.kp.ru
URL: https://www.tumen.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:31:22 GMT
content-encoding: br
last-modified: Fri, 29 Oct 2021 11:19:01 GMT
server: nginx/1.17.9
etag: W/"82bdc8db563d3e71c35534315f8a9fd5"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Wed, 24 Aug 2022 09:28:37 GMT
cache-control: public, max-age=31556952
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
x-nginx-request-id: 9c2d76571718a504

GET
H2 204 event
ads.adfox.ru/232598/ 0
66 B 86ms
85ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=e64fb27883ff90ab&pm=bmp&pxo=uTXfailA9cPP9MgV0bM_A_QdqQnoTXHZYG8Nr5Fp9ncOY1JxNF2MTuW28KPvGSK_SipI8ad71stUqtEPClcXnq4IoYvF1NzXpoXU0SwNREvtDEPUgsQK3oTNpOpy439lcufBac2c2JPhsnAv-xN1tRslI2h3pVoEngynS9JDmnO5Lq6WTw%3D%3D&p5=gwaok&ad-session-id=2350821661117479275&utg=oxum&lts=fjvaojv&ytt=362840448958469&ybv=0.634516&ylv=0.634516&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&rqs=JtBLxzwtFBwnpAJjkMspRvr1z5asShOC&pr=fvalebb&puid3=top%3Aregion&rtb-si=b&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&p2=fbao&rand=lajiqsd&sj=hK9DOIbdADiqWSggKKqinApF_glqbP8Lx3Rht0YiEb_CWjOheRMo_NytzgH4Tg%3D%3D&puid1=adv-1661117479230-254&p1=bufhv

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 21 Aug 2022 21:31:22 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ Frame 0080 158 KB
56 KB 120ms
120ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

57cec8cb1c21ca4fe77d7bea18d3c0ed021451f77ced06a20aed3457758cef0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:31:22 GMT
content-encoding: br
last-modified: Mon, 15 Aug 2022 15:05:51 GMT
etag: "62fa369f-de6c"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 56940
expires: Sun, 21 Aug 2022 22:31:22 GMT

GET
H2 200 data Show response
yandex.ru/set/s/rsya-tag-users/ Frame 0080 403 B
447 B 286ms
286ms Fetch
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/set/s/rsya-tag-users/data?referrer=https%3A%2F%2Fwww.tumen.kp.ru%2F

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

44ce4cb1502e6a4d9880d515f108fc53df8693f4441d6317b0d77a59700b2b50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:31:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: public,max-age=300
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E277 42 B
64 B 65ms
64ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst18MoceRaq0y5kwgSgg2vCR4zz7Ep17ZOSnvgFQLNE35Lef1TDZRhK9yMtx8Dw0rH3Iq1I2WQLRM0j296tWtoSlh7obwzfzVdpEzR09FKZctWiQa95wTDUbNBWM5Lv0YttAb7h3EEhmbbF&sai=AMfl-YRMKVCRFz4hvmsD74XFyq93ZwEJM8CrUgjiqwuIo_GPFYB8tkei--QA7QcS7tah5ft8bQxjucNNJV29i6Ij1tJSuZYZB5bXSu8dO2rDbg0iPGlFUgdxsnWlBAM&sig=Cg0ArKJSzP8-T8Y-fG8YEAE&cid=CAASF-RonPEIAQ_0zIVch6uTU-jzt5O90JZW&id=lidar2&mcvt=1000&p=486,1100,1086,1400&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220817&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=3886855702&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661117480938&rpt=535&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebcd602ef315b7dcb31a5232527e0c7a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1H61ce_U0Hu200000000U9nJLBlWVTn6LqJ6S0NxNQliIcjdI_KbJCaCGE094mcLSBph7TkNni2GoWWKprp1FbCN95ug0-JL9W29LaOGsGcI1G8cXfcCef4GzaB69oOGrah6MVeGrbx63Nlv68w2-MSPGPgkWicxZ0mo34n_6MSnCJ3CPGA9B6KwnSp0i9Rf5v1zb... Show response
yandex.ru/an/rtbcount/ 43 B
320 B 70ms
69ms XHR
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/rtbcount/1H61ce_U0Hu200000000U9nJLBlWVTn6LqJ6S0NxNQliIcjdI_KbJCaCGE094mcLSBph7TkNni2GoWWKprp1FbCN95ug0-JL9W29LaOGsGcI1G8cXfcCef4GzaB69oOGrah6MVeGrbx63Nlv68w2-MSPGPgkWicxZ0mo34n_6MSnCJ3CPGA9B6KwnSp0i9Rf5v1zbka_43nbUW4KUSKay3VsLkaATaQ6-vu1lCUViJByPUeG1Zg4cHMej9TP4KXEPGOPCPUP2MGva5G0sSsoaJcxqhZonkdv2YUPrMnMd93h4rAu2bPv5qp-P7PmuWSxSnQBWbU9aqz5LNc9crDvNe6ZLvPJYhUhKu2hRaXydacOGO3lGXRfK8ZY5InJDp7kO64xmC9uamNYpG_s3rdEdW61D_PlMK2UdS3Qsd2YeUr0q09MpfEicvzmWDLTO6rOqCHoarLjnTNTDUxkOLzPGHxjO6jWcS2sRC7wNMUMTtV9p62xSZXu0TlkJG_VTBtuz6SzuqescDa7s3nEi34_OkDrhNIn2ipAApOjJKyoVya6SyLFE6iY-s7voacP-M_iPx6pcHcRc1gQRM1lKDZ1pdY2NUG1-yC3LqzsldWtCUi7-qBZ1ewjxmq0VrEg9000?confirmTime=2101000&confirmRatio=1000000&test-tag=362838837166082&format-type=118&actual-format=10&rnd=1900641786459&banner-sizes=eyI3MjA1NzYwNjQ5OTc0MzQwNyI6IjE1NjB4MjUwIn0%3D&width=1560&height=250

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
last-modified: Sun, 21 Aug 2022 21:31:22 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sun, 21 Aug 2022 21:31:22 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 0080 41 KB
15 KB 105ms
49ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

6854343e00c3b85696ab0203e2389917dee112fef408125323d7cd3f48faaab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:31:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15668
x-xss-protection: 0
server: cafe
etag: 17682506513748322061
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 21 Aug 2022 21:31:22 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/1014923426/ Frame 0080
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=KqQCY-DOLcTuxgL11ojACQ...
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1312107879&crd=&is_vtc=1&random=4162161059
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1312107879&crd=&is_vtc=1&random=4162161059&ipr=y

42 B
64 B

85ms
38ms

Image
image/gif

2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1312107879&crd=&is_vtc=1&random=4162161059&ipr=y

Protocol

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:22 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1312107879&crd=&is_vtc=1&random=4162161059&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/1014923426/ Frame 0080
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=KqQCY6HPLaWCmLAPipWvgA...
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1030959938&crd=&is_vtc=1&random=249853881
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1030959938&crd=&is_vtc=1&random=249853881&ipr=y

42 B
64 B

49ms
36ms

Image
image/gif

2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1030959938&crd=&is_vtc=1&random=249853881&ipr=y

Protocol

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:22 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1030959938&crd=&is_vtc=1&random=249853881&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3 Show response
mc.yandex.com/watch/ Frame 0080 167 B
262 B 62ms
62ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A%3Avf%3Anitzfaj0q86lk7t0iduwo%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A870%3Acn%3A1%3Adp%3A0%3Als%3A585835524861%3Ahid%3A700088391%3Az%3A0%3Ai%3A20220821213122%3Aet%3A1661117483%3Ac%3A1%3Arn%3A513569731%3Arqn%3A1%3Au%3A1661117483152255357%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1661117480297%3Ads%3A0%2C134%2C76%2C0%2C1%2C0%2C%2C30%2C0%2C242%2C242%2C0%2C242%3Aco%3A0%3Ast%3A1661117483&t=clc(0-0-0)aw(1)rqnt(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

a89aa199b3159f8ab117b347c374eae41486799ebe3297c4ec6484e05e3c90f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 21-Aug-2022 21:31:22 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 167
x-xss-protection: 1; mode=block
expires: Sun, 21-Aug-2022 21:31:22 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ Frame 0080 43 B
84 B 62ms
61ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 21:31:22 GMT
last-modified: Mon, 15 Aug 2022 15:05:51 GMT
etag: "62fa369f-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sun, 21 Aug 2022 22:31:22 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
18 B 85ms
84ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=fa3e2068a8da6e51&pm=bmn&pxo=b1-I39oxNaWy0KPlvAZlI6rwkdwnTQHSQ_dTOONXD7QL8Hlftnu0i7DzC_NKpChMMgcGMu261mRr1h17-26Jv2SMTQxTQdIezOX9USh81NMlMf1LuUqK8f2nMMfkMk8tTR24I5lD5pNL3BbRNo568R-B7FGUJOg0JFTTJ52NBf0EeYjBaA%3D%3D&p5=gwdbk&ad-session-id=2350821661117479275&utg=oxum&lts=fjvaojv&ytt=362840448958469&ybv=0.634516&ylv=0.634516&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3F&rtb-si=b&p2=gftf&rand=kuinwmz&sj=-Wk0Ll2dB4dXHNo7mszdU-yUZS0mAezPvX-idJy3wPdaXmAcZ5m46HaqBd7YKg%3D%3D&puid1=adv-1661117479225-973&pr=fvalebb&p1=cdinl&rqs=JtBLxzwtFBwnpAJjqpNtjkIztRsXjRv3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 21 Aug 2022 21:31:22 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 WOqejI_zOFK07Gm0f1HBtK4OhH03qmK0zG4GW8200J4df09Z000003YScWE80Xov0gRp98YwvjPcy0A9W92s2F050Q06m0791YRGIySyBHGSgGUe1vajQtaxGy07mAkm-W602W682Wce2kW7Y0iugWiG_LtQTQW70G3VIL0Dn-Rm2mRW3OA0W860W82819WEflYWn... Show response
yandex.ru/an/count/ 43 B
281 B 72ms
72ms XHR
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/count/WOqejI_zOFK07Gm0f1HBtK4OhH03qmK0zG4GW8200J4df09Z000003YScWE80Xov0gRp98YwvjPcy0A9W92s2F050Q06m0791YRGIySyBHGSgGUe1vajQtaxGy07mAkm-W602W682Wce2kW7Y0iugWiG_LtQTQW70G3VIL0Dn-Rm2mRW3OA0W860W82819WEflYWnUp3euaWg0-eZ_JMiwtUdKEG4FhaXuELcOkgu9MOVGBW507m5S6AzkoZZxpyOu0MXO38W8R0KfWMy83jbmQWoHRmFzWMWHUe5mdG627u6ChSif2pgupr9u0PYHcpvB0Pfg2lkiodYueSk1d___y1m1ccqDRUo-_HerRI6H9vOM9pNtDbSdPbSYzoDp0sBJBe6PWCy1dw0PWQrCDJi1j8k1i3WXmDHNb4Eb5gRdCrTMTYD-aSW1t_Vu0WW228807G8V___m4H03F3QvWnQJnoGX3ZOx0QP8LBm24DyKg-9WPUPN30NRhcH-YZPi2EYT4LNUsSNC8VUvj3qZ3E~1=WJeejI_zO5G0XGa0T110CREML078ckkMnyVJg801W07X-F3yvFU6wOW1Y06WczwZbG6G0TxQmUpSW8200fW1tjh1x5oW0OZOg068sC7iNBW1ied_YINO0VwViwW1u07AlfoX0UW1nWIW0g37onYm0uCDY0NUg1IG1Up_7B05yxiCk0Npkmp01VIQVCW5shCrq0MiZ0Ee1i01gGUe1vajQtaxG-07a0t2W806u0ZGuwKCw0a7W0e1w0oR1fWHhCSceRc0582WWWJe58m2c1RmWEsN1g395l0_c1Up_e4kk1S1m1UrrW6W6S01k1d___y1-1cGwCKeWHh__xj5u8gPcAWU0R0V0P0YgiSca2AhnoQG8gp79Wi0QjTeiCJ0L4PK60upCHScQPwCZ_0yTg-KpX7z6JeJgfbti4t00G00~1?stat-id=28&test-tag=362838837221905&banner-sizes=eyI3MjA1NzYwNjQ5OTc0MzQwNyI6IjE1NjB4MjUwIn0%3D&format-type=118&actual-format=10&pcodever=634516&banner-test-tags=eyI3MjA1NzYwNjQ5OTc0MzQwNyI6Ijk3NDg5NyJ9&width=1560&height=250&confirmTime=2100000&confirmRatio=1000000&wmode=0

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
last-modified: Sun, 21 Aug 2022 21:31:22 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sun, 21 Aug 2022 21:31:22 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame 0080 3 KB
1 KB 70ms
70ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1661117482790&cv=9&fst=1661117482790&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

89ff886ecaa1bf4594434e93be3dd56dcb53d17f75edea835aec0864872ade92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1116
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame 0080 3 KB
1 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1661117482793&cv=9&fst=1661117482793&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7cf53ac18e5c12af9cb5097592a5cdb69d034cb3b7565c4cfa931652e58d9c42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1119
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame 0080 3 KB
1 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1661117482795&cv=9&fst=1661117482795&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65f395f40a5c3f7a9e1d1d3b72d968bb3247a96ffef80184c61907e26bbe8145

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1118
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame 0080 3 KB
1 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1661117482796&cv=9&fst=1661117482796&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

991086afb6dfd9dd8983f5926fcad59b90bdab89cb320e098dba5e5661af7f8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1117
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame 0080 42 B
64 B 35ms
34ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1661117482796&cv=9&fst=1661115600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=3852762696&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/693627671/ Frame 0080 42 B
64 B 86ms
37ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/693627671/?random=1661117482796&cv=9&fst=1661115600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=3852762696&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame 0080 42 B
64 B 35ms
34ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1661117482795&cv=9&fst=1661115600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=2382027055&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/947884341/ Frame 0080 42 B
64 B 86ms
37ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/947884341/?random=1661117482795&cv=9&fst=1661115600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=2382027055&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame 0080 42 B
64 B 67ms
66ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1661117482793&cv=9&fst=1661115600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=2543634984&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/693627671/ Frame 0080 42 B
64 B 59ms
35ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/693627671/?random=1661117482793&cv=9&fst=1661115600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=2543634984&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame 0080 42 B
64 B 38ms
37ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1661117482790&cv=9&fst=1661115600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=909942333&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/947884341/ Frame 0080 42 B
64 B 61ms
38ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/947884341/?random=1661117482790&cv=9&fst=1661115600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=909942333&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 37412095 Show response
mc.yandex.com/watch/ Frame 0080 350 B
457 B 65ms
65ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%220%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22chrome%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Agdpr%3A6%3Avf%3Anitzfaj0q86lk7t0iduwo%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A870%3Acn%3A2%3Adp%3A1%3Als%3A284887207293%3Ahid%3A700088391%3Az%3A0%3Ai%3A20220821213122%3Aet%3A1661117483%3Ac%3A1%3Arn%3A754428095%3Arqn%3A1%3Au%3A1661117483152255357%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1661117480297%3Ads%3A0%2C134%2C76%2C0%2C1%2C0%2C%2C30%2C0%2C242%2C242%2C0%2C242%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1661117483%3At%3A&t=gdpr(6)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

fd5396c1262e88780a454d0f97a4eeef250078e8c6f234a5b69bbed127a3a2fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 21-Aug-2022 21:31:23 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 350
x-xss-protection: 1; mode=block
expires: Sun, 21-Aug-2022 21:31:23 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
66 B 88ms
88ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=cb39fbf16e7559ed&pm=bmn&pxo=uTXfailA9cPP9MgV0bM_A_QdqQnoTXHZYG8Nr5Fp9ncOY1JxNF2MTuW28KPvGSK_SipI8ad71stUqtEPClcXnq4IoYvF1NzXpoXU0SwNREvtDEPUgsQK3oTNpOpy439lcufBac2c2JPhsnAv-xN1tRslI2h3pVoEngynS9JDmnO5Lq6WTw%3D%3D&p5=gwaok&ad-session-id=2350821661117479275&utg=oxum&lts=fjvaojv&ytt=362840448958469&ybv=0.634516&ylv=0.634516&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&rqs=JtBLxzwtFBwnpAJjkMspRvr1z5asShOC&pr=fvalebb&puid3=top%3Aregion&rtb-si=b&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&p2=fbao&rand=mijhvnh&sj=hK9DOIbdADiqWSggKKqinApF_glqbP8Lx3Rht0YiEb_CWjOheRMo_NytzgH4Tg%3D%3D&puid1=adv-1661117479230-254&p1=bufhv

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 21 Aug 2022 21:31:23 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H3 200 155dcdf3ddeff9bb6e907995757ca0fa.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/media/ Frame E4A1 20 KB
20 KB 22ms
21ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/media/155dcdf3ddeff9bb6e907995757ca0fa.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81f5a77969e0be31aca8599391449b284d3faf2322bed3e186fcdfdd80c4a781

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 414719
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20858
x-xss-protection: 0
last-modified: Wed, 20 Jul 2022 01:11:45 GMT
server: sffe
date: Wed, 17 Aug 2022 02:19:25 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 17 Aug 2023 02:19:25 GMT

GET
H3 200 1651e19e4156ba9c441b0295aa33da49.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/media/ Frame E4A1 38 KB
38 KB 23ms
23ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3163706257327840831/media/1651e19e4156ba9c441b0295aa33da49.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac4a35db5faffafaa894fb7f1e6b9c130d9688d0c7e9736958956f1d97ea6b42

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 414967
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38874
x-xss-protection: 0
last-modified: Wed, 20 Jul 2022 01:11:45 GMT
server: sffe
date: Wed, 17 Aug 2022 02:15:17 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 17 Aug 2023 02:15:17 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
66 B 103ms
103ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=d2e8499baaad1ad0&pm=bmq&pxo=b1-I39oxNaWy0KPlvAZlI6rwkdwnTQHSQ_dTOONXD7QL8Hlftnu0i7DzC_NKpChMMgcGMu261mRr1h17-26Jv2SMTQxTQdIezOX9USh81NMlMf1LuUqK8f2nMMfkMk8tTR24I5lD5pNL3BbRNo568R-B7FGUJOg0JFTTJ52NBf0EeYjBaA%3D%3D&p5=gwdbk&ad-session-id=2350821661117479275&utg=oxum&lts=fjvaojv&ytt=362840448958469&ybv=0.634516&ylv=0.634516&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3F&rtb-si=b&p2=gftf&rand=sodqze&sj=-Wk0Ll2dB4dXHNo7mszdU-yUZS0mAezPvX-idJy3wPdaXmAcZ5m46HaqBd7YKg%3D%3D&puid1=adv-1661117479225-973&pr=fvalebb&p1=cdinl&rqs=JtBLxzwtFBwnpAJjqpNtjkIztRsXjRv3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 21 Aug 2022 21:31:24 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
18 B 89ms
89ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=be1b37cf4b8eeab9&pm=bmq&pxo=u3Aq8ZKt_QXIbpWqFv7Z7QgFaLNX3ZHf6TPqb4jNYrX5OJInn9K7HgwOE-3ws0CtZo1N_yyaQMctqYwX4VwUmu4Fz-ANFfnUzDNanAd4sNlA4YyCmd7M83JM4Fvqk3E0AWSMJQNkfMSRhCkZIFWSflknr-4swZ_RKMlTu7sLKBxd3uWH&p5=gwefg&ad-session-id=2350821661117479275&utg=oxum&lts=fjvaojv&ytt=362840448958469&ybv=0.634516&ylv=0.634516&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&rqs=JtBLxzwtFBwnpAJj9e_wh4BQds0wfXep&pr=fvalebb&puid3=top%3Aregion&rtb-si=b&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&p2=fxjd&rand=mdhaytn&sj=f3Jkp7KZP1s632iJN9xikP8TgP5HMPhFS8QclZDLHW02fE9wlfqwOhcH-nrAKA%3D%3D&puid1=adv-1661117479229-901&p1=cavko

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 21 Aug 2022 21:31:24 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
66 B 85ms
85ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=5e5ecc61de64ed58&pm=bmq&pxo=uTXfailA9cPP9MgV0bM_A_QdqQnoTXHZYG8Nr5Fp9ncOY1JxNF2MTuW28KPvGSK_SipI8ad71stUqtEPClcXnq4IoYvF1NzXpoXU0SwNREvtDEPUgsQK3oTNpOpy439lcufBac2c2JPhsnAv-xN1tRslI2h3pVoEngynS9JDmnO5Lq6WTw%3D%3D&p5=gwaok&ad-session-id=2350821661117479275&utg=oxum&lts=fjvaojv&ytt=362840448958469&ybv=0.634516&ylv=0.634516&dl=https%3A%2F%2Fwww.tumen.kp.ru%2F%3Fsection%3Dsociety&rqs=JtBLxzwtFBwnpAJjkMspRvr1z5asShOC&pr=fvalebb&puid3=top%3Aregion&rtb-si=b&puid2=society%3Atoday%3Azenyandex%3Aincident%3Aemergency%3Acelebrity%3Aculture%3Ainteresting&p2=fbao&rand=djmqusu&sj=hK9DOIbdADiqWSggKKqinApF_glqbP8Lx3Rht0YiEb_CWjOheRMo_NytzgH4Tg%3D%3D&puid1=adv-1661117479230-254&p1=bufhv

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 21 Aug 2022 21:31:25 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 571D 2 KB
540 B 32ms
32ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5898824741970832675/55cf990f37ec56e67c14c15188d8cf27.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0e53fe7669a287b3f57bb942dcf1a1fc61c969891ddce211874c475996f8a029

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 21 Aug 2022 21:12:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 21 Aug 2022 21:31:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 21 Aug 2022 21:31:25 GMT

GET
H3 200 1f09deadffcbec8898beaeadedb1a5a6.png
s0.2mdn.net/sadbundle/5898824741970832675/media/ Frame 571D 13 KB
13 KB 24ms
23ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5898824741970832675/media/1f09deadffcbec8898beaeadedb1a5a6.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8dd8a2b9fecb40aaefba62d939649d146377eb95c8330208022cf93be8aaeff7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5898824741970832675/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 12:29:19 GMT
x-content-type-options: nosniff
age: 378126
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13001
x-xss-protection: 0
last-modified: Wed, 18 May 2022 12:27:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Aug 2023 12:29:19 GMT

GET
H3 200 0ac970415767b39560c1bd7fbd704aba.png
s0.2mdn.net/sadbundle/5898824741970832675/media/ Frame 571D 1 KB
2 KB 23ms
23ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5898824741970832675/media/0ac970415767b39560c1bd7fbd704aba.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5e51a3396c0882627e554f0418c39fdb384ce29028566562411ba876a80bba8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5898824741970832675/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 12:29:39 GMT
x-content-type-options: nosniff
age: 378106
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1522
x-xss-protection: 0
last-modified: Wed, 18 May 2022 12:27:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Aug 2023 12:29:39 GMT

GET
H3 200 7006b1472b644e7727310d7fb9dfa7a1.png
s0.2mdn.net/sadbundle/5898824741970832675/media/ Frame 571D 4 KB
4 KB 21ms
21ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5898824741970832675/media/7006b1472b644e7727310d7fb9dfa7a1.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09b033112e64a07ff950cb2790acc18538ee2a5b0e7ac8398f14ee4eb6235f92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5898824741970832675/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 12:29:11 GMT
x-content-type-options: nosniff
age: 378134
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3920
x-xss-protection: 0
last-modified: Wed, 18 May 2022 12:27:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Aug 2023 12:29:11 GMT

GET
H2 200 42093449 Show response
mc.yandex.com/watch/ 350 B
453 B 62ms
62ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/42093449?wmode=7&page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&nohit=1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anitzfaj0q86lk7t0iduwo%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A870%3Acn%3A5%3Adp%3A1%3Als%3A343319303095%3Ahid%3A735502519%3Az%3A0%3Ai%3A20220821213125%3Aet%3A1661117486%3Ac%3A1%3Arn%3A1001531501%3Au%3A1661117481136524126%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1661117477748%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1661117486%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20-%20KP.RU&t=gdpr(14)mc(p-7-h-4)clc(0-0-0)lt(57900)aw(1)ecs(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

a296f4cab2de8e0a250710b997e8feac482cb7a16caab6abdd56569b68aed8d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 21-Aug-2022 21:31:25 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 350
x-xss-protection: 1; mode=block
expires: Sun, 21-Aug-2022 21:31:25 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/42093449/ 43 B
73 B 61ms
60ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/42093449/1?page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Anitzfaj0q86lk7t0iduwo%3Afp%3A921%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A870%3Acn%3A5%3Adp%3A1%3Als%3A343319303095%3Ahid%3A735502519%3Az%3A0%3Ai%3A20220821213125%3Aet%3A1661117486%3Ac%3A1%3Arn%3A932706008%3Arqn%3A1%3Au%3A1661117481136524126%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1661117477748%3Ads%3A0%2C0%2C89%2C168%2C529%2C0%2C%2C54%2C0%2C4013%2C4013%2C4%2C949%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1661117486&t=gdpr(14)mc(p-10-h-5)clc(0-0-0)lt(57900)aw(1)rqnt(1)ecs(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:25 GMT
last-modified: Sun, 21-Aug-2022 21:31:25 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 21-Aug-2022 21:31:25 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/42093449/ 43 B
73 B 65ms
64ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/42093449/1?page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Anitzfaj0q86lk7t0iduwo%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A870%3Acn%3A5%3Adp%3A1%3Als%3A343319303095%3Ahid%3A735502519%3Az%3A0%3Ai%3A20220821213125%3Aet%3A1661117486%3Ac%3A1%3Arn%3A438276495%3Arqn%3A2%3Au%3A1661117481136524126%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1661117477748%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1661117486&t=gdpr(14)mc(p-10-h-5)clc(0-0-0)lt(57900)aw(1)rqnt(2)ecs(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:25 GMT
last-modified: Sun, 21-Aug-2022 21:31:25 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 21-Aug-2022 21:31:25 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/42093449/ 43 B
73 B 63ms
62ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/42093449/1?page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Anitzfaj0q86lk7t0iduwo%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A870%3Acn%3A5%3Adp%3A1%3Als%3A343319303095%3Ahid%3A735502519%3Az%3A0%3Ai%3A20220821213125%3Aet%3A1661117486%3Ac%3A1%3Arn%3A634857006%3Arqn%3A3%3Au%3A1661117481136524126%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1661117477748%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1661117486&t=gdpr(14)mc(p-10-h-5)clc(0-0-0)lt(57900)aw(1)rqnt(3)ecs(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tumen.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:25 GMT
last-modified: Sun, 21-Aug-2022 21:31:25 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 21-Aug-2022 21:31:25 GMT

GET
H2 200 42093449 Show response
mc.yandex.com/watch/ 43 B
73 B 70ms
69ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/42093449?page-url=https%3A%2F%2Fwww.tumen.kp.ru%2F&charset=utf-8&site-info=%7B%22634516%22%3A%7B%22remoteLogString%22%3A%7B%22Error%22%3A%7B%7D%7D%7D%7D&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Anitzfaj0q86lk7t0iduwo%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A870%3Acn%3A5%3Adp%3A1%3Als%3A343319303095%3Ahid%3A735502519%3Az%3A0%3Ai%3A20220821213125%3Aet%3A1661117486%3Ac%3A1%3Arn%3A845142394%3Arqn%3A4%3Au%3A1661117481136524126%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1661117477748%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1661117486%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20%D0%B8%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A2%D1%8E%D0%BC%D0%B5%D0%BD%D0%B8%20-%20KP.RU&t=gdpr(14)mc(p-10-h-5)clc(0-0-0)lt(57900)aw(1)rqnt(4)ecs(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tumen.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 21:31:25 GMT
last-modified: Sun, 21-Aug-2022 21:31:25 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.tumen.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 21-Aug-2022 21:31:25 GMT

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

59 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 05:26:43	Name: afpix Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 05:26:43	Name: pcs3 Value: 1
.kp.ru/	1970-01-20 05:35:22	Name: w3k Value: 3557783d-f02a-4df5-b81b-3834530a89b6
.kp.ru/	1970-01-20 05:35:22	Name: w3t Value: eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOiIzNTU3NzgzZC1mMDJhLTRkZjUtYjgxYi0zODM0NTMwYTg5YjYiLCJqdGkiOiJjMWZjZGQzYS03NjAzLTRjM2MtYWE0NS0wZDdiOGNjMDJkZWYiLCJfdmVyc2lvbiI6MSwiX3BhdGgiOiIvIiwiX3RyYWNlIjoiNzE1MTgwMmZiYzkwMTMyYzdlNzI2NmJhNWEyYzdlMjQiLCJfcGF5bG9hZHMiOnsiZ2VvIjp7ImNvZGVyIjp7InN0cl9yZWdpb24iOiIiLCJyZWdpb24iOjAsInVwZGF0ZWQiOiIyMDIyLTA4LTIxVDIxOjMxOjE4WiIsInNvdXJjZSI6Imdlb2NvZGVyIn19LCJwcm9maWxlIjpudWxsfSwiX2dyYW50cyI6bnVsbCwiaXNzIjp7ImVzc2VudGlhbCI6ZmFsc2UsInZhbHVlcyI6WyJ3d3cudHVtZW4ua3AucnUiXX0sImV4cCI6MTY2MTcyMjI3OCwiaWF0IjoxNjYxMTE3NDc4LCJuYmYiOjE2NjExMTc0NzgsInN1YiI6InNlc3Npb24ifQ.sl3jr4rBSHdn2BLIKUSLpK6gDwf4ENMRxMqj1L2Mwi6PBTNww4973YsYUyG1udNUWcoakjw2F0YmBE--OQv8zLKVf9fx78H0DtOBWVkwByTnt4nFKxZgOFCHdK9C4AA_1MJReEDkaq51g3IyvLi1oyFDaJrpLN2BXEeWKDzNOPEWsY33rK5zXQ2FqqEm-eEeIfshjz4Nr8ytzdeKoObGQ6QSS0dU6gAM1zvzFRI8_9dKPlxnf5Q5zObC3dAUhQpiU7t0ZGgSkpC22ZkzkrYj71OLS-zG5AiGsaZTMbbgTsf7SjqM-jQ_pzVqM_nY7GP4b-Dt6CK7uDNQLiEajNfwtA
.yandex.ru/	1970-01-20 15:01:17	Name: yandexuid Value: 2023291871661117478
.kp.house/	1970-01-20 05:35:22	Name: w3a Value: eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZHQ00iLCJ6aXAiOiJERUYifQ.J_vaWObjiOYjtqncZVq0TV6wAw1XVyIo4D8anoisOuLFOP5X4y23Ii_R0fGdqYEQLkF22qxXeeXtqgxve2OFBQjBSGonO2VYMdv8Llj05JmspsG1KY7TiSAghtD_lNTsk2vPRwrKrcMhia08p3-Jb9QgZn6qkJhggL0LCodFWWqxOMnJUozqPOYQMjK1M1ejFj8AnDQ54kn9Z9008__Ncj9iIzp64TkAA9v6dPD0hIcWzf_nDFXQ9q1W5uuUKBCgYnQlqQbyzQP-Mjmqy6tCgewgTXBzcP-mtlz7wS4bsM6txnRODLBih5IRz7RsKxQIdMSIYvSp6YBaLMEB-CMJOQ.bTJihByMYZ_IJztE.aGzk9Wstg7pg0OjDnCFi5o62.VQL1haL6ojFq4wGmey6yXA
.kp.house/	1970-01-20 05:35:22	Name: w3k Value: e831f3ce-7fe4-4249-a9b0-db979aafd3f8
.kp.house/	1970-01-20 05:35:22	Name: w3t Value: eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOiJlODMxZjNjZS03ZmU0LTQyNDktYTliMC1kYjk3OWFhZmQzZjgiLCJqdGkiOiIzODZjNDEzYy05NWZkLTQ5ZjItOWRmMy1mNjZkMjg3MWZkYjAiLCJzdWIiOiJzZXNzaW9uIiwiZXhwIjoxNjYxNzIyMjc5LCJpYXQiOjE2NjExMTc0NzksIm5iZiI6MTY2MTExNzQ3OSwiX3ZlcnNpb24iOjEsIl9wYXRoIjpudWxsLCJpc3MiOnsiZXNzZW50aWFsIjp0cnVlLCJ2YWx1ZXMiOlsicHJvZCJdfSwiX3RyYWNlIjoiMjUyOTRjMTUxZjg4NGMwZWIwMjI4OWEwNDVlZmY0MTkifQ.R82eDhq8bkCHo_NmndNrpAOTiy6mDBanctGDPpSCh5NqqiN8bOrRrymVj4M-w8KFmu5s9L9xUrhoDabIB6wXrqVwg5e38_PYD-QFpwFpk5rXbJwkLKf3dAQwbEwoDS2joui4VIzhlUCNk02eNgBglda-ueHFZJQFgQdsYO27pXwh8q9F5f83Cy8p-1Yv5Log7XfE5XUgbQCUr8ItvcELKMzPJCMa0Eh7-FIAxkBgCgVhjh0Q2zfBbs0-Nvlb3hpJacDp5mj--9litWkLqSDJQcj3PVEP-YeieKqu5KJcwWH9Jge_f9c3i0CipsPIMZq51Ffa9kFVn7I30vuvrXFyvw
.exchange.buzzoola.com/	1970-01-20 06:08:29	Name: uuid Value: 5a801286-baae-49c9-625e-89c68e8f1126
.betweendigital.com/	1970-01-20 14:10:53	Name: dc Value: lux1
.betweendigital.com/	1970-01-20 14:10:53	Name: ss Value: 1
.betweendigital.com/	1970-01-20 14:10:53	Name: unm Value: 1
.betweendigital.com/	1970-01-20 14:10:53	Name: tuuid Value: 382fcb3a-9f04-52ea-9b10-56a8f812f28f
.betweendigital.com/	1970-01-20 14:10:53	Name: ut Value: YwKkJwAE5eg--0q4S0NT1Rbv7sltDIG1FNO62w==
.exchange.buzzoola.com/	1970-01-20 05:45:27	Name: cookiesyncs Value: 000000000000000000000000d93dab9edf0912baf9008f35866978f1
ssp.bidvol.com/	1970-01-20 15:01:17	Name: bvuid Value: f459cuv3b6
.yandex.ru/	1970-01-20 15:01:17	Name: i Value: jKnUSSPCsjkRjy5jlnA6UtwOHh9F3vI3jsHvkoIYDBmetoth30c6LkM+ra/nxSl52/5WWmKD4IRO2ejOiFFLZA4nM3Q=
.adnxs.com/	1970-01-20 07:34:53	Name: uuid2 Value: 1090073497542698083
.casalemedia.com/	1970-01-20 14:10:53	Name: CMID Value: YwKkKIrDN4yCj3s9E4SaFgAA
.casalemedia.com/	1970-01-20 07:34:53	Name: CMPS Value: 1141
.casalemedia.com/	1970-01-20 07:34:53	Name: CMPRO Value: 1141
.mc.yandex.com/	1970-01-20 05:25:18	Name: sync_cookie_csrf Value: 1655601334fake
.adnxs.com/	1970-01-20 07:34:53	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>1dYO$[!]tbPl1M>e)ZlrFUfJ+tGXvWBV!L!#?0PN5UHM^VLI!YUYT^lI[8.=Bw4.^bpRzqF1`b]YS)V)R[
.doubleclick.net/	1970-01-20 14:46:53	Name: IDE Value: AHWqTUmqrxy0I15pcnsmdd16e2PrEqKtLyWz0ZvaYNDS7IQ1l1olIXBkp14LE617Ti8
.kp.ru/	1970-01-20 14:46:53	Name: __gads Value: ID=416e9769ed6236c2:T=1661117480:S=ALNI_MbHocqmwi_W_3oO5nu7HUvd2a-zoA
.yadro.ru/	1970-01-20 14:10:51	Name: FTID Value: 1Z0gGe13oseO1Z0gGe001K9A
.mc.yandex.ru/	1970-01-20 05:25:18	Name: sync_cookie_csrf Value: 2585093653fake
.tumen.kp.ru/	1970-01-20 15:01:17	Name: _ga Value: GA1.3.655319195.1661117481
.casalemedia.com/	1970-01-20 07:34:53	Name: CMTS Value: 5143
.tumen.kp.ru/	1970-01-20 05:26:43	Name: _gid Value: GA1.3.703072933.1661117481
.tumen.kp.ru/	1970-01-20 05:25:17	Name: _dc_gtm_UA-23870775-1 Value: 1
.tumen.kp.ru/	1970-01-20 05:25:17	Name: _gat_UA-5200037-42 Value: 1
.tumen.kp.ru/	1970-01-20 05:25:17	Name: _gat_UA-23870775-31 Value: 1
.kp.ru/	1970-01-20 15:01:17	Name: _ga_E8KWCYC304 Value: GS1.1.1661117481.1.0.1661117481.0.0.0
.kp.ru/	1970-01-20 15:01:17	Name: _ga Value: GA1.1.655319195.1661117481
.kp.ru/	1970-01-20 15:01:17	Name: _ga_8MQ0FGXD1P Value: GS1.1.1661117481.1.0.1661117481.0.0.0
.yadro.ru/	1970-01-20 14:10:51	Name: VID Value: 2MPFeg126-uO1Z0gGf001K9s
.kp.ru/	1970-01-20 14:10:53	Name: _ym_uid Value: 1661117481136524126
.kp.ru/	1970-01-20 14:10:53	Name: _ym_d Value: 1661117481
.yandex.com/	1970-01-20 14:10:53	Name: yandexuid Value: 2023291871661117478
.yandex.com/	1970-01-20 14:10:53	Name: yuidss Value: 2023291871661117478
.mc.yandex.com/	1970-01-20 05:26:43	Name: sync_cookie_ok Value: synced
.kp.ru/	1970-01-20 05:26:29	Name: _ym_isad Value: 2
.tns-counter.ru/	1970-01-20 14:10:53	Name: guid Value: 56D16A056302A429X1661117481
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 2646792161661117481
.yandex.com/	1970-01-20 15:01:17	Name: i Value: XIw7vBklQiBBzkK9tjTeL/Gl00W/p3LWH+6DLJe3Kdz4Z0pyZRWaFN6k2zjuiRvDdMHdBImA4Q7zTn86EGI0e5c9Olo=
.yandex.com/	1970-01-20 14:10:53	Name: ymex Value: 1692653481.yrts.1661117481#1692653481.yrtsi.1661117481
.stat.media/	1970-01-20 14:10:53	Name: _sm_uid Value: 184dd9ad-3868-48fa-862d-895d650e1dec
.stat.media/	1970-01-20 14:10:53	Name: _sm_udt Value: 1661117481421
.stat.media/	1970-01-20 05:25:19	Name: _sm_sid Value: a25f607f-971d-4b18-9157-d91d46c84765
.stat.media/	1970-01-20 06:08:29	Name: _sm_cm Value: 6
.doubleclick.net/	1970-01-20 05:25:21	Name: DSID Value: NO_DATA
.smi2.ru/	1970-01-20 14:10:53	Name: _sm_uid Value: 184dd9ad-3868-48fa-862d-895d650e1dec
.smi2.ru/	1970-01-20 14:10:53	Name: _sm_udt Value: 1661117481421
.smi2.ru/	1970-01-20 05:25:19	Name: _sm_sid Value: a25f607f-971d-4b18-9157-d91d46c84765
.criteo.com/	1970-01-20 14:46:53	Name: uid Value: 700eec49-65e3-41f3-ba93-d713bcedc2b4
.kp.ru/	1970-01-20 14:46:53	Name: cto_bundle Value: aUkgTl9MclAlMkJSNUhpWGxmc3dmV3lCZ0w3MEFYRGl1SHlQSVdncGRxS21tdTdyeE1CeVE2akdYVCUyQkMlMkJMTXBMMER5Y0wyRHVQMU5OWmFJcFVvbDQ1U1VHTWc2JTJGSkdyQ2tlRWpFOEMlMkJXdHhSY2JnQVpxSHpDQmRTVnJ6Ukx6MkJiNGFmVzh0NDJvTHUyRW5OZGN4bDR2Z3JWNG9BJTNEJTNE
.yandex.ru/	1970-01-20 15:01:17	Name: is_gdpr Value: 1
.yandex.ru/	1970-01-20 15:01:17	Name: is_gdpr_b Value: CPDcKRDAhQEYAQ==

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://ebcd602ef315b7dcb31a5232527e0c7a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1(Line 12) Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/3163706257327840831/index.html".
network	error	URL: https://s0.2mdn.net/sadbundle/5898824741970832675/undefinedpo641w Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6e428d012d5b051d842896f91ae57fcb.safeframe.googlesyndication.com
a1bed8a6f1f6460a2546120b6d18cd8a.safeframe.googlesyndication.com
ad.mail.ru
adfox-c2s-ams.creativecdn.com
ads.adfox.ru
ads.betweendigital.com
adservice.google.com
adservice.google.de
avatars.mds.yandex.net
banners.adfox.ru
bidder.criteo.com
cm.g.doubleclick.net
counter.yadro.ru
csi.gstatic.com
dsum-sec.casalemedia.com
ebcd602ef315b7dcb31a5232527e0c7a.safeframe.googlesyndication.com
encrypted-tbn0.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
exchange.buzzoola.com
favicon.yandex.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
identity.kp.house
m.tumen.kp.ru
matchid.adfox.yandex.ru
mc.yandex.com
mc.yandex.ru
mug.criteo.com
pagead2.googlesyndication.com
pb.adriver.ru
region1.google-analytics.com
s0.2mdn.net
s01.stc.yc.kpcdn.net
s02.api.yc.kpcdn.net
s09.stc.yc.kpcdn.net
s10.stc.yc.kpcdn.net
s14.stc.yc.kpcdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
smi2.net
smi2.ru
ssp.bidvol.com
stat.media
static.criteo.net
stats.g.doubleclick.net
target.smi2.net
tns-counter.ru
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.tumen.kp.ru
yandex.ru
yastatic.net
ysa-static.passport.yandex.ru
104.18.19.126
13.32.99.21
142.250.186.162
142.250.186.66
144.76.119.17
172.217.16.194
172.217.23.98
178.250.2.131
185.184.8.90
188.42.196.115
195.209.111.22
2001:4860:4802:34::36
2001:6d0:4001::226
2a00:1148:db00::17
2a00:1450:4001:802::2001
2a00:1450:4001:803::2002
2a00:1450:4001:803::2008
2a00:1450:4001:803::200e
2a00:1450:4001:806::2004
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2006
2a00:1450:4001:813::2001
2a00:1450:4001:827::2003
2a00:1450:4001:827::200e
2a00:1450:4001:82a::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a00:1450:4006:812::2003
2a00:1450:400c:c08::9d
2a02:2638:1::13
2a02:2638:1::3
2a02:6b8:20::215
2a02:6b8::16b
2a02:6b8::184
2a02:6b8::1:119
2a02:6b8::1be
2a02:6b8::2:158
2a02:6b8::36
2a02:6b8::5:114
2a02:6b8:a::a
2a03:90c0:41:2801::254
37.252.172.250
46.161.36.2
65.108.236.88
74.119.119.139
82.148.14.194
82.202.225.240
88.212.201.198
88.212.218.22
95.181.181.12
95.181.181.82
003fd2be4ce418c095e78b312cedab2a1511eb18635b9d9e53851cd8324f46c2
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
040ffb4567331430db312a0b397b1717cb985eaeae39f0bac9586d65477f360d
05c5075000686afbe94405f7a3e0b905f02af001ec3174556fd1e07aa0c7c59f
09b033112e64a07ff950cb2790acc18538ee2a5b0e7ac8398f14ee4eb6235f92
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e53fe7669a287b3f57bb942dcf1a1fc61c969891ddce211874c475996f8a029
11d02526cbaad695117721d111752936444366ac35fec7d36bf8d5fb2aab3094
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14243de82bf925d8eb6c7606027f482c961ff53da8c9153c12f7bbeaaadf458f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
18f232b1fdd6b2806d850f3200aaa33d7d697c97eb04ce3936d96ed90b6478b7
1c2ef4d09fa856c0140a94576b6eb9befdff39a8e994c346eaf02d132424ea5b
1d352797c9473d7a0f0d88d182633330a8a7058a68cd6c052a8a2e2e6ffba4e4
1d386626a236bf37f510e9c0c2d85036641c5cc85bed4b320a181861477d0ec7
20cd7d963d1d7b4852eb93e4c3dc66dd7af19d64d6d5cf5303ce3f068053b23b
241489ad5357595eaf948db786a1673081c5d7d7ac24f5d8e50c186e33e1888f
241a27256d57c298a48e81c98e1c1d218f153b814feb196f7a6d261f4c78c7bb
2b00ce902e9ef9e7031d76c62a72c1cb0054185e6691e9a72757a31cead715a1
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ea6594700eadc561dce18df33d16ff9d07ff631d4f6f4eae734bfe34e900f0c
3379bacfc3bac0150f30d7da5354b651f052214eaf081452174d8028c5daa9e6
3394110000caa52bc9dcf892178cb4a7a8d25db76721a2290caaeb667413a4d0
340e61e16fb3429dcb0b725eeeb0c0ff08401fe675d582fa2ad2b937a73ac945
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
35ed988aff3c8059b4869fd94cc2885879041fbd698317a53741bca5095c3091
3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9
390f8310f2f5339696a641868baaabe2463bf9ad5640bc28d63b77da01b03314
391b9c991f135590863d3144429459bf9e6ee939c6c04abddd0a851d1ed40a57
3b62965d5271ec014b0e0a87ca5612570ee7322c6ad76c4a7c69e08e0247445f
3d05137d13f5a76da2788bb2da3c0c9c9a08a4c3d490ecd68f2a1da369f33afe
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
42388d0b9baf3559b365f836b695d33ede274136f000af5b1e47b0e8d97ab2ca
445837ee1d1da2644d2531f84c664f157828154b8b5e032dbef64c3a8308ef17
445cce036352fd309ae11d8f0e4ed4e4a978fbbdbdb3c8f9b6a373b0a0cd7206
44ce4cb1502e6a4d9880d515f108fc53df8693f4441d6317b0d77a59700b2b50
45010d9dc316dd46c088ad941df8e8de7e724b1a0719f9a565f1144daef796e9
478a33877bad2043e02f2fa44a23b306dc5fa5bd677f0b9c3fdb9c9d94af8485
4aea19556dc90eb53beb857d6dc516fc5c3665537fd4c6731e643f3b69f4bcd4
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b9b5af48e8a2ac9bb2389281786be629dfd71bc35bfb12b4d1af6e9dcf9cc2f
4d6993666a421d597d65eff6c04606c3c5ca8ce0bb0b22c88ef6fa52f82c2024
4dd677bb4420e6863ce111bcc768b99512bceb2e2918b980d954036529cf76ac
4feb8a4baf1ab6d4efee5b984ea48ff22af46b19c3b6c21964607fe61eea837c
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56c1ddc6c421b01f185c87afd5d1cb02e00b67488c355055afd4beae860b41e1
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
57cec8cb1c21ca4fe77d7bea18d3c0ed021451f77ced06a20aed3457758cef0e
582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e
5870a3c541d2914a173d7441227b987b0c4b82929d7244e22d9a3953599e0b00
59e2467d94ae007fa71bc0b10f4b92f227edfa03afb5ce7c904b9ea2bcf537e9
5e4d3c38e0392366ee5763b010c680825685502e897d7cf871a9208de2b470b9
607912ce0bbdc533bd357dc99af092f34783fee7f24f7fc16ece184018a7441b
60b34e20414d994e442cf8662baf2787ce5b2158f83145b602fe4e57bcc7275d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62ae7a1fcc93fc754f360bde0fdf8efc8c065b74a6415a2d19c6059a5227ae45
63b31da7c560861dc044a6b35c1b51b9664daf1008174e88053ca298a429c8ac
65f395f40a5c3f7a9e1d1d3b72d968bb3247a96ffef80184c61907e26bbe8145
66ad1c636e919351c86895ea3f4f01d96705531d6427cb9dc11c026fe2294e55
6854343e00c3b85696ab0203e2389917dee112fef408125323d7cd3f48faaab2
69da67aee532d1772cdb33ef6cb11b550ab49752e4146dbfe83a96a0b10bcc31
6b0c6ad2a39e30acdd045f1e10d04d6032f0447387edd32af55f7d80b2d4f0f0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c04a43f8abac85c67e53451e234edb590d787f6293f62c333c3a95d52a0b5a9
6db6653a65bc919f600c1e098b02145b5e62d137fbf99f84ad526692b65cc31c
6fb2352555371675225ce7b1e1832ac4b1ad8e83dc396d10b70a42dac24addc7
6ff082130eb8e0fe1ba485606bab3de43a410b184c718be62c739ab9f67c6863
706e6997ece60525215d4b4eff85639f2c4c3fc2b9fb8d2202641d81a56d76e0
73700c617669c8ac7132612621fd54c22883ab58f29ceae5438c9f0bba0538e3
744c54512d1121cb37612674174ed9cf2b8e59969f31bce8af4959c75a88d1c5
750c6e1ef8c0edf15d14568e66beb80acb75a31177f5750ee7eb7ffc9e935e79
75147d863f4ebbda561d4a767dd460591d92d6ad6bc13987ca624e74389c161a
75d16f690db62e7b02e26bff78808ea7529f154b36340c9b6d6e1cd81b64a4ca
78e77be833be1aa2e8798d5ba26aab01971974812e6a929344a7b4c4d22f611b
7947a98649eaa415f52cd5ac372adac177440d0c60a50f2729b99963b28362c3
79b61584d0a301be71c6a153f3a0c8cbcf937e31e6a6f38e2789c2a54482189b
7a0fb8fc4de0bde528e5b17743e35c50492d1d1de41567cb3b83f5a63db862d0
7cf53ac18e5c12af9cb5097592a5cdb69d034cb3b7565c4cfa931652e58d9c42
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
81f5a77969e0be31aca8599391449b284d3faf2322bed3e186fcdfdd80c4a781
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
866fdf09a0430e8522b2a492c3b0433aa5986d284885fc610ffb84a3439bbdc1
89ff886ecaa1bf4594434e93be3dd56dcb53d17f75edea835aec0864872ade92
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8dd8a2b9fecb40aaefba62d939649d146377eb95c8330208022cf93be8aaeff7
9205ceae907f8417e3b4bd8463b1075526a25da4cdd2aed549b03cd6869632aa
92f108fa97f63aa01d67c7c19599f9133ef0e60a11fba74ca137f5b699abd36b
93b23044262887fc2d7651deb7749b1d5b9dd942922da55a84fec5dfb38e024f
9742d39db94493bd2d16d32d5ca0e7ecece72289601789d7528491cab3638961
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
991086afb6dfd9dd8983f5926fcad59b90bdab89cb320e098dba5e5661af7f8d
99c664c6e0f9211430ca24054ef2365aa16aabaa3ca3c3a22674d3fb0c86c1e0
9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a
9dc89e2eae45dccc1b2d7b9540adae2349bbb5d84578eadb8f0f645eac324910
9e727b6a63ebbbb01b2cdbbc7d9d1b3d924a5d37dda9a084b81d67fa9f22baf8
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0e46d0eff446c60d926ab68094e9951ad61d82539991999a5379124cc74ff95
a143fa0a3b81c05da59e62a1c7fbee1baba78afe9c7138e68eaf2b7127ec4d06
a1552feb4b5fb278a311065529c1400fba11d04257a8dbd08d0f4305aeeb5b44
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a296f4cab2de8e0a250710b997e8feac482cb7a16caab6abdd56569b68aed8d7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a81ae4dd7742b736f41e6e382827ab3672728b6f7f529ad5c72d6d6e79861484
a89aa199b3159f8ab117b347c374eae41486799ebe3297c4ec6484e05e3c90f1
abb5348aeb50feab8abc0212d24ef2d4daa64f08d38e6cabce13e7a78f1ad837
ac328a8a84ae8f231289b12001679dd2c93d99161388aa3eca4a9b64078e2987
ac4a35db5faffafaa894fb7f1e6b9c130d9688d0c7e9736958956f1d97ea6b42
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0d9a43a44410166fc5ff483dace5234c3d9e35e190069b1b974ef505df89753
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1b20f417556b312ce649c4124557c191dc68f5c4675837c75dae2d291601cd6
b5e51a3396c0882627e554f0418c39fdb384ce29028566562411ba876a80bba8
b738f99519db9a9844cb92a9ccac7ecc2d129b163c03e33e66da125c12abd769
b9626a32ba37b0590508877b518afb8e18c1623278119b425ba2e3d14d39c4fe
b9ba215c474686628ad12b265375aee5414874ff881e9d768d9dc504352ca6fc
ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
bc86784d61c4e6532dea65891e16f3983ed2a81d326e5ef8ab446e554b9c17e3
bc96dd512627a5ff3462e1079dbcd5c5150bab5b724a0d143986cdde8ca4a9a0
bd777040af92b80ce53195b04bfcc455fc13eb9f131816a48a6c060298d3ab46
bdcc907fad66ec108bfe0ec231d728d9aacbb937ed3185fd0d0e9d764b4d2e8b
becefc9f93e9ea8cec1d4749c473c476c44e65a7eee7d88dda107958649413e9
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
c2b953cb7332ef4bda5208c47e2de99dad242c6f74738a4f1ea1358e14ab8ac9
c6f650eb38f7510ca1b365201d37f30e9a5939514808a726d60b53c2ecedac75
c921b4351a1ae90dcc7a30a01fbc1e169d57e9f4451d55a840438fb13e7c1cc6
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
cdb0f9fd04b4ab17a34e015dc70a73b673e1783df5449ccf88be313d55b7e3fd
ce2b20b494c35ea84e96f3ea4d4b689bfbb362c86c287ab20915ef8f4531d734
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d03d067201fd73757e5df39f1c19c146157ef052a7b5f253f18c8636a49ab5ba
d2051a9373e01b111211247251572fb685a8fa7e9fea2255619256d4714e0306
d3114c4944dcf347da9b150fbd12bf83cf1a719fca0eb5480d9af4cb2f30aefc
d39f50472325df4a4476a1ce8697321bbe344dbe5508c6e94af86129b05e180d
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d8e0fe51325ed812a49bbeb7910c747407c0b92fc64634a583dddb12b28e3cea
da09f03549a3d9ae51406d85931ec2682bc82759cf96101b982496da1139ddda
da24ca580aafbfcbf4309e3e8afefd7706063456bd7577e5ca4ec8aa2a9adf30
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0638fedc4c8baed91a66850abca34f83e0b5093207b08c7ad2f6f0fb8dd45a5
e135dbbab0c302a372df8295141cb5aea488ad8ce99cb9d4aaac3cec4b5307fc
e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264
e1f392c6261976d6a124453ce57ff1e4b0ee8cdd389c195519cc41dd049693fc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e4ec8c02ce1156b46862a31790e01b86c2c1c40299b2636c553803d22f566b47
e6606da2d3e7f5dd5f717577ffa98230234585c67429db3a5e86bc68513fef0c
ea19acf85c05cc6c1119f4d75d6a2e75e66bec1f8c306b1a05f5d739c15532a8
eaa96ef6d50cf31354c2056d64422a13e0d5ea191427a8a12ecbacc101b4f43f
ec1da9c9499e44d23c66b4913e33f798df99c9fb9b9bac561059c6133a253037
ee90dc43f87d42bc3707007080137e0fa17a0969164624b48c18c469833e1ecc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7ba5e1b255053d409880374b1d1e76e52c337275c3171fe0f7f9b663526270
f15e500cee8043a682a05f5224f20f0d3a3d0c3f35a5dbb19b5ce94724a89817
f294d1ffe673d5980be45113e6081de7e6b92ff201ad687070e6570dbbb59d93
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f76a521d8d893e573ee2def73e397a42f33f937aca5dcfeb77b2e001ea5a7ca6
f87fe57873f1ee44248205081299903c6ff59c619d896e570273e3f8641726e8
f91433cc68751743758f6f05305ae4502b2e8566a88fa3fe79b2a2a6cf7e9a59
fa1f5a378d1b6ed9854b1fcdaac2b1b0f94e414d76fe29b0c42f5b8bc00c3397
fd5396c1262e88780a454d0f97a4eeef250078e8c6f234a5b69bbed127a3a2fc
fd61b939d60a34fe92950d8fb53ed0449e7cd55ed78c000ec51aec0136d1c157

www.tumen.kp.ru Open in urlscan Pro 95.181.181.82 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

283 Requests

95 %HTTPS

63 %IPv6

35 Domains

64 Subdomains

57 IPs

10 Countries

3396 kBTransfer

9111 kBSize

59 Cookies

34 Outgoing links

Page URL History

Redirected requests

283 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.tumen.kp.ru Open in urlscan Pro
95.181.181.82 Public Scan

Screenshot
Live screenshot

Full Image

283
Requests

95 %
HTTPS

63 %
IPv6

35
Domains

64
Subdomains

57
IPs

10
Countries

3396 kB
Transfer

9111 kB
Size

59
Cookies

283 HTTP transactions
12 data transactions