www.ufa.kp.ru Open in urlscan Pro
95.181.181.82 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://m.ufa.kp.ru/
Effective URL:
https://www.ufa.kp.ru/
Submission Tags: ru kp l4ing press news h8 Search All
Submission: On July 09 via manual (July 9th 2022, 5:01:27 pm UTC) from UA — Scanned from DE

Summary HTTP 286 Redirects Links 35 Behaviour Indicators

Summary

This website contacted 55 IPs in 9 countries across 45 domains to perform 286 HTTP transactions. The main IP is 95.181.181.82, located in Russian Federation and belongs to EDGECENTERLLC, RU. The main domain is www.ufa.kp.ru.
TLS certificate: Issued by R3 on May 25th 2022. Valid for: 3 months.

This is the only time www.ufa.kp.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 4	95.181.181.82 95.181.181.82	210756 (EDGECENTE...) (EDGECENTERLLC)
13	2a02:6b8:a::a 2a02:6b8:a::a	208722 (GLOBAL_DC) (GLOBAL_DC)
27	2a03:90c0:41:... 2a03:90c0:41:2801::254	199524 (GCORE) (GCORE)
1	95.181.181.12 95.181.181.12	210756 (EDGECENTE...) (EDGECENTERLLC)
1	2a02:6b8::16b 2a02:6b8::16b	208722 (GLOBAL_DC) (GLOBAL_DC)
10	2a02:6b8:20::215 2a02:6b8:20::215	208722 (GLOBAL_DC) (GLOBAL_DC)
2 4	168.119.9.59 168.119.9.59	24940 (HETZNER-AS) (HETZNER-AS)
3	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
3	195.209.111.20 195.209.111.20	52007 (ADRIVER-AS) (ADRIVER-AS)
3	2a00:1148:db0... 2a00:1148:db00::17	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
3	188.42.191.196 188.42.191.196	7979 (SERVERS-COM) (SERVERS-COM)
18	2a02:6b8::1be 2a02:6b8::1be	208722 (GLOBAL_DC) (GLOBAL_DC)
6	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
2	2a02:6b8::2:158 2a02:6b8::2:158	208722 (GLOBAL_DC) (GLOBAL_DC)
6	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2 18	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
2 11	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
3 14	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2a02:6b8::184 2a02:6b8::184	208722 (GLOBAL_DC) (GLOBAL_DC)
2 2	52.30.25.219 52.30.25.219	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:215... 2600:9000:2156:d000:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6b8::5:114 2a02:6b8::5:114	208722 (GLOBAL_DC) (GLOBAL_DC)
6 13	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
4 8	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 5	37.252.173.27 37.252.173.27	29990 (ASN-APPNEX) (ASN-APPNEX)
22	2a00:1450:400... 2a00:1450:4001:802::2006	15169 (GOOGLE) (GOOGLE)
4	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1 3	54.154.32.144 54.154.32.144	16509 (AMAZON-02) (AMAZON-02)
2	213.202.235.9 213.202.235.9	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
3	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	2001:6d0:4001... 2001:6d0:4001::226	52016 (TNSMSK-) (TNSMSK-)
4	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
2	146.185.195.90 146.185.195.90	50340 (SELECTEL-MSK) (SELECTEL-MSK)
1 3	143.204.89.128 143.204.89.128	16509 (AMAZON-02) (AMAZON-02)
1 2	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
2	2a00:1450:400... 2a00:1450:400c:c1b::9a	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
3	82.148.14.195 82.148.14.195	50340 (SELECTEL-MSK) (SELECTEL-MSK)
1	88.212.218.1 88.212.218.1	39134 (UNITEDNET) (UNITEDNET)
1	82.202.225.240 82.202.225.240	49505 (SELECTEL) (SELECTEL)
2 2	3.120.80.21 3.120.80.21	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700:440... 2606:4700:4400::6812:230b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.105.8 34.96.105.8	15169 (GOOGLE) (GOOGLE)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
3 3	213.19.147.44 213.19.147.44	26120 (RHYTHMONE) (RHYTHMONE)
2 3	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
286	55

4 95.181.181.82 (Russian Federation) 2 redirects

ASN210756 (EDGECENTERLLC, RU)

m.ufa.kp.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.ufa.kp.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)

s01.stc.yc.kpcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s16.stc.yc.kpcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s09.stc.yc.kpcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s02.api.yc.kpcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s14.stc.yc.kpcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.181.181.12 (Russian Federation)

ASN210756 (EDGECENTERLLC, RU)

identity.kp.house	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::16b (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

matchid.adfox.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 168.119.9.59 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.59.9.119.168.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

adfox-c2s-ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 195.209.111.20 (Russian Federation)

ASN52007 (ADRIVER-AS, RU)

pb.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.42.191.196 (Luxembourg)

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a02:6b8::1be (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

ads.adfox.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::2:158 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

banners.adfox.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.250.181.226 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cddb1aedb75224132775dcc54c671cd8.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::184 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

avatars.mds.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.25.219 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-25-219.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:d000:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::5:114 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

ysa-static.passport.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.185.162 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.19.126 (None, ) 4 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.173.27 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:802::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.154.32.144 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-32-144.eu-west-1.compute.amazonaws.com

skydeutschland.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.202.235.9 (Herrischried, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:6d0:4001::226 (Russian Federation) 1 redirects

ASN52016 (TNSMSK-, RU)

tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.185.195.90 (Russian Federation)

ASN50340 (SELECTEL-MSK, RU)
PTR: target2-1.ssel24.imcmdb.net

target.smi2.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.89.128 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-128.fra50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.204 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c1b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 82.148.14.195 (Russian Federation)

ASN50340 (SELECTEL-MSK, RU)
PTR: sm-server1-1.ssel25.imcmdb.net

stat.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.218.1 (Russian Federation)

ASN39134 (UNITEDNET, RU)

smi2.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.202.225.240 (Moscow, Russian Federation)

ASN49505 (SELECTEL, RU)
PTR: smi2adm2-1.ssel27.imcmdb.net

smi2.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.80.21 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-80-21.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:230b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.44 (Beverwijk, Netherlands) 3 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.66 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 160 cddb1aedb75224132775dcc54c671cd8.safeframe.googlesyndication.com 74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com	252 KB
37	doubleclick.net 8 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 cm.g.doubleclick.net — Cisco Umbrella Rank: 205 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 287 stats.g.doubleclick.net — Cisco Umbrella Rank: 119	487 KB
27	kpcdn.net s01.stc.yc.kpcdn.net — Cisco Umbrella Rank: 259658 s16.stc.yc.kpcdn.net — Cisco Umbrella Rank: 305812 s09.stc.yc.kpcdn.net — Cisco Umbrella Rank: 295937 s02.api.yc.kpcdn.net — Cisco Umbrella Rank: 373783 s14.stc.yc.kpcdn.net — Cisco Umbrella Rank: 303760	830 KB
22	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 276	568 KB
20	adfox.ru ads.adfox.ru — Cisco Umbrella Rank: 10773 banners.adfox.ru — Cisco Umbrella Rank: 61881	94 KB
19	yandex.ru 1 redirects yandex.ru — Cisco Umbrella Rank: 1297 matchid.adfox.yandex.ru — Cisco Umbrella Rank: 28061 mc.yandex.ru — Cisco Umbrella Rank: 3472 ysa-static.passport.yandex.ru — Cisco Umbrella Rank: 25280	351 KB
14	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 92 www.google.com — Cisco Umbrella Rank: 8	3 KB
10	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 10550	4 KB
10	google.de adservice.google.de — Cisco Umbrella Rank: 7751 www.google.de — Cisco Umbrella Rank: 5448	2 KB
10	yastatic.net yastatic.net — Cisco Umbrella Rank: 6189	251 KB
9	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 744 gum.criteo.com — Cisco Umbrella Rank: 391 mug.criteo.com — Cisco Umbrella Rank: 2727	9 KB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 608 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 576	7 KB
8	gstatic.com fonts.gstatic.com	210 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49 region1.google-analytics.com — Cisco Umbrella Rank: 2733	20 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 179	210 KB
5	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 244	5 KB
4	tns-counter.ru 1 redirects tns-counter.ru — Cisco Umbrella Rank: 10783	62 KB
4	adsafeprotected.com 2 redirects pixel.adsafeprotected.com — Cisco Umbrella Rank: 536 static.adsafeprotected.com — Cisco Umbrella Rank: 562	1 KB
4	buzzoola.com 2 redirects exchange.buzzoola.com — Cisco Umbrella Rank: 18578	2 KB
4	kp.ru 2 redirects m.ufa.kp.ru www.ufa.kp.ru	106 KB
3	googleadservices.com 2 redirects www.googleadservices.com — Cisco Umbrella Rank: 126	16 KB
3	stat.media stat.media — Cisco Umbrella Rank: 22336	29 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 134	780 B
3	smi2.net target.smi2.net — Cisco Umbrella Rank: 117395 smi2.net — Cisco Umbrella Rank: 46224	2 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	210 KB
3	demdex.net 1 redirects skydeutschland.demdex.net — Cisco Umbrella Rank: 86800	3 KB
3	betweendigital.com ads.betweendigital.com — Cisco Umbrella Rank: 2197	3 KB
3	mail.ru ad.mail.ru — Cisco Umbrella Rank: 11075	1008 B
3	adriver.ru pb.adriver.ru — Cisco Umbrella Rank: 38127	903 B
3	creativecdn.com adfox-c2s-ams.creativecdn.com — Cisco Umbrella Rank: 61709	621 B
3	criteo.net static.criteo.net — Cisco Umbrella Rank: 606	40 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 540	2 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 802 s.tribalfusion.com — Cisco Umbrella Rank: 2209	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 790	2 KB
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 9125	2 KB
2	exactag.com m.exactag.com — Cisco Umbrella Rank: 11552	2 KB
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1121	573 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 12943	552 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 2899	173 B
1	smi2.ru smi2.ru — Cisco Umbrella Rank: 48295	868 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	22 KB
1	yandex.net avatars.mds.yandex.net — Cisco Umbrella Rank: 7874	29 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 71	1 KB
1	kp.house identity.kp.house — Cisco Umbrella Rank: 271500	2 KB
0	bidvol.com Failed ssp.bidvol.com Failed
286	45

	Domain	Requested by
24	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net 74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com www.googletagservices.com
22	s0.2mdn.net	www.ufa.kp.ru s0.2mdn.net 14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com 74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com
20	s01.stc.yc.kpcdn.net	www.ufa.kp.ru s01.stc.yc.kpcdn.net
18	ads.adfox.ru	yandex.ru
17	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com s0.2mdn.net 74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com
13	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net 74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com
13	yandex.ru	www.ufa.kp.ru yandex.ru yastatic.net
11	www.google.com	2 redirects tpc.googlesyndication.com 14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com
10	mc.yandex.com	2 redirects mc.yandex.ru
10	googleads.g.doubleclick.net	2 redirects 14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com www.ufa.kp.ru 74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com www.googleadservices.com
10	yastatic.net	yandex.ru yastatic.net www.ufa.kp.ru
8	fonts.gstatic.com	fonts.googleapis.com
8	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.ufa.kp.ru
7	www.google.de
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
6	www.googletagservices.com	yastatic.net securepubads.g.doubleclick.net 14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com 74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com
6	bidder.criteo.com	static.criteo.net
5	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	tns-counter.ru	1 redirects www.ufa.kp.ru tns-counter.ru
4	googleads4.g.doubleclick.net	www.ufa.kp.ru
4	mc.yandex.ru	1 redirects yandex.ru www.ufa.kp.ru yastatic.net
4	exchange.buzzoola.com	2 redirects www.ufa.kp.ru
3	www.googleadservices.com	2 redirects yastatic.net
3	stat.media	target.smi2.net stat.media
3	sb.scorecardresearch.com	1 redirects
3	www.googletagmanager.com	www.ufa.kp.ru www.googletagmanager.com
3	skydeutschland.demdex.net	1 redirects 14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com 74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com
3	adservice.google.com	securepubads.g.doubleclick.net
3	adservice.google.de	securepubads.g.doubleclick.net
3	ads.betweendigital.com	yandex.ru
3	ad.mail.ru	yandex.ru
3	pb.adriver.ru	yandex.ru
3	adfox-c2s-ams.creativecdn.com	yandex.ru
3	static.criteo.net	yandex.ru www.ufa.kp.ru
2	sync.1rx.io	2 redirects
2	pm.w55c.net	2 redirects
2	74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	region1.google-analytics.com	www.googletagmanager.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	counter.yadro.ru	1 redirects
2	target.smi2.net	www.ufa.kp.ru
2	m.exactag.com	14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com 74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com
2	static.adsafeprotected.com	14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com 74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com
2	pixel.adsafeprotected.com	2 redirects
2	14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	banners.adfox.ru
2	gum.criteo.com	1 redirects static.criteo.net
2	s02.api.yc.kpcdn.net	s01.stc.yc.kpcdn.net
2	s09.stc.yc.kpcdn.net	www.ufa.kp.ru
2	s16.stc.yc.kpcdn.net	www.ufa.kp.ru
2	www.ufa.kp.ru	www.ufa.kp.ru
2	m.ufa.kp.ru	2 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	ssum-sec.casalemedia.com	1 redirects
1	ads.travelaudience.com	1 redirects
1	tr.blismedia.com	74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	smi2.net
1	smi2.ru
1	cdnjs.cloudflare.com	s0.2mdn.net
1	ysa-static.passport.yandex.ru
1	avatars.mds.yandex.net
1	cddb1aedb75224132775dcc54c671cd8.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	mug.criteo.com
1	fonts.googleapis.com	yastatic.net
1	matchid.adfox.yandex.ru	yandex.ru
1	s14.stc.yc.kpcdn.net	www.ufa.kp.ru
1	identity.kp.house	s01.stc.yc.kpcdn.net
0	ssp.bidvol.com Failed	yandex.ru
286	71

This site contains links to these domains. Also see Links.

Domain
www.kazan.kp.ru
www.kp.ru
radiokp.ru
advert.kp.ru
parus.kp.ru
kino.kp.ru
ufa.kp.ru
ads.adfox.ru

Subject Issuer	Validity	Valid
volga.kp.ru R3	`2022-05-25` - `2022-08-23`	3 months	crt.sh
*.xn--d1acpjx3f.xn--p1ai GlobalSign ECC OV SSL CA 2018	`2022-03-04` - `2022-09-01`	6 months	crt.sh
*.stc.yc.kpcdn.net R3	`2022-05-31` - `2022-08-29`	3 months	crt.sh
identity.kp.house R3	`2022-05-10` - `2022-08-08`	3 months	crt.sh
s01.api.yc.kpcdn.net R3	`2022-06-08` - `2022-09-06`	3 months	crt.sh
matchid.adfox.yandex.ru Yandex CA	`2022-02-05` - `2022-07-31`	6 months	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2022-04-01` - `2022-09-29`	6 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-21` - `2022-09-23`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.adriver.ru GlobalSign GCC R3 DV TLS CA 2020	`2022-04-05` - `2023-04-05`	a year	crt.sh
*.mail.ru GeoTrust ECC CA 2018	`2021-10-15` - `2022-11-15`	a year	crt.sh
*.ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.adfox.ru GlobalSign RSA OV SSL CA 2018	`2022-05-30` - `2022-11-08`	5 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-15` - `2022-09-18`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.s3.yandex.net GlobalSign RSA OV SSL CA 2018	`2022-03-11` - `2022-10-11`	7 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-05-21` - `2022-10-31`	5 months	crt.sh
*.avatars.yandex.net GlobalSign RSA OV SSL CA 2018	`2022-03-04` - `2023-04-05`	a year	crt.sh
ysa-static.passport.yandex.net GlobalSign ECC OV SSL CA 2018	`2022-03-04` - `2023-04-05`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.exactag.com Sectigo RSA Organization Validation Secure Server CA	`2022-04-01` - `2023-05-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.tns-counter.ru GlobalSign ECC OV SSL CA 2018	`2021-12-10` - `2022-12-31`	a year	crt.sh
smi2.net R3	`2022-05-27` - `2022-08-25`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
www.google.de GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
stat.media R3	`2022-05-10` - `2022-08-08`	3 months	crt.sh
smi2.ru R3	`2022-07-01` - `2022-09-29`	3 months	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2022-06-19` - `2022-09-17`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh

This page contains 25 frames:

Primary Page: https://www.ufa.kp.ru/
Frame ID: A1AD0AEF93CAEDD28A95B7CCAF07A75F
Requests: 146 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.ufa.kp.ru
Frame ID: D843F6A8A48291254F70CE58AEF5F686
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 03FE720D88D5C10E47EFA2A8E45E306E
Requests: 8 HTTP requests in this frame

Frame: https://14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 10012C70E3CBA5E9B13B3CF2C89DB60F
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 0C69CE6CE84AAF5E3D9DE95BFB6426A3
Requests: 12 HTTP requests in this frame

Frame: https://cddb1aedb75224132775dcc54c671cd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: C746B87C583C85E73958E0A9CB3DC15F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 896CEEF9A0B319D852FA35C54405C25E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 00731D895DB76F2576D0D3559EA673CB
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 20C21C357D2F8C9E4AC515B06EBAFD61
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 60EECF0EB3925FD7BEA47551A50BEEC3
Requests: 2 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Frame ID: 19CFFE1F1AA8C68ABC9C5932788EDE61
Requests: 23 HTTP requests in this frame

Frame: https://14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 0493E832363E00F2A9D743921F17E4E5
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGO6p_M0BMAE&v=APEucNXA9qgfXxOc5Bs0MPEyiCM5yKSajMybFa1k3lLP4ESTLAXFOXOB3Uq_ej9zd0Y1ksy05luzlvZEoFZXIEB8S7_7M1_JnptZdX2ehGRmZhQyW-mZKf6v0h9R7ZaMaQzLUSDk2DFJmCO6ecff8KNzbzlS4TZnrOT-N0ut7psoW26sg1nPklc
Frame ID: 4335112575618B9FA7D6A7FAD59C7519
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=gbwa8wYOqL&t=1&renderingType=2&ev=01_247
Frame ID: 3150B0FC2D7FAC8EED4046C6B7C43CDB
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 57989E653DF9C03F7647CE05B9D9C21E
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/_j1ezhpSwBWUHEITOmC2IR4vOiGfDYio7V63aY1ETrc.js
Frame ID: DCC69972FB512B38A1E77E335D38A639
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 4DA63EBDAE72747A666D784E82883292
Requests: 8 HTTP requests in this frame

Frame: https://74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 51AC3724D993BEEE1C85CADBE732CB71
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 02335D93F3BAA47F40BB2F2E3130908E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 45AEB579D034FD1E2F7E5164E6A3FA1F
Requests: 2 HTTP requests in this frame

Frame: https://74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 8165C79321FDAF37785888FADB421F40
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGIb4hs4BMAE&v=APEucNW_jXVFU2rftFcTOE6eD8lSkgvik-9lbIFYLqNjwlnp52nuenR5VDWo2askT3JvTe8AMwssVXRl57wr6GkDnC35MEad6P1EHyMUe5bykVY5JcFlhTL12WNH85JwowvXQt3_59Z_4DkADX2Ht13VG9Gjy4pDM-fb74ruLZMONbsUF0Uu81w
Frame ID: FD6E0CE9B11D9D8858EB5E57748AC35A
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 91BF250108A15A2C12D7779EEFEA8879
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C23F69BB1EDAB686C7B54BCE0404A522
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6763682074198253615/300x600_RTB30/index.html
Frame ID: E9603A6620DDA543AB8DE39FF3E7514E
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Новости Уфы и республики Башкортостан: главные новости на сегодня | Комсомольская Правда в Уфе - KP.Ru

Page URL History Show full URLs

http://m.ufa.kp.ru/ HTTP 301
https://m.ufa.kp.ru/ HTTP 303
https://www.ufa.kp.ru/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

286
Requests

90 %
HTTPS

53 %
IPv6

45
Domains

71
Subdomains

55
IPs

9
Countries

3824 kB
Transfer

9573 kB
Size

69
Cookies

35 Outgoing links

These are links going to different origins than the main page.

URL: https://www.kazan.kp.ru/daily/21712095/4332309/

Search URL Search Domain Scan URL

URL: https://www.kp.ru/daily/euromaidan/
Title: Спецоперация на Украине

Search URL Search Domain Scan URL

URL: https://www.kp.ru/sports/
Title: Спорт

Search URL Search Domain Scan URL

URL: https://www.kp.ru/samobranka/
Title: Самобранка

Search URL Search Domain Scan URL

URL: https://www.kp.ru/expert/
Title: Выбор экспертов

Search URL Search Domain Scan URL

URL: https://www.kp.ru/doctor/
Title: Доктор

Search URL Search Domain Scan URL

URL: https://www.kp.ru/family/
Title: Семья

Search URL Search Domain Scan URL

URL: https://www.kp.ru/woman/
Title: Женские секреты

Search URL Search Domain Scan URL

URL: https://www.kp.ru/putevoditel/
Title: Путеводитель

Search URL Search Domain Scan URL

URL: https://www.kp.ru/promokod/
Title: Промокоды

Search URL Search Domain Scan URL

URL: https://www.kp.ru/putevoditel/serialy/
Title: Сериалы

Search URL Search Domain Scan URL

URL: http://www.kp.ru/best/msk/projects/
Title: Спецпроекты

Search URL Search Domain Scan URL

URL: https://www.kp.ru/putevoditel/zdorove/defitsit-zheleza-u-zhenshhin/
Title: Дефицит железа

Search URL Search Domain Scan URL

URL: https://www.kp.ru/guide/
Title: Гид потребителя

Search URL Search Domain Scan URL

URL: https://www.kp.ru/daily/217165/4265546/
Title: Все о КП

Search URL Search Domain Scan URL

URL: https://radiokp.ru/
Title: Радио КП

Search URL Search Domain Scan URL

URL: https://advert.kp.ru/
Title: Реклама

Search URL Search Domain Scan URL

URL: https://www.kp.ru/daily/theme/16218/
Title: Украина: сводка

Search URL Search Domain Scan URL

URL: http://parus.kp.ru/
Title: Алый парус

Search URL Search Domain Scan URL

URL: https://kino.kp.ru/
Title: Наше кино

Search URL Search Domain Scan URL

URL: https://www.kp.ru/daily/koronavirus/
Title: COVID-19

Search URL Search Domain Scan URL

URL: https://www.kp.ru/daily/partiya_dela/
Title: Лица труда

Search URL Search Domain Scan URL

URL: https://www.kp.ru/russia/
Title: Отдых в России

Search URL Search Domain Scan URL

URL: https://www.kp.ru/incidents/
Title: Происшествия

Search URL Search Domain Scan URL

URL: https://www.kp.ru/afisha/msk/
Title: Афиша

Search URL Search Domain Scan URL

URL: https://ufa.kp.ru/politics/
Title: Политика

Search URL Search Domain Scan URL

URL: https://ufa.kp.ru/society/
Title: Общество

Search URL Search Domain Scan URL

URL: https://ufa.kp.ru/auto/
Title: Авто

Search URL Search Domain Scan URL

URL: https://ufa.kp.ru/incidents/
Title: Происшествия

Search URL Search Domain Scan URL

URL: https://ufa.kp.ru/sport/
Title: Спорт

Search URL Search Domain Scan URL

URL: https://ufa.kp.ru/health/
Title: Здоровье

Search URL Search Domain Scan URL

URL: https://ufa.kp.ru/economics/
Title: Экономика

Search URL Search Domain Scan URL

URL: https://ufa.kp.ru/daily/invisible/
Title: Интересное

Search URL Search Domain Scan URL

URL: https://ads.adfox.ru/232598/goLink?ad-session-id=9960471657386079975&hash=d5c977b7c083855b&puid1=adv-1657386079932-342&sj=Lxt0CihIP7Td1YckA7WpCrRFaF6n47JvlzX-o-Ch0jXvBWhVq5OcZcWaLw_jPg%3D%3D&rand=iyjjyvm&rqs=YIziPGAVrnpgtMli5--7W_AZgLl2c0Ue&puid3=top%3Aregion&pr=hfnuxqp&p1=clerf&ytt=424413099065349&p5=ljjmt&ybv=0.612100&puid2=society%3Atoday%3Ainteresting%3Azenyandex%3Aincident%3Aemergency%3Asport%3Acelebrity&p2=gvdq&ylv=0.612100&pf=http%3A%2F%2Fads.adfox.ru%2F232598%2FgoLink%3Fp1%3Dbzbip%26p2%3Dfrfe%26p5%3Dlsrgh%26pr%3D1%26puid1%3D%26puid2%3D%26puid3%3D%26puid4%3D%26puid5%3D%26puid6%3D%26puid7%3D

Search URL Search Domain Scan URL

URL: https://ads.adfox.ru/232598/goLink?ad-session-id=9960471657386079975&hash=d5c977b7c083855b&puid1=adv-1657386079932-342&sj=Lxt0CihIP7Td1YckA7WpCrRFaF6n47JvlzX-o-Ch0jXvBWhVq5OcZcWaLw_jPg%3D%3D&rand=iyjjyvm&rqs=YIziPGAVrnpgtMli5--7W_AZgLl2c0Ue&puid3=top%3Aregion&pr=hfnuxqp&p1=clerf&ytt=424413099065349&p5=ljjmt&ybv=0.612100&puid2=society%3Atoday%3Ainteresting%3Azenyandex%3Aincident%3Aemergency%3Asport%3Acelebrity&p2=gvdq&ylv=0.612100&pf=https%3A%2F%2Fwww.msk.kp.ru%2Fdaily%2Fmoskva-budushego%2F

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://m.ufa.kp.ru/ HTTP 301
https://m.ufa.kp.ru/ HTTP 303
https://www.ufa.kp.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://exchange.buzzoola.com/ssp/adfox HTTP 307
https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t

Request Chain 47

https://exchange.buzzoola.com/ssp/adfox HTTP 307
https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t

Request Chain 93

https://gum.criteo.com/sid/json?origin=publishertag&domain=kp.ru&sn=ChromeSyncframe&so=0&topUrl=www.ufa.kp.ru&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=FRqjF3x6Z0NrUll4b3FROVJDVzRMNjgvcHNrOEhINTIrcjNjQnByYmhZUGNFMk8zbStPczlmcHRFNXJQUmwxUldXZkVRU3hOUFFiK0dWOWErSkNMeFVRMXVHYVg5N2E1WmtVa09QcW5xQmhXdFMrOFUvdHRQN01leWhFZFdhRmRncVJBV0N5clJDenQrdlpuVnAzdk4xQVM0TUlrVk8zaU5HWkM4QmtlYS92QnllelBDNVFTZm82OGlaWUIxRlRPNERmRzRHTTRzcVUxY0t3WlBxc3BIMXVyYXRxVFhNRlRHb1dWVUE1MENHeUhqZWsyQVQzcThjMkJsSGxKdkwwZ3c0ak1aaXZXQ3dOTElMbGFtQWlkODhsV2xsQT09fA&cppv=2

Request Chain 132

https://pixel.adsafeprotected.com/rfw/st/1083870/64162795/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_dspID=3&ias_campId=1008209757&ias_pubId=pub-7172733408455692&ias_chanId=1&ias_placementId=17611747867&bidurl=https://www.ufa.kp.ru/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iTVxBhYzZgsFCmJBYnTuXE HTTP 302
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 139

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKbmp6RFbRNsCtRaTSKRMZg&google_cver=1

Request Chain 140

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ysm0YU0EHVdfA3nfhEX4.gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECbag7dcxEHX4SA5qb6u-JE&google_cver=1&google_hm=2

Request Chain 141

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESENCcWGbHGFsPMiR2z5hN9mY&google_cver=1

Request Chain 142

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMyOTg2MjM0Mjg2ODg5NzkyMQ%3D%3D

Request Chain 145

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9694.JVr1Zz9Kem2mwouF3c6-TqjnX3x1gjyYMJ59skxihVAS5yFqUZ58WA3WQl3gcbHl.6NwNe-lIfD1Cpv80QcTijXhaI3Y%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9694.zlhjQ88IGl7yQUuilWzsEXbS08xScoi9QK5_fhokkpEYKjJpCUXH0aIGhhzq2uNy8HiyTqI1-sL7wc1kNTCVQx8YpdJ7TWiE8H7unn3VfBU%2C.DPyVqNQb7T2JgtHRSFCdA3TWvwI%2C

Request Chain 153

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131962155&d_placement=339771397&d_campaign=28017826&d_bust=2631070775&gdpr=&gdpr_consent= HTTP 302
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131962155&d_placement=339771397&d_campaign=28017826&d_bust=2631070775&gdpr=&gdpr_consent=

Request Chain 168

https://counter.yadro.ru/hit;kp/kpall/reg/kpufa?r;s1600*1200*24;uhttps%3A//www.ufa.kp.ru/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0423%u0444%u044B%20%u0438%20%u0440%u0435%u0441%u043F%u0443%u0431%u043B%u0438%u043A%u0438%20%u0411%u0430%u0448%u043A%u043E%u0440%u0442%u043E%u0441%u0442%u0430%u043D%3A%20%u0433%u043B%u0430%u0432%u043D%u044B%u0435%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438%20%u043D%u0430%20%u0441%u0435%u0433%u043E%u0434%u043D%u044F%20%7C%20%u041A%u043E%u043C%u0441%u043E%u043C%u043E%u043B%u044C%u0441%u043A%u0430;0.13998987459333834 HTTP 302
https://counter.yadro.ru/hit;kp/kpall/reg/kpufa?q;r;s1600*1200*24;uhttps%3A//www.ufa.kp.ru/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0423%u0444%u044B%20%u0438%20%u0440%u0435%u0441%u043F%u0443%u0431%u043B%u0438%u043A%u0438%20%u0411%u0430%u0448%u043A%u043E%u0440%u0442%u043E%u0441%u0442%u0430%u043D%3A%20%u0433%u043B%u0430%u0432%u043D%u044B%u0435%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438%20%u043D%u0430%20%u0441%u0435%u0433%u043E%u0434%u043D%u044F%20%7C%20%u041A%u043E%u043C%u0441%u043E%u043C%u043E%u043B%u044C%u0441%u043A%u0430;0.13998987459333834

Request Chain 169

https://sb.scorecardresearch.com/c2/16803468/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/default/cs.js

Request Chain 193

https://mc.yandex.com/watch/26254?wmode=7&page-url=https%3A%2F%2Fwww.ufa.kp.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2n2z35yck7fai9c6gvqew%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A422894271097%3Ahid%3A199769210%3Az%3A0%3Ai%3A20220709170121%3Aet%3A1657386081%3Ac%3A1%3Arn%3A854126290%3Au%3A16573860811008625930%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1657386078676%3Aco%3A0%3Arqnl%3A1%3Ast%3A1657386082%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A3%D1%84%D1%8B%20%D0%B8%20%D1%80%D0%B5%D1%81%D0%BF%D1%83%D0%B1%D0%BB%D0%B8%D0%BA%D0%B8%20%D0%91%D0%B0%D1%88%D0%BA%D0%BE%D1%80%D1%82%D0%BE%D1%81%D1%82%D0%B0%D0%BD%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A3%D1%84%D0%B5%20-%20KP.Ru&t=gdpr(14)clc(0-0-0)aw(1)rqnl(1)ti(2) HTTP 302
https://mc.yandex.com/watch/26254/1?wmode=7&page-url=https%3A%2F%2Fwww.ufa.kp.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2n2z35yck7fai9c6gvqew%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A422894271097%3Ahid%3A199769210%3Az%3A0%3Ai%3A20220709170121%3Aet%3A1657386081%3Ac%3A1%3Arn%3A854126290%3Au%3A16573860811008625930%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1657386078676%3Aco%3A0%3Arqnl%3A1%3Ast%3A1657386082%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A3%D1%84%D1%8B%20%D0%B8%20%D1%80%D0%B5%D1%81%D0%BF%D1%83%D0%B1%D0%BB%D0%B8%D0%BA%D0%B8%20%D0%91%D0%B0%D1%88%D0%BA%D0%BE%D1%80%D1%82%D0%BE%D1%81%D1%82%D0%B0%D0%BD%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A3%D1%84%D0%B5%20-%20KP.Ru&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnl%281%29ti%282%29

Request Chain 197

https://tns-counter.ru/V13a***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/396522341 HTTP 302
https://tns-counter.ru/V13b***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/396522341

Request Chain 224

https://pixel.adsafeprotected.com/rfw/st/1083870/64162025/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_dspID=3&ias_campId=1008206547&ias_pubId=pub-7172733408455692&ias_chanId=1&ias_placementId=17610765076&bidurl=https://www.ufa.kp.ru/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iZ70ps6gnG6lNxcsRGW3dp HTTP 302
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 228

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECbag7dcxEHX4SA5qb6u-JE&google_cver=1

Request Chain 229

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ysm0YU0EHVdfA3nfhEX4.gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECbag7dcxEHX4SA5qb6u-JE&google_cver=1&google_hm=2

Request Chain 230

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESENCcWGbHGFsPMiR2z5hN9mY&google_cver=1

Request Chain 231

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMyOTg2MjM0Mjg2ODg5NzkyMQ%3D%3D

Request Chain 244

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESED4DVQj1DqpAZ5dYnq-jaSk&google_cver=1&google_push=AehlK4D4ietfy2xIB8vzjXpTRqsG_sswifNrb-bX5tnWLpJMQoPxpThBMEsFX2zHBr-GsVmvc9KHvGhHB9It-BfpbYikg1k_95E HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESED4DVQj1DqpAZ5dYnq-jaSk&google_cver=1&google_push=AehlK4D4ietfy2xIB8vzjXpTRqsG_sswifNrb-bX5tnWLpJMQoPxpThBMEsFX2zHBr-GsVmvc9KHvGhHB9It-BfpbYikg1k_95E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=b2pScDV4NFUxT2FkUEE1&google_gid=CAESED4DVQj1DqpAZ5dYnq-jaSk&google_cver=1&google_push=AehlK4D4ietfy2xIB8vzjXpTRqsG_sswifNrb-bX5tnWLpJMQoPxpThBMEsFX2zHBr-GsVmvc9KHvGhHB9It-BfpbYikg1k_95E

Request Chain 245

https://a.tribalfusion.com/i.match?p=b6&u=CAESEJu4SSmLzimtKQT-0xYgxDs&google_cver=1&google_push=AehlK4CalPs5WLGLkPk6UPdcSs65Rw4gtfFRxjC7cSEpPy_imYZ4oyZCdnIr4QRRE3MD80-Vml5z3q7kiQnmt8GBLs1A5dM6tcc&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4CalPs5WLGLkPk6UPdcSs65Rw4gtfFRxjC7cSEpPy_imYZ4oyZCdnIr4QRRE3MD80-Vml5z3q7kiQnmt8GBLs1A5dM6tcc%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJu4SSmLzimtKQT-0xYgxDs&google_cver=1&google_push=AehlK4CalPs5WLGLkPk6UPdcSs65Rw4gtfFRxjC7cSEpPy_imYZ4oyZCdnIr4QRRE3MD80-Vml5z3q7kiQnmt8GBLs1A5dM6tcc&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4CalPs5WLGLkPk6UPdcSs65Rw4gtfFRxjC7cSEpPy_imYZ4oyZCdnIr4QRRE3MD80-Vml5z3q7kiQnmt8GBLs1A5dM6tcc%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 247

https://ads.travelaudience.com/google_pixel?google_gid=CAESEKnItgLz6MKvXGHR5xG0rOk&google_cver=1&google_push=AehlK4DJbuYf0IQeC1F3f6rQLISB05qcOHM_mI3U7rWn8JXTyHB6xtzsAvGlONmtkPN8dYlz5lmoD3-f776JepW5yING50RWCw HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=NpLWTUBiTLyeuMcLB25ATg2&google_push=AehlK4DJbuYf0IQeC1F3f6rQLISB05qcOHM_mI3U7rWn8JXTyHB6xtzsAvGlONmtkPN8dYlz5lmoD3-f776JepW5yING50RWCw

Request Chain 248

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEAhnl9H_ms282tFlitERxI&google_cver=1&google_push=AehlK4BdrbJ0b3Lg7LZnxoFW-2cCAsQZkwUO__F_e0zB55XCeqlYG2r7QJUV0WalDltru-TrsynQRPl9tjl15G-0PRt7-VabVXs HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEAhnl9H_ms282tFlitERxI&google_hm=Ysm0YU0EHVdfA3nfhEX4-gAABHMAAAIB&google_nid=index&google_push=AehlK4BdrbJ0b3Lg7LZnxoFW-2cCAsQZkwUO__F_e0zB55XCeqlYG2r7QJUV0WalDltru-TrsynQRPl9tjl15G-0PRt7-VabVXs

Request Chain 249

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEIHoULKzY5WmE7HhL4CqGfA&google_cver=1&google_push=AehlK4Cxk73AggeRDQrsoy2wdnmwaUZkxhUsdgIUWX76GE3O0F1mtGYfXLOyuEPeW9BqnHwq0g-EwgSJzpeKStTkKBq3VSYUyaU HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AehlK4Cxk73AggeRDQrsoy2wdnmwaUZkxhUsdgIUWX76GE3O0F1mtGYfXLOyuEPeW9BqnHwq0g-EwgSJzpeKStTkKBq3VSYUyaU&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1657386082359 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-9cfec7d6-89db-49f7-ac93-538535091cb6-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAehlK4Cxk73AggeRDQrsoy2wdnmwaUZkxhUsdgIUWX76GE3O0F1mtGYfXLOyuEPeW9BqnHwq0g-EwgSJzpeKStTkKBq3VSYUyaU%26google_hm%3DA5z-x9aJ20n3rJNThTUJHLY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4Cxk73AggeRDQrsoy2wdnmwaUZkxhUsdgIUWX76GE3O0F1mtGYfXLOyuEPeW9BqnHwq0g-EwgSJzpeKStTkKBq3VSYUyaU&google_hm=A5z-x9aJ20n3rJNThTUJHLY

Request Chain 271

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=Y7TJYsuYCdD41gachKCwCA&random=102528235&sscte=1&crd=CM2osQI HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=102528235&crd=CM2osQI&is_vtc=1&random=2476292959 HTTP 302
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=102528235&crd=CM2osQI&is_vtc=1&random=2476292959&ipr=y

Request Chain 272

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=Y7TJYsGbCei2mLAPkv-hgA0&random=545970067&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=545970067&crd=&is_vtc=1&random=716045820 HTTP 302
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=545970067&crd=&is_vtc=1&random=716045820&ipr=y

286 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.ufa.kp.ru/
Redirect Chain

http://m.ufa.kp.ru/
https://m.ufa.kp.ru/
https://www.ufa.kp.ru/

764 KB
103 KB

196ms
83ms

Document
text/html

95.181.181.82
EDGECENTERLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ufa.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.181.181.82 , Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: 7a820b716232caecc0719f63cda4a2ae441c9f551a53fbd0ef7658cc1a69421f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 09 Jul 2022 17:01:19 GMT
server: nginx
vary: Accept-Encoding
x-manifest-version-id: 0005E2BF065E254F

Redirect headers

content-length: 49
content-type: text/html; charset=utf-8
date: Sat, 09 Jul 2022 17:01:18 GMT
location: https://www.ufa.kp.ru/
server: nginx

GET
H2 200 header-bidding.js Show response
yandex.ru/ads/system/ 122 KB
32 KB 197ms
71ms Script
text/javascript 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/header-bidding.js

Requested by

Host: www.ufa.kp.ru
URL: https://www.ufa.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

4be74101162d4ed978851bd6dd595e849e4209b55cdfbf43bf39fdaee81a4192

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1657386079420011-16415650014264148054-sas2-0565-5f1-sas-l7-balancer-8080-BAL-3255
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Sat, 09 Jul 2022 18:01:19 GMT

GET
H2 200 context.js Show response
yandex.ru/ads/system/ 285 KB
77 KB 279ms
155ms Script
text/javascript 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: www.ufa.kp.ru
URL: https://www.ufa.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

b6936eb5383822d71deb8d9bbd1fdba1c8abfc2b0a31cc954030b51ecf903574

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1657386079420407-765572502311431335-sas2-0565-5f1-sas-l7-balancer-8080-BAL-2962
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Sat, 09 Jul 2022 18:01:19 GMT

GET
DATA 200
OK truncated
/ 587 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 445837ee1d1da2644d2531f84c664f157828154b8b5e032dbef64c3a8308ef17

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3394110000caa52bc9dcf892178cb4a7a8d25db76721a2290caaeb667413a4d0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6b0c6ad2a39e30acdd045f1e10d04d6032f0447387edd32af55f7d80b2d4f0f0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 88c3f8d6237466d983567ddf480dfb98.woff2
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 22 KB
22 KB 39ms
13ms Font
font/woff2 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/88c3f8d6237466d983567ddf480dfb98.woff2

Requested by

Host: www.ufa.kp.ru
URL: https://www.ufa.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

7a0fb8fc4de0bde528e5b17743e35c50492d1d1de41567cb3b83f5a63db862d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ufa.kp.ru/
Origin: https://www.ufa.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc35
date: Sat, 09 Jul 2022 17:01:19 GMT
x-content-type-options: nosniff
x-server-trace-id: 9d615bc8fe9d2fa5:5bd4d485b65f00a5:9d615bc8fe9d2fa5:1
x-amz-request-id: 46d5d43a590268b0
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T14:25:43+00:00
content-length: 22100
x-request-id: b5e98a53-39b2-40df-9bc8-feca523aa73b
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:45 GMT
server: nginx
etag: "88c3f8d6237466d983567ddf480dfb98"
x-amz-version-id: 0005D1CC489C28E6
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-type: font/woff2
expires: Sun, 10 Jul 2022 17:01:19 GMT

GET
H2 200 71df57f56c922e07c34676f1e3160977.woff2
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 39 KB
39 KB 27ms
9ms Font
font/woff2 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/71df57f56c922e07c34676f1e3160977.woff2

Requested by

Host: www.ufa.kp.ru
URL: https://www.ufa.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

9205ceae907f8417e3b4bd8463b1075526a25da4cdd2aed549b03cd6869632aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ufa.kp.ru/
Origin: https://www.ufa.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc35
date: Sat, 09 Jul 2022 17:01:19 GMT
x-content-type-options: nosniff
x-server-trace-id: 7f43380d60d6800c:506f1734616d0b7c:7f43380d60d6800c:1
x-amz-request-id: cd87a55a1b1db929
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T14:25:43+00:00
content-length: 39768
x-request-id: a87f8695-5e81-405a-9019-a7be859b93f4
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:45 GMT
server: nginx
etag: "71df57f56c922e07c34676f1e3160977"
x-amz-version-id: 0005D1CC48A637F4
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-type: font/woff2
expires: Sun, 10 Jul 2022 17:01:19 GMT

GET
H2 200 0b10ab6aa24fb2b424de7991b679f5e9.png
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 6 KB
7 KB 32ms
14ms Image
image/png 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/0b10ab6aa24fb2b424de7991b679f5e9.png

Requested by

Host: www.ufa.kp.ru
URL: https://www.ufa.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

abb5348aeb50feab8abc0212d24ef2d4daa64f08d38e6cabce13e7a78f1ad837

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc8
date: Sat, 09 Jul 2022 17:01:19 GMT
x-content-type-options: nosniff
x-server-trace-id: 7acfee9fd175eb7c:f61039fbf800bc98:7acfee9fd175eb7c:1
x-amz-request-id: 50bb611345200b2c
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T13:10:05+00:00
content-length: 6368
x-request-id: 868dd99d-4e52-43c3-b2c9-f0599474af0d
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:49 GMT
server: nginx
etag: "0b10ab6aa24fb2b424de7991b679f5e9"
x-amz-version-id: 0005D1CC48E0B8E0
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-type: image/png
expires: Sun, 10 Jul 2022 17:01:19 GMT

GET
H2 200 favicon-16.png
www.ufa.kp.ru/boom/api/2/metrics/adaptive/ 514 B
922 B 154ms
154ms Image
image/png 95.181.181.82
EDGECENTERLLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ufa.kp.ru/boom/api/2/metrics/adaptive/favicon-16.png?target.base=digest&target.entity=root&target.spot=ufa

Requested by

Host: www.ufa.kp.ru
URL: https://www.ufa.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.181.181.82 , Russian Federation, ASN210756 (EDGECENTERLLC, RU),

Reverse DNS

Software

nginx /

Resource Hash

da09f03549a3d9ae51406d85931ec2682bc82759cf96101b982496da1139ddda

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:19 GMT
x-content-type-options: nosniff
last-modified: Sat, 27 Nov 2021 21:56:51 GMT
server: nginx
x-server-trace-id: 24a20953a5d8b059:2bafec814742cfce:24a20953a5d8b059:1
x-amz-request-id: ed0e0a13f225cc77
x-serverless-gateway-path: /boom/api/{api}/{version}/{content+}
etag: "642c7d14314b78ed52c384a1a2ba4203"
content-type: image/png
access-control-allow-origin: *
content-length: 514
x-serverless-gateway-id: d5dscajgqq50cos2lp8d
x-amz-version-id: 0005D1CC48F877CB
x-request-id: 3ae6a92c-8f71-45bd-9e80-693cebe40450

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: becefc9f93e9ea8cec1d4749c473c476c44e65a7eee7d88dda107958649413e9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d3114c4944dcf347da9b150fbd12bf83cf1a719fca0eb5480d9af4cb2f30aefc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 d_c1.svg
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/meteo/ 2 KB
1 KB 30ms
15ms Image
image/svg+xml 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/meteo/d_c1.svg

Requested by

Host: www.ufa.kp.ru
URL: https://www.ufa.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

6251ec4f734c7d06fd01d32d191786319864206e9b374cfda5f055314427487c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc8
date: Sat, 09 Jul 2022 17:01:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: b36ebeb51c97f144:6f38200f88697a2f:b36ebeb51c97f144:1
x-amz-request-id: f5a6171a8e917087
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T14:32:25+00:00
x-request-id: 4ff0ad1e-a171-489e-b2b1-a8ad21347a96
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:54 GMT
server: nginx
etag: W/"487f54f0c53e89966ecb91fb18632e0d"
x-amz-version-id: 0005D1CC492F37C9
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: image/svg+xml
expires: Sun, 10 Jul 2022 17:01:19 GMT

GET
H2 200 wr-750.webp
s16.stc.yc.kpcdn.net/share/i/12/12590591/ 95 KB
95 KB 41ms
11ms Image
image/webp 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s16.stc.yc.kpcdn.net/share/i/12/12590591/wr-750.webp
Requested by: Host: www.ufa.kp.ru
URL: https://www.ufa.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 359084d87256c51b821f4c91cebc939bed1fca6f87f9ee209196c488927869b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc28
date: Sat, 09 Jul 2022 17:01:19 GMT
last-modified: Fri, 08 Jul 2022 10:51:55 GMT
server: nginx
x-amz-request-id: 06d6cb3c34500e58
etag: "cd3fae56b6ad065d3d4e04e33471f18a"
x-cached-since: 2022-07-08T12:22:20+00:00
x-amz-version-id: null
cache-control: max-age=345600
cache: HIT
accept-ranges: bytes
content-type: image/webp
content-length: 96804
expires: Wed, 13 Jul 2022 17:01:19 GMT

GET
H2 200 325472601571f31e1bf00674c368d335.gif
s09.stc.yc.kpcdn.net/share/i/beige/ 43 B
304 B 40ms
10ms Image
image/gif 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s09.stc.yc.kpcdn.net/share/i/beige/325472601571f31e1bf00674c368d335.gif
Requested by: Host: www.ufa.kp.ru
URL: https://www.ufa.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc33
date: Sat, 09 Jul 2022 17:01:19 GMT
last-modified: Sat, 02 Oct 2021 15:40:25 GMT
server: nginx
x-amz-request-id: 76c12d3982c8195d
etag: "325472601571f31e1bf00674c368d335"
x-cached-since: 2022-07-06T13:06:59+00:00
x-amz-version-id: null
cache-control: max-age=345600
cache: HIT
accept-ranges: bytes
content-type: image/gif
content-length: 43
expires: Wed, 13 Jul 2022 17:01:19 GMT

GET
H2 200 vendors~adaptive.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 339 KB
128 KB 22ms
11ms Script
text/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/vendors~adaptive.js

Requested by

Host: www.ufa.kp.ru
URL: https://www.ufa.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

b2b5ba1466d0642bd868bef2b0e13277b34376fd0a11484fc1518d67e48b727d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc8
date: Sat, 09 Jul 2022 17:01:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: 436a86fe0087863e:2bbb8f0b377d0a87:436a86fe0087863e:1
x-amz-request-id: 7b92f4fab7599611
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T13:00:40+00:00
x-request-id: 46eaf14f-9374-4f07-9301-5569da4ebbe5
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Thu, 30 Jun 2022 12:10:27 GMT
server: nginx
etag: W/"98675e5b796bd847a8803e1c69d8b874"
x-amz-version-id: 0005E2A927C058B5
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Sun, 10 Jul 2022 17:01:19 GMT

GET
H2 200 adaptive.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 276 KB
81 KB 31ms
21ms Script
text/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/adaptive.js

Requested by

Host: www.ufa.kp.ru
URL: https://www.ufa.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

924170a2b204eb90280acbb03496558dc98acc1b9d6fd96ae955996047ec970d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc8
date: Sat, 09 Jul 2022 17:01:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: 94ff919f0ae00c46:c198af4e4b134c8d:94ff919f0ae00c46:1
x-amz-request-id: bd7f76c8d9625cd3
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T13:00:42+00:00
x-request-id: 39456012-19d7-47bd-aeb2-8d74ab91d317
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Fri, 01 Jul 2022 13:33:52 GMT
server: nginx
etag: W/"2378fe123e0fecebba09157bb2536b9c"
x-amz-version-id: 0005E2BE6FE323CA
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Sun, 10 Jul 2022 17:01:19 GMT

GET
H2 200 adaptive-topbar.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 67 KB
23 KB 30ms
20ms Script
text/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/adaptive-topbar.js

Requested by

Host: www.ufa.kp.ru
URL: https://www.ufa.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

2d32f681e01e8082f5df941a021b306e98063b7330b197ba674e71dcc5dc4d4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc8
date: Sat, 09 Jul 2022 17:01:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: 3d9f5a946104799c:70fc14983ce56b8a:3d9f5a946104799c:1
x-amz-request-id: 39ffa02637a9efbf
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T13:00:41+00:00
x-request-id: 4788c490-a4f1-4b4f-8867-f1f0cf181ecb
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Fri, 01 Jul 2022 13:33:52 GMT
server: nginx
etag: W/"7700d4b62e38d1493f2653db0feb9b45"
x-amz-version-id: 0005E2BE6FE49A25
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Sun, 10 Jul 2022 17:01:19 GMT

GET
H2 200 radio.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 10 KB
4 KB 31ms
20ms Script
text/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/radio.js

Requested by

Host: www.ufa.kp.ru
URL: https://www.ufa.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

73720f862be505fc73b3884bc441d49060f787d3273bde1738114819dcbaf0a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc8
date: Sat, 09 Jul 2022 17:01:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: 49c051e2d87dbeca:661ef799f1a3e603:49c051e2d87dbeca:1
x-amz-request-id: 8482477bfc92a0c4
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T13:00:40+00:00
x-request-id: 39ba3517-6524-4e98-8588-3bf9441aaac8
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Thu, 30 Jun 2022 12:10:26 GMT
server: nginx
etag: W/"a3a9cccf9e2d2a9ce8f7bafa4339497a"
x-amz-version-id: 0005E2A927A79488
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Sun, 10 Jul 2022 17:01:19 GMT

GET
H2 200 main.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 17 KB
7 KB 31ms
21ms Script
text/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/main.js

Requested by

Host: www.ufa.kp.ru
URL: https://www.ufa.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

69c3207f80de1de6ee4ff239d740ea31bbc7091e7870365c49aad61b21359687

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc8
date: Sat, 09 Jul 2022 17:01:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: 5efc6142300f17ed:e5ce340f47db093:5efc6142300f17ed:1
x-amz-request-id: 800b9531dbc6a2e9
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T13:34:26+00:00
x-request-id: 0df725e3-0361-447d-a193-21c83cbf7396
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Fri, 01 Jul 2022 12:39:39 GMT
server: nginx
etag: W/"cb2b1ed58fb8b4ba09dc5e9487c8fa34"
x-amz-version-id: 0005E2BDAE058001
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Sun, 10 Jul 2022 17:01:19 GMT

GET
H2 200 vendors~digest-area.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 97 KB
32 KB 23ms
20ms Script
text/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/vendors~digest-area.js

Requested by

Host: www.ufa.kp.ru
URL: https://www.ufa.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

32b0f7e66a50c24d967afd1b4c120fc5a898758db2d7d2023c8987c312c8f2fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc8
date: Sat, 09 Jul 2022 17:01:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: 59c974348c6477f8:68da10eaeebce2be:59c974348c6477f8:1
x-amz-request-id: 8cb7320f767f5c25
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T13:34:26+00:00
x-request-id: a8b48deb-2708-4dc2-9ba4-82138704c708
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Fri, 01 Jul 2022 12:39:41 GMT
server: nginx
etag: W/"46e357ef7b6cf3e349c3af0978aca190"
x-amz-version-id: 0005E2BDAE241823
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Sun, 10 Jul 2022 17:01:19 GMT

GET
H2 200 digest-area~digest-section~note~online-page~photo~section-video~see-also~special-article~video.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 22 KB
8 KB 15ms
13ms Script
text/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/digest-area~digest-section~note~online-page~photo~section-video~see-also~special-article~video.js

Requested by

Host: www.ufa.kp.ru
URL: https://www.ufa.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

aa99cf825a3d0aa0fe6ef29ade07cea2dd50561661e91f65a8dbc06bf1c4b4d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc8
date: Sat, 09 Jul 2022 17:01:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: 14189d6c5d60e71b:8e8e432275793cb4:14189d6c5d60e71b:1
x-amz-request-id: e3d308722c3ce416
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T13:00:40+00:00
x-request-id: 425d3b83-a906-4677-947a-95f8cb3b1005
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Fri, 01 Jul 2022 12:39:38 GMT
server: nginx
etag: W/"b31cfb10ee072ead4f32a6885a826cae"
x-amz-version-id: 0005E2BDADE973C2
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Sun, 10 Jul 2022 17:01:19 GMT

GET
H2 200 digest-area~digest-section~online-page~section-video~see-also.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 36 KB
13 KB 21ms
19ms Script
text/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/digest-area~digest-section~online-page~section-video~see-also.js

Requested by

Host: www.ufa.kp.ru
URL: https://www.ufa.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

677acc9eed10d735ed46dabd82553005a036fe19930511d9850060a4fb6d2c2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc8
date: Sat, 09 Jul 2022 17:01:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: 8ae4fa44500f5386:bbfb6a12acdb35:8ae4fa44500f5386:1
x-amz-request-id: b198c297424fe640
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T13:19:48+00:00
x-request-id: fa713c8b-99c4-4822-a2f2-10a04cf075f4
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Fri, 01 Jul 2022 12:39:38 GMT
server: nginx
etag: W/"0df52b90df7ad9d22083e858071729f8"
x-amz-version-id: 0005E2BDADEDD1AE
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Sun, 10 Jul 2022 17:01:19 GMT

GET
H2 200 digest-area.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 47 KB
13 KB 22ms
20ms Script
text/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/digest-area.js

Requested by

Host: www.ufa.kp.ru
URL: https://www.ufa.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

77403385afe39467e0833e772e0221fdad7007eb96d819d6fb21c776392e81c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc8
date: Sat, 09 Jul 2022 17:01:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: 587f583600635344:aea472536324291b:587f583600635344:1
x-amz-request-id: 0e8e95a09e821e4c
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T13:34:26+00:00
x-request-id: 690fff70-7bcd-4fa8-bf1c-18f9ee7a5a75
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Fri, 01 Jul 2022 13:33:52 GMT
server: nginx
etag: W/"4682a0351fe6956c5d06b8ec281c0f4b"
x-amz-version-id: 0005E2BE6FEC6309
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Sun, 10 Jul 2022 17:01:19 GMT

GET
DATA 200
OK truncated
/ 162 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6ff082130eb8e0fe1ba485606bab3de43a410b184c718be62c739ab9f67c6863

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 d_c1_r1.svg
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/meteo/ 3 KB
1 KB 24ms
21ms Image
image/svg+xml 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/meteo/d_c1_r1.svg

Requested by

Host: www.ufa.kp.ru
URL: https://www.ufa.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

b616985eb114c59268f7cd3dfabfc698a96a5a79f6704b87606b1feb7a54e9d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc8
date: Sat, 09 Jul 2022 17:01:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: dbc93e61b9e01b4b:d9671d139c0ff529:dbc93e61b9e01b4b:1
x-amz-request-id: 4d71f89bf2c07ac2
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T06:00:57+00:00
x-request-id: c6587c6c-3ad3-4c48-b246-52f347127d22
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:56 GMT
server: nginx
etag: W/"bfa2a94071c34f70b20f6f066cd11831"
x-amz-version-id: 0005D1CC4945AA96
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: image/svg+xml
expires: Sun, 10 Jul 2022 17:01:19 GMT

GET
H2 200 token.json Show response
identity.kp.house/identity/api/2/auth/ 754 B
2 KB 174ms
71ms Fetch
application/json 95.181.181.12
EDGECENTERLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://identity.kp.house/identity/api/2/auth/token.json?callback=data&client_name=prod&sub=1
Requested by: Host: s01.stc.yc.kpcdn.net
URL: https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/adaptive.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.181.181.12 , Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: 7bce0c69ad73ad4b4a2b32591c67783d8ee9b2a1c1ad9b6015fe97a0d94e24bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:19 GMT
content-encoding: gzip
last-modified: Sat, 09 Jul 2022 17:01:19 -0000
server: nginx
etag: "72925fedae1b5cbe0bfb6bd6185e91f0"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.ufa.kp.ru
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Set-Cookie,Cookie
content-length: 610

GET
H2 200 get.json Show response
s02.api.yc.kpcdn.net/content/api/1/pages/ 52 B
254 B 113ms
95ms Fetch
application/json 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://s02.api.yc.kpcdn.net/content/api/1/pages/get.json?callback=cb-5524620&pages.direction=current&pages.spot=32&pages.target.class=194&pages.target.id=0&sub=1
Requested by: Host: s01.stc.yc.kpcdn.net
URL: https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/adaptive.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: e7c769f71b17542bdd9fa9e1f444ef46987979487c51328eb1abfc12c55eab08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc8
date: Sat, 09 Jul 2022 17:01:19 GMT
last-modified: Sat, 09 Jul 2022 17:01:19 -0000
server: nginx
etag: "c7974d8a07bc79c9930f4ba881a06fd3"
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=600
cache: MISS
accept-ranges: bytes
content-length: 52
expires: Sat, 09 Jul 2022 17:11:19 GMT

GET
H2 200 get.json Show response
s02.api.yc.kpcdn.net/content/api/1/pages/ 200 KB
43 KB 471ms
455ms Fetch
application/json 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://s02.api.yc.kpcdn.net/content/api/1/pages/get.json?callback=cb-5524620&pages.direction=current&pages.spot=32&pages.target.class=68&pages.target.id=0&sub=1
Requested by: Host: s01.stc.yc.kpcdn.net
URL: https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/adaptive.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 737520ba1c13b8233e07e8d76e1bc3d126d3e47f389d5f5806cf9b0a738cd62f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc8
date: Sat, 09 Jul 2022 17:01:20 GMT
content-encoding: gzip
last-modified: Sat, 09 Jul 2022 17:01:20 -0000
server: nginx
etag: W/"0a5f363da18f9b267ce5ac8aa7e35f2b"
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=600
cache: MISS
expires: Sat, 09 Jul 2022 17:11:20 GMT

HEAD
H2 200 banner.gif
s01.stc.yc.kpcdn.net/s0/v-0005D1CC497B5068/adaptive/img/ 0
0 11ms
11ms Fetch
image/gif 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/v-0005D1CC497B5068/adaptive/img/banner.gif?adriver

Requested by

Host: s01.stc.yc.kpcdn.net
URL: https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/adaptive.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc35
date: Sat, 09 Jul 2022 17:01:19 GMT
x-content-type-options: nosniff
x-server-trace-id: 2af4f06b8e281b55:b3ec48ba6ef8bba2:2af4f06b8e281b55:1
x-amz-request-id: 6b9edf5d865fff3f
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T09:38:41+00:00
content-length: 43
x-request-id: 8f8be5d5-0bee-45b8-bb6b-6a0fa376507a
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:59 GMT
server: nginx
etag: "325472601571f31e1bf00674c368d335"
x-amz-version-id: 0005D1CC497B5068
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-type: image/gif
expires: Sun, 10 Jul 2022 17:01:19 GMT

GET
DATA 200
OK truncated
/ 169 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 35ed988aff3c8059b4869fd94cc2885879041fbd698317a53741bca5095c3091

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 700 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 59e2467d94ae007fa71bc0b10f4b92f227edfa03afb5ce7c904b9ea2bcf537e9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 8b30c8d1c1f0427f0034cce82ade6db3.png
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 3 KB
3 KB 11ms
10ms Image
image/png 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/8b30c8d1c1f0427f0034cce82ade6db3.png

Requested by

Host: www.ufa.kp.ru
URL: https://www.ufa.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

1d386626a236bf37f510e9c0c2d85036641c5cc85bed4b320a181861477d0ec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc8
date: Sat, 09 Jul 2022 17:01:19 GMT
x-content-type-options: nosniff
x-server-trace-id: c31c41b24bca9322:d2f11a80be8891e2:c31c41b24bca9322:1
x-amz-request-id: 19382128c516df84
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T13:10:18+00:00
content-length: 2873
x-request-id: 32d33f12-e58c-496b-a074-943ecb2713eb
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:46 GMT
server: nginx
etag: "8b30c8d1c1f0427f0034cce82ade6db3"
x-amz-version-id: 0005D1CC48B4B459
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-type: image/png
expires: Sun, 10 Jul 2022 17:01:19 GMT

GET
H2 200 wr-750.webp
s09.stc.yc.kpcdn.net/share/i/12/12591406/ 79 KB
79 KB 12ms
12ms Image
image/webp 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s09.stc.yc.kpcdn.net/share/i/12/12591406/wr-750.webp
Requested by: Host: www.ufa.kp.ru
URL: https://www.ufa.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 9ec280a1227cbe09d1829e253ef6cea01bb92cf698e4f470dfee9630a2a1e9a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc33
date: Sat, 09 Jul 2022 17:01:19 GMT
last-modified: Fri, 08 Jul 2022 14:35:32 GMT
server: nginx
x-amz-request-id: 953c9d7d93ab4fa9
etag: "63f47329af3c661d52aee9b47f963947"
x-cached-since: 2022-07-08T15:53:12+00:00
x-amz-version-id: null
cache-control: max-age=345600
cache: HIT
accept-ranges: bytes
content-type: image/webp
content-length: 80928
expires: Wed, 13 Jul 2022 17:01:19 GMT

GET
H2 200 wr-750.webp
s14.stc.yc.kpcdn.net/share/i/12/12590064/ 39 KB
39 KB 11ms
10ms Image
image/webp 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s14.stc.yc.kpcdn.net/share/i/12/12590064/wr-750.webp
Requested by: Host: www.ufa.kp.ru
URL: https://www.ufa.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 95327a5afe839adbe3ee4e19cf7c4811a8a28382dbeae85b65fe7807d6f14c2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc8
date: Sat, 09 Jul 2022 17:01:19 GMT
last-modified: Fri, 08 Jul 2022 05:55:53 GMT
server: nginx
x-amz-request-id: 8e5dd9d46569410c
etag: "b012f8891d0794258441e6eaf65d160f"
x-cached-since: 2022-07-08T09:45:34+00:00
x-amz-version-id: null
cache-control: max-age=345600
cache: HIT
accept-ranges: bytes
content-type: image/webp
content-length: 39794
expires: Wed, 13 Jul 2022 17:01:19 GMT

GET
H2 200 wr-750.webp
s16.stc.yc.kpcdn.net/share/i/12/12587040/ 104 KB
104 KB 12ms
11ms Image
image/webp 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s16.stc.yc.kpcdn.net/share/i/12/12587040/wr-750.webp
Requested by: Host: www.ufa.kp.ru
URL: https://www.ufa.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: a4fec8151febe9c096aadd4deceb0f6b4c019b8e37399d7c164addc017628c8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc28
date: Sat, 09 Jul 2022 17:01:19 GMT
last-modified: Wed, 06 Jul 2022 12:16:41 GMT
server: nginx
x-amz-request-id: 7018064adf22d5b5
etag: "2d7adccc1c63399f801e11fd857ea327"
x-cached-since: 2022-07-06T12:40:24+00:00
x-amz-version-id: null
cache-control: max-age=345600
cache: HIT
accept-ranges: bytes
content-type: image/webp
content-length: 106288
expires: Wed, 13 Jul 2022 17:01:19 GMT

GET
H2 200 getcookie Show response
matchid.adfox.yandex.ru/ 87 B
370 B 155ms
51ms XHR
application/json 2a02:6b8::16b
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://matchid.adfox.yandex.ru/getcookie

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::16b Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

2b266db17b19959b548cce93f88f6ef8187e6b29b446cd51a51149dc6569263e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://www.ufa.kp.ru
date: Sat, 09 Jul 2022 17:01:20 GMT
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 87
x-content-type-options: nosniff
content-type: application/json

GET
H2 200 9a588310742adbc44f55.js Show response
yastatic.net/partner-code-bundles/599290/ 37 KB
10 KB 138ms
51ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/599290/9a588310742adbc44f55.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

3bdab4da5017468f0ddfc1a51edc3772a13aa064c83df984c152729075714847

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.ufa.kp.ru/
Origin: https://www.ufa.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:20 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 10038
last-modified: Fri, 17 Jun 2022 13:53:09 GMT
server: nginx/1.17.9
etag: "b3fb60d15c0a59a3cf542d7daeab0766"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 08 Jul 2052 23:32:24 GMT

POST
H2

200

adfox Show response
exchange.buzzoola.com/ssp/
Redirect Chain

https://exchange.buzzoola.com/ssp/adfox
https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t

11 B
505 B

21ms
21ms

XHR
text/plain

168.119.9.59
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t
Requested by: Host: www.ufa.kp.ru
URL: https://www.ufa.kp.ru/
Protocol: H2
Server: 168.119.9.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.59.9.119.168.clients.your-server.de
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:20 GMT
server: nginx
serverid: TODO
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.ufa.kp.ru
access-control-expose-headers: Set-Cookie, Etag
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, If-None-Match
content-length: 11

Redirect headers

date: Sat, 09 Jul 2022 17:01:19 GMT
server: nginx
access-control-allow-origin: https://www.ufa.kp.ru
etag: W/"8608f0f34ddda277f78a63eeafc85c6200ecff30cb9ce1c38ad2999bb15269e1"
serverid: TODO
location: /ssp/adfox?set_buzzoola_cookie=t
access-control-expose-headers: Set-Cookie, Etag
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, If-None-Match
content-length: 0

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 119 KB
39 KB 56ms
21ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c40168707694e0bb9241c2f9f4ef86dfa65513f547b6a37c151babf07fcd7d53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:19 GMT
content-encoding: gzip
last-modified: Wed, 29 Jun 2022 06:23:35 GMT
server: nginx
etag: W/"62bbefe7-1dc0d"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 10 Jul 2022 17:01:19 GMT

POST
H2 204 bids Show response
adfox-c2s-ams.creativecdn.com/bidder/adfox/ 0
207 B 49ms
15ms XHR
application/json 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ufa.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ufa.kp.ru
date: Sat, 09 Jul 2022 17:01:19 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST
content-type: application/json;charset=utf-8

POST
H/1.1 204
No Content bid.cgi Show response
pb.adriver.ru/cgi-bin/ 0
301 B 180ms
60ms XHR
text/plain 195.209.111.20
ADRIVER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pb.adriver.ru/cgi-bin/bid.cgi
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.209.111.20 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ufa.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.ufa.kp.ru
Pragma: no-cache
Date: Sat, 09 Jul 2022 17:01:20 GMT
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK / Show response
ad.mail.ru/hbid_yandex/ 11 B
336 B 168ms
58ms XHR
application/json 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/hbid_yandex/
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.ufa.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 09 Jul 2022 17:01:20 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://www.ufa.kp.ru
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

POST
H2 200 adjson Show response
ads.betweendigital.com/ 11 B
918 B 132ms
22ms XHR
application/json 188.42.191.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=adfox
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.ufa.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ufa.kp.ru
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H2 204 bids Show response
adfox-c2s-ams.creativecdn.com/bidder/adfox/ 0
207 B 47ms
14ms XHR
application/json 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ufa.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ufa.kp.ru
date: Sat, 09 Jul 2022 17:01:19 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST
content-type: application/json;charset=utf-8

POST
H/1.1 204
No Content bid.cgi Show response
pb.adriver.ru/cgi-bin/ 0
301 B 177ms
58ms XHR
text/plain 195.209.111.20
ADRIVER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pb.adriver.ru/cgi-bin/bid.cgi
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.209.111.20 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ufa.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.ufa.kp.ru
Pragma: no-cache
Date: Sat, 09 Jul 2022 17:01:20 GMT
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK / Show response
ad.mail.ru/hbid_yandex/ 11 B
336 B 165ms
57ms XHR
application/json 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/hbid_yandex/
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.ufa.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 09 Jul 2022 17:01:20 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://www.ufa.kp.ru
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

POST
H2 200 adjson Show response
ads.betweendigital.com/ 11 B
918 B 129ms
20ms XHR
application/json 188.42.191.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=adfox
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.ufa.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ufa.kp.ru
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H2

200

adfox Show response
exchange.buzzoola.com/ssp/
Redirect Chain

https://exchange.buzzoola.com/ssp/adfox
https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t

11 B
505 B

22ms
22ms

XHR
text/plain

168.119.9.59
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t
Requested by: Host: www.ufa.kp.ru
URL: https://www.ufa.kp.ru/
Protocol: H2
Server: 168.119.9.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.59.9.119.168.clients.your-server.de
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:20 GMT
server: nginx
serverid: TODO
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.ufa.kp.ru
access-control-expose-headers: Set-Cookie, Etag
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, If-None-Match
content-length: 11

Redirect headers

date: Sat, 09 Jul 2022 17:01:19 GMT
server: nginx
access-control-allow-origin: https://www.ufa.kp.ru
etag: W/"2e7ec3529ca11d8603fd00ed651be31faede616191fa56b34ec3ac8fc1b00cfe"
serverid: TODO
location: /ssp/adfox?set_buzzoola_cookie=t
access-control-expose-headers: Set-Cookie, Etag
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, If-None-Match
content-length: 0

POST pl999
ssp.bidvol.com/rtb/ 0
0

POST
H2 204 bids Show response
adfox-c2s-ams.creativecdn.com/bidder/adfox/ 0
207 B 69ms
37ms XHR
application/json 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ufa.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ufa.kp.ru
date: Sat, 09 Jul 2022 17:01:20 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST
content-type: application/json;charset=utf-8

POST
H/1.1 204
No Content bid.cgi Show response
pb.adriver.ru/cgi-bin/ 0
301 B 185ms
60ms XHR
text/plain 195.209.111.20
ADRIVER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pb.adriver.ru/cgi-bin/bid.cgi
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.209.111.20 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ufa.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.ufa.kp.ru
Pragma: no-cache
Date: Sat, 09 Jul 2022 17:01:20 GMT
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK / Show response
ad.mail.ru/hbid_yandex/ 11 B
336 B 167ms
59ms XHR
application/json 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/hbid_yandex/
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.ufa.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 09 Jul 2022 17:01:20 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://www.ufa.kp.ru
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

POST
H2 200 adjson Show response
ads.betweendigital.com/ 11 B
918 B 164ms
57ms XHR
application/json 188.42.191.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=adfox
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.ufa.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.ufa.kp.ru
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

GET
H2 200 vendors~autobahn.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 86 KB
26 KB 11ms
10ms Script
text/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/vendors~autobahn.js

Requested by

Host: s01.stc.yc.kpcdn.net
URL: https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/adaptive.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

a2f96d2c0ff2b96cc2421214831ffda7b4e71aee0426d60628d04173dcd699c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc8
date: Sat, 09 Jul 2022 17:01:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: a1b9f8d4b1fe1fa:693b93ca25cfc43f:a1b9f8d4b1fe1fa:1
x-amz-request-id: c3dc9741b3481cfc
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T13:01:17+00:00
x-request-id: 0a085c19-be25-4d26-b45a-fee087a141f5
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Fri, 01 Jul 2022 12:39:41 GMT
server: nginx
etag: W/"c21f53249c99e0b7d1bced9b5513375b"
x-amz-version-id: 0005E2BDAE211742
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Sun, 10 Jul 2022 17:01:19 GMT

GET
H2 200 autobahn.js Show response
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 405 B
686 B 9ms
8ms Script
text/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/autobahn.js

Requested by

Host: s01.stc.yc.kpcdn.net
URL: https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/adaptive.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

8a550da83fe5faf522945c7b61350dec5c08ef10a670c1db4fc5958b5a85057b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc8
date: Sat, 09 Jul 2022 17:01:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-server-trace-id: b9614068a38810fc:3fea19fa69a52608:b9614068a38810fc:1
x-amz-request-id: 0cd89b647652121f
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T13:01:17+00:00
x-request-id: 10c134b7-97bc-4654-bfd1-ab01fc5f4a77
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Fri, 01 Jul 2022 12:39:39 GMT
server: nginx
etag: W/"c6bcedb067d139a244e5e24f4f1037ee"
x-amz-version-id: 0005E2BDADF96F29
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
content-type: text/javascript; charset=utf-8
expires: Sun, 10 Jul 2022 17:01:19 GMT

GET
H2 200 a14fc7a3f0d513d09db9.js Show response
yastatic.net/partner-code-bundles/612100/ 13 KB
5 KB 210ms
148ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/612100/a14fc7a3f0d513d09db9.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

6d30d6b4d59bc9671eccc54b535566f3ebaab9512db1d616bb47b326cdbae5c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.ufa.kp.ru/
Origin: https://www.ufa.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:20 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4468
last-modified: Thu, 07 Jul 2022 19:27:29 GMT
server: nginx/1.17.9
etag: "bf3f69e9ad3ec2a8817f5f309eed03b1"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 08 Jul 2052 23:33:43 GMT

GET
H2 200 c1d4e7ea878871c6a693.js Show response
yastatic.net/partner-code-bundles/612100/ 86 KB
18 KB 152ms
91ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/612100/c1d4e7ea878871c6a693.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

0ecb4b923933b10d109180731c8f65f580bcbc4d42c6112ad7ebdb56c79441cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.ufa.kp.ru/
Origin: https://www.ufa.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:20 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 17871
last-modified: Thu, 07 Jul 2022 19:27:29 GMT
server: nginx/1.17.9
etag: "392072cbb74c9f30eac11bd8003deb6c"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 08 Jul 2052 23:33:41 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 163ms
102ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.ufa.kp.ru/
Origin: https://www.ufa.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:20 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 08 Jul 2052 23:36:22 GMT

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/232598/getBulk/ 14 KB
8 KB 293ms
286ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/232598/getBulk/v2?dl=https%3A%2F%2Fwww.ufa.kp.ru%2F%3F&date=2022-07-09T17%3A01%3A19.972%2B00%3A00&pd=9&pdh=1200&pdw=1600&pr1=1430980594&pr=2228125499&prr=&pv=17&pw=6&extid_loader=&extid_tag_loader=www.ufa.kp.ru&ylv=0.612100&ybv=0.612100&ytt=424413099065349&is-turbo=0&skip-token=&ad-session-id=9960471657386079975&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.8%2C%22w%22%3A160%2C%22h%22%3A0%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22isBlackTheme%22%3Afalse%2C%22left%22%3A1410%2C%22top%22%3A389%2C%22fontFamily%22%3A%22ys%22%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=612100&available-width=160&yaru=true&pp=g&p2=gftf&ps=bxyd&puid1=adv-1657386079927-66&puid2=&puid3=&puid5=&slotNumber=2&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=609478%2C0%2C33%3B586085%2C0%2C3%3B597158%2C0%2C31%3B597485%2C0%2C28%3B590119%2C0%2C44%3B598479%2C0%2C41%3B609277%2C0%2C81%3B605344%2C0%2C36%3B610874%2C0%2C49%3B612100%2C0%2C18&pcode-flags-map=eJyVWNuO2zYQ%2FZXCz0FBXahL3iiJlomVSJWk7PUWwSBt9y0IimZTFAjy7x1KsleSbXr3ZQEbPsO5njmzPzaad5xZ2LesA81%2F67mxwLaWaxBSq6bZfPz9x%2Bbfz1%2B%2BP28%2Bbqzu%2BebD5uX524v4Cz%2FTNI2DZPPz04fNnhkQHIxVHSi7Q7zdMQlt31hx306W0vDSzrvBopZKc2iFMbyCilkGHdOsNbBVGvai4grDglK1hVrYfP7v74XJnMSUnv1hvVU1l1wzi2Y7Vj6YnbJQ9fiFUHJhKVraiQnJz3a4ZEXDQfLDzAg36DW0quILO0o2R%2BANb7m0BspGlA8OfMP6ZLllj7Djot5ZjFEajFcLWb87eBoF4WCWNY06jGXo0PxgY8ylrdkdGzGh85qM77dM10L6kAmJgyhap6zvqiH3rXIJB8tEg06MufM2R0KSbFYBzVu151DumDbcwlarFhohH%2Fw2giAm6dqlrXgE%2FGjBaqylS7OxTNshO53hfaWmmEuNAyb23Nx7hNKLuEvWdc50cYRKHeRbXE2y0GcFU6YxkYWwrpvfYwzDc8b2XJt10zvnU7rEhjEJ1o7shRGFaIQ9QtewY4GJw0noDTp3x5OQhhdzJCTSlOHl0BKqMFzvHe24csxeeqvhXmJPMZyYoYKs7ebAl3%2B%2BP89gcZhFORlhBsnKOLZcY9adPQOxCgznr04vYV8%2F%2F%2FHleYGMkjAfG9B1XYtvTVMurf%2FJmEb5WIVS9RJ7VcHjTnshWZqF8QA5MlnxR9A99l7L%2FGNLSRpGE4MvmAa2fdMYnAHuxwdRGJFziIVWD5gfDA9qLSo%2FMqVZctVhqISxWhReeBiQZIz3ictwcBcOorI7EC2ruRcbB3FGXrH43NCYhdKujzSrRG9%2BeaOFI3N%2Bjw4Daw7saPzIKJ1KW23d6jYdMj4HK1queruAhoSQJTYm0RhzV%2BLiGZYF7hn%2FexTNTN27VZhl7sbl9B7wR28n4pNpGl7CxRbw78HRy70OuWHh5MCeNf2iWhG5jj6R4tCdQnZYZGC69b%2BdBHk0vY3zaoUZBNJWXW6PNZQS1BIDtOFMu03vtiHTgq0SHq5hU3lX86T5gWF7VW8dLLR0qrVbetByVEXnduFaI9s1asG%2FdIHPSDzWvdNCacfduEf2gh86pf0tk6TJRHju5yBxeZcc5V1be2FpiLgBZkyHy6vccechdFyXqy4NyKLIKQ3yeNYi5JHgvkIyUMYK75tZQKc3KxRddljvmOODxtWJpZ7o9h0iKkPOHuuH66ScAljxyWqr0CzDbTQ6MTFJhcu6RDFnvJxN8yDNZhwmUDAyLCwq%2BdJlzPgezSMaBAvswHsGSdDu3GB1rKpwQfuNxHRqkmHPuDV87DhEfq9x19BZtVpd3tjbl8%2FlaXITCSgHBsF85%2FWTDW2L2TCBKZmTd6y0apH14NdggU%2BjLDrj3w0aRHXBJF4VgNJjK7DbBkGDNvxLJ8%2FCNJ0FPxkZexMXPHLiWVwhsVt3QK0lxlpzh3E0Nt6uWMkRmudhThY%2FjkicDT%2BuNSvCO2I%2BTsnrb8GIp0VwNAiJ7%2FdXtllAbyDGbEyEji2Aly2mwbG0kK4rzjodR%2FuO05SOnYE6oOZ2mHYh3emnkcDcRyTPO%2FsyIWkckmsEvhXauNODtU7CwriB1f5UQr%2FRHGXS3DVWGNX0yFemdceHm%2FY7tcZjZrqvZj2PLOcYql4L8QtwGOTjyO5s29BxzAzulEowsBxPhDt4lDvxguHG5OBmNENeuTSXN%2FWWNWZ11eVxmp3vgUEH1NoVHdOA%2Bu3Kprjyb4OEZK83PsJRyhs44kmHHpRgdPkevLsD3GE%2F3fPixCOmR4G%2FknKlbZYTnQb0NZrTznHH%2FMCmC%2Bz3r9%2BeX1bo2O%2BHaLsbjlzElJMgeL2zOlybw33GwZEIoIA5f4F3l5LV0hwO84qp4vS2tVGHVXccOpuY1Id4Gk%2FtY4PFOs2jRNXcr6n3yvCciHM1kWL4VwmYHcMjG51Ty5T%2F%2BfJlaYdGcTwtOyQX3TpBpLk83Y6d5oX%2FZkkCkqUzAb4%2BAd2cLSX79M3PTz%2F%2FB4IgulM%3D&use-server-side-rendering=1&pcode-icookie=tPxlESyPPbK3D%2Fz7%2F%2F676VzJlB3TKrFTYSUajTQgKAvaGiiXkamcuO8I%2FJaQYHk0fMVcR4TFnb8rAtzeGt6ZKJP%2FloI%3D&top-ancestor=https%3A%2F%2Fwww.ufa.kp.ru&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxNDJ9ChqipKjslilBEKAO0VF2b3_4o8tMk0pYSsIzJ5XEaO7v78bXPiwF0bddXXzcScXCQpOwJwJSUJCFUrVut278BvRqQM9AGyQEJkTxxv9efdIxo-e2rgoppAQiBCYwwUO6NYISkUdJRK60KM1RnCOglQiVtHmBVdJHeqUlUilNkTHSRnGkG6AAH6VKeAscuZJ-MWhU00iNJ0dUi2263KqVtJE-R2oFntRRmpdL_WJJHhkWW5oMwDmCtqA1i2fBFqBWCWeB0S3iaXIEaREwPBoWvSg5Q5cnZwYJ0AQxMoDukGeJXSCDbj_GaQZdMII5TDvsLwLjxUydAUIPPYfY83FYWVHy8nFw2bh5-azsVpRcvGBa5_mEmw18rFxWW2axsXKBJsrNxciDnJ3Jys7MIpp5mFmsXCxW0EQjGKSx1CUsSYVjgjmCOrzqI_ALcPEuWDJIzB6-Flh9pBm00oUPkxJ2XuB1SvPiSAcGltvjixd4hIOk7XOqhB_Fg4_q-AeB6SIS4nKrKmami6xYZDhVD8eLhflwny5OzVmtXhD6rAT4InNhbWHq8BslIsPC4SteeIQ3zV8cyYKkERmmxc3KM5-m4WSR0CynWhwIRGS7pRpqC5i_TB1kTdmdagrn2z4Usjwsq5v2LT4MExQVVqQjNi7ESJmRczN6qAlaBEmEtOpV-dW72CkWxvAg3JmPhpkbMS8fNzsyWXA0DFYrM0vmQWljZARNlJHHycpJQICN0WnHn7lYUSJjRivKG0GdJilh8wk3NlL4XXAv10yCPHbkgk57Ro3NasXAvXw_xfiEjxGZYPLgNi9_DlRI2ZlQCTiFMicmGwauvHj5uRlQCCFZhLNbmbBhBdQiHOZ2wbBsIucTtrlHA6hto5l46GBBgQ33okX9goS_HXghypcs0Fv1Q7PxVJZLRkKrelOfSuItX5PS4pJXSIo1lLrkG3JkVMINstZdP4CQz2V3jIY5_x_PRbpEAaAL-_qIMjIoaV3xHx56sg_pjulQfjyxny2pC45NLnpGHf6rKzTSf6vx8K52wXBov0XTX2KOxOyKjiFJeQF3VbnhyTgNlh6ZXXIHfdHSPQ7Ru2rHhqSN9u5gF7h_xATsx7AJCLrvevH7YVoYnpk_kSM-MBtMxabCKdd5dTfpRf2rib-_aV3k-bxDr3b95zKtK8rQb8iLH9zN-ZtV-_t1l9QQZp8vLFJGGhetmSS3OJexU_BmVyUH5Ttv03Mm5VDks8gdHUCoPieHSTfp_dc-v7rpRhS75BnGTPSPwOnwcmkMasTNZVtmUJDPPITkkneIWy2GcX3F5XzbfO9dI_alqGcP7edZahWZ-5Fc5XaNpvaX0_bYKYav8yhM5gwrfglkLhSgoGdDvPwCbHa1RGNMZoexoRG0cTI7BTM3FiSMINg8zfAyW2IwcL9CJGoVGyBtuNEhdrNuAjRcrxt2Rg6QOGzgbtsETBRj2wS8ir1tAr7F3jYB32JuG58eXG6bAAVX28bLv4ttE_At3rZR5Njkomcut40XDTG3jacexN02fkUQ_bbxq5JIt03Anatt422H620ToEGU28bbDzG2jTwVuto2nt662zaKeS7mtvFSBlFvm4BDV9tGsTXibhvvBYuxbXwYFXfbKLy2m20T8EyU28Z72a62TcC7-NvGy7mrbaPYHSLeNt6yFXPbIMKIGhknSeOGxEFDkumHG0QcKLiQkG76OTiHoAxKDkdGiwU9yExfUbKKYD5GJhuLdHQFMg5mVJgYfeQNhmPyECRzhISo7TJAwY4eOYb_b-oPEdLR5-HhQW6zhYHwQ2lzJu_x7AC7DpvC55iMfnk5QYySGzUnmvXGOTGzYEaMQ5TXjo-IKbnA5VvpYGVkEmRE5eTPbLi4cWJBXwEt0ATjCRt4dFhsJDjiIXf4Mw8rA6isHKLy2keJa0I659Cun1X38snFvjQ7s13IbieYQzpxywmQp0lTq4XdcQ5pHUogIqCcw2J3vHtc3xTP5EvPe50b-IQ1ISOimLNJJXB3pVHfjJC9Zd2ZSO6SZ1yY0GHH6XTwu2M7MJ_7e4vmp6jBTachb-HtrFUiuBoK4svMIlEglEoJLuaLVLr8CoZXsCj8ZCQ1i_BlVIBGZMWGxn-NukN3V96ocNg9SEWMH58QEqvTkTkYQeXEbfU_isPOq4BAacZquW90WJkYrCxsywo2JhwgMmOq_XWqv5psKqri0SfpZEOoU4m_Gtfxo7zrNx46vKt_RvU1BnLVB8pkywamMaaH_lx8T8Ey_5KEQDbNStgDLxM5nvbQahRa7p6C3928CID2GDKaInMroCBGwIc9s5FlZ2ZmZWEg4Fja4MaOlhERO9kWemEZ9Kq79syOHRNudBhFZSkAFRqbEDKkyw07FsxYkb7y6L5JabfxyVZIb0_K19yX5_SyGqkbVcu0t3NF-2k7gxLuvnBRVz6HmkZfdddc7WmebFOkUu80xnIaVkd65ym0QClhK2HfYS2KgC2T0NX8jTM4kTEj5ageGto9e9wvsfwnTfyy1pdUvLrxqWYGdmlbmq27_Jwlz91dL-t04tOcXFoWw_kzNw7soDCCsgxPpslTqSSmJEnGOZn6lmrFJbW-ObCDDDJGpBLXd4vvR5QjWb60aZnSMc5gdbYr-cqmfCZ2VbfTSPUE1rTttlEKinuoPtK1o0OxvU6VlnwveZphHjvs5cAXyFsSWaQ8_FM4zbYO3uKhyOfq4tbJafR1pBkmxoOMKdIkKxG-KI0D76RXNQ9WJGiQzHikzvd0_Pv-JqF_cQ2FUOQGtaNdf-8-_tMbunwvI61_sXQ6PHK9t3PJ2vyf19fsFsmFCvi7nZvZ2SHkHG910VL3Xs0RsC39vJw-zxcz6cmsORupeifcmyoJae0DKxwAh9ICYo5nC21PVpvfwzFp0i5cq3szky_F03qqb343UdLUXWmn-Ob_X47dmhZ8LQFZbf6qmFSgvLWNdr5RVeZ9fdurcwSwF97tKVsmlh87RX5JV7Y_rtD9kgtov4mlTtWt1tJMzjJ1BeFisZPucHJZOPTjt8D6mZaQ7DCX-imr8xkzaRvcRr6h_pbjyd75qdnHW1iHtYK98CyMkxYtREsZBiYA9e_bsTNSoiL5trbJN91UZNp4ZI-y393QNtcXc5We0c-jMvFR5EstzjXDfrmWnZGqQuvHB12ZgtqVuD8Rhw4d5ZRlldOpJ9jIFApHG5NJx46dkjgQM6DHLMp7AcUrlIuSSag7iJXGAxeUi4BkAdiaFgl7rhCe8uBWt9q49ND9kJX2hgv1GQa2VMHx0EwK1rdNRYD3DWA3nMCfwqEOWurNU2Plibmj7PNjPLU0zKLkT7Pgob27hfaGMaafjKpWt3ZsWiJNpzfU-E9tOvLP8SB9QQTF14FQvpSvQtWdVaEdWsIktucS7QojfmQAY3MXmC0P4-y0uuXHkS1m-qbdoTtVW1sW7-azbKbSFaWRV3RYULCnRZbXomEbZBy-wXtWlHxUk7hcjnY_wWzuJPejtG0Z-un_1a5Z5I0kmdaH0biW3FSmRwjMcBZPUVh6X8tvsR6xhmdGgSKMhQ5rqdJM_IJX6MIwMfnw1bYMzZNd5bQLKZoXKxYP7Ux60_l5O5d09rfac0bypXy-JwIJJIkpCNgfqvb78Z9fcj9FrVSdHqEXKCO_06-tqFadSoS4qxJWS9_8XxZVKjAhR0LHbf2mScSv3roooO6QXCndJzTJZrqyf2FC5tWGJsH3QDB-g8PxJ3pa76XO7enr3gvDO5FeyONDejGd0UIX_MPwmV7eI-781U6OIfh1b0Rr5ZgU-6KMZzceYvwABj-f-6b5SqYtp0B13MpCL9sqes6eqMeUrc-yEgOo3wLMOr85N8sfLd9xM1a3KfyXSKS7zKE7q_VdtqQVaz1fzdUN8kAIoUZGUiIRQ69JUPGmoD77eqegYEaQJZTclnnwyygULSxrZFmbu3bvMH4HqHsQ9Q8COQPyJONvCAgmd-sZ7g5pq06KDLc027bxKq1SG1O-tDXELU9BwLs8SbWNSRq8YYZkox-wTF-Z2iLEfJNxSOlNktzzxvpwQ2p7lauG4f0g6i_6VkmnvpH1eHKTkfY3Wg2UfPLUhQi9hFUNfalrZsccnTEcyAHN1MbPDrzDg93u69eb_S-QuMeauYhoB-esL63PGNDS8GhupDccJfAT5eaWtplj_W4fX_XBYz7paTiNCLsIgTkZ7dSR5kArl8_Q9flLigljmSqIKxPxlXbcbFKuaY-MMpaZJiL-RP1sulG-jWqeONs501c8KhM9Hq9F1BvN25z6Gx9L6QCpzWtlmbWMif0dVP_AVCHJ2MUBv23yz4DbtuL2Dzx2dElnUZU43cfy10pLe2uGAQ955bJS9dzUPvfTMbUmTRZUsdMza-KnY-xHsghKBCMCWvHqgPkQGkKtCAcGCGONSpXCJOrqBPaW4SnPm-hCgTnKd2oR6Qc61cNf-mxIWos_rrylFKe6RkvCgAppqlpT_6N_yXYR0pUpqaatpsKt9vQhb1rVeZVWccbJxWK1ocwg21CinKoKif4FY6bdDnhX4JlD8oPlDE3Kqtp3lG359f9hywkSxjoHh6aJOf_QLpfkUw99qbCfFAENKq7YCnI1f3uYPHRu--N66Bu25yWB3UKBnMvK2kNL2wtGH5Idq8xpHfKBDvfJpGtZexJqEmpVsKG_k67M2GOZ1oXneSenh3FyAmtjlMt_rz3talLq319oRd6KdgbFS0sYi1yKIBJRlzgMr7el6SgdWsdrY4emvmvWK-R_5k8S1uY_NRgfWWNv4Srp2lo9avQe7nPvL1l1GPMDHYaUPZFcXr0GtNIkcV2_HsbZk1f9JlKJ4pQhzHir9ES_QO86IwVBRZTSEv5bbzrp87jOOi5fLgFwfutNgrbAj_XzSl6B8NppRhwesO2Nkmlpkm_FYk41Lm0LafmPTC4yVDUGp7KM1SiZT702Yjzxbs_kh3QXuQxXv1VwbH4BqFdbEPuG-pLYymF0LgGBm_Na86gE-FlHEWhk1ouDTfz63h0Tb71drM59ofPycTjkBGPlEcZGABFqfiYn&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

c197ef987b405607bd112d5f6988d7b33f5c74b8d02b752208f7f5fb1b1b32e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1657386080038115-1480597080704340907-sas2-0565-5f1-sas-l7-balancer-8080-BAL-9021
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 09 Jul 2022 17:01:20 GMT
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json
access-control-allow-origin: https://www.ufa.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 09 Jul 2022 17:01:20 GMT

GET
H2 200 5cec68d4e85c9b2318b0.js Show response
yastatic.net/partner-code-bundles/612100/ 561 KB
113 KB 134ms
122ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/612100/5cec68d4e85c9b2318b0.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

514eede7d4c785888305efd995fc683471908a39b7c54ee24f9d2362fb4ec9e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.ufa.kp.ru/
Origin: https://www.ufa.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:20 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 115527
last-modified: Thu, 07 Jul 2022 19:27:29 GMT
server: nginx/1.17.9
etag: "a5627e2ac44c6ee00307ac0f0366ffbe"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 08 Jul 2052 23:32:35 GMT

POST
H2 200 hb Show response
ads.adfox.ru/ 218 B
200 B 370ms
81ms XHR
application/json 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adfox.ru/hb

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

c80e6a16dd9b77ca81bb8f4eecdf5416c0fa749739c40d51e70efc1c0ea70c14

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ufa.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
content-type: application/json
access-control-allow-origin: https://www.ufa.kp.ru
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

POST
H2 200 hb Show response
ads.adfox.ru/ 218 B
202 B 366ms
78ms XHR
application/json 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adfox.ru/hb

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

7faa9810b4278d5a6798f3c9b7102420fb46064cbda3b00c304caeba700af349

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ufa.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
content-type: application/json
access-control-allow-origin: https://www.ufa.kp.ru
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

POST
H2 200 hb Show response
ads.adfox.ru/ 221 B
354 B 357ms
70ms XHR
application/json 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adfox.ru/hb

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

7f23652d55f84af77692f04c63d6dcd15a8410e2696080b3002cd993a8588c43

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ufa.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
content-type: application/json
access-control-allow-origin: https://www.ufa.kp.ru
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
214 B 63ms
17ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=124&profileId=184&cb=94099566750

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ufa.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 09 Jul 2022 17:01:19 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://www.ufa.kp.ru
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
214 B 114ms
67ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=124&profileId=184&cb=60439473956

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ufa.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 09 Jul 2022 17:01:19 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://www.ufa.kp.ru
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
215 B 62ms
16ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=124&profileId=184&cb=57513450452

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ufa.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 09 Jul 2022 17:01:19 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://www.ufa.kp.ru
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H2 204 events
bidder.criteo.com/csm/ 0
214 B 19ms
18ms Ping
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ufa.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 09 Jul 2022 17:01:19 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://www.ufa.kp.ru
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
365 B 17ms
16ms Image
image/gif 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Requested by

Host: www.ufa.kp.ru
URL: https://www.ufa.kp.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:20 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
strict-transport-security: max-age=31536000; preload;
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Tue, 04 Jul 2023 17:01:20 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
365 B 18ms
17ms Image
image/gif 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Requested by

Host: www.ufa.kp.ru
URL: https://www.ufa.kp.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:20 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
strict-transport-security: max-age=31536000; preload;
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Tue, 04 Jul 2023 17:01:20 GMT

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/232598/getBulk/ 15 KB
6 KB 129ms
129ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/232598/getBulk/v2?dl=https%3A%2F%2Fwww.ufa.kp.ru%2F%3Fsection%3Dsociety&date=2022-07-09T17%3A01%3A20.162%2B00%3A00&pd=9&pdh=1200&pdw=1600&pr1=2280002514&pr=2228125499&prr=&pv=17&pw=6&extid_loader=&extid_tag_loader=www.ufa.kp.ru&ylv=0.612100&ybv=0.612100&ytt=424413099065349&is-turbo=0&skip-token=&ad-session-id=9960471657386079975&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.8%2C%22w%22%3A1130%2C%22h%22%3A250%2C%22width%22%3A1130%2C%22height%22%3A250%2C%22visible%22%3A0%2C%22isBlackTheme%22%3Afalse%2C%22left%22%3A235%2C%22top%22%3A3898%2C%22fontFamily%22%3A%22ys%22%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=612100&available-width=1130&available-height=250&yaru=true&pp=g&p2=gvdq&ps=bxyd&puid1=adv-1657386079932-342&puid2=society%3Atoday%3Ainteresting%3Azenyandex%3Aincident%3Aemergency%3Asport%3Acelebrity&puid3=top%3Aregion&puid5=&slotNumber=5&bids=W3siYmlkZGVyTmFtZSI6ImNyaXRlbyIsImNhbXBhaWduX2lkIjo3MjI1NzMsInJlc3BvbnNlX3RpbWUiOjIxOSwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjE1MjY3OTgifSx7ImJpZGRlck5hbWUiOiJydGJob3VzZSIsImNhbXBhaWduX2lkIjo4NTM4NjksInJlc3BvbnNlX3RpbWUiOjEzOSwiZXJyb3IiOnsiY29kZSI6NH0sInBsYWNlbWVudF9pZCI6IkQ2dFBHMlgxdzkzNUtrSGk5cW9IIn0seyJiaWRkZXJOYW1lIjoiYWRyaXZlciIsImNhbXBhaWduX2lkIjo3MjgyNTQsInJlc3BvbnNlX3RpbWUiOjE4NywiZXJyb3IiOnsiY29kZSI6NH0sInBsYWNlbWVudF9pZCI6IjI6a3BfOHNsb3QifSx7ImJpZGRlck5hbWUiOiJteXRhcmdldCIsImNhbXBhaWduX2lkIjo4MTA0MDIsInJlc3BvbnNlX3RpbWUiOjE3NSwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjgwMzAwNyJ9LHsiYmlkZGVyTmFtZSI6ImJldHdlZW5kaWdpdGFsIiwiY2FtcGFpZ25faWQiOjgxMDM0NCwicmVzcG9uc2VfdGltZSI6MTc0LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMzkyNzg1NyJ9XQ%3D%3D&utf8=%E2%9C%93&pcode-test-ids=609478%2C0%2C33%3B586085%2C0%2C3%3B597158%2C0%2C31%3B597485%2C0%2C28%3B590119%2C0%2C44%3B598479%2C0%2C41%3B609277%2C0%2C81%3B605344%2C0%2C36%3B610874%2C0%2C49%3B612100%2C0%2C18&pcode-flags-map=eJyVWNuO2zYQ%2FZXCz0FBXahL3iiJlomVSJWk7PUWwSBt9y0IimZTFAjy7x1KsleSbXr3ZQEbPsO5njmzPzaad5xZ2LesA81%2F67mxwLaWaxBSq6bZfPz9x%2Bbfz1%2B%2BP28%2Bbqzu%2BebD5uX524v4Cz%2FTNI2DZPPz04fNnhkQHIxVHSi7Q7zdMQlt31hx306W0vDSzrvBopZKc2iFMbyCilkGHdOsNbBVGvai4grDglK1hVrYfP7v74XJnMSUnv1hvVU1l1wzi2Y7Vj6YnbJQ9fiFUHJhKVraiQnJz3a4ZEXDQfLDzAg36DW0quILO0o2R%2BANb7m0BspGlA8OfMP6ZLllj7Djot5ZjFEajFcLWb87eBoF4WCWNY06jGXo0PxgY8ylrdkdGzGh85qM77dM10L6kAmJgyhap6zvqiH3rXIJB8tEg06MufM2R0KSbFYBzVu151DumDbcwlarFhohH%2Fw2giAm6dqlrXgE%2FGjBaqylS7OxTNshO53hfaWmmEuNAyb23Nx7hNKLuEvWdc50cYRKHeRbXE2y0GcFU6YxkYWwrpvfYwzDc8b2XJt10zvnU7rEhjEJ1o7shRGFaIQ9QtewY4GJw0noDTp3x5OQhhdzJCTSlOHl0BKqMFzvHe24csxeeqvhXmJPMZyYoYKs7ebAl3%2B%2BP89gcZhFORlhBsnKOLZcY9adPQOxCgznr04vYV8%2F%2F%2FHleYGMkjAfG9B1XYtvTVMurf%2FJmEb5WIVS9RJ7VcHjTnshWZqF8QA5MlnxR9A99l7L%2FGNLSRpGE4MvmAa2fdMYnAHuxwdRGJFziIVWD5gfDA9qLSo%2FMqVZctVhqISxWhReeBiQZIz3ictwcBcOorI7EC2ruRcbB3FGXrH43NCYhdKujzSrRG9%2BeaOFI3N%2Bjw4Daw7saPzIKJ1KW23d6jYdMj4HK1queruAhoSQJTYm0RhzV%2BLiGZYF7hn%2FexTNTN27VZhl7sbl9B7wR28n4pNpGl7CxRbw78HRy70OuWHh5MCeNf2iWhG5jj6R4tCdQnZYZGC69b%2BdBHk0vY3zaoUZBNJWXW6PNZQS1BIDtOFMu03vtiHTgq0SHq5hU3lX86T5gWF7VW8dLLR0qrVbetByVEXnduFaI9s1asG%2FdIHPSDzWvdNCacfduEf2gh86pf0tk6TJRHju5yBxeZcc5V1be2FpiLgBZkyHy6vccechdFyXqy4NyKLIKQ3yeNYi5JHgvkIyUMYK75tZQKc3KxRddljvmOODxtWJpZ7o9h0iKkPOHuuH66ScAljxyWqr0CzDbTQ6MTFJhcu6RDFnvJxN8yDNZhwmUDAyLCwq%2BdJlzPgezSMaBAvswHsGSdDu3GB1rKpwQfuNxHRqkmHPuDV87DhEfq9x19BZtVpd3tjbl8%2FlaXITCSgHBsF85%2FWTDW2L2TCBKZmTd6y0apH14NdggU%2BjLDrj3w0aRHXBJF4VgNJjK7DbBkGDNvxLJ8%2FCNJ0FPxkZexMXPHLiWVwhsVt3QK0lxlpzh3E0Nt6uWMkRmudhThY%2FjkicDT%2BuNSvCO2I%2BTsnrb8GIp0VwNAiJ7%2FdXtllAbyDGbEyEji2Aly2mwbG0kK4rzjodR%2FuO05SOnYE6oOZ2mHYh3emnkcDcRyTPO%2FsyIWkckmsEvhXauNODtU7CwriB1f5UQr%2FRHGXS3DVWGNX0yFemdceHm%2FY7tcZjZrqvZj2PLOcYql4L8QtwGOTjyO5s29BxzAzulEowsBxPhDt4lDvxguHG5OBmNENeuTSXN%2FWWNWZ11eVxmp3vgUEH1NoVHdOA%2Bu3Kprjyb4OEZK83PsJRyhs44kmHHpRgdPkevLsD3GE%2F3fPixCOmR4G%2FknKlbZYTnQb0NZrTznHH%2FMCmC%2Bz3r9%2BeX1bo2O%2BHaLsbjlzElJMgeL2zOlybw33GwZEIoIA5f4F3l5LV0hwO84qp4vS2tVGHVXccOpuY1Id4Gk%2FtY4PFOs2jRNXcr6n3yvCciHM1kWL4VwmYHcMjG51Ty5T%2F%2BfJlaYdGcTwtOyQX3TpBpLk83Y6d5oX%2FZkkCkqUzAb4%2BAd2cLSX79M3PTz%2F%2FB4IgulM%3D&use-server-side-rendering=1&pcode-icookie=tPxlESyPPbK3D%2Fz7%2F%2F676VzJlB3TKrFTYSUajTQgKAvaGiiXkamcuO8I%2FJaQYHk0fMVcR4TFnb8rAtzeGt6ZKJP%2FloI%3D&top-ancestor=https%3A%2F%2Fwww.ufa.kp.ru&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxNDJ9ChqipKjslilBEKAO0VF2b3_4o8tMk0pYSsIzJ5XEaO7v78bXPiwF0bddXXzcScXCQpOwJwJSUJCFUrVut278BvRqQM9AGyQEJkTxxv9efdIxo-e2rgoppAQiBCYwwUO6NYISkUdJRK60KM1RnCOglQiVtHmBVdJHeqUlUilNkTHSRnGkG6AAH6VKeAscuZJ-MWhU00iNJ0dUi2263KqVtJE-R2oFntRRmpdL_WJJHhkWW5oMwDmCtqA1i2fBFqBWCWeB0S3iaXIEaREwPBoWvSg5Q5cnZwYJ0AQxMoDukGeJXSCDbj_GaQZdMII5TDvsLwLjxUydAUIPPYfY83FYWVHy8nFw2bh5-azsVpRcvGBa5_mEmw18rFxWW2axsXKBJsrNxciDnJ3Jys7MIpp5mFmsXCxW0EQjGKSx1CUsSYVjgjmCOrzqI_ALcPEuWDJIzB6-Flh9pBm00oUPkxJ2XuB1SvPiSAcGltvjixd4hIOk7XOqhB_Fg4_q-AeB6SIS4nKrKmami6xYZDhVD8eLhflwny5OzVmtXhD6rAT4InNhbWHq8BslIsPC4SteeIQ3zV8cyYKkERmmxc3KM5-m4WSR0CynWhwIRGS7pRpqC5i_TB1kTdmdagrn2z4Usjwsq5v2LT4MExQVVqQjNi7ESJmRczN6qAlaBEmEtOpV-dW72CkWxvAg3JmPhpkbMS8fNzsyWXA0DFYrM0vmQWljZARNlJHHycpJQICN0WnHn7lYUSJjRivKG0GdJilh8wk3NlL4XXAv10yCPHbkgk57Ro3NasXAvXw_xfiEjxGZYPLgNi9_DlRI2ZlQCTiFMicmGwauvHj5uRlQCCFZhLNbmbBhBdQiHOZ2wbBsIucTtrlHA6hto5l46GBBgQ33okX9goS_HXghypcs0Fv1Q7PxVJZLRkKrelOfSuItX5PS4pJXSIo1lLrkG3JkVMINstZdP4CQz2V3jIY5_x_PRbpEAaAL-_qIMjIoaV3xHx56sg_pjulQfjyxny2pC45NLnpGHf6rKzTSf6vx8K52wXBov0XTX2KOxOyKjiFJeQF3VbnhyTgNlh6ZXXIHfdHSPQ7Ru2rHhqSN9u5gF7h_xATsx7AJCLrvevH7YVoYnpk_kSM-MBtMxabCKdd5dTfpRf2rib-_aV3k-bxDr3b95zKtK8rQb8iLH9zN-ZtV-_t1l9QQZp8vLFJGGhetmSS3OJexU_BmVyUH5Ttv03Mm5VDks8gdHUCoPieHSTfp_dc-v7rpRhS75BnGTPSPwOnwcmkMasTNZVtmUJDPPITkkneIWy2GcX3F5XzbfO9dI_alqGcP7edZahWZ-5Fc5XaNpvaX0_bYKYav8yhM5gwrfglkLhSgoGdDvPwCbHa1RGNMZoexoRG0cTI7BTM3FiSMINg8zfAyW2IwcL9CJGoVGyBtuNEhdrNuAjRcrxt2Rg6QOGzgbtsETBRj2wS8ir1tAr7F3jYB32JuG58eXG6bAAVX28bLv4ttE_At3rZR5Njkomcut40XDTG3jacexN02fkUQ_bbxq5JIt03Anatt422H620ToEGU28bbDzG2jTwVuto2nt662zaKeS7mtvFSBlFvm4BDV9tGsTXibhvvBYuxbXwYFXfbKLy2m20T8EyU28Z72a62TcC7-NvGy7mrbaPYHSLeNt6yFXPbIMKIGhknSeOGxEFDkumHG0QcKLiQkG76OTiHoAxKDkdGiwU9yExfUbKKYD5GJhuLdHQFMg5mVJgYfeQNhmPyECRzhISo7TJAwY4eOYb_b-oPEdLR5-HhQW6zhYHwQ2lzJu_x7AC7DpvC55iMfnk5QYySGzUnmvXGOTGzYEaMQ5TXjo-IKbnA5VvpYGVkEmRE5eTPbLi4cWJBXwEt0ATjCRt4dFhsJDjiIXf4Mw8rA6isHKLy2keJa0I659Cun1X38snFvjQ7s13IbieYQzpxywmQp0lTq4XdcQ5pHUogIqCcw2J3vHtc3xTP5EvPe50b-IQ1ISOimLNJJXB3pVHfjJC9Zd2ZSO6SZ1yY0GHH6XTwu2M7MJ_7e4vmp6jBTachb-HtrFUiuBoK4svMIlEglEoJLuaLVLr8CoZXsCj8ZCQ1i_BlVIBGZMWGxn-NukN3V96ocNg9SEWMH58QEqvTkTkYQeXEbfU_isPOq4BAacZquW90WJkYrCxsywo2JhwgMmOq_XWqv5psKqri0SfpZEOoU4m_Gtfxo7zrNx46vKt_RvU1BnLVB8pkywamMaaH_lx8T8Ey_5KEQDbNStgDLxM5nvbQahRa7p6C3928CID2GDKaInMroCBGwIc9s5FlZ2ZmZWEg4Fja4MaOlhERO9kWemEZ9Kq79syOHRNudBhFZSkAFRqbEDKkyw07FsxYkb7y6L5JabfxyVZIb0_K19yX5_SyGqkbVcu0t3NF-2k7gxLuvnBRVz6HmkZfdddc7WmebFOkUu80xnIaVkd65ym0QClhK2HfYS2KgC2T0NX8jTM4kTEj5ageGto9e9wvsfwnTfyy1pdUvLrxqWYGdmlbmq27_Jwlz91dL-t04tOcXFoWw_kzNw7soDCCsgxPpslTqSSmJEnGOZn6lmrFJbW-ObCDDDJGpBLXd4vvR5QjWb60aZnSMc5gdbYr-cqmfCZ2VbfTSPUE1rTttlEKinuoPtK1o0OxvU6VlnwveZphHjvs5cAXyFsSWaQ8_FM4zbYO3uKhyOfq4tbJafR1pBkmxoOMKdIkKxG-KI0D76RXNQ9WJGiQzHikzvd0_Pv-JqF_cQ2FUOQGtaNdf-8-_tMbunwvI61_sXQ6PHK9t3PJ2vyf19fsFsmFCvi7nZvZ2SHkHG910VL3Xs0RsC39vJw-zxcz6cmsORupeifcmyoJae0DKxwAh9ICYo5nC21PVpvfwzFp0i5cq3szky_F03qqb343UdLUXWmn-Ob_X47dmhZ8LQFZbf6qmFSgvLWNdr5RVeZ9fdurcwSwF97tKVsmlh87RX5JV7Y_rtD9kgtov4mlTtWt1tJMzjJ1BeFisZPucHJZOPTjt8D6mZaQ7DCX-imr8xkzaRvcRr6h_pbjyd75qdnHW1iHtYK98CyMkxYtREsZBiYA9e_bsTNSoiL5trbJN91UZNp4ZI-y393QNtcXc5We0c-jMvFR5EstzjXDfrmWnZGqQuvHB12ZgtqVuD8Rhw4d5ZRlldOpJ9jIFApHG5NJx46dkjgQM6DHLMp7AcUrlIuSSag7iJXGAxeUi4BkAdiaFgl7rhCe8uBWt9q49ND9kJX2hgv1GQa2VMHx0EwK1rdNRYD3DWA3nMCfwqEOWurNU2Plibmj7PNjPLU0zKLkT7Pgob27hfaGMaafjKpWt3ZsWiJNpzfU-E9tOvLP8SB9QQTF14FQvpSvQtWdVaEdWsIktucS7QojfmQAY3MXmC0P4-y0uuXHkS1m-qbdoTtVW1sW7-azbKbSFaWRV3RYULCnRZbXomEbZBy-wXtWlHxUk7hcjnY_wWzuJPejtG0Z-un_1a5Z5I0kmdaH0biW3FSmRwjMcBZPUVh6X8tvsR6xhmdGgSKMhQ5rqdJM_IJX6MIwMfnw1bYMzZNd5bQLKZoXKxYP7Ux60_l5O5d09rfac0bypXy-JwIJJIkpCNgfqvb78Z9fcj9FrVSdHqEXKCO_06-tqFadSoS4qxJWS9_8XxZVKjAhR0LHbf2mScSv3roooO6QXCndJzTJZrqyf2FC5tWGJsH3QDB-g8PxJ3pa76XO7enr3gvDO5FeyONDejGd0UIX_MPwmV7eI-781U6OIfh1b0Rr5ZgU-6KMZzceYvwABj-f-6b5SqYtp0B13MpCL9sqes6eqMeUrc-yEgOo3wLMOr85N8sfLd9xM1a3KfyXSKS7zKE7q_VdtqQVaz1fzdUN8kAIoUZGUiIRQ69JUPGmoD77eqegYEaQJZTclnnwyygULSxrZFmbu3bvMH4HqHsQ9Q8COQPyJONvCAgmd-sZ7g5pq06KDLc027bxKq1SG1O-tDXELU9BwLs8SbWNSRq8YYZkox-wTF-Z2iLEfJNxSOlNktzzxvpwQ2p7lauG4f0g6i_6VkmnvpH1eHKTkfY3Wg2UfPLUhQi9hFUNfalrZsccnTEcyAHN1MbPDrzDg93u69eb_S-QuMeauYhoB-esL63PGNDS8GhupDccJfAT5eaWtplj_W4fX_XBYz7paTiNCLsIgTkZ7dSR5kArl8_Q9flLigljmSqIKxPxlXbcbFKuaY-MMpaZJiL-RP1sulG-jWqeONs501c8KhM9Hq9F1BvN25z6Gx9L6QCpzWtlmbWMif0dVP_AVCHJ2MUBv23yz4DbtuL2Dzx2dElnUZU43cfy10pLe2uGAQ955bJS9dzUPvfTMbUmTRZUsdMza-KnY-xHsghKBCMCWvHqgPkQGkKtCAcGCGONSpXCJOrqBPaW4SnPm-hCgTnKd2oR6Qc61cNf-mxIWos_rrylFKe6RkvCgAppqlpT_6N_yXYR0pUpqaatpsKt9vQhb1rVeZVWccbJxWK1ocwg21CinKoKif4FY6bdDnhX4JlD8oPlDE3Kqtp3lG359f9hywkSxjoHh6aJOf_QLpfkUw99qbCfFAENKq7YCnI1f3uYPHRu--N66Bu25yWB3UKBnMvK2kNL2wtGH5Idq8xpHfKBDvfJpGtZexJqEmpVsKG_k67M2GOZ1oXneSenh3FyAmtjlMt_rz3talLq319oRd6KdgbFS0sYi1yKIBJRlzgMr7el6SgdWsdrY4emvmvWK-R_5k8S1uY_NRgfWWNv4Srp2lo9avQe7nPvL1l1GPMDHYaUPZFcXr0GtNIkcV2_HsbZk1f9JlKJ4pQhzHir9ES_QO86IwVBRZTSEv5bbzrp87jOOi5fLgFwfutNgrbAj_XzSl6B8NppRhwesO2Nkmlpkm_FYk41Lm0LafmPTC4yVDUGp7KM1SiZT702Yjzxbs_kh3QXuQxXv1VwbH4BqFdbEPuG-pLYymF0LgGBm_Na86gE-FlHEWhk1ouDTfz63h0Tb71drM59ofPycTjkBGPlEcZGABFqfiYn&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

7ab11e86e8d08494fc5f620a9fe7365c560ff721a5ae92c40b3a8c4c61e48aa1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1657386080193280-6899847054268386643-sas2-0565-5f1-sas-l7-balancer-8080-BAL-1141
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 09 Jul 2022 17:01:20 GMT
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json
access-control-allow-origin: https://www.ufa.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 09 Jul 2022 17:01:20 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
214 B 16ms
16ms Ping
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ufa.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 09 Jul 2022 17:01:19 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://www.ufa.kp.ru
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/232598/getBulk/ 16 KB
8 KB 427ms
426ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/232598/getBulk/v2?dl=https%3A%2F%2Fwww.ufa.kp.ru%2F%3Fsection%3Dsociety&date=2022-07-09T17%3A01%3A20.168%2B00%3A00&pd=9&pdh=1200&pdw=1600&pr1=1968230426&pr=2228125499&prr=&pv=17&pw=6&extid_loader=&extid_tag_loader=www.ufa.kp.ru&ylv=0.612100&ybv=0.612100&ytt=424413099065349&is-turbo=0&skip-token=&ad-session-id=9960471657386079975&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.8%2C%22w%22%3A240%2C%22h%22%3A400%2C%22width%22%3A240%2C%22height%22%3A400%2C%22visible%22%3A0%2C%22isBlackTheme%22%3Afalse%2C%22left%22%3A215%2C%22top%22%3A1264%2C%22fontFamily%22%3A%22ys%22%2C%22req_no%22%3A2%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=612100&available-width=240&available-height=400&yaru=true&pp=g&p2=fxjd&ps=bxyd&puid1=adv-1657386079929-502&puid2=society%3Atoday%3Ainteresting%3Azenyandex%3Aincident%3Aemergency%3Asport%3Acelebrity&puid3=top%3Aregion&puid5=&slotNumber=3&bids=W3siYmlkZGVyTmFtZSI6ImNyaXRlbyIsImNhbXBhaWduX2lkIjo3MjI1NzMsInJlc3BvbnNlX3RpbWUiOjIyNiwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjEyMzM1MzUifSx7ImJpZGRlck5hbWUiOiJydGJob3VzZSIsImNhbXBhaWduX2lkIjo4NTM4NjksInJlc3BvbnNlX3RpbWUiOjEzOCwiZXJyb3IiOnsiY29kZSI6NH0sInBsYWNlbWVudF9pZCI6IjhkMzA4ZDQyMzE2YzQwYjUxNjg4In0seyJiaWRkZXJOYW1lIjoiYWRyaXZlciIsImNhbXBhaWduX2lkIjo3MjgyNTQsInJlc3BvbnNlX3RpbWUiOjE4MywiZXJyb3IiOnsiY29kZSI6NH0sInBsYWNlbWVudF9pZCI6IjI6a3BfNXNsb3QifSx7ImJpZGRlck5hbWUiOiJteXRhcmdldCIsImNhbXBhaWduX2lkIjo4MTA0MDIsInJlc3BvbnNlX3RpbWUiOjE3NSwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjIzMzg1MiJ9LHsiYmlkZGVyTmFtZSI6ImJldHdlZW5kaWdpdGFsIiwiY2FtcGFpZ25faWQiOjgxMDM0NCwicmVzcG9uc2VfdGltZSI6MTQyLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMjQ4ODA1OSJ9XQ%3D%3D&utf8=%E2%9C%93&pcode-test-ids=609478%2C0%2C33%3B586085%2C0%2C3%3B597158%2C0%2C31%3B597485%2C0%2C28%3B590119%2C0%2C44%3B598479%2C0%2C41%3B609277%2C0%2C81%3B605344%2C0%2C36%3B610874%2C0%2C49%3B612100%2C0%2C18&pcode-flags-map=eJyVWNuO2zYQ%2FZXCz0FBXahL3iiJlomVSJWk7PUWwSBt9y0IimZTFAjy7x1KsleSbXr3ZQEbPsO5njmzPzaad5xZ2LesA81%2F67mxwLaWaxBSq6bZfPz9x%2Bbfz1%2B%2BP28%2Bbqzu%2BebD5uX524v4Cz%2FTNI2DZPPz04fNnhkQHIxVHSi7Q7zdMQlt31hx306W0vDSzrvBopZKc2iFMbyCilkGHdOsNbBVGvai4grDglK1hVrYfP7v74XJnMSUnv1hvVU1l1wzi2Y7Vj6YnbJQ9fiFUHJhKVraiQnJz3a4ZEXDQfLDzAg36DW0quILO0o2R%2BANb7m0BspGlA8OfMP6ZLllj7Djot5ZjFEajFcLWb87eBoF4WCWNY06jGXo0PxgY8ylrdkdGzGh85qM77dM10L6kAmJgyhap6zvqiH3rXIJB8tEg06MufM2R0KSbFYBzVu151DumDbcwlarFhohH%2Fw2giAm6dqlrXgE%2FGjBaqylS7OxTNshO53hfaWmmEuNAyb23Nx7hNKLuEvWdc50cYRKHeRbXE2y0GcFU6YxkYWwrpvfYwzDc8b2XJt10zvnU7rEhjEJ1o7shRGFaIQ9QtewY4GJw0noDTp3x5OQhhdzJCTSlOHl0BKqMFzvHe24csxeeqvhXmJPMZyYoYKs7ebAl3%2B%2BP89gcZhFORlhBsnKOLZcY9adPQOxCgznr04vYV8%2F%2F%2FHleYGMkjAfG9B1XYtvTVMurf%2FJmEb5WIVS9RJ7VcHjTnshWZqF8QA5MlnxR9A99l7L%2FGNLSRpGE4MvmAa2fdMYnAHuxwdRGJFziIVWD5gfDA9qLSo%2FMqVZctVhqISxWhReeBiQZIz3ictwcBcOorI7EC2ruRcbB3FGXrH43NCYhdKujzSrRG9%2BeaOFI3N%2Bjw4Daw7saPzIKJ1KW23d6jYdMj4HK1queruAhoSQJTYm0RhzV%2BLiGZYF7hn%2FexTNTN27VZhl7sbl9B7wR28n4pNpGl7CxRbw78HRy70OuWHh5MCeNf2iWhG5jj6R4tCdQnZYZGC69b%2BdBHk0vY3zaoUZBNJWXW6PNZQS1BIDtOFMu03vtiHTgq0SHq5hU3lX86T5gWF7VW8dLLR0qrVbetByVEXnduFaI9s1asG%2FdIHPSDzWvdNCacfduEf2gh86pf0tk6TJRHju5yBxeZcc5V1be2FpiLgBZkyHy6vccechdFyXqy4NyKLIKQ3yeNYi5JHgvkIyUMYK75tZQKc3KxRddljvmOODxtWJpZ7o9h0iKkPOHuuH66ScAljxyWqr0CzDbTQ6MTFJhcu6RDFnvJxN8yDNZhwmUDAyLCwq%2BdJlzPgezSMaBAvswHsGSdDu3GB1rKpwQfuNxHRqkmHPuDV87DhEfq9x19BZtVpd3tjbl8%2FlaXITCSgHBsF85%2FWTDW2L2TCBKZmTd6y0apH14NdggU%2BjLDrj3w0aRHXBJF4VgNJjK7DbBkGDNvxLJ8%2FCNJ0FPxkZexMXPHLiWVwhsVt3QK0lxlpzh3E0Nt6uWMkRmudhThY%2FjkicDT%2BuNSvCO2I%2BTsnrb8GIp0VwNAiJ7%2FdXtllAbyDGbEyEji2Aly2mwbG0kK4rzjodR%2FuO05SOnYE6oOZ2mHYh3emnkcDcRyTPO%2FsyIWkckmsEvhXauNODtU7CwriB1f5UQr%2FRHGXS3DVWGNX0yFemdceHm%2FY7tcZjZrqvZj2PLOcYql4L8QtwGOTjyO5s29BxzAzulEowsBxPhDt4lDvxguHG5OBmNENeuTSXN%2FWWNWZ11eVxmp3vgUEH1NoVHdOA%2Bu3Kprjyb4OEZK83PsJRyhs44kmHHpRgdPkevLsD3GE%2F3fPixCOmR4G%2FknKlbZYTnQb0NZrTznHH%2FMCmC%2Bz3r9%2BeX1bo2O%2BHaLsbjlzElJMgeL2zOlybw33GwZEIoIA5f4F3l5LV0hwO84qp4vS2tVGHVXccOpuY1Id4Gk%2FtY4PFOs2jRNXcr6n3yvCciHM1kWL4VwmYHcMjG51Ty5T%2F%2BfJlaYdGcTwtOyQX3TpBpLk83Y6d5oX%2FZkkCkqUzAb4%2BAd2cLSX79M3PTz%2F%2FB4IgulM%3D&use-server-side-rendering=1&pcode-icookie=tPxlESyPPbK3D%2Fz7%2F%2F676VzJlB3TKrFTYSUajTQgKAvaGiiXkamcuO8I%2FJaQYHk0fMVcR4TFnb8rAtzeGt6ZKJP%2FloI%3D&top-ancestor=https%3A%2F%2Fwww.ufa.kp.ru&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxNDJ9ChqipKjslilBEKAO0VF2b3_4o8tMk0pYSsIzJ5XEaO7v78bXPiwF0bddXXzcScXCQpOwJwJSUJCFUrVut278BvRqQM9AGyQEJkTxxv9efdIxo-e2rgoppAQiBCYwwUO6NYISkUdJRK60KM1RnCOglQiVtHmBVdJHeqUlUilNkTHSRnGkG6AAH6VKeAscuZJ-MWhU00iNJ0dUi2263KqVtJE-R2oFntRRmpdL_WJJHhkWW5oMwDmCtqA1i2fBFqBWCWeB0S3iaXIEaREwPBoWvSg5Q5cnZwYJ0AQxMoDukGeJXSCDbj_GaQZdMII5TDvsLwLjxUydAUIPPYfY83FYWVHy8nFw2bh5-azsVpRcvGBa5_mEmw18rFxWW2axsXKBJsrNxciDnJ3Jys7MIpp5mFmsXCxW0EQjGKSx1CUsSYVjgjmCOrzqI_ALcPEuWDJIzB6-Flh9pBm00oUPkxJ2XuB1SvPiSAcGltvjixd4hIOk7XOqhB_Fg4_q-AeB6SIS4nKrKmami6xYZDhVD8eLhflwny5OzVmtXhD6rAT4InNhbWHq8BslIsPC4SteeIQ3zV8cyYKkERmmxc3KM5-m4WSR0CynWhwIRGS7pRpqC5i_TB1kTdmdagrn2z4Usjwsq5v2LT4MExQVVqQjNi7ESJmRczN6qAlaBEmEtOpV-dW72CkWxvAg3JmPhpkbMS8fNzsyWXA0DFYrM0vmQWljZARNlJHHycpJQICN0WnHn7lYUSJjRivKG0GdJilh8wk3NlL4XXAv10yCPHbkgk57Ro3NasXAvXw_xfiEjxGZYPLgNi9_DlRI2ZlQCTiFMicmGwauvHj5uRlQCCFZhLNbmbBhBdQiHOZ2wbBsIucTtrlHA6hto5l46GBBgQ33okX9goS_HXghypcs0Fv1Q7PxVJZLRkKrelOfSuItX5PS4pJXSIo1lLrkG3JkVMINstZdP4CQz2V3jIY5_x_PRbpEAaAL-_qIMjIoaV3xHx56sg_pjulQfjyxny2pC45NLnpGHf6rKzTSf6vx8K52wXBov0XTX2KOxOyKjiFJeQF3VbnhyTgNlh6ZXXIHfdHSPQ7Ru2rHhqSN9u5gF7h_xATsx7AJCLrvevH7YVoYnpk_kSM-MBtMxabCKdd5dTfpRf2rib-_aV3k-bxDr3b95zKtK8rQb8iLH9zN-ZtV-_t1l9QQZp8vLFJGGhetmSS3OJexU_BmVyUH5Ttv03Mm5VDks8gdHUCoPieHSTfp_dc-v7rpRhS75BnGTPSPwOnwcmkMasTNZVtmUJDPPITkkneIWy2GcX3F5XzbfO9dI_alqGcP7edZahWZ-5Fc5XaNpvaX0_bYKYav8yhM5gwrfglkLhSgoGdDvPwCbHa1RGNMZoexoRG0cTI7BTM3FiSMINg8zfAyW2IwcL9CJGoVGyBtuNEhdrNuAjRcrxt2Rg6QOGzgbtsETBRj2wS8ir1tAr7F3jYB32JuG58eXG6bAAVX28bLv4ttE_At3rZR5Njkomcut40XDTG3jacexN02fkUQ_bbxq5JIt03Anatt422H620ToEGU28bbDzG2jTwVuto2nt662zaKeS7mtvFSBlFvm4BDV9tGsTXibhvvBYuxbXwYFXfbKLy2m20T8EyU28Z72a62TcC7-NvGy7mrbaPYHSLeNt6yFXPbIMKIGhknSeOGxEFDkumHG0QcKLiQkG76OTiHoAxKDkdGiwU9yExfUbKKYD5GJhuLdHQFMg5mVJgYfeQNhmPyECRzhISo7TJAwY4eOYb_b-oPEdLR5-HhQW6zhYHwQ2lzJu_x7AC7DpvC55iMfnk5QYySGzUnmvXGOTGzYEaMQ5TXjo-IKbnA5VvpYGVkEmRE5eTPbLi4cWJBXwEt0ATjCRt4dFhsJDjiIXf4Mw8rA6isHKLy2keJa0I659Cun1X38snFvjQ7s13IbieYQzpxywmQp0lTq4XdcQ5pHUogIqCcw2J3vHtc3xTP5EvPe50b-IQ1ISOimLNJJXB3pVHfjJC9Zd2ZSO6SZ1yY0GHH6XTwu2M7MJ_7e4vmp6jBTachb-HtrFUiuBoK4svMIlEglEoJLuaLVLr8CoZXsCj8ZCQ1i_BlVIBGZMWGxn-NukN3V96ocNg9SEWMH58QEqvTkTkYQeXEbfU_isPOq4BAacZquW90WJkYrCxsywo2JhwgMmOq_XWqv5psKqri0SfpZEOoU4m_Gtfxo7zrNx46vKt_RvU1BnLVB8pkywamMaaH_lx8T8Ey_5KEQDbNStgDLxM5nvbQahRa7p6C3928CID2GDKaInMroCBGwIc9s5FlZ2ZmZWEg4Fja4MaOlhERO9kWemEZ9Kq79syOHRNudBhFZSkAFRqbEDKkyw07FsxYkb7y6L5JabfxyVZIb0_K19yX5_SyGqkbVcu0t3NF-2k7gxLuvnBRVz6HmkZfdddc7WmebFOkUu80xnIaVkd65ym0QClhK2HfYS2KgC2T0NX8jTM4kTEj5ageGto9e9wvsfwnTfyy1pdUvLrxqWYGdmlbmq27_Jwlz91dL-t04tOcXFoWw_kzNw7soDCCsgxPpslTqSSmJEnGOZn6lmrFJbW-ObCDDDJGpBLXd4vvR5QjWb60aZnSMc5gdbYr-cqmfCZ2VbfTSPUE1rTttlEKinuoPtK1o0OxvU6VlnwveZphHjvs5cAXyFsSWaQ8_FM4zbYO3uKhyOfq4tbJafR1pBkmxoOMKdIkKxG-KI0D76RXNQ9WJGiQzHikzvd0_Pv-JqF_cQ2FUOQGtaNdf-8-_tMbunwvI61_sXQ6PHK9t3PJ2vyf19fsFsmFCvi7nZvZ2SHkHG910VL3Xs0RsC39vJw-zxcz6cmsORupeifcmyoJae0DKxwAh9ICYo5nC21PVpvfwzFp0i5cq3szky_F03qqb343UdLUXWmn-Ob_X47dmhZ8LQFZbf6qmFSgvLWNdr5RVeZ9fdurcwSwF97tKVsmlh87RX5JV7Y_rtD9kgtov4mlTtWt1tJMzjJ1BeFisZPucHJZOPTjt8D6mZaQ7DCX-imr8xkzaRvcRr6h_pbjyd75qdnHW1iHtYK98CyMkxYtREsZBiYA9e_bsTNSoiL5trbJN91UZNp4ZI-y393QNtcXc5We0c-jMvFR5EstzjXDfrmWnZGqQuvHB12ZgtqVuD8Rhw4d5ZRlldOpJ9jIFApHG5NJx46dkjgQM6DHLMp7AcUrlIuSSag7iJXGAxeUi4BkAdiaFgl7rhCe8uBWt9q49ND9kJX2hgv1GQa2VMHx0EwK1rdNRYD3DWA3nMCfwqEOWurNU2Plibmj7PNjPLU0zKLkT7Pgob27hfaGMaafjKpWt3ZsWiJNpzfU-E9tOvLP8SB9QQTF14FQvpSvQtWdVaEdWsIktucS7QojfmQAY3MXmC0P4-y0uuXHkS1m-qbdoTtVW1sW7-azbKbSFaWRV3RYULCnRZbXomEbZBy-wXtWlHxUk7hcjnY_wWzuJPejtG0Z-un_1a5Z5I0kmdaH0biW3FSmRwjMcBZPUVh6X8tvsR6xhmdGgSKMhQ5rqdJM_IJX6MIwMfnw1bYMzZNd5bQLKZoXKxYP7Ux60_l5O5d09rfac0bypXy-JwIJJIkpCNgfqvb78Z9fcj9FrVSdHqEXKCO_06-tqFadSoS4qxJWS9_8XxZVKjAhR0LHbf2mScSv3roooO6QXCndJzTJZrqyf2FC5tWGJsH3QDB-g8PxJ3pa76XO7enr3gvDO5FeyONDejGd0UIX_MPwmV7eI-781U6OIfh1b0Rr5ZgU-6KMZzceYvwABj-f-6b5SqYtp0B13MpCL9sqes6eqMeUrc-yEgOo3wLMOr85N8sfLd9xM1a3KfyXSKS7zKE7q_VdtqQVaz1fzdUN8kAIoUZGUiIRQ69JUPGmoD77eqegYEaQJZTclnnwyygULSxrZFmbu3bvMH4HqHsQ9Q8COQPyJONvCAgmd-sZ7g5pq06KDLc027bxKq1SG1O-tDXELU9BwLs8SbWNSRq8YYZkox-wTF-Z2iLEfJNxSOlNktzzxvpwQ2p7lauG4f0g6i_6VkmnvpH1eHKTkfY3Wg2UfPLUhQi9hFUNfalrZsccnTEcyAHN1MbPDrzDg93u69eb_S-QuMeauYhoB-esL63PGNDS8GhupDccJfAT5eaWtplj_W4fX_XBYz7paTiNCLsIgTkZ7dSR5kArl8_Q9flLigljmSqIKxPxlXbcbFKuaY-MMpaZJiL-RP1sulG-jWqeONs501c8KhM9Hq9F1BvN25z6Gx9L6QCpzWtlmbWMif0dVP_AVCHJ2MUBv23yz4DbtuL2Dzx2dElnUZU43cfy10pLe2uGAQ955bJS9dzUPvfTMbUmTRZUsdMza-KnY-xHsghKBCMCWvHqgPkQGkKtCAcGCGONSpXCJOrqBPaW4SnPm-hCgTnKd2oR6Qc61cNf-mxIWos_rrylFKe6RkvCgAppqlpT_6N_yXYR0pUpqaatpsKt9vQhb1rVeZVWccbJxWK1ocwg21CinKoKif4FY6bdDnhX4JlD8oPlDE3Kqtp3lG359f9hywkSxjoHh6aJOf_QLpfkUw99qbCfFAENKq7YCnI1f3uYPHRu--N66Bu25yWB3UKBnMvK2kNL2wtGH5Idq8xpHfKBDvfJpGtZexJqEmpVsKG_k67M2GOZ1oXneSenh3FyAmtjlMt_rz3talLq319oRd6KdgbFS0sYi1yKIBJRlzgMr7el6SgdWsdrY4emvmvWK-R_5k8S1uY_NRgfWWNv4Srp2lo9avQe7nPvL1l1GPMDHYaUPZFcXr0GtNIkcV2_HsbZk1f9JlKJ4pQhzHir9ES_QO86IwVBRZTSEv5bbzrp87jOOi5fLgFwfutNgrbAj_XzSl6B8NppRhwesO2Nkmlpkm_FYk41Lm0LafmPTC4yVDUGp7KM1SiZT702Yjzxbs_kh3QXuQxXv1VwbH4BqFdbEPuG-pLYymF0LgGBm_Na86gE-FlHEWhk1ouDTfz63h0Tb71drM59ofPycTjkBGPlEcZGABFqfiYn&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

01eb1050ef11c6e804aa51fcde72e6c7c7404e412b35135be924af3cd6d1b050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1657386080198979-4337381655789235939-sas2-0565-5f1-sas-l7-balancer-8080-BAL-9685
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 09 Jul 2022 17:01:20 GMT
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json
access-control-allow-origin: https://www.ufa.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 09 Jul 2022 17:01:20 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
214 B 16ms
16ms Ping
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ufa.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 09 Jul 2022 17:01:19 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://www.ufa.kp.ru
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame D843 15 KB
6 KB 69ms
23ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.ufa.kp.ru

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

5e5c9149be229df7c934f8cd1acf1b3cc9e04e29cbbe6cbe0e2d726e79930cff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.ufa.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6144
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 17:01:19 GMT
server-processing-duration-in-ticks: 2236
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 d8fd23f44c6e52b3e87f.js Show response
yastatic.net/partner-code-bundles/612100/ 36 KB
10 KB 42ms
41ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/612100/d8fd23f44c6e52b3e87f.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

2a0e49bb6cf4548106d205a7a7b971e72c0877e7247ef4cc889185b1aed3bfb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.ufa.kp.ru/
Origin: https://www.ufa.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:20 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 9990
last-modified: Thu, 07 Jul 2022 19:27:30 GMT
server: nginx/1.17.9
etag: "d004a835a21abda65758b4fca2a275cd"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 08 Jul 2052 23:32:51 GMT

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
1 KB 77ms
17ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Alegreya:wght@400;700;800&family=Roboto:wght@500&display=swap

Requested by

Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/612100/5cec68d4e85c9b2318b0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b9626a32ba37b0590508877b518afb8e18c1623278119b425ba2e3d14d39c4fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 09 Jul 2022 17:01:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 09 Jul 2022 17:01:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Jul 2022 17:01:20 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
230 B 110ms
62ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=3fce9d1590d6a5e0&pm=cyz&p5=ljjmt&ad-session-id=9960471657386079975&lts=fjmwgom&ytt=424413099065349&ybv=0.612100&ylv=0.612100&dl=https%3A%2F%2Fwww.ufa.kp.ru%2F%3Fsection%3Dsociety&rqs=YIziPGAVrnpgtMli5--7W_AZgLl2c0Ue&pr=hfnuxqp&puid3=top%3Aregion&puid2=society%3Atoday%3Ainteresting%3Azenyandex%3Aincident%3Aemergency%3Asport%3Acelebrity&p2=gvdq&rand=lnrdrua&sj=Lxt0CihIP7Td1YckA7WpCrRFaF6n47JvlzX-o-Ch0jXvBWhVq5OcZcWaLw_jPg%3D%3D&puid1=adv-1657386079932-342&p1=clerf

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:20 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Jul 2022 17:01:20 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 5191335_5.5a1c10449bf6ba3fb79322a26dc59f6f.jpg
banners.adfox.ru/220701/adfox/1877475/ 66 KB
67 KB 152ms
47ms Image
image/jpeg 2a02:6b8::2:158
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banners.adfox.ru/220701/adfox/1877475/5191335_5.5a1c10449bf6ba3fb79322a26dc59f6f.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::2:158 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: a81ae4dd7742b736f41e6e382827ab3672728b6f7f529ad5c72d6d6e79861484

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:20 GMT
last-modified: Fri, 01 Jul 2022 12:23:23 GMT
server: nginx
x-amz-request-id: bdaa635b69ab3464
etag: "5a1c10449bf6ba3fb79322a26dc59f6f"
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
x-amz-version-id: null
access-control-allow-origin: *
accept-ranges: bytes
content-type: image/jpeg
content-length: 67614
x-nginx-request-id: 845f74ed25e1907e

GET
H2 200 5191335_9.1366b90e36296da712c6488fa46b6f41.jpg
banners.adfox.ru/220419/adfox/1877475/ 26 KB
26 KB 271ms
167ms Image
image/jpeg 2a02:6b8::2:158
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banners.adfox.ru/220419/adfox/1877475/5191335_9.1366b90e36296da712c6488fa46b6f41.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::2:158 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: f76a521d8d893e573ee2def73e397a42f33f937aca5dcfeb77b2e001ea5a7ca6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:20 GMT
last-modified: Tue, 19 Apr 2022 13:08:29 GMT
server: nginx
x-amz-request-id: f968db67b92e47d1
etag: "1366b90e36296da712c6488fa46b6f41"
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
x-amz-version-id: null
access-control-allow-origin: *
accept-ranges: bytes
content-type: image/jpeg
content-length: 26361
x-nginx-request-id: 85937d3903525ba3

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 03FE 81 KB
28 KB 47ms
16ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/612100/c1d4e7ea878871c6a693.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f7d4a77e29961071a337cc5073d127fc328e2ea23fca15e9894838d72cc6822

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28091
x-xss-protection: 0
server: sffe
etag: "1268 / 541 of 1000 / last-modified: 1657317992"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 09 Jul 2022 17:01:20 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
18 B 103ms
75ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=d8dd82fac229cafd&pm=bmo&pxo=MFqK4PiMPHOxqwX-ahm3k2XCPc6ge3fxMM7r9WL7xOwyJiz2jsaF_fysdqNUAHCfBjeH1CkwARV-uJb4ZqoqP23Ndqxl8DAVN-F7vlXd6jaNmWGN0nX6WzQT-jWJqf9rOs5dpMmnzeHrvAtolw8H77VJbfPTS2CcmNZa8SW3OcgzK0kTyQ%3D%3D&p5=gwdbk&ad-session-id=9960471657386079975&utg=oxum&lts=fjmwgom&ytt=424413099065349&ybv=0.612100&ylv=0.612100&dl=https%3A%2F%2Fwww.ufa.kp.ru%2F%3F&rtb-si=b&p2=gftf&rand=fcrxjiz&sj=jH9oyGzHgyaDhoybOQK_PW2DR148gHyJHlZdVr9nLahr76v0uU3UiAEj6vWh-A%3D%3D&puid1=adv-1657386079927-66&pr=hfnuxqp&p1=cdinl&rqs=YJCM2sHShn1gtMliGDQkCijhkadxvyD2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:20 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Jul 2022 17:01:20 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 pubads_impl_2022063001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 03FE 374 KB
128 KB 41ms
8ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

c84615457f9332569ff8501c382a395ef9fe116a9add5034b4ebc62c9bceeb3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 13:33:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12468
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130816
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 08:35:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 09 Jul 2023 13:33:32 GMT

GET
H2 200 4UaBrEBBsBhlBjvfkSLhx6g.woff2
fonts.gstatic.com/s/alegreya/v29/ 39 KB
39 KB 41ms
11ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/alegreya/v29/4UaBrEBBsBhlBjvfkSLhx6g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Alegreya:wght@400;700;800&family=Roboto:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92f108fa97f63aa01d67c7c19599f9133ef0e60a11fba74ca137f5b699abd36b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ufa.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 09:22:07 GMT
x-content-type-options: nosniff
age: 113953
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39860
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 18:47:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Jul 2023 09:22:07 GMT

GET
H2 200 4UaBrEBBsBhlBjvfkSLlx6jx4w.woff2
fonts.gstatic.com/s/alegreya/v29/ 22 KB
23 KB 47ms
17ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/alegreya/v29/4UaBrEBBsBhlBjvfkSLlx6jx4w.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Alegreya:wght@400;700;800&family=Roboto:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6db6653a65bc919f600c1e098b02145b5e62d137fbf99f84ad526692b65cc31c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ufa.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:38:01 GMT
x-content-type-options: nosniff
age: 267799
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22952
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 18:46:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Jul 2023 14:38:01 GMT

GET
H2 200 4UaBrEBBsBhlBjvfkSLhx6g.woff2
fonts.gstatic.com/s/alegreya/v29/ 39 KB
39 KB 51ms
21ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/alegreya/v29/4UaBrEBBsBhlBjvfkSLhx6g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Alegreya:wght@400;700;800&family=Roboto:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92f108fa97f63aa01d67c7c19599f9133ef0e60a11fba74ca137f5b699abd36b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ufa.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 09:22:07 GMT
x-content-type-options: nosniff
age: 113953
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39860
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 18:47:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Jul 2023 09:22:07 GMT

GET
H2 200 4UaBrEBBsBhlBjvfkSLhx6g.woff2
fonts.gstatic.com/s/alegreya/v29/ 39 KB
39 KB 55ms
26ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/alegreya/v29/4UaBrEBBsBhlBjvfkSLhx6g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Alegreya:wght@400;700;800&family=Roboto:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92f108fa97f63aa01d67c7c19599f9133ef0e60a11fba74ca137f5b699abd36b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ufa.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 09:22:07 GMT
x-content-type-options: nosniff
age: 113953
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39860
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 18:47:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Jul 2023 09:22:07 GMT

GET
H2 200 4UaBrEBBsBhlBjvfkSLlx6jx4w.woff2
fonts.gstatic.com/s/alegreya/v29/ 22 KB
22 KB 57ms
29ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/alegreya/v29/4UaBrEBBsBhlBjvfkSLlx6jx4w.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Alegreya:wght@400;700;800&family=Roboto:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6db6653a65bc919f600c1e098b02145b5e62d137fbf99f84ad526692b65cc31c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ufa.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:38:01 GMT
x-content-type-options: nosniff
age: 267799
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22952
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 18:46:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Jul 2023 14:38:01 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 56ms
32ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Alegreya:wght@400;700;800&family=Roboto:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ufa.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 16:12:47 GMT
x-content-type-options: nosniff
age: 434913
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Jul 2023 16:12:47 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 10 KB
10 KB 32ms
9ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Alegreya:wght@400;700;800&family=Roboto:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ufa.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 14:43:17 GMT
x-content-type-options: nosniff
age: 440283
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9840
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Jul 2023 14:43:17 GMT

GET
H2 200 4UaBrEBBsBhlBjvfkSLlx6jx4w.woff2
fonts.gstatic.com/s/alegreya/v29/ 22 KB
22 KB 50ms
30ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/alegreya/v29/4UaBrEBBsBhlBjvfkSLlx6jx4w.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Alegreya:wght@400;700;800&family=Roboto:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6db6653a65bc919f600c1e098b02145b5e62d137fbf99f84ad526692b65cc31c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ufa.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 14:38:01 GMT
x-content-type-options: nosniff
age: 267799
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22952
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 18:46:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Jul 2023 14:38:01 GMT

GET
H2 200 71df57f56c922e07c34676f1e3160977.woff2
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 39 KB
39 KB 8ms
8ms Font
font/woff2 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/71df57f56c922e07c34676f1e3160977.woff2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

9205ceae907f8417e3b4bd8463b1075526a25da4cdd2aed549b03cd6869632aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ufa.kp.ru/
Origin: https://www.ufa.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc35
date: Sat, 09 Jul 2022 17:01:20 GMT
x-content-type-options: nosniff
x-server-trace-id: 7f43380d60d6800c:506f1734616d0b7c:7f43380d60d6800c:1
x-amz-request-id: cd87a55a1b1db929
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T14:25:43+00:00
content-length: 39768
x-request-id: a87f8695-5e81-405a-9019-a7be859b93f4
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:45 GMT
server: nginx
etag: "71df57f56c922e07c34676f1e3160977"
x-amz-version-id: 0005D1CC48A637F4
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-type: font/woff2
expires: Sun, 10 Jul 2022 17:01:20 GMT

GET
H2 200 88c3f8d6237466d983567ddf480dfb98.woff2
s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/ 22 KB
22 KB 8ms
8ms Font
font/woff2 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL

https://s01.stc.yc.kpcdn.net/s0/2.1.83/adaptive/88c3f8d6237466d983567ddf480dfb98.woff2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),

Reverse DNS

Software

nginx /

Resource Hash

7a0fb8fc4de0bde528e5b17743e35c50492d1d1de41567cb3b83f5a63db862d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ufa.kp.ru/
Origin: https://www.ufa.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-id: fr5-up-gc35
date: Sat, 09 Jul 2022 17:01:20 GMT
x-content-type-options: nosniff
x-server-trace-id: 9d615bc8fe9d2fa5:5bd4d485b65f00a5:9d615bc8fe9d2fa5:1
x-amz-request-id: 46d5d43a590268b0
x-serverless-gateway-path: /{site}/{version}/{filename+}
x-cached-since: 2022-07-09T14:25:43+00:00
content-length: 22100
x-request-id: b5e98a53-39b2-40df-9bc8-feca523aa73b
x-serverless-gateway-id: d5dcee70jck4ehrnhirl
last-modified: Sat, 27 Nov 2021 21:56:45 GMT
server: nginx
etag: "88c3f8d6237466d983567ddf480dfb98"
x-amz-version-id: 0005D1CC489C28E6
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-type: font/woff2
expires: Sun, 10 Jul 2022 17:01:20 GMT

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/232598/getBulk/ 101 KB
27 KB 303ms
303ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/232598/getBulk/v2?dl=https%3A%2F%2Fwww.ufa.kp.ru%2F%3F&date=2022-07-09T17%3A01%3A20.492%2B00%3A00&pd=9&pdh=1200&pdw=1600&pr1=2602265822&pr=2228125499&prr=&pv=17&pw=6&extid_loader=&extid_tag_loader=www.ufa.kp.ru&ylv=0.612100&ybv=0.612100&ytt=424413099065349&is-turbo=0&skip-token=&ad-session-id=9960471657386079975&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.8%2C%22w%22%3A1560%2C%22h%22%3A250%2C%22width%22%3A1560%2C%22height%22%3A250%2C%22visible%22%3A1%2C%22isBlackTheme%22%3Afalse%2C%22left%22%3A20%2C%22top%22%3A120%2C%22fontFamily%22%3A%22ys%22%2C%22req_no%22%3A3%2C%22ad_no%22%3A2%7D&enable-flat-highlight=1&pcode-version=612100&available-width=1560&available-height=250&yaru=true&pp=g&p2=fban&ps=bxyd&puid1=adv-1657386079926-344&puid2=&puid3=&puid5=&slotNumber=1&bids=W3siYmlkZGVyTmFtZSI6ImFkZm94X2Fkc21hcnQiLCJjYW1wYWlnbl9pZCI6MTU5MjA0MCwicmVzcG9uc2VfdGltZSI6NTUxLCJlcnJvciI6eyJjb2RlIjoxfX0seyJiaWRkZXJOYW1lIjoiYnV6em9vbGEiLCJjYW1wYWlnbl9pZCI6ODkwNDUwLCJyZXNwb25zZV90aW1lIjoxNzAsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIxMjI3MTY5In1d&utf8=%E2%9C%93&pcode-test-ids=609478%2C0%2C33%3B586085%2C0%2C3%3B597158%2C0%2C31%3B597485%2C0%2C28%3B590119%2C0%2C44%3B598479%2C0%2C41%3B609277%2C0%2C81%3B605344%2C0%2C36%3B610874%2C0%2C49%3B612100%2C0%2C18&pcode-flags-map=eJyVWNuO2zYQ%2FZXCz0FBXahL3iiJlomVSJWk7PUWwSBt9y0IimZTFAjy7x1KsleSbXr3ZQEbPsO5njmzPzaad5xZ2LesA81%2F67mxwLaWaxBSq6bZfPz9x%2Bbfz1%2B%2BP28%2Bbqzu%2BebD5uX524v4Cz%2FTNI2DZPPz04fNnhkQHIxVHSi7Q7zdMQlt31hx306W0vDSzrvBopZKc2iFMbyCilkGHdOsNbBVGvai4grDglK1hVrYfP7v74XJnMSUnv1hvVU1l1wzi2Y7Vj6YnbJQ9fiFUHJhKVraiQnJz3a4ZEXDQfLDzAg36DW0quILO0o2R%2BANb7m0BspGlA8OfMP6ZLllj7Djot5ZjFEajFcLWb87eBoF4WCWNY06jGXo0PxgY8ylrdkdGzGh85qM77dM10L6kAmJgyhap6zvqiH3rXIJB8tEg06MufM2R0KSbFYBzVu151DumDbcwlarFhohH%2Fw2giAm6dqlrXgE%2FGjBaqylS7OxTNshO53hfaWmmEuNAyb23Nx7hNKLuEvWdc50cYRKHeRbXE2y0GcFU6YxkYWwrpvfYwzDc8b2XJt10zvnU7rEhjEJ1o7shRGFaIQ9QtewY4GJw0noDTp3x5OQhhdzJCTSlOHl0BKqMFzvHe24csxeeqvhXmJPMZyYoYKs7ebAl3%2B%2BP89gcZhFORlhBsnKOLZcY9adPQOxCgznr04vYV8%2F%2F%2FHleYGMkjAfG9B1XYtvTVMurf%2FJmEb5WIVS9RJ7VcHjTnshWZqF8QA5MlnxR9A99l7L%2FGNLSRpGE4MvmAa2fdMYnAHuxwdRGJFziIVWD5gfDA9qLSo%2FMqVZctVhqISxWhReeBiQZIz3ictwcBcOorI7EC2ruRcbB3FGXrH43NCYhdKujzSrRG9%2BeaOFI3N%2Bjw4Daw7saPzIKJ1KW23d6jYdMj4HK1queruAhoSQJTYm0RhzV%2BLiGZYF7hn%2FexTNTN27VZhl7sbl9B7wR28n4pNpGl7CxRbw78HRy70OuWHh5MCeNf2iWhG5jj6R4tCdQnZYZGC69b%2BdBHk0vY3zaoUZBNJWXW6PNZQS1BIDtOFMu03vtiHTgq0SHq5hU3lX86T5gWF7VW8dLLR0qrVbetByVEXnduFaI9s1asG%2FdIHPSDzWvdNCacfduEf2gh86pf0tk6TJRHju5yBxeZcc5V1be2FpiLgBZkyHy6vccechdFyXqy4NyKLIKQ3yeNYi5JHgvkIyUMYK75tZQKc3KxRddljvmOODxtWJpZ7o9h0iKkPOHuuH66ScAljxyWqr0CzDbTQ6MTFJhcu6RDFnvJxN8yDNZhwmUDAyLCwq%2BdJlzPgezSMaBAvswHsGSdDu3GB1rKpwQfuNxHRqkmHPuDV87DhEfq9x19BZtVpd3tjbl8%2FlaXITCSgHBsF85%2FWTDW2L2TCBKZmTd6y0apH14NdggU%2BjLDrj3w0aRHXBJF4VgNJjK7DbBkGDNvxLJ8%2FCNJ0FPxkZexMXPHLiWVwhsVt3QK0lxlpzh3E0Nt6uWMkRmudhThY%2FjkicDT%2BuNSvCO2I%2BTsnrb8GIp0VwNAiJ7%2FdXtllAbyDGbEyEji2Aly2mwbG0kK4rzjodR%2FuO05SOnYE6oOZ2mHYh3emnkcDcRyTPO%2FsyIWkckmsEvhXauNODtU7CwriB1f5UQr%2FRHGXS3DVWGNX0yFemdceHm%2FY7tcZjZrqvZj2PLOcYql4L8QtwGOTjyO5s29BxzAzulEowsBxPhDt4lDvxguHG5OBmNENeuTSXN%2FWWNWZ11eVxmp3vgUEH1NoVHdOA%2Bu3Kprjyb4OEZK83PsJRyhs44kmHHpRgdPkevLsD3GE%2F3fPixCOmR4G%2FknKlbZYTnQb0NZrTznHH%2FMCmC%2Bz3r9%2BeX1bo2O%2BHaLsbjlzElJMgeL2zOlybw33GwZEIoIA5f4F3l5LV0hwO84qp4vS2tVGHVXccOpuY1Id4Gk%2FtY4PFOs2jRNXcr6n3yvCciHM1kWL4VwmYHcMjG51Ty5T%2F%2BfJlaYdGcTwtOyQX3TpBpLk83Y6d5oX%2FZkkCkqUzAb4%2BAd2cLSX79M3PTz%2F%2FB4IgulM%3D&use-server-side-rendering=1&pcode-icookie=tPxlESyPPbK3D%2Fz7%2F%2F676VzJlB3TKrFTYSUajTQgKAvaGiiXkamcuO8I%2FJaQYHk0fMVcR4TFnb8rAtzeGt6ZKJP%2FloI%3D&top-ancestor=https%3A%2F%2Fwww.ufa.kp.ru&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxNDJ9ChqipKjslilBEKAO0VF2b3_4o8tMk0pYSsIzJ5XEaO7v78bXPiwF0bddXXzcScXCQpOwJwJSUJCFUrVut278BvRqQM9AGyQEJkTxxv9efdIxo-e2rgoppAQiBCYwwUO6NYISkUdJRK60KM1RnCOglQiVtHmBVdJHeqUlUilNkTHSRnGkG6AAH6VKeAscuZJ-MWhU00iNJ0dUi2263KqVtJE-R2oFntRRmpdL_WJJHhkWW5oMwDmCtqA1i2fBFqBWCWeB0S3iaXIEaREwPBoWvSg5Q5cnZwYJ0AQxMoDukGeJXSCDbj_GaQZdMII5TDvsLwLjxUydAUIPPYfY83FYWVHy8nFw2bh5-azsVpRcvGBa5_mEmw18rFxWW2axsXKBJsrNxciDnJ3Jys7MIpp5mFmsXCxW0EQjGKSx1CUsSYVjgjmCOrzqI_ALcPEuWDJIzB6-Flh9pBm00oUPkxJ2XuB1SvPiSAcGltvjixd4hIOk7XOqhB_Fg4_q-AeB6SIS4nKrKmami6xYZDhVD8eLhflwny5OzVmtXhD6rAT4InNhbWHq8BslIsPC4SteeIQ3zV8cyYKkERmmxc3KM5-m4WSR0CynWhwIRGS7pRpqC5i_TB1kTdmdagrn2z4Usjwsq5v2LT4MExQVVqQjNi7ESJmRczN6qAlaBEmEtOpV-dW72CkWxvAg3JmPhpkbMS8fNzsyWXA0DFYrM0vmQWljZARNlJHHycpJQICN0WnHn7lYUSJjRivKG0GdJilh8wk3NlL4XXAv10yCPHbkgk57Ro3NasXAvXw_xfiEjxGZYPLgNi9_DlRI2ZlQCTiFMicmGwauvHj5uRlQCCFZhLNbmbBhBdQiHOZ2wbBsIucTtrlHA6hto5l46GBBgQ33okX9goS_HXghypcs0Fv1Q7PxVJZLRkKrelOfSuItX5PS4pJXSIo1lLrkG3JkVMINstZdP4CQz2V3jIY5_x_PRbpEAaAL-_qIMjIoaV3xHx56sg_pjulQfjyxny2pC45NLnpGHf6rKzTSf6vx8K52wXBov0XTX2KOxOyKjiFJeQF3VbnhyTgNlh6ZXXIHfdHSPQ7Ru2rHhqSN9u5gF7h_xATsx7AJCLrvevH7YVoYnpk_kSM-MBtMxabCKdd5dTfpRf2rib-_aV3k-bxDr3b95zKtK8rQb8iLH9zN-ZtV-_t1l9QQZp8vLFJGGhetmSS3OJexU_BmVyUH5Ttv03Mm5VDks8gdHUCoPieHSTfp_dc-v7rpRhS75BnGTPSPwOnwcmkMasTNZVtmUJDPPITkkneIWy2GcX3F5XzbfO9dI_alqGcP7edZahWZ-5Fc5XaNpvaX0_bYKYav8yhM5gwrfglkLhSgoGdDvPwCbHa1RGNMZoexoRG0cTI7BTM3FiSMINg8zfAyW2IwcL9CJGoVGyBtuNEhdrNuAjRcrxt2Rg6QOGzgbtsETBRj2wS8ir1tAr7F3jYB32JuG58eXG6bAAVX28bLv4ttE_At3rZR5Njkomcut40XDTG3jacexN02fkUQ_bbxq5JIt03Anatt422H620ToEGU28bbDzG2jTwVuto2nt662zaKeS7mtvFSBlFvm4BDV9tGsTXibhvvBYuxbXwYFXfbKLy2m20T8EyU28Z72a62TcC7-NvGy7mrbaPYHSLeNt6yFXPbIMKIGhknSeOGxEFDkumHG0QcKLiQkG76OTiHoAxKDkdGiwU9yExfUbKKYD5GJhuLdHQFMg5mVJgYfeQNhmPyECRzhISo7TJAwY4eOYb_b-oPEdLR5-HhQW6zhYHwQ2lzJu_x7AC7DpvC55iMfnk5QYySGzUnmvXGOTGzYEaMQ5TXjo-IKbnA5VvpYGVkEmRE5eTPbLi4cWJBXwEt0ATjCRt4dFhsJDjiIXf4Mw8rA6isHKLy2keJa0I659Cun1X38snFvjQ7s13IbieYQzpxywmQp0lTq4XdcQ5pHUogIqCcw2J3vHtc3xTP5EvPe50b-IQ1ISOimLNJJXB3pVHfjJC9Zd2ZSO6SZ1yY0GHH6XTwu2M7MJ_7e4vmp6jBTachb-HtrFUiuBoK4svMIlEglEoJLuaLVLr8CoZXsCj8ZCQ1i_BlVIBGZMWGxn-NukN3V96ocNg9SEWMH58QEqvTkTkYQeXEbfU_isPOq4BAacZquW90WJkYrCxsywo2JhwgMmOq_XWqv5psKqri0SfpZEOoU4m_Gtfxo7zrNx46vKt_RvU1BnLVB8pkywamMaaH_lx8T8Ey_5KEQDbNStgDLxM5nvbQahRa7p6C3928CID2GDKaInMroCBGwIc9s5FlZ2ZmZWEg4Fja4MaOlhERO9kWemEZ9Kq79syOHRNudBhFZSkAFRqbEDKkyw07FsxYkb7y6L5JabfxyVZIb0_K19yX5_SyGqkbVcu0t3NF-2k7gxLuvnBRVz6HmkZfdddc7WmebFOkUu80xnIaVkd65ym0QClhK2HfYS2KgC2T0NX8jTM4kTEj5ageGto9e9wvsfwnTfyy1pdUvLrxqWYGdmlbmq27_Jwlz91dL-t04tOcXFoWw_kzNw7soDCCsgxPpslTqSSmJEnGOZn6lmrFJbW-ObCDDDJGpBLXd4vvR5QjWb60aZnSMc5gdbYr-cqmfCZ2VbfTSPUE1rTttlEKinuoPtK1o0OxvU6VlnwveZphHjvs5cAXyFsSWaQ8_FM4zbYO3uKhyOfq4tbJafR1pBkmxoOMKdIkKxG-KI0D76RXNQ9WJGiQzHikzvd0_Pv-JqF_cQ2FUOQGtaNdf-8-_tMbunwvI61_sXQ6PHK9t3PJ2vyf19fsFsmFCvi7nZvZ2SHkHG910VL3Xs0RsC39vJw-zxcz6cmsORupeifcmyoJae0DKxwAh9ICYo5nC21PVpvfwzFp0i5cq3szky_F03qqb343UdLUXWmn-Ob_X47dmhZ8LQFZbf6qmFSgvLWNdr5RVeZ9fdurcwSwF97tKVsmlh87RX5JV7Y_rtD9kgtov4mlTtWt1tJMzjJ1BeFisZPucHJZOPTjt8D6mZaQ7DCX-imr8xkzaRvcRr6h_pbjyd75qdnHW1iHtYK98CyMkxYtREsZBiYA9e_bsTNSoiL5trbJN91UZNp4ZI-y393QNtcXc5We0c-jMvFR5EstzjXDfrmWnZGqQuvHB12ZgtqVuD8Rhw4d5ZRlldOpJ9jIFApHG5NJx46dkjgQM6DHLMp7AcUrlIuSSag7iJXGAxeUi4BkAdiaFgl7rhCe8uBWt9q49ND9kJX2hgv1GQa2VMHx0EwK1rdNRYD3DWA3nMCfwqEOWurNU2Plibmj7PNjPLU0zKLkT7Pgob27hfaGMaafjKpWt3ZsWiJNpzfU-E9tOvLP8SB9QQTF14FQvpSvQtWdVaEdWsIktucS7QojfmQAY3MXmC0P4-y0uuXHkS1m-qbdoTtVW1sW7-azbKbSFaWRV3RYULCnRZbXomEbZBy-wXtWlHxUk7hcjnY_wWzuJPejtG0Z-un_1a5Z5I0kmdaH0biW3FSmRwjMcBZPUVh6X8tvsR6xhmdGgSKMhQ5rqdJM_IJX6MIwMfnw1bYMzZNd5bQLKZoXKxYP7Ux60_l5O5d09rfac0bypXy-JwIJJIkpCNgfqvb78Z9fcj9FrVSdHqEXKCO_06-tqFadSoS4qxJWS9_8XxZVKjAhR0LHbf2mScSv3roooO6QXCndJzTJZrqyf2FC5tWGJsH3QDB-g8PxJ3pa76XO7enr3gvDO5FeyONDejGd0UIX_MPwmV7eI-781U6OIfh1b0Rr5ZgU-6KMZzceYvwABj-f-6b5SqYtp0B13MpCL9sqes6eqMeUrc-yEgOo3wLMOr85N8sfLd9xM1a3KfyXSKS7zKE7q_VdtqQVaz1fzdUN8kAIoUZGUiIRQ69JUPGmoD77eqegYEaQJZTclnnwyygULSxrZFmbu3bvMH4HqHsQ9Q8COQPyJONvCAgmd-sZ7g5pq06KDLc027bxKq1SG1O-tDXELU9BwLs8SbWNSRq8YYZkox-wTF-Z2iLEfJNxSOlNktzzxvpwQ2p7lauG4f0g6i_6VkmnvpH1eHKTkfY3Wg2UfPLUhQi9hFUNfalrZsccnTEcyAHN1MbPDrzDg93u69eb_S-QuMeauYhoB-esL63PGNDS8GhupDccJfAT5eaWtplj_W4fX_XBYz7paTiNCLsIgTkZ7dSR5kArl8_Q9flLigljmSqIKxPxlXbcbFKuaY-MMpaZJiL-RP1sulG-jWqeONs501c8KhM9Hq9F1BvN25z6Gx9L6QCpzWtlmbWMif0dVP_AVCHJ2MUBv23yz4DbtuL2Dzx2dElnUZU43cfy10pLe2uGAQ955bJS9dzUPvfTMbUmTRZUsdMza-KnY-xHsghKBCMCWvHqgPkQGkKtCAcGCGONSpXCJOrqBPaW4SnPm-hCgTnKd2oR6Qc61cNf-mxIWos_rrylFKe6RkvCgAppqlpT_6N_yXYR0pUpqaatpsKt9vQhb1rVeZVWccbJxWK1ocwg21CinKoKif4FY6bdDnhX4JlD8oPlDE3Kqtp3lG359f9hywkSxjoHh6aJOf_QLpfkUw99qbCfFAENKq7YCnI1f3uYPHRu--N66Bu25yWB3UKBnMvK2kNL2wtGH5Idq8xpHfKBDvfJpGtZexJqEmpVsKG_k67M2GOZ1oXneSenh3FyAmtjlMt_rz3talLq319oRd6KdgbFS0sYi1yKIBJRlzgMr7el6SgdWsdrY4emvmvWK-R_5k8S1uY_NRgfWWNv4Srp2lo9avQe7nPvL1l1GPMDHYaUPZFcXr0GtNIkcV2_HsbZk1f9JlKJ4pQhzHir9ES_QO86IwVBRZTSEv5bbzrp87jOOi5fLgFwfutNgrbAj_XzSl6B8NppRhwesO2Nkmlpkm_FYk41Lm0LafmPTC4yVDUGp7KM1SiZT702Yjzxbs_kh3QXuQxXv1VwbH4BqFdbEPuG-pLYymF0LgGBm_Na86gE-FlHEWhk1ouDTfz63h0Tb71drM59ofPycTjkBGPlEcZGABFqfiYn&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

470b4a5b32a057a0e5e1cbe0719913aac7d8a1ee8576cab5661cc2450a39bfcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
ssr: true
x-yandex-req-id: 1657386080535570-1927897786151424865-sas2-0565-5f1-sas-l7-balancer-8080-BAL-3047
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type: Direct
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 09 Jul 2022 17:01:20 GMT
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json
access-control-allow-origin: https://www.ufa.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 09 Jul 2022 17:01:20 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame D843
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=kp.ru&sn=ChromeSyncframe&so=0&topUrl=www.ufa.kp.ru&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=FRqjF3x6Z0NrUll4b3FROVJDVzRMNjgvcHNrOEhINTIrcjNjQnByYmhZUGNFMk8zbStPczlmcHRFNXJQUmwxUldXZkVRU3hOUFFiK0dWOWErSkNMeFVRMXVHYVg5N2E1WmtVa09QcW5xQmhXdFMrOFUvdHRQN01leWhFZF...

428 B
632 B

59ms
20ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=FRqjF3x6Z0NrUll4b3FROVJDVzRMNjgvcHNrOEhINTIrcjNjQnByYmhZUGNFMk8zbStPczlmcHRFNXJQUmwxUldXZkVRU3hOUFFiK0dWOWErSkNMeFVRMXVHYVg5N2E1WmtVa09QcW5xQmhXdFMrOFUvdHRQN01leWhFZFdhRmRncVJBV0N5clJDenQrdlpuVnAzdk4xQVM0TUlrVk8zaU5HWkM4QmtlYS92QnllelBDNVFTZm82OGlaWUIxRlRPNERmRzRHTTRzcVUxY0t3WlBxc3BIMXVyYXRxVFhNRlRHb1dWVUE1MENHeUhqZWsyQVQzcThjMkJsSGxKdkwwZ3c0ak1aaXZXQ3dOTElMbGFtQWlkODhsV2xsQT09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

0e1eb5a8ac7e4f640c6e438cac7b0e5a427f624a94cad2b07deb90000bff24fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:20 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4335
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:20 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=FRqjF3x6Z0NrUll4b3FROVJDVzRMNjgvcHNrOEhINTIrcjNjQnByYmhZUGNFMk8zbStPczlmcHRFNXJQUmwxUldXZkVRU3hOUFFiK0dWOWErSkNMeFVRMXVHYVg5N2E1WmtVa09QcW5xQmhXdFMrOFUvdHRQN01leWhFZFdhRmRncVJBV0N5clJDenQrdlpuVnAzdk4xQVM0TUlrVk8zaU5HWkM4QmtlYS92QnllelBDNVFTZm82OGlaWUIxRlRPNERmRzRHTTRzcVUxY0t3WlBxc3BIMXVyYXRxVFhNRlRHb1dWVUE1MENHeUhqZWsyQVQzcThjMkJsSGxKdkwwZ3c0ak1aaXZXQ3dOTElMbGFtQWlkODhsV2xsQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1741
content-length: 541
expires: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 03FE 107 B
792 B 42ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.ufa.kp.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 17:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 03FE 107 B
549 B 45ms
19ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.ufa.kp.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 17:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 03FE 15 KB
9 KB 341ms
340ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2451277687733899&correlator=2198850819870620&eid=44761477%2C21068767%2C44768686%2C44764002&output=ldjh&gdfp_req=1&vrg=2022063001&ptt=17&impl=fifs&iu_parts=94805857%2Ckp.ru_4_small&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=1&adks=4130042211&sfv=1-0-38&ecs=20220709&fsapi=false&cust_params=kp.ru_4_small%3Dkp.ru_4_small_9&sc=1&cookie_enabled=1&cdm=www.ufa.kp.ru&abxe=1&dt=1657386080596&lmt=1657386080&dlt=1657386080323&idt=251&biw=1600&bih=1200&isw=160&ish=600&adxs=1410&adys=389&ucis=e8jn37k91e2a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&nhd=1&url=https%3A%2F%2Fwww.ufa.kp.ru%2F&top=https%3A%2F%2Fwww.ufa.kp.ru%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=160x600&msz=160x-1&fws=256&ohw=0&ea=0&ga_vid=1203854449.1657386081&ga_sid=1657386081&ga_hid=305184527&ga_fc=false&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

b3f92ff94097926b95ef255dd60ff7c5a6005ffafcd48ea378fb6d6193135b56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8304
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ufa.kp.ru
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 03FE 14 KB
11 KB 47ms
23ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022063001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d126b6bc6ac81f29bbe2d816aad3776fa48abb5bd62d7a65b114dbe90e283b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 17:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10542
x-xss-protection: 0

GET
H2 200 container.html Show response
14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1001 6 KB
4 KB 54ms
15ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ufa.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 17:01:20 GMT
expires: Sun, 09 Jul 2023 17:01:20 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 0C69 81 KB
28 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/612100/c1d4e7ea878871c6a693.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f7d4a77e29961071a337cc5073d127fc328e2ea23fca15e9894838d72cc6822

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28091
x-xss-protection: 0
server: sffe
etag: "1268 / 878 of 1000 / last-modified: 1657317992"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 09 Jul 2022 17:01:20 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
18 B 70ms
70ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=9442769ad27a7342&pm=bmo&pxo=W3DtBN3uVZE1I4mMDpER8SGpgr0qRPZpyO_zZVfe6qZiYX5t2psRMDjQBMZTk16pWRJg3ZmYadUVC8bNGvNuEGSL2w_hICqPs7z55pm--ImfnveBfqk5fvWtq1I19BokHYlJJhXjzJHqs6e6lnIUGLRSh--ByAouq4M--9Urz2iAElO1pSU%3D&p5=gwefg&ad-session-id=9960471657386079975&utg=oxum&lts=fjmwgom&ytt=424413099065349&ybv=0.612100&ylv=0.612100&dl=https%3A%2F%2Fwww.ufa.kp.ru%2F%3Fsection%3Dsociety&rqs=YIziPGAVrnpgtMli-jf1tu2AMyDSx6_z&pr=hfnuxqp&puid3=top%3Aregion&rtb-si=b&puid2=society%3Atoday%3Ainteresting%3Azenyandex%3Aincident%3Aemergency%3Asport%3Acelebrity&p2=fxjd&rand=gbxknuo&sj=cIGBpT2O1kX7idh3nMFMC4iFOoPcz8yKTP2UXAUSzbN-gvb0NzJbMBFOVgbsAA%3D%3D&puid1=adv-1657386079929-502&p1=cavko

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:20 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Jul 2022 17:01:20 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H3 200 pubads_impl_2022063001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 0C69 374 KB
128 KB 10ms
10ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

c84615457f9332569ff8501c382a395ef9fe116a9add5034b4ebc62c9bceeb3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 13:33:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12468
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130816
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 08:35:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 09 Jul 2023 13:33:32 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 03FE 17 KB
7 KB 63ms
39ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 09 Jul 2022 17:01:20 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 0C69 107 B
122 B 35ms
18ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.ufa.kp.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 17:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 0C69 107 B
122 B 32ms
15ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.ufa.kp.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 17:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 0C69 19 KB
9 KB 274ms
274ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3647680505521672&correlator=2390665742360389&eid=42531605&output=ldjh&gdfp_req=1&vrg=2022063001&ptt=17&impl=fifs&iu_parts=94805857%2Ckp.ru_5_new&enc_prev_ius=%2F0%2F1&prev_iu_szs=240x400&ifi=1&adks=56130060&sfv=1-0-38&ecs=20220709&fsapi=false&cust_params=kp.ru_5_new%3Dkp.ru_5_new_24&sc=1&cookie_enabled=1&cdm=www.ufa.kp.ru&abxe=1&dt=1657386080687&lmt=1657386080&dlt=1657386080612&idt=67&biw=1600&bih=1200&isw=240&ish=400&adxs=215&adys=1264&ucis=vs63k28pti2v&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&nhd=1&url=https%3A%2F%2Fwww.ufa.kp.ru%2F&top=https%3A%2F%2Fwww.ufa.kp.ru%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=240x400&msz=240x-1&fws=256&ohw=0&ea=0&ga_vid=1380767447.1657386081&ga_sid=1657386081&ga_hid=1761433973&ga_fc=false&btvi=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

f727add9660bc8e1534d2c1823eac57bc6bd1c021d67d017163b5b858dd28275

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9309
x-xss-protection: 0
google-lineitem-id: 5143920388
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138281349227
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ufa.kp.ru
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 0C69 14 KB
11 KB 39ms
24ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022063001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee98d2c84912eb46a287131a615487c667455b3e257d0e94e4b9ca07cd81d693

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 17:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10743
x-xss-protection: 0

GET
H2 200 container.html Show response
cddb1aedb75224132775dcc54c671cd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C746 6 KB
3 KB 58ms
14ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cddb1aedb75224132775dcc54c671cd8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ufa.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 17:01:20 GMT
expires: Sun, 09 Jul 2023 17:01:20 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 896C 13 KB
5 KB 26ms
7ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ufa.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 795
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 16:48:05 GMT
expires: Sun, 09 Jul 2023 16:48:05 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0073 783 B
1 KB 39ms
16ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ba1a1a99536a9f8a8413921afdc9bfd656f70445f10a30f3c82407917fbd17ba

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DRuE4P3kXzInUFGf8GAkug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ufa.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-DRuE4P3kXzInUFGf8GAkug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 17:01:20 GMT
expires: Sat, 09 Jul 2022 17:01:20 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 0C69 17 KB
6 KB 35ms
24ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 09 Jul 2022 17:01:20 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 607912ce0bbdc533bd357dc99af092f34783fee7f24f7fc16ece184018a7441b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 20C2 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ufa.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 795
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 16:48:05 GMT
expires: Sun, 09 Jul 2023 16:48:05 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 60EE 783 B
534 B 37ms
19ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0e54ec3374e523c1378b876a28ceeba7596769c94640d5f8702b5cea3b8c5658

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SMxguD6OiGlT-yrCEx9SNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ufa.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-SMxguD6OiGlT-yrCEx9SNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 17:01:20 GMT
expires: Sat, 09 Jul 2022 17:01:20 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0073 0
0 89ms
73ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022063001&jk=2451277687733899&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 _j1ezhpSwBWUHEITOmC2IR4vOiGfDYio7V63aY1ETrc.js Show response
pagead2.googlesyndication.com/bg/ Frame 896C 35 KB
13 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/_j1ezhpSwBWUHEITOmC2IR4vOiGfDYio7V63aY1ETrc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe3d5ece1a52c015941c42133a60b6211e2f3a219f0d88a8ed5eb7698d444eb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 16:34:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1590
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13754
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Jul 2023 16:34:50 GMT

GET
H2 200 text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ 25 KB
26 KB 42ms
42ms Font
font/woff2 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.ufa.kp.ru/
Origin: https://www.ufa.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:20 GMT
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 26004
x-nginx-request-id: f40d111bf16585e3
x-amz-meta-owner: {"role":"admin","login":"4eb0da"}
last-modified: Mon, 25 Apr 2022 14:02:39 GMT
server: nginx/1.17.9
etag: "7f0cdaf91230f9789ca4162aedff612e"
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31556952
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Jul 2023 22:50:27 GMT

POST
H2 200 trace Show response
yandex.ru/ads/ 0
484 B 175ms
59ms XHR
text/plain 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/trace

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ufa.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1657386080988374-16119005167317935548-sas2-0946-sas-l7-balancer-8080-BAL-9808
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 158 KB
56 KB 229ms
106ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

8d87c18fcb70f9b1d23c94aedc506cb6cc2640c5aebb25ca6e8e64b0cd997553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.ufa.kp.ru/
Origin: https://www.ufa.kp.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:20 GMT
content-encoding: br
last-modified: Fri, 08 Jul 2022 09:23:14 GMT
etag: "62c7cd52-dd8a"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 56714
expires: Sat, 09 Jul 2022 18:01:20 GMT

GET
H2 200 x600
avatars.mds.yandex.net/get-direct/3849773/K7m1oBEi9Yioy7F2kSs7Iw/ 28 KB
29 KB 217ms
96ms Image
image/webp 2a02:6b8::184
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/3849773/K7m1oBEi9Yioy7F2kSs7Iw/x600
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: nginx /
Resource Hash: 3b2c1892eee0748ebfad53eb519525d66d3977b0544fde4fa5ff92152f400331

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:21 GMT
last-modified: Fri, 08 Jul 2022 10:22:10 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 28926
x-request-id: f1fc10df146db106

GET
H2 200 render.html Show response
yastatic.net/safeframe-bundles/0.83/1-1-0/ Frame 19CF 24 KB
7 KB 94ms
31ms Document
text/html 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/host.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.ufa.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
content-length: 6262
content-type: text/html
date: Sat, 09 Jul 2022 17:01:20 GMT
etag: "eb77de48712912aadc9aa8171ac75ede"
expires: Mon, 08 Jul 2052 23:36:08 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
server: nginx/1.17.9
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow

GET sodar
pagead2.googlesyndication.com/pagead/ Frame 60EE 0
0

GET
H3 200 container.html Show response
14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0493 6 KB
3 KB 36ms
19ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ufa.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 17:01:20 GMT
expires: Sun, 09 Jul 2023 17:01:20 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 event
ads.adfox.ru/232598/ 0
66 B 81ms
81ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=5e3a1a986e854a2c&pm=bmu&pxo=MFqK4PiMPHOxqwX-ahm3k2XCPc6ge3fxMM7r9WL7xOwyJiz2jsaF_fysdqNUAHCfBjeH1CkwARV-uJb4ZqoqP23Ndqxl8DAVN-F7vlXd6jaNmWGN0nX6WzQT-jWJqf9rOs5dpMmnzeHrvAtolw8H77VJbfPTS2CcmNZa8SW3OcgzK0kTyQ%3D%3D&p5=gwdbk&ad-session-id=9960471657386079975&utg=oxum&lts=fjmwgom&ytt=424413099065349&ybv=0.612100&ylv=0.612100&dl=https%3A%2F%2Fwww.ufa.kp.ru%2F%3F&rtb-si=b&p2=gftf&rand=dgxzsqf&sj=jH9oyGzHgyaDhoybOQK_PW2DR148gHyJHlZdVr9nLahr76v0uU3UiAEj6vWh-A%3D%3D&puid1=adv-1657386079927-66&pr=hfnuxqp&p1=cdinl&rqs=YJCM2sHShn1gtMliGDQkCijhkadxvyD2&resp-time=643

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:21 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Jul 2022 17:01:21 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0C69 0
0 51ms
50ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssJnQ-kPdHNR764fFjLpwyY06O8PUvUNNRBumxJQXaiOjL0Pu79XOQk_TBexRQ706UWz0OX7qGI6HUzoJ30lPKOdsCogr2E9hOMzHid0EPHY6eTFJ5a5TUGyqNR5BS7kWkogMaPTvbM4JrYE5MVoZZKqkD_1gyPhfPsD4hQ9ifAbQb7JPcyzxBk1VICe3IKvLkJjHxuAE2pa2Id8Hz_AVu4c62tc-CNqZi6-UGbDDhX5yrqiBAY2SU5i0ASynwnE8S93Fa5OpoPWrUU3N6G9ECV6p7rVqfQLvHZoYfulq-DBPtbQQ2a02VxibFjVyGaR75_&sai=AMfl-YS7UjW5SXO_rkMhVMNrdYNqCWOjcryQo4UKiTxAqMtcPeK_yeYEro-DphdVteXCwe44PaTh_m2xkqnAZPkph3g6D4X4iHpk4r8KaC7fuQ&sig=Cg0ArKJSzCfSWW01F1ZDEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.ufa.kp.ru
URL: https://www.ufa.kp.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 17:01:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 09 Jul 2022 17:01:21 GMT

GET
H2 200 adfox-adx-stub.js Show response
yastatic.net/pcode/adfox/ Frame 0C69 60 KB
15 KB 49ms
47ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/pcode/adfox/adfox-adx-stub.js

Requested by

Host: www.ufa.kp.ru
URL: https://www.ufa.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

4c9f9038ef0cca8daea160666fcf23b0cc4fd3ba853dcd4494e8ec35e3a0c039

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:21 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 15032
last-modified: Wed, 17 Mar 2021 06:04:30 GMT
server: nginx/1.17.9
etag: "21008573aeaf1ce20fdc2d49c53e692c"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Jul 2022 17:59:31 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0C69 137 KB
42 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e49548c45f00bbfa0fda642d02b5e29b407004eacc2099e348da7cb38f477052

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43254
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1657132091081416"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 09 Jul 2022 17:01:21 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
18 B 67ms
67ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=5e1a65a2832b59f9&pm=bmv&pxo=W3DtBN3uVZE1I4mMDpER8SGpgr0qRPZpyO_zZVfe6qZiYX5t2psRMDjQBMZTk16pWRJg3ZmYadUVC8bNGvNuEGSL2w_hICqPs7z55pm--ImfnveBfqk5fvWtq1I19BokHYlJJhXjzJHqs6e6lnIUGLRSh--ByAouq4M--9Urz2iAElO1pSU%3D&p5=gwefg&ad-session-id=9960471657386079975&utg=oxum&lts=fjmwgom&ytt=424413099065349&ybv=0.612100&ylv=0.612100&dl=https%3A%2F%2Fwww.ufa.kp.ru%2F%3Fsection%3Dsociety&rqs=YIziPGAVrnpgtMli-jf1tu2AMyDSx6_z&pr=hfnuxqp&puid3=top%3Aregion&rtb-si=b&puid2=society%3Atoday%3Ainteresting%3Azenyandex%3Aincident%3Aemergency%3Asport%3Acelebrity&p2=fxjd&rand=faivqgb&sj=cIGBpT2O1kX7idh3nMFMC4iFOoPcz8yKTP2UXAUSzbN-gvb0NzJbMBFOVgbsAA%3D%3D&puid1=adv-1657386079929-502&p1=cavko&resp-time=411&creative-id=138281349227&google-width=240&google-height=400

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:21 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Jul 2022 17:01:21 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 1IVwPotP0HS200000000U9nJJ9ZGS-lWfRPQGwUp5dTRmbQOMYPiEPd400IUC95GVaQ3YDY-D0Q6L4QWUARJMORB8F5I6I2ljl0G8qCh8uZi1Ca20HF3JCOQFGXx8QEM38IraZ5I4iBQoyZgAC1m5Cm_oyWC5BdA2D9wbv51Xe7fB-Ci9WQ6kKmWaQLCfu3IQvb-0... Show response
yandex.ru/an/rtbcount/ 43 B
335 B 62ms
62ms XHR
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/rtbcount/1IVwPotP0HS200000000U9nJJ9ZGS-lWfRPQGwUp5dTRmbQOMYPiEPd400IUC95GVaQ3YDY-D0Q6L4QWUARJMORB8F5I6I2ljl0G8qCh8uZi1Ca20HF3JCOQFGXx8QEM38IraZ5I4iBQoyZgAC1m5Cm_oyWC5BdA2D9wbv51Xe7fB-Ci9WQ6kKmWaQLCfu3IQvb-0TbdcVu3mLEc5q2HLqm2zjc_xW8Tmk2qUPfBqcDMXhzC7S8C3AtCh42blSoAG78gCyY8kSnC8Ck1f0B8RfQDpC-_NHSrtcBLTP8veUUHJOBekgghO9LtmUHFPWSdVh0pPx4eH7ev-neLUmHdv1ccb_ZcP7g6UHSdHUQ5bnYwvgOPbpWlP94EXIXUmV8dPWSBqm4Mffii45z-i7_8SlOC2BonVyi2yki4rjQ6ZeQs0maBM3bFicv-mW5MTvCrVel0Nc6jjlAlh20VTh0ri4nWUx1WqvMvDxOShft1TkLmy0AstPiUlkbwyUdFUiQLR31J3x1vd61ZViJ66sxgQ9MVNXvXvfAIQFwI3MR_JpXh8hkSvQz9RDflxMUnivaP6XaQ66nWRr3OmSvuWbta0Vl30rTFThvuDp7h1_j2umQEhUyD04YUh400

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ufa.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: image/gif
access-control-allow-origin: https://www.ufa.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
last-modified: Sat, 09 Jul 2022 17:01:21 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sat, 09 Jul 2022 17:01:21 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4335 624 B
611 B 21ms
21ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGO6p_M0BMAE&v=APEucNXA9qgfXxOc5Bs0MPEyiCM5yKSajMybFa1k3lLP4ESTLAXFOXOB3Uq_ej9zd0Y1ksy05luzlvZEoFZXIEB8S7_7M1_JnptZdX2ehGRmZhQyW-mZKf6v0h9R7ZaMaQzLUSDk2DFJmCO6ecff8KNzbzlS4TZnrOT-N0ut7psoW26sg1nPklc

Requested by

Host: 14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com
URL: https://14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 17:01:21 GMT
expires: Sat, 09 Jul 2022 17:01:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 0493 83 KB
34 KB 67ms
64ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CEMdrlz4NkB-XqkVDIr_S3ef17H7kqJhWD3dJtJ73fptQwqyN8pwndlEuMhbQB-M4tRYLe7LZZPJpdIEp00O6no7-8hubugCnRZ1nWRbon2Z1qrMo92bqEIOcH7lBmrBqRQzk8LxEkUP-X8NIXa6Oj_1ucfw&dbm_d=AKAmf-DWDDvehY6lbyEAXSLzzC7ff49E6BUZ6pNIE1cWoYj4rr6qY25lrdGB8VUWrJX658XabJddHWmC92NVZBjfu9d9aLKpCo541Q0gbR62mXP2rchJfPPLYFLe1Owz4yeBbmHwW6oM0c0qN5y3cWSbwZGMqNhtEy70Yd2ICpq5WJBzadahNoCH2rwdPeDKRzda6sU8RDj2DC68eK4GSUhhQPak8hQaCdb-1r6tCNomjP-dzABgSh5EyuQU1E_twbuaOH2nJm1lYsl6gs4z_S6AasIVnAWd5SheMNxysUz3sYDzJJ-bGNNO3T1XiEP476uUcUqFbg6jO2cUcajlP6SFVGYKJ5uiMISYuLAHMRI-rKbUETXDkpgWLi62m27e1eAnfgJuBZRgShVOILCVuW05FsbF39EhuJRuBY5HU2IXAQP_5z-QvNHyU2rsh78CJPbDouHXY_3AsHG5zFklw_XHejrEHghlNlH6sOEugniaXx_K0Z14HRsmWYtxcpMNrIDESpOOkAmHVPvH_mRv1cjthmY-0sZhvFh9P44yGRtF1KRxDGwD-EUSMs71NjP9QsdXWpj4L9lzCFAY-afYefQBlcSW3P5HOmS0WOgCL4P_bcKCrHnnnF8lFyCCmOBlc9w1bvw1TKYonfdq9soRA8yrjCYJq9IqKepFyvxqMWuTfH69vnrcnF5ZKI7mnwj9uOGESuzOp-dQaVApWOxc9XJohGnieRrD1L25CqYsKbM2qGT4AoPADQyfuoferAz_CGSPDCQG76Y98TkxJfV9fymLkYCKSuS9QL_FtBFREe0msqqIzwTcxWCfyje7CQODl8Vl3C-KqbnEatyWA46pfKVHx--oENA-m83YRaVmlP3aPI2c7SXG3aOU_fpbWoYFCoGn-MO2GJvZMNL7-kYwq8rUh6yQ93JLXWh5gnDjhG4_IN3ItrENhZezm0OsIl9-xR-RyJp7csSXDDT6K0H9ilbW8XY9a2IpJ5AlGZUAY-ulW5LkIpIWsAcSimUHjtkMT5_1sf4Z8uclxH-uHk-934GKlIXt03YT7g5U4k1gQ71IXJGTV0hZdGbIuh749xcjC9ofEYomVZ0zm8x-U2YoN_i9CiNyleF76UrNwbnwyHbrdsiZaf2WarNfc_kKxXR5a1XFIIrsbO53QYheCRFcgIcDM5Z3OeWU_RMvEbEEel56wPfk3-6Cbl5jA1iF4c53VMwuu68kJAcTXcoemNZcgH-5ThN8AIGxGPUkNtKeY6dvVa5g94teynI6-Tiict8SpYnC-3wqlKF9Wl0kR_gzFKjKZDMOAmmyLbK88Dnap9pAacCXnG5tcOAKAb_Mk7y_qZ_6wIiIVNtzOtSz2_g-2zfUMTv1ec12u7-V6pj6onKxkn0b6uXOTnhs140E2WcvTkvcR7AgnwHH0CnQBiRlChpgYq1ePhoYxEqfU68ra0Xw2P4VZpxl8ZN-CjbtxbICzHXvH4aXsp_tfSSaRXbxGirbgUi8Xkuy3eHKODWQZ4jhtAy5RISbW4djsOUGkJvxssk9pjtdyEwTXcSgN0o1c3wy4rzswGxAlpQvalO_ZUdj0KVOqI0Bt-IYZYswdzYNk-mQb1lDA1Mzrv3MfN9igFuoaPNZck7BcMPhF9Sd5_t1zsB9LXHUlZf5xMxKvGWYfJDC7YAvG0NGZDHSwwoMHzJocZU6pOnSB51mkiWIeLYe6kxPkia3EHTdaBXNW2j9MVkNz_Qh_gkt-fnadB-8SuZUNcs7LQh2XzDsDxQClP4rReq0N9jy-lZ-em0cFFMQbE_1anYAVqYyvd4wQfI2WGIu2wk5Gus51vYRrEnhnSCqX17Tiu0H_Cwu7S5YncbyqBOtLqQaeajbgykgsDIF9h2mVqXg3p8eqYgD5Rl5_9UwDoSopZMNvbEX5p3YNDjEgttvZ3UcbpM9Izfxd4hFdYb_MHDnXvJCqEoLJgG3s9OUjGsXjiuBuyw5JSU2eTkToaf1_-qzX3k59HS9TnAjmdjyGBbGR3S_BWmrDpuc656RvbXdDbmRJtsOtDgu3FflEPV7dFRjj0FE4cV0P5Gs8MPe5200_ju2PYizl0xmFWw3-83ZeoUoEEKDPYjEdBUGJa79yabbHBStVALCWZMkWhEbn4yv4afm1n3o8YoKl4JSLihTudP2ssSelsemDLjIUMQL_tlKHlPG8AyH33qd792BWj3EVi-aK1JWVSYY_z29lL0aza5y7yQZ8QU5VRBXziITNzxx735_GfYALG-eKH5XZlkobHPGQggpzJTYhfdVcexvByCYrNjXadWrBXO1VSheFOweqTc62RFsFKbS4xIdnPQcLFtPXDo6oAEOiLJol7g_ke6s5vcIQVb92cr_qHu_XA0-aTJC9ZCbwhi8OY3FDga_i0BlRI5Tj_UpXa4N-rgGAtgrWBtsm0IAzLkCmb6KaAuGxjIWZLQGaFRNbLMd0p_w6EwAqXSm8vhuXBCptu7tjkL-ZWwCFHvCLEvG8ye6Nivc689fYez6NXaWQQzsvU8_kPPXD_TZyQL_srihcD2dxMKE2iFv2WeH8FffySiXXiir1XlsdIdKzwNcYE9sdulpCEfajl-tgnE7SdY2D5jT23BYLRs1tuhMbaGuFqspfKCSVwuZID_e2Tj-XSFJeoMSEsXyPALNxcl5SLrR4cVx_hfDp9nLRd3i49WBbrIT6o0mU_bnJ7nSHN04QjstkTi7r_yP2VUHrlFinwO5xeqQHoBo9eUG5C2ZuFC7n6JZPQ9Q_R4njoB5iraFrmy2_sYEuPmqXLF3piUQkCrwRgn12S__BeCSRLGlX5WYbhkEgNonNDS3pAYQZkTAX_K-jAGYQJotwmW2GKjhv3Df_9YAdirCtZQXACiNSfbH8p-kIK8-H6l3RIoz79lbdwAjVdWf3FQL1-CRAXm6sL4ctgLzAt4Ulh0tsvHSBn2VnU_XxGSqvtCRBWCRQDGZfqWgfkCddzHNTw3FoF6Mg7ttY3kcNzTZQ9k5uPMuAlb3GonG3I0ALy5saek-SMBkOqSVmqCARSiuJ6yXAzSxKU0ZuLgeVOAokWad6ulpT4lDHpqC-UVRjHJLz7vv-5WR9O8J6sqIfBw6sT5PqGuQ0jbXX6riXlphzN8qvIbGzgxUpWc-0HNlzL7-knraCbbxO6GjfD_SBT_CPzERn6BU_J9PJIm-Lr0FHXFQXl1_9szdVyULCj_0_z7q09cnmynforexzf_n2ECkwqD_ImYB3l1sRbacQB9cfBptampTpsfN7XlquxONWAlalGqJImI4n6Yh8e83z_WEV_55WEnRq5JEAOHT9IGDAAKhAwA9gYfvKqv3vtzEI2opoejpgk3eK_jtPRvmY6o7zQ&cid=CAASJ-RoEQBW-h8PDN1sec05WlWe0vh1eKgWBX7OfQgL_Alw2-adhCgKig&rfl=2%2Chttps%253A%252F%252Fwww.ufa.kp.ru%242%2Chttps%253A%252F%252Fwww.ufa.kp.ru%252F%240

Requested by

Host: www.ufa.kp.ru
URL: https://www.ufa.kp.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

796f7872a8b1c02905852f60f09e2932c3de966706b563e62aa09ee2c248d2ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34570
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0493 42 B
63 B 43ms
41ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D1c6FjS3YF0WwWBRC0p89XS54kKEYMryecX1yPRv4wXkFVlf-UN4acXBsC-Mw_S2SOULba4WSac5u372HKEKrPC9ITYBbb6goJGfJmLaTfD5OEPXM

Requested by

Host: 14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com
URL: https://14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

skeleton.gif
static.adsafeprotected.com/ Frame 0493
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/1083870/64162795/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_dspID=3&ias_campId=1008209757&ias_pubId=pub-7172733408455692&ias_chanId=1&ias_placementId=176...
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=

43 B
482 B

32ms
10ms

Image
image/gif

2600:9000:2156:d000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: 14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com
URL: https://14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Server: 2600:9000:2156:d000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:14:35 GMT
via: 1.1 baaf38f0a0d54e4834bf934fa5189cea.cloudfront.net (CloudFront)
age: 29119607
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/gif
x-amz-cf-id: eMCFWyPmkmc4uP5DHMt1Q88EBozk2x4puNRo-qS0Yl8JuaQMSNr7wA==

Redirect headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:21 GMT
x-server-name: app09.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
cache-control: no-cache
content-length: 0
server: nginx

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/ Frame 0493 3 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/window_focus_fy2021.js

Requested by

Host: 14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com
URL: https://14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 16:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 278
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Jul 2022 16:56:43 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0493 137 KB
42 KB 27ms
25ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com
URL: https://14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e49548c45f00bbfa0fda642d02b5e29b407004eacc2099e348da7cb38f477052

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43254
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1657132091081416"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 09 Jul 2022 17:01:21 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/ Frame 0493 17 KB
7 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com
URL: https://14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 16:54:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 402
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Jul 2022 16:54:39 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0493 0
0 16ms
15ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQXvBlXIkIAQu1HYY4LHI1urkIxxnrSjLIj0jyP_-5aGgOaWbuj1IVqYfT5gqFVUl6hcZOquFq4R0K3K_OHTv0JJdk8Fg
Requested by: Host: 14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com
URL: https://14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 0C69 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7078eb74b3490fbce59240137433266a3c5252599126b6547af5770135789a5f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
Ok d.png
ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/ Frame 19CF 95 B
400 B 160ms
53ms Image
image/png 2a02:6b8::5:114
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::5:114 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 09 Jul 2022 17:01:21 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=315360000; includeSubDomains
X-RT-IH: 0.0002
Content-Type: image/png
Cache-Control: private
Connection: close
X-RT-IQ: 0.0002
Content-Length: 95
Expires: Sun, 10 Jul 2022 17:01:21 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 4335
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKbmp6RFbRNsCtRaTSKRMZg&google_cver=1

43 B
909 B

49ms
36ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKbmp6RFbRNsCtRaTSKRMZg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGO6p_M0BMAE&v=APEucNXA9qgfXxOc5Bs0MPEyiCM5yKSajMybFa1k3lLP4ESTLAXFOXOB3Uq_ej9zd0Y1ksy05luzlvZEoFZXIEB8S7_7M1_JnptZdX2ehGRmZhQyW-mZKf6v0h9R7ZaMaQzLUSDk2DFJmCO6ecff8KNzbzlS4TZnrOT-N0ut7psoW26sg1nPklc
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 72829effbe2cbbc2-FRA
pragma: no-cache
date: Sat, 09 Jul 2022 17:01:21 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mAT%2FRMP%2FPX1U8uqar0LDsAtN21nk%2Fk4oIQgRmNnfO9gl0VdJuJ4pBCg3veTB1l7JpETXU1ymq0lLJw9XFuNf4FD6OjurKecEABDTM%2FX9pOxhg9j7ph4VzdKfDujqVhLsrziDoQMlNhXeag%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKbmp6RFbRNsCtRaTSKRMZg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 4335
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ysm0YU0EHVdfA3nfhEX4.gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECbag7dcxEHX4SA5qb6u-JE&google_cver=1&google_hm=2

43 B
915 B

34ms
34ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECbag7dcxEHX4SA5qb6u-JE&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGO6p_M0BMAE&v=APEucNXA9qgfXxOc5Bs0MPEyiCM5yKSajMybFa1k3lLP4ESTLAXFOXOB3Uq_ej9zd0Y1ksy05luzlvZEoFZXIEB8S7_7M1_JnptZdX2ehGRmZhQyW-mZKf6v0h9R7ZaMaQzLUSDk2DFJmCO6ecff8KNzbzlS4TZnrOT-N0ut7psoW26sg1nPklc
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 72829f004ef7bbc2-FRA
pragma: no-cache
date: Sat, 09 Jul 2022 17:01:21 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NB8TLlOYFDt%2Bqz3TRrJa3S4NHkzEqjwXFGzokvwPbY4oRjsZebfmed%2F9a9RXBcps4hoDz3pZ8xLee0VvEXIGy34z%2FT3zH19Fb5%2FvrW%2F%2BXZThR8dblZCECVuUNvEywBCjGpRMNRX0S3kh7g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECbag7dcxEHX4SA5qb6u-JE&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 4335
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESENCcWGbHGFsPMiR2z5hN9mY&google_cver=1

43 B
1016 B

22ms
7ms

Image
image/gif

37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESENCcWGbHGFsPMiR2z5hN9mY&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGO6p_M0BMAE&v=APEucNXA9qgfXxOc5Bs0MPEyiCM5yKSajMybFa1k3lLP4ESTLAXFOXOB3Uq_ej9zd0Y1ksy05luzlvZEoFZXIEB8S7_7M1_JnptZdX2ehGRmZhQyW-mZKf6v0h9R7ZaMaQzLUSDk2DFJmCO6ecff8KNzbzlS4TZnrOT-N0ut7psoW26sg1nPklc

Protocol

HTTP/1.1

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 09 Jul 2022 17:01:21 GMT
X-Proxy-Origin: 80.255.10.204; 80.255.10.204; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 33aaa8d4-d8da-4f8f-b697-32224d78965f
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESENCcWGbHGFsPMiR2z5hN9mY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4335
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMyOTg2MjM0Mjg2ODg5NzkyMQ%3D%3D

170 B
188 B

34ms
18ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMyOTg2MjM0Mjg2ODg5NzkyMQ%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 09 Jul 2022 17:01:21 GMT
X-Proxy-Origin: 80.255.10.204; 80.255.10.204; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 48297ff0-9041-4483-bf48-d6d763da92bb
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMyOTg2MjM0Mjg2ODg5NzkyMQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0C69 0
0 59ms
43ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuR1HjYKi2MPNBBfnA5qy_1FHNcOWmPvIX01O5j6RJ4aw0ys_u0i6_WawnSHo_LuTj3pGZGYE07YT_lE9DXXiakWXl5_LKfM-NdZMqeW5TrwTzsdOBgs49HKEW0dD1gtW-qPhw0q37lSMq2F0GuQXs_pk8I3tKIQIgE3nE2yUYIeYWOUpNKWGzVYAZ2DvAjvhek84mAnOQbJJwjJVzNw2qQ3SuavjYfNko0r18OS1PkxTsJOrneqTZSLArnLPi5GQ2b7xk3lTNshhzjdia95jY3sSd4FGc4Rhye5eJDud5Rbu9qD0tylxMRt38OuPsLa1iZJEM&sai=AMfl-YTGIZcjmIM9aJhkNIxKwpf-2JnBqORx0gWe_5D1bcGZvUeBZqqM2ll0Cw-xlONBgK2NQBhDmCg_nPatOnVRmatKEEIgiC2G3fbxhDdRqw&sig=Cg0ArKJSzIXaqlb67oJlEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 17:01:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 09 Jul 2022 17:01:21 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 896C 0
9 B 7ms
7ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?EGvBcQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9694.JVr1Zz9Kem2mwouF3c6-TqjnX3x1gjyYMJ59skxihVAS5yFqUZ58WA3WQl3gcbHl.6NwNe-lIfD1Cpv80QcTijXhaI3Y%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9694.zlhjQ88IGl7yQUuilWzsEXbS08xScoi9QK5_fhokkpEYKjJpCUXH0aIGhhzq2uNy8HiyTqI1-sL7wc1kNTCVQx8YpdJ7TWiE8H7unn3VfBU%2C.DPyVqNQb7T2JgtHRSFCdA3TWvwI%2C

43 B
345 B

69ms
69ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9694.zlhjQ88IGl7yQUuilWzsEXbS08xScoi9QK5_fhokkpEYKjJpCUXH0aIGhhzq2uNy8HiyTqI1-sL7wc1kNTCVQx8YpdJ7TWiE8H7unn3VfBU%2C.DPyVqNQb7T2JgtHRSFCdA3TWvwI%2C

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:21 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9694.zlhjQ88IGl7yQUuilWzsEXbS08xScoi9QK5_fhokkpEYKjJpCUXH0aIGhhzq2uNy8HiyTqI1-sL7wc1kNTCVQx8YpdJ7TWiE8H7unn3VfBU%2C.DPyVqNQb7T2JgtHRSFCdA3TWvwI%2C
date: Sat, 09 Jul 2022 17:01:21 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 0493 170 KB
59 KB 33ms
9ms Script
text/javascript 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: www.ufa.kp.ru
URL: https://www.ufa.kp.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com/
Origin: https://14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 07:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35314
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 10 Jul 2022 07:12:47 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220706/r20110914/elements/html/ Frame 0493 8 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220706/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CEMdrlz4NkB-XqkVDIr_S3ef17H7kqJhWD3dJtJ73fptQwqyN8pwndlEuMhbQB-M4tRYLe7LZZPJpdIEp00O6no7-8hubugCnRZ1nWRbon2Z1qrMo92bqEIOcH7lBmrBqRQzk8LxEkUP-X8NIXa6Oj_1ucfw&dbm_d=AKAmf-DWDDvehY6lbyEAXSLzzC7ff49E6BUZ6pNIE1cWoYj4rr6qY25lrdGB8VUWrJX658XabJddHWmC92NVZBjfu9d9aLKpCo541Q0gbR62mXP2rchJfPPLYFLe1Owz4yeBbmHwW6oM0c0qN5y3cWSbwZGMqNhtEy70Yd2ICpq5WJBzadahNoCH2rwdPeDKRzda6sU8RDj2DC68eK4GSUhhQPak8hQaCdb-1r6tCNomjP-dzABgSh5EyuQU1E_twbuaOH2nJm1lYsl6gs4z_S6AasIVnAWd5SheMNxysUz3sYDzJJ-bGNNO3T1XiEP476uUcUqFbg6jO2cUcajlP6SFVGYKJ5uiMISYuLAHMRI-rKbUETXDkpgWLi62m27e1eAnfgJuBZRgShVOILCVuW05FsbF39EhuJRuBY5HU2IXAQP_5z-QvNHyU2rsh78CJPbDouHXY_3AsHG5zFklw_XHejrEHghlNlH6sOEugniaXx_K0Z14HRsmWYtxcpMNrIDESpOOkAmHVPvH_mRv1cjthmY-0sZhvFh9P44yGRtF1KRxDGwD-EUSMs71NjP9QsdXWpj4L9lzCFAY-afYefQBlcSW3P5HOmS0WOgCL4P_bcKCrHnnnF8lFyCCmOBlc9w1bvw1TKYonfdq9soRA8yrjCYJq9IqKepFyvxqMWuTfH69vnrcnF5ZKI7mnwj9uOGESuzOp-dQaVApWOxc9XJohGnieRrD1L25CqYsKbM2qGT4AoPADQyfuoferAz_CGSPDCQG76Y98TkxJfV9fymLkYCKSuS9QL_FtBFREe0msqqIzwTcxWCfyje7CQODl8Vl3C-KqbnEatyWA46pfKVHx--oENA-m83YRaVmlP3aPI2c7SXG3aOU_fpbWoYFCoGn-MO2GJvZMNL7-kYwq8rUh6yQ93JLXWh5gnDjhG4_IN3ItrENhZezm0OsIl9-xR-RyJp7csSXDDT6K0H9ilbW8XY9a2IpJ5AlGZUAY-ulW5LkIpIWsAcSimUHjtkMT5_1sf4Z8uclxH-uHk-934GKlIXt03YT7g5U4k1gQ71IXJGTV0hZdGbIuh749xcjC9ofEYomVZ0zm8x-U2YoN_i9CiNyleF76UrNwbnwyHbrdsiZaf2WarNfc_kKxXR5a1XFIIrsbO53QYheCRFcgIcDM5Z3OeWU_RMvEbEEel56wPfk3-6Cbl5jA1iF4c53VMwuu68kJAcTXcoemNZcgH-5ThN8AIGxGPUkNtKeY6dvVa5g94teynI6-Tiict8SpYnC-3wqlKF9Wl0kR_gzFKjKZDMOAmmyLbK88Dnap9pAacCXnG5tcOAKAb_Mk7y_qZ_6wIiIVNtzOtSz2_g-2zfUMTv1ec12u7-V6pj6onKxkn0b6uXOTnhs140E2WcvTkvcR7AgnwHH0CnQBiRlChpgYq1ePhoYxEqfU68ra0Xw2P4VZpxl8ZN-CjbtxbICzHXvH4aXsp_tfSSaRXbxGirbgUi8Xkuy3eHKODWQZ4jhtAy5RISbW4djsOUGkJvxssk9pjtdyEwTXcSgN0o1c3wy4rzswGxAlpQvalO_ZUdj0KVOqI0Bt-IYZYswdzYNk-mQb1lDA1Mzrv3MfN9igFuoaPNZck7BcMPhF9Sd5_t1zsB9LXHUlZf5xMxKvGWYfJDC7YAvG0NGZDHSwwoMHzJocZU6pOnSB51mkiWIeLYe6kxPkia3EHTdaBXNW2j9MVkNz_Qh_gkt-fnadB-8SuZUNcs7LQh2XzDsDxQClP4rReq0N9jy-lZ-em0cFFMQbE_1anYAVqYyvd4wQfI2WGIu2wk5Gus51vYRrEnhnSCqX17Tiu0H_Cwu7S5YncbyqBOtLqQaeajbgykgsDIF9h2mVqXg3p8eqYgD5Rl5_9UwDoSopZMNvbEX5p3YNDjEgttvZ3UcbpM9Izfxd4hFdYb_MHDnXvJCqEoLJgG3s9OUjGsXjiuBuyw5JSU2eTkToaf1_-qzX3k59HS9TnAjmdjyGBbGR3S_BWmrDpuc656RvbXdDbmRJtsOtDgu3FflEPV7dFRjj0FE4cV0P5Gs8MPe5200_ju2PYizl0xmFWw3-83ZeoUoEEKDPYjEdBUGJa79yabbHBStVALCWZMkWhEbn4yv4afm1n3o8YoKl4JSLihTudP2ssSelsemDLjIUMQL_tlKHlPG8AyH33qd792BWj3EVi-aK1JWVSYY_z29lL0aza5y7yQZ8QU5VRBXziITNzxx735_GfYALG-eKH5XZlkobHPGQggpzJTYhfdVcexvByCYrNjXadWrBXO1VSheFOweqTc62RFsFKbS4xIdnPQcLFtPXDo6oAEOiLJol7g_ke6s5vcIQVb92cr_qHu_XA0-aTJC9ZCbwhi8OY3FDga_i0BlRI5Tj_UpXa4N-rgGAtgrWBtsm0IAzLkCmb6KaAuGxjIWZLQGaFRNbLMd0p_w6EwAqXSm8vhuXBCptu7tjkL-ZWwCFHvCLEvG8ye6Nivc689fYez6NXaWQQzsvU8_kPPXD_TZyQL_srihcD2dxMKE2iFv2WeH8FffySiXXiir1XlsdIdKzwNcYE9sdulpCEfajl-tgnE7SdY2D5jT23BYLRs1tuhMbaGuFqspfKCSVwuZID_e2Tj-XSFJeoMSEsXyPALNxcl5SLrR4cVx_hfDp9nLRd3i49WBbrIT6o0mU_bnJ7nSHN04QjstkTi7r_yP2VUHrlFinwO5xeqQHoBo9eUG5C2ZuFC7n6JZPQ9Q_R4njoB5iraFrmy2_sYEuPmqXLF3piUQkCrwRgn12S__BeCSRLGlX5WYbhkEgNonNDS3pAYQZkTAX_K-jAGYQJotwmW2GKjhv3Df_9YAdirCtZQXACiNSfbH8p-kIK8-H6l3RIoz79lbdwAjVdWf3FQL1-CRAXm6sL4ctgLzAt4Ulh0tsvHSBn2VnU_XxGSqvtCRBWCRQDGZfqWgfkCddzHNTw3FoF6Mg7ttY3kcNzTZQ9k5uPMuAlb3GonG3I0ALy5saek-SMBkOqSVmqCARSiuJ6yXAzSxKU0ZuLgeVOAokWad6ulpT4lDHpqC-UVRjHJLz7vv-5WR9O8J6sqIfBw6sT5PqGuQ0jbXX6riXlphzN8qvIbGzgxUpWc-0HNlzL7-knraCbbxO6GjfD_SBT_CPzERn6BU_J9PJIm-Lr0FHXFQXl1_9szdVyULCj_0_z7q09cnmynforexzf_n2ECkwqD_ImYB3l1sRbacQB9cfBptampTpsfN7XlquxONWAlalGqJImI4n6Yh8e83z_WEV_55WEnRq5JEAOHT9IGDAAKhAwA9gYfvKqv3vtzEI2opoejpgk3eK_jtPRvmY6o7zQ&cid=CAASJ-RoEQBW-h8PDN1sec05WlWe0vh1eKgWBX7OfQgL_Alw2-adhCgKig&rfl=2%2Chttps%253A%252F%252Fwww.ufa.kp.ru%242%2Chttps%253A%252F%252Fwww.ufa.kp.ru%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 16:57:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 233
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Jul 2022 16:57:28 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220706/r20110914/ Frame 0493 27 KB
10 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220706/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8247e71c60f01cce914615568139113018a1a129dceb0fe0af55edb0211b8fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 16:59:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 109
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10545
x-xss-protection: 0
server: cafe
etag: 4672069523611413616
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Jul 2022 16:59:32 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 0493 41 KB
15 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com
URL: https://14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 11:50:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 450663
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Jul 2023 11:50:18 GMT

GET
DATA 200
OK truncated
/ Frame 0493 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0bb28c982b61485dd5d4d5a441fe4685d5981bfb36c14a0325a117fcb14c8e48

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/8828632559684167007/ Frame 3150 36 KB
6 KB 38ms
18ms Document
text/html 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=gbwa8wYOqL&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

748646bc30925c61574071e2cfe947ece6be153f4d4e4b5d1d192cbe2f5e6cc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 17:01:21 GMT
expires: Sun, 09 Jul 2023 17:01:21 GMT
last-modified: Wed, 05 May 2021 19:27:43 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0493 0
622 B 89ms
53ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvZ6g6A3OtrxGtvlaIc8VTA__Gp3G2i9_TimzNAmi_5qcLPBK_JsvQn7yF3pdh0Ws0Ki-hcW9C_c-wKY8rrSBLanbSnWf7gi9Ey7A81gj75J5sgbRDIL2J0n0QRy1flAlDN-MOIQFZl-9fbV0wUaS7vy4q88yuo4orLQzAFWwYEnyPxtS1VaCuLK84TtshbbtlQegZc-Tu-aWw8brgxCp-0W3nucN8yxtpRsw21bfIVbpczo2_GLVE40S1hr0E_p5xJBVUaqyFkg7q36INXtm3Nb4d3TDD18bvc80ICFLGznrN8j2lQJoGemBFB8cPvKrKjmRL5PIJEM2B4z3hPxY5iVGqd_J_mkvUxVCoHbwNUjg_qUpwDxchrSxlRA0EISWjN0a3MPX_8b8cJovMVLWDrpqii71XqIS1RmWDDfAxtyDhiXnBgONLgE150cE28uAh3o1-3pncwIce-UfeG2-mQjL1s-v0KuVVzvkLCCN_TZ2BG3slvCbb5e3KZ7-FcHa2iIAybeXCOShNM7Uhi-o9KMeaFTbCuUB6qe8mC3K9Jz3Ad7HF5idNLYi4GV0MQ_Jio7ploRNZ_rjz4qV-Y-LBzrOvSuprFkFr2N-dzQvFtDRiV4FzKPfOxvlu5YximnLitrqeI_gam7SajHoCoYjiTJksV4Of5wWYKzWXFAkOcwt6bR8skltTwcsZClV2kcT-fC_tIi9kTcoQmUq5AL0oca5qyGwl99drU0_NOV-p1dtNgO-nLHcqSdobI5hbKc4rDrq-1sRDl7aF8V8svmQC1EvLkj31swtN-Qcnxt4p862lWUpnC42dSwTn72f7p8_Y0wpUK72yy1qfMWV-B0pV44suaaIY0gn3e565VyY5SbiiucBFFcu0bng1gV2dG0D3n8yX_fSU5K8Q0Fzi_zYzEcFl3jBO7-Xx93s0-wER-i7cxObcGyf3Tve7gkQUY77mjcxZEzx9XvMuivMKvW0Ajotsbe6iTpDua0xqFk5r12zEgTwnrr3vdmhPCeGsLVTQ0gjWLk16G59CKX_YLrflDw_bC5NGpLIV8Jq-UMH1kpyWWKe4LJbudRyvoMY7_KAc3Rplb12S2uSrx1LYRc1QOk-J8VMT_2dnzbvAr32-0NYN4a-JXd7MdB772e3auiA1Rn27OCl2F77F1DaevIT2fd0Se_CFi5eOKeQMOJDakIV6yIEzKGa5NAUpc-BsAL8pMHzcska6-x0eAqxz98EQHWhK9p7pOlDatiRkGK7z7eMOPtuudkgkRiUX2&sai=AMfl-YTkF-WQEYUPVJelvEeMOpTOIeDRrs3IMBsImYsHrAbCfukquOpN7Rnhwu1abMWkrJM4ewQJzvJQiEAuC_yvP0isrIzMg36W59BeXGs5xrJXI5Si0TsUFFcOntSBi33USuWVymZzuSk9oIxD1OOw9zWtJgt80_rGhsjXj9v0D4pavr7KBaY1qJbBHvoLSVDgAkaIr-oTAaGLE7WxaFrtJgB2p11NEd8&sig=Cg0ArKJSzOHCbLLFxzyeEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=84&cbvp=1&cstd=79&cisv=r20220706.42694&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: www.ufa.kp.ru
URL: https://www.ufa.kp.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Sat, 09 Jul 2022 17:01:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1

200
OK

firstevent
skydeutschland.demdex.net/ Frame 0493
Redirect Chain

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131962155&d_placement=339771397&d_campaign=28017826&d_bust=2631070775&gdpr=&gdpr_con...
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131962155&d_placement=339771397&d_campaign=28017826&d_bust=2631070775&gdpr=&gdp...

42 B
964 B

37ms
37ms

Image
image/gif

54.154.32.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131962155&d_placement=339771397&d_campaign=28017826&d_bust=2631070775&gdpr=&gdpr_consent=

Requested by

Host: 14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com
URL: https://14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

HTTP/1.1

Server

54.154.32.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-154-32-144.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v036-0dc9acda5.edge-irl1.demdex.com 5 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: U/kKCHf7SKQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v036-0a56358a7.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: usG5pdArRM4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131962155&d_placement=339771397&d_campaign=28017826&d_bust=2631070775&gdpr=&gdpr_consent=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 0493 43 B
1 KB 94ms
30ms Image
image/gif 213.202.235.9
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvApi=sky-dv360&extProvId=300&extPu=sky-dv360&extLi=1008209757&extPm=431953134&extCr=17611747867&gdpr=&gdpr_consent=&rnd=2631070775

Requested by

Host: 14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com
URL: https://14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.202.235.9 Herrischried, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
Pragma: no-cache
X-ET-Code: 0
Last-Modified: Sa, 09 Jul 2022 05:01:21 GMT
Server: Microsoft-IIS/8.5
Date: Sat, 09 Jul 2022 17:01:21 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 923
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 5798 22 KB
8 KB 9ms
9ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 450662
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 11:50:19 GMT
expires: Tue, 04 Jul 2023 11:50:19 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 236 KB
73 KB 42ms
17ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WCBNVW

Requested by

Host: www.ufa.kp.ru
URL: https://www.ufa.kp.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

92336e38ed3db3043e72f8ccb341fb8ba9a989f8881fd04ba9836378d96e8f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:21 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73814
x-xss-protection: 0
last-modified: Sat, 09 Jul 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 09 Jul 2022 17:01:21 GMT

GET
H3 200 PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js Show response
pagead2.googlesyndication.com/bg/ Frame 5798 36 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c12f2da086c2408f3f1255b457b7798f793cf77f792c14c66fdbb9bf3c3eaa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 14:55:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7528
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13888
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Jul 2023 14:55:53 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/8828632559684167007/ Frame 3150 6 KB
2 KB 10ms
8ms Stylesheet
text/css 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8828632559684167007/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=gbwa8wYOqL&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4431ed2e1a04ff61147b043d77314af2c6711194fa816b09187c945a24be7ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=gbwa8wYOqL&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 13:16:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 272687
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1805
x-xss-protection: 0
last-modified: Wed, 05 May 2021 19:27:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 06 Jul 2023 13:16:34 GMT

GET
H3 200 Enabler_01_244.js Show response
s0.2mdn.net/879366/ Frame 3150 109 KB
37 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_244.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=gbwa8wYOqL&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7052ee7e4fa3d19fa953957b23d6cd29b2311739ec0932d6e570577d19f2503

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=gbwa8wYOqL&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 06:57:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36214
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38072
x-xss-protection: 0
last-modified: Tue, 07 Jul 2020 18:35:15 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 10 Jul 2022 06:57:47 GMT

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.4.2/ Frame 3150 59 KB
22 KB 39ms
19ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.4.2/gsap.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=gbwa8wYOqL&t=1&renderingType=2&ev=01_247

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3c5ff7e114ffe32212ee07123f9dc6aa19c09072e44fe64649c9cc747040cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 236520
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21678
timing-allow-origin: *
last-modified: Tue, 21 Jul 2020 23:12:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f177643-eca3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KPu4Kj3ENWzFxyCTpmg2t1qGiKCrPqDNxtFPOJ9SSeknGVJFlp0%2B09yev8yQ6%2Fx2Dt3nCxXXCGZMXGnbwjxQDagZJERymKQ0vx%2FiOy8WlwqnK9g8aD8TBuCmv8Dqc8QlfidjkcLHR6X3iQqJ9EFwr4f8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 72829f0049049b57-FRA
expires: Thu, 29 Jun 2023 17:01:21 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 193 KB
69 KB 36ms
18ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8MQ0FGXD1P&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WCBNVW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3f7cb68abebddb8481e02aa86c09a9f5bb92143703ad0c5309bac5b393168dbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:21 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70527
x-xss-protection: 0
expires: Sat, 09 Jul 2022 17:01:21 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 193 KB
69 KB 53ms
36ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-D0H9SYE5JC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WCBNVW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

23b6e9571b78dcca49a8f203826bb25ad8bfb2aab56bd2b3b4027129ced5f82b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:21 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70519
x-xss-protection: 0
expires: Sat, 09 Jul 2022 17:01:21 GMT

GET
H2 200 counter.js Show response
tns-counter.ru/ncc/ 61 KB
61 KB 167ms
54ms Script
application/javascript 2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to

Full URL: https://tns-counter.ru/ncc/counter.js
Requested by: Host: www.ufa.kp.ru
URL: https://www.ufa.kp.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software: ms-counter-3.3.5/1.20.2 /
Resource Hash: 75d16f690db62e7b02e26bff78808ea7529f154b36340c9b6d6e1cd81b64a4ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:21 GMT
last-modified: Wed, 01 Dec 2021 16:19:49 GMT
server: ms-counter-3.3.5/1.20.2
etag: "61a7a0a5-f2ad"
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR"
cache-control: max-age=1209600
accept-ranges: bytes
content-type: application/javascript
content-length: 62125
expires: Sat, 23 Jul 2022 17:01:21 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 204 KB
70 KB 126ms
126ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: www.ufa.kp.ru
URL: https://www.ufa.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

5f04f87ba7cd3beb8f840e33441bdc8cfee7fe74a49cd8abdcc8ac7727b6bbda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:21 GMT
content-encoding: br
last-modified: Fri, 08 Jul 2022 09:23:14 GMT
etag: "62c7cd52-1180a"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 71690
expires: Sat, 09 Jul 2022 18:01:21 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 31ms
9ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WCBNVW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 313
date: Sat, 09 Jul 2022 16:56:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 09 Jul 2022 18:56:08 GMT

GET
H/1.1 200
OK target.js Show response
target.smi2.net/client/ 3 KB
1 KB 259ms
66ms Script
application/x-javascript 146.185.195.90
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://target.smi2.net/client/target.js
Requested by: Host: www.ufa.kp.ru
URL: https://www.ufa.kp.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 146.185.195.90 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: target2-1.ssel24.imcmdb.net
Software: nginx /
Resource Hash: 2ea6594700eadc561dce18df33d16ff9d07ff631d4f6f4eae734bfe34e900f0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 09 Jul 2022 17:01:21 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Feb 2019 12:15:43 GMT
Server: nginx
ETag: W/"5c54386f-af9"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=259200, private
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Tue, 12 Jul 2022 17:01:21 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
190 B 59ms
11ms Image
text/plain 143.204.89.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=16803468&ns__t=1657386081384&ns_c=UTF-8&c8=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A3%D1%84%D1%8B%20%D0%B8%20%D1%80%D0%B5%D1%81%D0%BF%D1%83%D0%B1%D0%BB%D0%B8%D0%BA%D0%B8%20%D0%91%D0%B0%D1%88%D0%BA%D0%BE%D1%80%D1%82%D0%BE%D1%81%D1%82%D0%B0%D0%BD%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A3%D1%84%D0%B5%20-%20KP.Ru&c7=https%3A%2F%2Fwww.ufa.kp.ru%2F&c9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-128.fra50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:21 GMT
via: 1.1 1d87c34bb2f20fda8e0841bc33179768.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 4pMHiMH3dXNDmNBm07LYZo1gjvsgjJf2nzVv8jG_ckRKLiF3OG8NtA==
x-cache: Miss from cloudfront

GET
H/1.1

200
OK

kpufa
counter.yadro.ru/hit;kp/kpall/reg/
Redirect Chain

https://counter.yadro.ru/hit;kp/kpall/reg/kpufa?r;s1600*1200*24;uhttps%3A//www.ufa.kp.ru/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0423%u0444%u044B%20%u0438%20%u0440%u0435%u0441%u043F%u0443%...
https://counter.yadro.ru/hit;kp/kpall/reg/kpufa?q;r;s1600*1200*24;uhttps%3A//www.ufa.kp.ru/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0423%u0444%u044B%20%u0438%20%u0440%u0435%u0441%u043F%u044...

43 B
528 B

43ms
42ms

Image
image/gif

88.212.201.204
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit;kp/kpall/reg/kpufa?q;r;s1600*1200*24;uhttps%3A//www.ufa.kp.ru/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0423%u0444%u044B%20%u0438%20%u0440%u0435%u0441%u043F%u0443%u0431%u043B%u0438%u043A%u0438%20%u0411%u0430%u0448%u043A%u043E%u0440%u0442%u043E%u0441%u0442%u0430%u043D%3A%20%u0433%u043B%u0430%u0432%u043D%u044B%u0435%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438%20%u043D%u0430%20%u0441%u0435%u0433%u043E%u0434%u043D%u044F%20%7C%20%u041A%u043E%u043C%u0441%u043E%u043C%u043E%u043B%u044C%u0441%u043A%u0430;0.13998987459333834

Protocol

HTTP/1.1

Server

88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host204.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 09 Jul 2022 17:01:21 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 08 Jul 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 09 Jul 2022 17:01:21 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit;kp/kpall/reg/kpufa?q;r;s1600*1200*24;uhttps%3A//www.ufa.kp.ru/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u0423%u0444%u044B%20%u0438%20%u0440%u0435%u0441%u043F%u0443%u0431%u043B%u0438%u043A%u0438%20%u0411%u0430%u0448%u043A%u043E%u0440%u0442%u043E%u0441%u0442%u0430%u043D%3A%20%u0433%u043B%u0430%u0432%u043D%u044B%u0435%20%u043D%u043E%u0432%u043E%u0441%u0442%u0438%20%u043D%u0430%20%u0441%u0435%u0433%u043E%u0434%u043D%u044F%20%7C%20%u041A%u043E%u043C%u0441%u043E%u043C%u043E%u043B%u044C%u0441%u043A%u0430;0.13998987459333834
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Thu, 08 Jul 2021 21:00:00 GMT

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain

https://sb.scorecardresearch.com/c2/16803468/cs.js
https://sb.scorecardresearch.com/internal-c2/default/cs.js

0
365 B

10ms
9ms

Script
application/javascript

143.204.89.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol: H2
Server: 143.204.89.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-128.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:17 GMT
via: 1.1 1d87c34bb2f20fda8e0841bc33179768.cloudfront.net (CloudFront)
etag: "d41d8cd98f00b204e9800998ecf8427e"
last-modified: Mon, 01 Mar 2021 20:42:20 GMT
server: AmazonS3
age: 5
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 0
x-amz-cf-id: NLl8wYuqJ7vl1ugLcGJLS4w8o0hN2YOikge7fk2y3x-hhAZr5o1b9Q==

Redirect headers

location: /internal-c2/default/cs.js
date: Sat, 09 Jul 2022 17:01:21 GMT
via: 1.1 1d87c34bb2f20fda8e0841bc33179768.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
content-length: 0
x-amz-cf-id: Vbol0ZkOqHxBTT0n2F15AfRawL-DfA5RUQEXvFfh5iQ-9OOIU92fLw==
x-cache: Miss from cloudfront

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0493 0
26 B 62ms
45ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvZ6g6A3OtrxGtvlaIc8VTA__Gp3G2i9_TimzNAmi_5qcLPBK_JsvQn7yF3pdh0Ws0Ki-hcW9C_c-wKY8rrSBLanbSnWf7gi9Ey7A81gj75J5sgbRDIL2J0n0QRy1flAlDN-MOIQFZl-9fbV0wUaS7vy4q88yuo4orLQzAFWwYEnyPxtS1VaCuLK84TtshbbtlQegZc-Tu-aWw8brgxCp-0W3nucN8yxtpRsw21bfIVbpczo2_GLVE40S1hr0E_p5xJBVUaqyFkg7q36INXtm3Nb4d3TDD18bvc80ICFLGznrN8j2lQJoGemBFB8cPvKrKjmRL5PIJEM2B4z3hPxY5iVGqd_J_mkvUxVCoHbwNUjg_qUpwDxchrSxlRA0EISWjN0a3MPX_8b8cJovMVLWDrpqii71XqIS1RmWDDfAxtyDhiXnBgONLgE150cE28uAh3o1-3pncwIce-UfeG2-mQjL1s-v0KuVVzvkLCCN_TZ2BG3slvCbb5e3KZ7-FcHa2iIAybeXCOShNM7Uhi-o9KMeaFTbCuUB6qe8mC3K9Jz3Ad7HF5idNLYi4GV0MQ_Jio7ploRNZ_rjz4qV-Y-LBzrOvSuprFkFr2N-dzQvFtDRiV4FzKPfOxvlu5YximnLitrqeI_gam7SajHoCoYjiTJksV4Of5wWYKzWXFAkOcwt6bR8skltTwcsZClV2kcT-fC_tIi9kTcoQmUq5AL0oca5qyGwl99drU0_NOV-p1dtNgO-nLHcqSdobI5hbKc4rDrq-1sRDl7aF8V8svmQC1EvLkj31swtN-Qcnxt4p862lWUpnC42dSwTn72f7p8_Y0wpUK72yy1qfMWV-B0pV44suaaIY0gn3e565VyY5SbiiucBFFcu0bng1gV2dG0D3n8yX_fSU5K8Q0Fzi_zYzEcFl3jBO7-Xx93s0-wER-i7cxObcGyf3Tve7gkQUY77mjcxZEzx9XvMuivMKvW0Ajotsbe6iTpDua0xqFk5r12zEgTwnrr3vdmhPCeGsLVTQ0gjWLk16G59CKX_YLrflDw_bC5NGpLIV8Jq-UMH1kpyWWKe4LJbudRyvoMY7_KAc3Rplb12S2uSrx1LYRc1QOk-J8VMT_2dnzbvAr32-0NYN4a-JXd7MdB772e3auiA1Rn27OCl2F77F1DaevIT2fd0Se_CFi5eOKeQMOJDakIV6yIEzKGa5NAUpc-BsAL8pMHzcska6-x0eAqxz98EQHWhK9p7pOlDatiRkGK7z7eMOPtuudkgkRiUX2&sai=AMfl-YTkF-WQEYUPVJelvEeMOpTOIeDRrs3IMBsImYsHrAbCfukquOpN7Rnhwu1abMWkrJM4ewQJzvJQiEAuC_yvP0isrIzMg36W59BeXGs5xrJXI5Si0TsUFFcOntSBi33USuWVymZzuSk9oIxD1OOw9zWtJgt80_rGhsjXj9v0D4pavr7KBaY1qJbBHvoLSVDgAkaIr-oTAaGLE7WxaFrtJgB2p11NEd8&sig=Cg0ArKJSzOHCbLLFxzyeEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=220&vt=11&dtpt=136&dett=3&cstd=79&cisv=r20220706.42694&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: www.ufa.kp.ru
URL: https://www.ufa.kp.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 17:01:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 3150 7 KB
6 KB 23ms
19ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_244&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_244.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99f155f12648dee0ed3b192df6d7e3197a55c68256158dc78212b27f5591c776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 17:01:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5807
x-xss-protection: 0

GET
H3 200 blank.png_1621953238939_blank.png
s0.2mdn.net/dynamic/2/10817374/s0.2mdn.net/creatives/assets/3690075/ Frame 3150 95 B
120 B 19ms
15ms Image
image/png 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10817374/s0.2mdn.net/creatives/assets/3690075/blank.png_1621953238939_blank.png

Requested by

Host: 14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com
URL: https://14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9df9512d0f2332b34e43e220b6bdc675dc6b663e72406edde64fd96dc9128e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=gbwa8wYOqL&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 18:58:36 GMT
x-content-type-options: nosniff
age: 252165
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95
x-xss-protection: 0
last-modified: Tue, 25 May 2021 14:34:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 06 Jul 2023 18:58:36 GMT

GET
H3 200 DCO_1110_1608_Res_SkyQ_over_IP_Update_160x600_1.jpg_1629444100010_DCO_1110_1608_Res_SkyQ_over_IP_Update_160x600_1.jpg
s0.2mdn.net/dynamic/2/10817374/s0.2mdn.net/creatives/assets/3690075/ Frame 3150 34 KB
34 KB 24ms
20ms Image
image/jpeg 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10817374/s0.2mdn.net/creatives/assets/3690075/DCO_1110_1608_Res_SkyQ_over_IP_Update_160x600_1.jpg_1629444100010_DCO_1110_1608_Res_SkyQ_over_IP_Update_160x600_1.jpg

Requested by

Host: 14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com
URL: https://14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05ca835ae9f42c9caf134c8e1aba2adf143e42baa6fbabbc1e92a3ba0d1ed3b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=gbwa8wYOqL&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 08:54:30 GMT
x-content-type-options: nosniff
age: 374811
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34932
x-xss-protection: 0
last-modified: Fri, 20 Aug 2021 07:22:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Jul 2023 08:54:30 GMT

GET
H3 200 DCO_1110_1608_Res_SkyQ_over_IP_Update_160x600_2.jpg_1629444100010_DCO_1110_1608_Res_SkyQ_over_IP_Update_160x600_2.jpg
s0.2mdn.net/dynamic/2/10817374/s0.2mdn.net/creatives/assets/3690075/ Frame 3150 36 KB
36 KB 20ms
17ms Image
image/jpeg 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10817374/s0.2mdn.net/creatives/assets/3690075/DCO_1110_1608_Res_SkyQ_over_IP_Update_160x600_2.jpg_1629444100010_DCO_1110_1608_Res_SkyQ_over_IP_Update_160x600_2.jpg

Requested by

Host: 14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com
URL: https://14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d82ba7e7afa232e0b7c28a294bf0fc1d80892b68d4eb0908759e43224121eb38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=gbwa8wYOqL&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 00:14:18 GMT
x-content-type-options: nosniff
age: 146823
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36987
x-xss-protection: 0
last-modified: Fri, 20 Aug 2021 07:21:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Jul 2023 00:14:18 GMT

GET
H3 200 DCO_1110_1608_Res_SkyQ_over_IP_Update_160x600_3.jpg_1629444100010_DCO_1110_1608_Res_SkyQ_over_IP_Update_160x600_3.jpg
s0.2mdn.net/dynamic/2/10817374/s0.2mdn.net/creatives/assets/3690075/ Frame 3150 51 KB
51 KB 19ms
15ms Image
image/jpeg 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10817374/s0.2mdn.net/creatives/assets/3690075/DCO_1110_1608_Res_SkyQ_over_IP_Update_160x600_3.jpg_1629444100010_DCO_1110_1608_Res_SkyQ_over_IP_Update_160x600_3.jpg

Requested by

Host: 14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com
URL: https://14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9cc2413f1d30384288de76afee6c3aab8be798336aa433d24e27084adfe573f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=gbwa8wYOqL&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 00:05:27 GMT
x-content-type-options: nosniff
age: 147354
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52294
x-xss-protection: 0
last-modified: Fri, 20 Aug 2021 07:22:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Jul 2023 00:05:27 GMT

GET
H3 200 DCO_1110_1608_Res_SkyQ_over_IP_newFrame_160x600.jpg_1634550807150_DCO_1110_1608_Res_SkyQ_over_IP_newFrame_160x600.jpg
s0.2mdn.net/dynamic/2/10817374/s0.2mdn.net/creatives/assets/3690075/ Frame 3150 33 KB
33 KB 21ms
18ms Image
image/jpeg 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10817374/s0.2mdn.net/creatives/assets/3690075/DCO_1110_1608_Res_SkyQ_over_IP_newFrame_160x600.jpg_1634550807150_DCO_1110_1608_Res_SkyQ_over_IP_newFrame_160x600.jpg

Requested by

Host: 14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com
URL: https://14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b03dda9cfb6c3b381d1264a12d74a8e850ad3a7d82531879b42703fe4449f3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8828632559684167007/index.html?e=69&leftOffset=0&topOffset=0&c=gbwa8wYOqL&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 00:05:27 GMT
x-content-type-options: nosniff
age: 147354
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33995
x-xss-protection: 0
last-modified: Mon, 18 Oct 2021 09:53:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Jul 2023 00:05:27 GMT

GET
H3 200 sky_medium.woff
s0.2mdn.net/creatives/assets/3668815/ Frame 3150 27 KB
27 KB 13ms
9ms Font
font/woff 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3668815/sky_medium.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8828632559684167007/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4373878b9f750698b6a199ebc0eb0e550df208c5a1f9f778a346e271a2b4d733

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8828632559684167007/style.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 16:53:46 GMT
x-content-type-options: nosniff
age: 455
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27952
x-xss-protection: 0
last-modified: Thu, 20 Feb 2020 12:38:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Jul 2022 17:08:46 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
441 B 60ms
20ms XHR
text/plain 2a00:1450:400c:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-23870775-1&cid=1080884444.1657386081&jid=1160572993&gjid=1635365074&_gid=610406724.1657386081&_u=YGBAgAABAAAAAE~&z=797544215

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ufa.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 09 Jul 2022 17:01:21 GMT
content-type: text/plain
access-control-allow-origin: https://www.ufa.kp.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 33ms
15ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1306131539&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ufa.kp.ru%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A3%D1%84%D1%8B%20%D0%B8%20%D1%80%D0%B5%D1%81%D0%BF%D1%83%D0%B1%D0%BB%D0%B8%D0%BA%D0%B8%20%D0%91%D0%B0%D1%88%D0%BA%D0%BE%D1%80%D1%82%D0%BE%D1%81%D1%82%D0%B0%D0%BD%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A3%D1%84%D0%B5&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAAAABAAAAAG~&jid=1095371483&gjid=986378737&cid=1080884444.1657386081&tid=UA-5200037-9&_gid=610406724.1657386081&_r=1&gtm=2wg6t0WCBNVW&cg1=main&cg5=main&cd3=main&cd4=main&z=206787794

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ufa.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ufa.kp.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 28ms
15ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1306131539&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ufa.kp.ru%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A3%D1%84%D1%8B%20%D0%B8%20%D1%80%D0%B5%D1%81%D0%BF%D1%83%D0%B1%D0%BB%D0%B8%D0%BA%D0%B8%20%D0%91%D0%B0%D1%88%D0%BA%D0%BE%D1%80%D1%82%D0%BE%D1%81%D1%82%D0%B0%D0%BD%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A3%D1%84%D0%B5&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAAAABAAAAAG~&jid=239946155&gjid=449311793&cid=1080884444.1657386081&tid=UA-23870775-31&_gid=610406724.1657386081&_r=1&gtm=2wg6t0WCBNVW&cd1=&z=1234821133

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ufa.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ufa.kp.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
8ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1306131539&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ufa.kp.ru%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A3%D1%84%D1%8B%20%D0%B8%20%D1%80%D0%B5%D1%81%D0%BF%D1%83%D0%B1%D0%BB%D0%B8%D0%BA%D0%B8%20%D0%91%D0%B0%D1%88%D0%BA%D0%BE%D1%80%D1%82%D0%BE%D1%81%D1%82%D0%B0%D0%BD%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A3%D1%84%D0%B5&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=1160572993&gjid=1635365074&cid=1080884444.1657386081&tid=UA-23870775-1&_gid=610406724.1657386081&gtm=2wg6t0WCBNVW&cg1=main&cg5=main&cd3=main&cd4=main&z=1052616548

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 22:55:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 65146
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 3150 17 KB
6 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_244.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 09 Jul 2022 17:01:21 GMT

POST
H2 200 trace Show response
yandex.ru/ads/ 0
236 B 62ms
62ms XHR
text/plain 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/trace

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ufa.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1657386081503415-11682378351635683653-sas2-0946-sas-l7-balancer-8080-BAL-5807
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}

GET
H2 200 v2 Show response
yandex.ru/ads/adfox/232598/getBulk/ 16 KB
8 KB 302ms
302ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/232598/getBulk/v2?dl=https%3A%2F%2Fwww.ufa.kp.ru%2F%3Fsection%3Dsociety&date=2022-07-09T17%3A01%3A21.472%2B00%3A00&pd=9&pdh=1200&pdw=1600&pr1=1855447344&pr=2228125499&prr=&pv=17&pw=6&extid_loader=&extid_tag_loader=www.ufa.kp.ru&ylv=0.612100&ybv=0.612100&ytt=424413099065349&is-turbo=0&skip-token=yabs.NzIwNTc2MDY0MzIwNjE1NTU%3D&ad-session-id=9960471657386079975&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.8%2C%22w%22%3A300%2C%22h%22%3A600%2C%22width%22%3A300%2C%22height%22%3A600%2C%22visible%22%3A1%2C%22isBlackTheme%22%3Afalse%2C%22left%22%3A1100%2C%22top%22%3A486%2C%22fontFamily%22%3A%22ys%22%2C%22req_no%22%3A4%2C%22ad_no%22%3A4%7D&enable-flat-highlight=1&pcode-version=612100&available-width=300&available-height=600&yaru=true&pp=hrs&p2=fbao&ps=bxyd&puid1=adv-1657386079931-71&puid2=society%3Atoday%3Ainteresting%3Azenyandex%3Aincident%3Aemergency%3Asport%3Acelebrity&puid3=top%3Aregion&puid5=&slotNumber=4&bids=W3siYmlkZGVyTmFtZSI6ImNyaXRlbyIsImNhbXBhaWduX2lkIjo3MjI1NzMsInJlc3BvbnNlX3RpbWUiOjI3MSwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjExNDA4OTgifSx7ImJpZGRlck5hbWUiOiJydGJob3VzZSIsImNhbXBhaWduX2lkIjo4NTM4NjksInJlc3BvbnNlX3RpbWUiOjEzOCwiZXJyb3IiOnsiY29kZSI6NH0sInBsYWNlbWVudF9pZCI6IjcxNTczNzcwOTQwYjcyYzA0Mjg5In0seyJiaWRkZXJOYW1lIjoiYWRyaXZlciIsImNhbXBhaWduX2lkIjo3MjgyNTQsInJlc3BvbnNlX3RpbWUiOjE3OSwiZXJyb3IiOnsiY29kZSI6NH0sInBsYWNlbWVudF9pZCI6ImtwXzJzbG90XzFzY3IifSx7ImJpZGRlck5hbWUiOiJteXRhcmdldCIsImNhbXBhaWduX2lkIjo4MTA0MDIsInJlc3BvbnNlX3RpbWUiOjE3NCwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjIzMzg0MiJ9LHsiYmlkZGVyTmFtZSI6ImJldHdlZW5kaWdpdGFsIiwiY2FtcGFpZ25faWQiOjgxMDM0NCwicmVzcG9uc2VfdGltZSI6MTQwLCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMjQ4ODA1MiJ9LHsiYmlkZGVyTmFtZSI6ImFkZm94X2Fkc21hcnQiLCJjYW1wYWlnbl9pZCI6MTU5MjA0MCwicmVzcG9uc2VfdGltZSI6NTUwLCJlcnJvciI6eyJjb2RlIjoxfX0seyJiaWRkZXJOYW1lIjoiYnV6em9vbGEiLCJjYW1wYWlnbl9pZCI6ODkwNDUwLCJyZXNwb25zZV90aW1lIjoxNzQsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIxMjI3MTY2In0seyJiaWRkZXJOYW1lIjoiYmlkdm9sIiwiY2FtcGFpZ25faWQiOjE4NzEwMTYsInJlc3BvbnNlX3RpbWUiOjE1MzEsImVycm9yIjp7ImNvZGUiOjN9LCJwbGFjZW1lbnRfaWQiOiIyMTUzNSJ9LHsiYmlkZGVyTmFtZSI6ImFkZm94X2ltaG8tdmlkZW8iLCJjYW1wYWlnbl9pZCI6MTc4OTU4MSwicmVzcG9uc2VfdGltZSI6NTUwLCJlcnJvciI6eyJjb2RlIjoxfX1d&utf8=%E2%9C%93&pcode-test-ids=609478%2C0%2C33%3B586085%2C0%2C3%3B597158%2C0%2C31%3B597485%2C0%2C28%3B590119%2C0%2C44%3B598479%2C0%2C41%3B609277%2C0%2C81%3B605344%2C0%2C36%3B610874%2C0%2C49%3B612100%2C0%2C18&pcode-flags-map=eJyVWNuO2zYQ%2FZXCz0FBXahL3iiJlomVSJWk7PUWwSBt9y0IimZTFAjy7x1KsleSbXr3ZQEbPsO5njmzPzaad5xZ2LesA81%2F67mxwLaWaxBSq6bZfPz9x%2Bbfz1%2B%2BP28%2Bbqzu%2BebD5uX524v4Cz%2FTNI2DZPPz04fNnhkQHIxVHSi7Q7zdMQlt31hx306W0vDSzrvBopZKc2iFMbyCilkGHdOsNbBVGvai4grDglK1hVrYfP7v74XJnMSUnv1hvVU1l1wzi2Y7Vj6YnbJQ9fiFUHJhKVraiQnJz3a4ZEXDQfLDzAg36DW0quILO0o2R%2BANb7m0BspGlA8OfMP6ZLllj7Djot5ZjFEajFcLWb87eBoF4WCWNY06jGXo0PxgY8ylrdkdGzGh85qM77dM10L6kAmJgyhap6zvqiH3rXIJB8tEg06MufM2R0KSbFYBzVu151DumDbcwlarFhohH%2Fw2giAm6dqlrXgE%2FGjBaqylS7OxTNshO53hfaWmmEuNAyb23Nx7hNKLuEvWdc50cYRKHeRbXE2y0GcFU6YxkYWwrpvfYwzDc8b2XJt10zvnU7rEhjEJ1o7shRGFaIQ9QtewY4GJw0noDTp3x5OQhhdzJCTSlOHl0BKqMFzvHe24csxeeqvhXmJPMZyYoYKs7ebAl3%2B%2BP89gcZhFORlhBsnKOLZcY9adPQOxCgznr04vYV8%2F%2F%2FHleYGMkjAfG9B1XYtvTVMurf%2FJmEb5WIVS9RJ7VcHjTnshWZqF8QA5MlnxR9A99l7L%2FGNLSRpGE4MvmAa2fdMYnAHuxwdRGJFziIVWD5gfDA9qLSo%2FMqVZctVhqISxWhReeBiQZIz3ictwcBcOorI7EC2ruRcbB3FGXrH43NCYhdKujzSrRG9%2BeaOFI3N%2Bjw4Daw7saPzIKJ1KW23d6jYdMj4HK1queruAhoSQJTYm0RhzV%2BLiGZYF7hn%2FexTNTN27VZhl7sbl9B7wR28n4pNpGl7CxRbw78HRy70OuWHh5MCeNf2iWhG5jj6R4tCdQnZYZGC69b%2BdBHk0vY3zaoUZBNJWXW6PNZQS1BIDtOFMu03vtiHTgq0SHq5hU3lX86T5gWF7VW8dLLR0qrVbetByVEXnduFaI9s1asG%2FdIHPSDzWvdNCacfduEf2gh86pf0tk6TJRHju5yBxeZcc5V1be2FpiLgBZkyHy6vccechdFyXqy4NyKLIKQ3yeNYi5JHgvkIyUMYK75tZQKc3KxRddljvmOODxtWJpZ7o9h0iKkPOHuuH66ScAljxyWqr0CzDbTQ6MTFJhcu6RDFnvJxN8yDNZhwmUDAyLCwq%2BdJlzPgezSMaBAvswHsGSdDu3GB1rKpwQfuNxHRqkmHPuDV87DhEfq9x19BZtVpd3tjbl8%2FlaXITCSgHBsF85%2FWTDW2L2TCBKZmTd6y0apH14NdggU%2BjLDrj3w0aRHXBJF4VgNJjK7DbBkGDNvxLJ8%2FCNJ0FPxkZexMXPHLiWVwhsVt3QK0lxlpzh3E0Nt6uWMkRmudhThY%2FjkicDT%2BuNSvCO2I%2BTsnrb8GIp0VwNAiJ7%2FdXtllAbyDGbEyEji2Aly2mwbG0kK4rzjodR%2FuO05SOnYE6oOZ2mHYh3emnkcDcRyTPO%2FsyIWkckmsEvhXauNODtU7CwriB1f5UQr%2FRHGXS3DVWGNX0yFemdceHm%2FY7tcZjZrqvZj2PLOcYql4L8QtwGOTjyO5s29BxzAzulEowsBxPhDt4lDvxguHG5OBmNENeuTSXN%2FWWNWZ11eVxmp3vgUEH1NoVHdOA%2Bu3Kprjyb4OEZK83PsJRyhs44kmHHpRgdPkevLsD3GE%2F3fPixCOmR4G%2FknKlbZYTnQb0NZrTznHH%2FMCmC%2Bz3r9%2BeX1bo2O%2BHaLsbjlzElJMgeL2zOlybw33GwZEIoIA5f4F3l5LV0hwO84qp4vS2tVGHVXccOpuY1Id4Gk%2FtY4PFOs2jRNXcr6n3yvCciHM1kWL4VwmYHcMjG51Ty5T%2F%2BfJlaYdGcTwtOyQX3TpBpLk83Y6d5oX%2FZkkCkqUzAb4%2BAd2cLSX79M3PTz%2F%2FB4IgulM%3D&use-server-side-rendering=1&pcode-icookie=tPxlESyPPbK3D%2Fz7%2F%2F676VzJlB3TKrFTYSUajTQgKAvaGiiXkamcuO8I%2FJaQYHk0fMVcR4TFnb8rAtzeGt6ZKJP%2FloI%3D&top-ancestor=https%3A%2F%2Fwww.ufa.kp.ru&top-ancestor-undetermined=0&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxNDJ9ChqipKjslilBEKAO0VF2b3_4o8tMk0pYSsIzJ5XEaO7v78bXPiwF0bddXXzcScXCQpOwJwJSUJCFUrVut278BvRqQM9AGyQEJkTxxv9efdIxo-e2rgoppAQiBCYwwUO6NYISkUdJRK60KM1RnCOglQiVtHmBVdJHeqUlUilNkTHSRnGkG6AAH6VKeAscuZJ-MWhU00iNJ0dUi2263KqVtJE-R2oFntRRmpdL_WJJHhkWW5oMwDmCtqA1i2fBFqBWCWeB0S3iaXIEaREwPBoWvSg5Q5cnZwYJ0AQxMoDukGeJXSCDbj_GaQZdMII5TDvsLwLjxUydAUIPPYfY83FYWVHy8nFw2bh5-azsVpRcvGBa5_mEmw18rFxWW2axsXKBJsrNxciDnJ3Jys7MIpp5mFmsXCxW0EQjGKSx1CUsSYVjgjmCOrzqI_ALcPEuWDJIzB6-Flh9pBm00oUPkxJ2XuB1SvPiSAcGltvjixd4hIOk7XOqhB_Fg4_q-AeB6SIS4nKrKmami6xYZDhVD8eLhflwny5OzVmtXhD6rAT4InNhbWHq8BslIsPC4SteeIQ3zV8cyYKkERmmxc3KM5-m4WSR0CynWhwIRGS7pRpqC5i_TB1kTdmdagrn2z4Usjwsq5v2LT4MExQVVqQjNi7ESJmRczN6qAlaBEmEtOpV-dW72CkWxvAg3JmPhpkbMS8fNzsyWXA0DFYrM0vmQWljZARNlJHHycpJQICN0WnHn7lYUSJjRivKG0GdJilh8wk3NlL4XXAv10yCPHbkgk57Ro3NasXAvXw_xfiEjxGZYPLgNi9_DlRI2ZlQCTiFMicmGwauvHj5uRlQCCFZhLNbmbBhBdQiHOZ2wbBsIucTtrlHA6hto5l46GBBgQ33okX9goS_HXghypcs0Fv1Q7PxVJZLRkKrelOfSuItX5PS4pJXSIo1lLrkG3JkVMINstZdP4CQz2V3jIY5_x_PRbpEAaAL-_qIMjIoaV3xHx56sg_pjulQfjyxny2pC45NLnpGHf6rKzTSf6vx8K52wXBov0XTX2KOxOyKjiFJeQF3VbnhyTgNlh6ZXXIHfdHSPQ7Ru2rHhqSN9u5gF7h_xATsx7AJCLrvevH7YVoYnpk_kSM-MBtMxabCKdd5dTfpRf2rib-_aV3k-bxDr3b95zKtK8rQb8iLH9zN-ZtV-_t1l9QQZp8vLFJGGhetmSS3OJexU_BmVyUH5Ttv03Mm5VDks8gdHUCoPieHSTfp_dc-v7rpRhS75BnGTPSPwOnwcmkMasTNZVtmUJDPPITkkneIWy2GcX3F5XzbfO9dI_alqGcP7edZahWZ-5Fc5XaNpvaX0_bYKYav8yhM5gwrfglkLhSgoGdDvPwCbHa1RGNMZoexoRG0cTI7BTM3FiSMINg8zfAyW2IwcL9CJGoVGyBtuNEhdrNuAjRcrxt2Rg6QOGzgbtsETBRj2wS8ir1tAr7F3jYB32JuG58eXG6bAAVX28bLv4ttE_At3rZR5Njkomcut40XDTG3jacexN02fkUQ_bbxq5JIt03Anatt422H620ToEGU28bbDzG2jTwVuto2nt662zaKeS7mtvFSBlFvm4BDV9tGsTXibhvvBYuxbXwYFXfbKLy2m20T8EyU28Z72a62TcC7-NvGy7mrbaPYHSLeNt6yFXPbIMKIGhknSeOGxEFDkumHG0QcKLiQkG76OTiHoAxKDkdGiwU9yExfUbKKYD5GJhuLdHQFMg5mVJgYfeQNhmPyECRzhISo7TJAwY4eOYb_b-oPEdLR5-HhQW6zhYHwQ2lzJu_x7AC7DpvC55iMfnk5QYySGzUnmvXGOTGzYEaMQ5TXjo-IKbnA5VvpYGVkEmRE5eTPbLi4cWJBXwEt0ATjCRt4dFhsJDjiIXf4Mw8rA6isHKLy2keJa0I659Cun1X38snFvjQ7s13IbieYQzpxywmQp0lTq4XdcQ5pHUogIqCcw2J3vHtc3xTP5EvPe50b-IQ1ISOimLNJJXB3pVHfjJC9Zd2ZSO6SZ1yY0GHH6XTwu2M7MJ_7e4vmp6jBTachb-HtrFUiuBoK4svMIlEglEoJLuaLVLr8CoZXsCj8ZCQ1i_BlVIBGZMWGxn-NukN3V96ocNg9SEWMH58QEqvTkTkYQeXEbfU_isPOq4BAacZquW90WJkYrCxsywo2JhwgMmOq_XWqv5psKqri0SfpZEOoU4m_Gtfxo7zrNx46vKt_RvU1BnLVB8pkywamMaaH_lx8T8Ey_5KEQDbNStgDLxM5nvbQahRa7p6C3928CID2GDKaInMroCBGwIc9s5FlZ2ZmZWEg4Fja4MaOlhERO9kWemEZ9Kq79syOHRNudBhFZSkAFRqbEDKkyw07FsxYkb7y6L5JabfxyVZIb0_K19yX5_SyGqkbVcu0t3NF-2k7gxLuvnBRVz6HmkZfdddc7WmebFOkUu80xnIaVkd65ym0QClhK2HfYS2KgC2T0NX8jTM4kTEj5ageGto9e9wvsfwnTfyy1pdUvLrxqWYGdmlbmq27_Jwlz91dL-t04tOcXFoWw_kzNw7soDCCsgxPpslTqSSmJEnGOZn6lmrFJbW-ObCDDDJGpBLXd4vvR5QjWb60aZnSMc5gdbYr-cqmfCZ2VbfTSPUE1rTttlEKinuoPtK1o0OxvU6VlnwveZphHjvs5cAXyFsSWaQ8_FM4zbYO3uKhyOfq4tbJafR1pBkmxoOMKdIkKxG-KI0D76RXNQ9WJGiQzHikzvd0_Pv-JqF_cQ2FUOQGtaNdf-8-_tMbunwvI61_sXQ6PHK9t3PJ2vyf19fsFsmFCvi7nZvZ2SHkHG910VL3Xs0RsC39vJw-zxcz6cmsORupeifcmyoJae0DKxwAh9ICYo5nC21PVpvfwzFp0i5cq3szky_F03qqb343UdLUXWmn-Ob_X47dmhZ8LQFZbf6qmFSgvLWNdr5RVeZ9fdurcwSwF97tKVsmlh87RX5JV7Y_rtD9kgtov4mlTtWt1tJMzjJ1BeFisZPucHJZOPTjt8D6mZaQ7DCX-imr8xkzaRvcRr6h_pbjyd75qdnHW1iHtYK98CyMkxYtREsZBiYA9e_bsTNSoiL5trbJN91UZNp4ZI-y393QNtcXc5We0c-jMvFR5EstzjXDfrmWnZGqQuvHB12ZgtqVuD8Rhw4d5ZRlldOpJ9jIFApHG5NJx46dkjgQM6DHLMp7AcUrlIuSSag7iJXGAxeUi4BkAdiaFgl7rhCe8uBWt9q49ND9kJX2hgv1GQa2VMHx0EwK1rdNRYD3DWA3nMCfwqEOWurNU2Plibmj7PNjPLU0zKLkT7Pgob27hfaGMaafjKpWt3ZsWiJNpzfU-E9tOvLP8SB9QQTF14FQvpSvQtWdVaEdWsIktucS7QojfmQAY3MXmC0P4-y0uuXHkS1m-qbdoTtVW1sW7-azbKbSFaWRV3RYULCnRZbXomEbZBy-wXtWlHxUk7hcjnY_wWzuJPejtG0Z-un_1a5Z5I0kmdaH0biW3FSmRwjMcBZPUVh6X8tvsR6xhmdGgSKMhQ5rqdJM_IJX6MIwMfnw1bYMzZNd5bQLKZoXKxYP7Ux60_l5O5d09rfac0bypXy-JwIJJIkpCNgfqvb78Z9fcj9FrVSdHqEXKCO_06-tqFadSoS4qxJWS9_8XxZVKjAhR0LHbf2mScSv3roooO6QXCndJzTJZrqyf2FC5tWGJsH3QDB-g8PxJ3pa76XO7enr3gvDO5FeyONDejGd0UIX_MPwmV7eI-781U6OIfh1b0Rr5ZgU-6KMZzceYvwABj-f-6b5SqYtp0B13MpCL9sqes6eqMeUrc-yEgOo3wLMOr85N8sfLd9xM1a3KfyXSKS7zKE7q_VdtqQVaz1fzdUN8kAIoUZGUiIRQ69JUPGmoD77eqegYEaQJZTclnnwyygULSxrZFmbu3bvMH4HqHsQ9Q8COQPyJONvCAgmd-sZ7g5pq06KDLc027bxKq1SG1O-tDXELU9BwLs8SbWNSRq8YYZkox-wTF-Z2iLEfJNxSOlNktzzxvpwQ2p7lauG4f0g6i_6VkmnvpH1eHKTkfY3Wg2UfPLUhQi9hFUNfalrZsccnTEcyAHN1MbPDrzDg93u69eb_S-QuMeauYhoB-esL63PGNDS8GhupDccJfAT5eaWtplj_W4fX_XBYz7paTiNCLsIgTkZ7dSR5kArl8_Q9flLigljmSqIKxPxlXbcbFKuaY-MMpaZJiL-RP1sulG-jWqeONs501c8KhM9Hq9F1BvN25z6Gx9L6QCpzWtlmbWMif0dVP_AVCHJ2MUBv23yz4DbtuL2Dzx2dElnUZU43cfy10pLe2uGAQ955bJS9dzUPvfTMbUmTRZUsdMza-KnY-xHsghKBCMCWvHqgPkQGkKtCAcGCGONSpXCJOrqBPaW4SnPm-hCgTnKd2oR6Qc61cNf-mxIWos_rrylFKe6RkvCgAppqlpT_6N_yXYR0pUpqaatpsKt9vQhb1rVeZVWccbJxWK1ocwg21CinKoKif4FY6bdDnhX4JlD8oPlDE3Kqtp3lG359f9hywkSxjoHh6aJOf_QLpfkUw99qbCfFAENKq7YCnI1f3uYPHRu--N66Bu25yWB3UKBnMvK2kNL2wtGH5Idq8xpHfKBDvfJpGtZexJqEmpVsKG_k67M2GOZ1oXneSenh3FyAmtjlMt_rz3talLq319oRd6KdgbFS0sYi1yKIBJRlzgMr7el6SgdWsdrY4emvmvWK-R_5k8S1uY_NRgfWWNv4Srp2lo9avQe7nPvL1l1GPMDHYaUPZFcXr0GtNIkcV2_HsbZk1f9JlKJ4pQhzHir9ES_QO86IwVBRZTSEv5bbzrp87jOOi5fLgFwfutNgrbAj_XzSl6B8NppRhwesO2Nkmlpkm_FYk41Lm0LafmPTC4yVDUGp7KM1SiZT702Yjzxbs_kh3QXuQxXv1VwbH4BqFdbEPuG-pLYymF0LgGBm_Na86gE-FlHEWhk1ouDTfz63h0Tb71drM59ofPycTjkBGPlEcZGABFqfiYn&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

9949cf2fec7a7552969f1786b4bf7d362f1ec82391e6762028b59d123953e464

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1657386081502608-568807371660928912-sas2-0565-5f1-sas-l7-balancer-8080-BAL-3721
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 09 Jul 2022 17:01:21 GMT
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json
access-control-allow-origin: https://www.ufa.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 09 Jul 2022 17:01:21 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
346 B 37ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8MQ0FGXD1P&gtm=2oe6t0&_p=1306131539&_z=ccd.v9B&cid=1080884444.1657386081&ul=en-us&sr=1600x1200&_s=1&sid=1657386081&sct=1&seg=0&dl=https%3A%2F%2Fwww.ufa.kp.ru%2F&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A3%D1%84%D1%8B%20%D0%B8%20%D1%80%D0%B5%D1%81%D0%BF%D1%83%D0%B1%D0%BB%D0%B8%D0%BA%D0%B8%20%D0%91%D0%B0%D1%88%D0%BA%D0%BE%D1%80%D1%82%D0%BE%D1%81%D1%82%D0%B0%D0%BD%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A3%D1%84%D0%B5%20-%20KP.Ru&en=page_view&_fv=1&_ss=1&ep.title=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A3%D1%84%D1%8B%20%D0%B8%20%D1%80%D0%B5%D1%81%D0%BF%D1%83%D0%B1%D0%BB%D0%B8%D0%BA%D0%B8%20%D0%91%D0%B0%D1%88%D0%BA%D0%BE%D1%80%D1%82%D0%BE%D1%81%D1%82%D0%B0%D0%BD%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A3%D1%84%D0%B5&ep.allowLinker=true
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8MQ0FGXD1P&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ufa.kp.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 60ms
21ms XHR
text/plain 2a00:1450:400c:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-23870775-31&cid=1080884444.1657386081&jid=239946155&gjid=449311793&_gid=610406724.1657386081&_u=YGDAAAABAAAAAG~&z=1357696904

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ufa.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 09 Jul 2022 17:01:21 GMT
content-type: text/plain
access-control-allow-origin: https://www.ufa.kp.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 32ms
32ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-23870775-1&cid=1080884444.1657386081&jid=1160572993&_u=YGBAgAABAAAAAE~&z=56967579

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 57ms
32ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-23870775-1&cid=1080884444.1657386081&jid=1160572993&_u=YGBAgAABAAAAAE~&z=56967579

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 15ms
15ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-D0H9SYE5JC&gtm=2oe6t0&_p=1306131539&_z=ccd.v9B&cid=1080884444.1657386081&ul=en-us&sr=1600x1200&_s=1&sid=1657386081&sct=1&seg=0&dl=https%3A%2F%2Fwww.ufa.kp.ru%2F&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A3%D1%84%D1%8B%20%D0%B8%20%D1%80%D0%B5%D1%81%D0%BF%D1%83%D0%B1%D0%BB%D0%B8%D0%BA%D0%B8%20%D0%91%D0%B0%D1%88%D0%BA%D0%BE%D1%80%D1%82%D0%BE%D1%81%D1%82%D0%B0%D0%BD%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A3%D1%84%D0%B5%20-%20KP.Ru&en=page_view&_fv=1&_ss=1&ep.title=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A3%D1%84%D1%8B%20%D0%B8%20%D1%80%D0%B5%D1%81%D0%BF%D1%83%D0%B1%D0%BB%D0%B8%D0%BA%D0%B8%20%D0%91%D0%B0%D1%88%D0%BA%D0%BE%D1%80%D1%82%D0%BE%D1%81%D1%82%D0%B0%D0%BD%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A3%D1%84%D0%B5&ep.allowLinker=true
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D0H9SYE5JC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ufa.kp.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 _j1ezhpSwBWUHEITOmC2IR4vOiGfDYio7V63aY1ETrc.js Show response
pagead2.googlesyndication.com/bg/ Frame DCC6 35 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/_j1ezhpSwBWUHEITOmC2IR4vOiGfDYio7V63aY1ETrc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe3d5ece1a52c015941c42133a60b6211e2f3a219f0d88a8ed5eb7698d444eb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 16:34:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1591
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13754
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Jul 2023 16:34:50 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5798 0
20 B 45ms
44ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BFl5VYbTJYtzBBIuW3gPes7eYDAAAAAA4AeAEAg&bg=!9Pel97PNAAaYcLjmuHA7ACkAdvg8WsEZwrmwNG5tdx_9p4mQUz2G8xYPOgImEE9xT8-8NGo6XW2iMQIAAADEUgAAAAFoAQcKAIuBsNsXhuRinz78vid_6YK2avJ7N9TXRqUhbZKYim4DIkav_XXZ9N8jnX75tyf6xWaMk9qy9k44SZsiKsayFxnDXssFXK2EfmROBQsb8LKpFHA29JIH42shIhN-A5HSruDNohR2l5fnfnDo8lTTM499BuBhT3xI_F0MSR7LKYmXBxek1XItECb-FOzvmQLytnToKl4nYj4XifOwZj56hRPKqQmPcGqqmni-GXOONBDxphXXsiZXBYZxkXiLzcZfszaj3LnVcu9H1GNohBMef-JCYD9KqIXxkmMfXj0msTZi340kGLBCd89SvfwJdNwBHJMldrd00fnvqn8EDy_K_DxRk90R8FLYq1UCm4AhD32AZHemLGCtsPAsQ10F8XaJjrdlTO2DWsYsX2Gp-wNfh3Kw-WrLMKRCTiWDyLGZ5qwou5h3Cjx3Yqg3Ku6B2V5LDkJ3dpnYWWHEA-qWTd6c2hS4_2WpikF-_jBtKbFjQmU0nSEvu5o2_7QUugXDKlCVASIHjFg5q7eI1Xg8RTCsmdgCC9Q4S1bB2nEy5irpsiTe_lrhGitnpf2AuqsA3NvVs0IBhQraP2QeXIMVAOjeK1jeXpTCILsxks45_oRTvqsWEcogFjPXiIykt8W4X3PJUgeUEDhqpGa_wVxpxVfIW0wiyguFN04VbqYIUbEENGuZt8UOGI7hqBBbtmoM36xxHdz1YHf0m8JCtGzef05mnvKOOuIK-UNIXIM5H6oDNzylRr0JVLJltysNNbsNJ5ICbgVgJVjRlvRIFTT338Pbrb0zYzqH9eSrMmmPlUMU4lSKD9Ch0_rKoF4-A0q8Ja36u8lZbWk226nItl6NcKuSPQHR4RbFLlgx9xO-Wy0tKBNPDMcUb_CsIugpsDkuvXXe1pQpCpGvIUkgUB_yX9rQRyxzcv3HrLDrlRpCo-9Teu3X5nZtC-b1jCTpkXEJ48ZS_4FJfneqGVtklgaTZValHNaR5MmmjUnkctXhCnqhVkbiq7cUneo7D6zL3GGCLt5Rvnaa43svaansaTRfiEo0Y2hgCUbxi_P-ELGicTBNU0YHqGmSkJgIE7882PQuqqcZ8pHIpt5nSbwJSvvaBm7ARjQd8Z8b4rwWY7o3AV4XuyYFVjH5pZR1o-EuPHJ3zWlT0iWKpbSvkQOLIh_wrUrT10mdyHMSBkP8KzOp49tcFwX2JA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
100 B 63ms
63ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:21 GMT
last-modified: Fri, 08 Jul 2022 09:23:14 GMT
etag: "62c7cd52-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sat, 09 Jul 2022 18:01:21 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/26254/
Redirect Chain

https://mc.yandex.com/watch/26254?wmode=7&page-url=https%3A%2F%2Fwww.ufa.kp.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2n2z35yck7fai9c6gvqew%3Afu%3A0%3Aen%3Autf-...
https://mc.yandex.com/watch/26254/1?wmode=7&page-url=https%3A%2F%2Fwww.ufa.kp.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2n2z35yck7fai9c6gvqew%3Afu%3A0%3Aen%3Aut...

167 B
623 B

69ms
69ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/26254/1?wmode=7&page-url=https%3A%2F%2Fwww.ufa.kp.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2n2z35yck7fai9c6gvqew%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A422894271097%3Ahid%3A199769210%3Az%3A0%3Ai%3A20220709170121%3Aet%3A1657386081%3Ac%3A1%3Arn%3A854126290%3Au%3A16573860811008625930%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1657386078676%3Aco%3A0%3Arqnl%3A1%3Ast%3A1657386082%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A3%D1%84%D1%8B%20%D0%B8%20%D1%80%D0%B5%D1%81%D0%BF%D1%83%D0%B1%D0%BB%D0%B8%D0%BA%D0%B8%20%D0%91%D0%B0%D1%88%D0%BA%D0%BE%D1%80%D1%82%D0%BE%D1%81%D1%82%D0%B0%D0%BD%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A3%D1%84%D0%B5%20-%20KP.Ru&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnl%281%29ti%282%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

4a21722e468cc743281d7a34462161126d8861c68b25ddeaf407c6389827402a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:21 GMT
x-content-type-options: nosniff
last-modified: Sat, 09-Jul-2022 17:01:21 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ufa.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 167
x-xss-protection: 1; mode=block
expires: Sat, 09-Jul-2022 17:01:21 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:21 GMT
last-modified: Sat, 09-Jul-2022 17:01:21 GMT
location: /watch/26254/1?wmode=7&page-url=https%3A%2F%2Fwww.ufa.kp.ru%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2n2z35yck7fai9c6gvqew%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A422894271097%3Ahid%3A199769210%3Az%3A0%3Ai%3A20220709170121%3Aet%3A1657386081%3Ac%3A1%3Arn%3A854126290%3Au%3A16573860811008625930%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1657386078676%3Aco%3A0%3Arqnl%3A1%3Ast%3A1657386082%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A3%D1%84%D1%8B%20%D0%B8%20%D1%80%D0%B5%D1%81%D0%BF%D1%83%D0%B1%D0%BB%D0%B8%D0%BA%D0%B8%20%D0%91%D0%B0%D1%88%D0%BA%D0%BE%D1%80%D1%82%D0%BE%D1%81%D1%82%D0%B0%D0%BD%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A3%D1%84%D0%B5%20-%20KP.Ru&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnl%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.ufa.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sat, 09-Jul-2022 17:01:21 GMT

GET
H/1.1 200
OK sm.js Show response
stat.media/ 77 KB
28 KB 285ms
140ms Script
application/x-javascript 82.148.14.195
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/sm.js
Requested by: Host: target.smi2.net
URL: https://target.smi2.net/client/target.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 82.148.14.195 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: sm-server1-1.ssel25.imcmdb.net
Software: nginx /
Resource Hash: 9dc89e2eae45dccc1b2d7b9540adae2349bbb5d84578eadb8f0f645eac324910

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 09 Jul 2022 17:01:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Dec 2021 13:53:02 GMT
Server: nginx
ETag: W/"61a8cfbe-13481"
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, must-revalidate, proxy-revalidate, max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK /
target.smi2.net/init/ 95 B
463 B 67ms
67ms Image
image/png 146.185.195.90
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://target.smi2.net/init/?siteid=31456&count=site&bw=1600&bh=1200&xurl=https%3A%2F%2Fwww.ufa.kp.ru%2F&rnd=6930122962401
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 146.185.195.90 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: target2-1.ssel24.imcmdb.net
Software: nginx / HHVM/3.9.1
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

X-Target-Version: 2
Date: Sat, 09 Jul 2022 17:01:21 GMT
X-Target-Final: 20220709200121-0
Server: nginx
X-Target-Host: target2-1.ssel24
X-Powered-By: HHVM/3.9.1
X-Time-Request: 0.00038
Content-Type: image/png
Cache-Control: no-cache, private
Connection: keep-alive
Content-Length: 95
Expires: Sat, 09 Jul 2022 17:01:20 GMT

GET
H2 200 315694285*** Show response
tns-counter.ru/nc01a***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/ 55 B
333 B 54ms
53ms Fetch
text/html 2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to

Full URL: https://tns-counter.ru/nc01a***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/315694285***
Requested by: Host: tns-counter.ru
URL: https://tns-counter.ru/ncc/counter.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software: ms-counter-3.3.5/1.20.2 /
Resource Hash: 814239bdb57b0aff5faeeca03f9a89593d15a0a88e9b083b4c4841f96c94fd95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:21 GMT
last-modified: Sat, 09 Jul 2022 17:01:21 GMT
server: ms-counter-3.3.5/1.20.2
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: https://www.ufa.kp.ru
access-control-allow-credentials: true
content-length: 55

GET
H2

200

396522341
tns-counter.ru/V13b***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/
Redirect Chain

https://tns-counter.ru/V13a***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/396522341
https://tns-counter.ru/V13b***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/396522341

43 B
297 B

54ms
53ms

Image
image/gif

2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tns-counter.ru/V13b***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/396522341
Protocol: H2
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software: ms-counter-3.3.5/1.20.2 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:21 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-3.3.5/1.20.2
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:21 GMT
server: ms-counter-3.3.5/1.20.2
strict-transport-security: max-age=2678400
content-type: image/gif
location: https://tns-counter.ru/V13b***R%3E*kp_ru/ru/UTF-8/tmsec=kp_title/396522341
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 03FE 0
0 77ms
76ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022063001&jk=2451277687733899&bg=!5Oel56PNAAaYcLjmuHA7ACkAdvg8WvGmp41fRueal2y6_Msu-QFPP8JTABMICBXY6UrO8jfvqOt6sQIAAAEdUgAAAANoAQeZAr54RyRb5Oxzoa2qfNJBYUSL75qVXEFHdA7u7YjnEnj9CzYbH1S48XCs50VY34ZCzrn_K9xjNDhwjLlU2aDkNXEoSzU4NO9hKydWiSRclmbAzl7we14bjWQw4QiuwxuO0uplf3cpf43Y0ZBR8xpj4jKgppYAWksN2GU6ItyffnJMDd6ZYj8h97UYP0Dj4Q-VIg_SmAvyrwzBbxo3RNbfmfCGGJUfhnCQXnFgOEiSzPlrIAtkf5NWoJuJZN1YKIHEVCxXivYLs8ay6BOdyVFmYI99tmClVImEB5woMMOL9Oq-s1KExnX7E1RtRuCPVYIr_4uODy3wLQ82d3t-uC0nRDcjTvbgfuZSk8ehwurPtZBp9F0NOS002b7m2RCbyC3quA11GUGiVo8l0ITkD0UYEt65m-GBwzaRg8nco6Z8-YWyKQ7BIdlhxtWtWJAZ3aaizZhBPuMIVUQd2BGmjsEDxD6qs96Rgt3JcrPjI0gd6Xw0p-b3wUIrpptkBt1xM8Ru4iTLuI1PoczICn67G0cCg-QiMhC4pzk6JZENidP6v9-AF7mTdWfMGZ0ZCqyNpKMyDkg8K0P0oPT1tVQutWb4Xc1HS1Z7vKcrpMB11cs_kqd2qTLfdoZiluZB8w6QnNASGi8_tkS-mIXvhnF8Q-h53l0fQo8UHQjddsH3Pmm_-M8zE4q-Eog6YTjsPFrJaHeRb1KANRRCgxCgYGI_hakmVxUMsDFoHILc6RcyXY3yL17jc3JBhz32sna6YpZufPyP2aHpjRCiRsJ1vysgTPiX3v-BjnCF5Qom6PrWnFYRrSPMpxlK9PF4206OTnUNWYfj-D0Flnhlkncf_Z2VV6r0JVSJ5JfEvcGnbyf0aZNktzgRF9yQZ-2wXjKp3gYrD2a325hmmnXSAP3lGmr2QYtfPnRh9NyUlJhG5OmUynttfSA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 4DA6 81 KB
27 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/612100/c1d4e7ea878871c6a693.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d72e02e86cedb9eb4830a12ae6d968a9c8ffd04bf6c009812cd906d7a28e8275

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28093
x-xss-protection: 0
server: sffe
etag: "1268 / 401 of 1000 / last-modified: 1657318025"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 09 Jul 2022 17:01:21 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
66 B 322ms
321ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=9d3582f393a0f3fc&pm=bmo&pxo=19btBrBBCUhQMiUY7MdU6e4JcB3hrzUUFfzfRmRJFbLCLxczTJwSzy5P-wiWjykS6a_sxehXfTl888iqUlFZNWmPfs_cnosqZKhw_pF1F3aUk7-bR40VMUE5txush2BQ4tW4pR-q3_UL_Ll-XNJj0Tuzu4A7Ibw0jdoYd7J3WXVsx0W3QQ%3D%3D&p5=gwaok&ad-session-id=9960471657386079975&utg=oxum&lts=fjmwgon&ytt=424413099065349&ybv=0.612100&ylv=0.612100&dl=https%3A%2F%2Fwww.ufa.kp.ru%2F%3Fsection%3Dsociety&rqs=YJCM2sHShn1htMli3cMJIYNMNbpEQJOS&pr=hfnuxqp&puid3=top%3Aregion&rtb-si=b&puid2=society%3Atoday%3Ainteresting%3Azenyandex%3Aincident%3Aemergency%3Asport%3Acelebrity&p2=fbao&rand=dwlevbo&sj=Gp3ip5tDil_YAiYQ20TcqNaAUH3IxExGVX2-w2q9aLilKwfupqbmmmztzk3AWg%3D%3D&puid1=adv-1657386079931-71&p1=bufhv

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:22 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Jul 2022 17:01:22 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/26254/ 43 B
73 B 64ms
63ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/26254/1?page-url=https%3A%2F%2Fwww.ufa.kp.ru%2F&charset=utf-8&cnt-class=1&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2n2z35yck7fai9c6gvqew%3Afp%3A805%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A1%3Als%3A422894271097%3Ahid%3A199769210%3Az%3A0%3Ai%3A20220709170121%3Aet%3A1657386082%3Ac%3A1%3Arn%3A672349444%3Arqn%3A1%3Au%3A16573860811008625930%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1657386078676%3Ads%3A0%2C0%2C83%2C136%2C376%2C0%2C%2C85%2C0%2C1537%2C1537%2C3%2C794%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1657386082&t=gdpr(14)mc(p-7-h-4)clc(0-0-0)lt(47300)aw(1)rqnt(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ufa.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:21 GMT
last-modified: Sat, 09-Jul-2022 17:01:21 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.ufa.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 09-Jul-2022 17:01:21 GMT

GET
H2 200 26254 Show response
mc.yandex.com/watch/ 43 B
73 B 69ms
69ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/26254?page-url=https%3A%2F%2Fwww.ufa.kp.ru%2F&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2n2z35yck7fai9c6gvqew%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A1%3Als%3A422894271097%3Ahid%3A199769210%3Az%3A0%3Ai%3A20220709170121%3Aet%3A1657386082%3Ac%3A1%3Arn%3A355397250%3Arqn%3A2%3Au%3A16573860811008625930%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1657386078676%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1657386082%3At%3A%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%A3%D1%84%D1%8B%20%D0%B8%20%D1%80%D0%B5%D1%81%D0%BF%D1%83%D0%B1%D0%BB%D0%B8%D0%BA%D0%B8%20%D0%91%D0%B0%D1%88%D0%BA%D0%BE%D1%80%D1%82%D0%BE%D1%81%D1%82%D0%B0%D0%BD%3A%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%B5%D0%B3%D0%BE%D0%B4%D0%BD%D1%8F%20%7C%20%D0%9A%D0%BE%D0%BC%D1%81%D0%BE%D0%BC%D0%BE%D0%BB%D1%8C%D1%81%D0%BA%D0%B0%D1%8F%20%D0%9F%D1%80%D0%B0%D0%B2%D0%B4%D0%B0%20%D0%B2%20%D0%A3%D1%84%D0%B5%20-%20KP.Ru&t=gdpr(14)mc(p-7-h-4)clc(0-0-0)lt(47300)aw(1)rqnt(2)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:21 GMT
last-modified: Sat, 09-Jul-2022 17:01:21 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.ufa.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 09-Jul-2022 17:01:21 GMT

GET
H3 200 pubads_impl_2022070601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 4DA6 373 KB
128 KB 7ms
7ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022070601.js?cb=31068338

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

d72b8eb9289bec0987d4af915f6cd81fc04863709b510aa7d98887d1cff60c49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 14:52:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7746
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130521
x-xss-protection: 0
last-modified: Wed, 06 Jul 2022 08:34:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 09 Jul 2023 14:52:15 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 4DA6 107 B
122 B 18ms
18ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.ufa.kp.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022070601.js?cb=31068338

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 17:01:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 4DA6 107 B
122 B 17ms
17ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.ufa.kp.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022070601.js?cb=31068338

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 17:01:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 4DA6 18 KB
10 KB 282ms
282ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1111535227693978&correlator=3588105151407156&eid=31068223%2C31068338%2C42531607&output=ldjh&gdfp_req=1&vrg=2022070601&ptt=17&impl=fifs&iu_parts=94805857%2Ckp.ru_2_new&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&ifi=1&adks=3886855702&sfv=1-0-38&ecs=20220709&fsapi=false&cust_params=kp.ru_2_new%3Dkp.ru_2_new_14&sc=1&cookie=ID%3D90a4e6e54444b41b%3AT%3D1657386080%3AS%3DALNI_MZbWSwwjfICnOlFMFItflPywuynSA&cdm=www.ufa.kp.ru&abxe=1&dt=1657386081871&lmt=1657386081&dlt=1657386081782&idt=69&biw=1600&bih=1200&isw=300&ish=600&adxs=1100&adys=486&ucis=631cnhemqc6b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&nhd=1&url=https%3A%2F%2Fwww.ufa.kp.ru%2F&top=https%3A%2F%2Fwww.ufa.kp.ru%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=300x600&msz=300x-1&fws=256&ohw=0&ea=0&ga_vid=1080884444.1657386081&ga_sid=1657386082&ga_hid=57597453&ga_fc=true&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022070601.js?cb=31068338

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

50dabdfe14e68cd56b9c400784b44793b81d7b40b34b2f133157257b50dc4a56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9983
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ufa.kp.ru
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4DA6 14 KB
10 KB 23ms
23ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022070601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022070601.js?cb=31068338

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23cd1e833b774d9f157da2c47f4f298e688e692f43f98347446ef95ef724492c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 17:01:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10588
x-xss-protection: 0

GET
H2 200 container.html Show response
74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 51AC 6 KB
3 KB 51ms
15ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022070601.js?cb=31068338

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ufa.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 17:01:21 GMT
expires: Sun, 09 Jul 2023 17:01:21 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4DA6 17 KB
6 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022070601.js?cb=31068338

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 09 Jul 2022 17:01:21 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0233 13 KB
5 KB 10ms
8ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ufa.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 796
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 16:48:05 GMT
expires: Sun, 09 Jul 2023 16:48:05 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 45AE 783 B
535 B 17ms
16ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

540494568edcb120a58c4c4890d03f34c810edc9fc355f28720dbdef11420b42

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-78PLxNa62iSLSdcLHQq91Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ufa.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-78PLxNa62iSLSdcLHQq91Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 17:01:21 GMT
expires: Sat, 09 Jul 2022 17:01:21 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK settings Show response
stat.media/counter/ 672 B
1 KB 71ms
71ms Script
application/javascript 82.148.14.195
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/settings?payload=COD1AQ&cb=_callbacks____0l5e4vpga
Requested by: Host: stat.media
URL: https://stat.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 82.148.14.195 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: sm-server1-1.ssel25.imcmdb.net
Software: nginx /
Resource Hash: 68a2b11c387cf46b59e8e3bb11aa0744237002004d7a58d81ef2acbd5fac38ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 09 Jul 2022 17:01:21 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: application/javascript

GET
H3 200 _j1ezhpSwBWUHEITOmC2IR4vOiGfDYio7V63aY1ETrc.js Show response
pagead2.googlesyndication.com/bg/ Frame 0233 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/_j1ezhpSwBWUHEITOmC2IR4vOiGfDYio7V63aY1ETrc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe3d5ece1a52c015941c42133a60b6211e2f3a219f0d88a8ed5eb7698d444eb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 16:34:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1591
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13754
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Jul 2023 16:34:50 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 45AE 0
0 73ms
73ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022070601&jk=1111535227693978&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H/1.1 200 /
smi2.ru/cookiematching/ 43 B
868 B 135ms
42ms Image
image/gif 88.212.218.1
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smi2.ru/cookiematching/?payload=CkEKB19zbV91aWQSJGJmMzQ0ZWVkLTQyNTQtNDU4Mi1hZDM4LTdjNGUxYThmYzRlNhoILnNtaTIucnUiAS8ogOeEDwoqCgdfc21fdWR0Eg0xNjU3Mzg2MDgxOTg0Ggguc21pMi5ydSIBLyiA54QPCj8KB19zbV9zaWQSJGE3MWVmYzhmLTEyNTEtNGFlZC04YjgwLTFiMTY0ZDhjMWMyMRoILnNtaTIucnUiAS8oiA4%3D&rnd=1657386082020
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.212.218.1 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache, no-cache
Date: Sat, 09 Jul 2022 17:01:22 GMT
Last-Modified: Saturday, 09-Jul-2022 17:01:22 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Connection: close
Content-Length: 43
Expires: Sat, 09 Jul 2022 17:01:22 GMT

GET
H/1.1 200
OK /
smi2.net/cookiematching/ 43 B
229 B 248ms
68ms Image
image/gif 82.202.225.240
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smi2.net/cookiematching/?payload=CkIKB19zbV91aWQSJGJmMzQ0ZWVkLTQyNTQtNDU4Mi1hZDM4LTdjNGUxYThmYzRlNhoJLnNtaTIubmV0IgEvKIDnhA8KKwoHX3NtX3VkdBINMTY1NzM4NjA4MTk4NBoJLnNtaTIubmV0IgEvKIDnhA8KQAoHX3NtX3NpZBIkYTcxZWZjOGYtMTI1MS00YWVkLThiODAtMWIxNjRkOGMxYzIxGgkuc21pMi5uZXQiAS8oiA4%3D&rnd=1657386082020
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.202.225.240 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: smi2adm2-1.ssel27.imcmdb.net
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 09 Jul 2022 17:01:22 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

POST
H/1.1 204
No Content view Show response
stat.media/counter/ 0
135 B 184ms
61ms XHR
text/plain 82.148.14.195
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/view
Requested by: Host: stat.media
URL: https://stat.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 82.148.14.195 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: sm-server1-1.ssel25.imcmdb.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ufa.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
Date: Sat, 09 Jul 2022 17:01:22 GMT
Server: nginx
Connection: keep-alive

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0233 0
9 B 7ms
7ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?2_ibkg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 container.html Show response
74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8165 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022070601.js?cb=31068338

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ufa.kp.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 17:01:21 GMT
expires: Sun, 09 Jul 2023 17:01:21 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 event
ads.adfox.ru/232598/ 0
18 B 63ms
63ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=f4963fe0e10f4200&pm=bmu&pxo=19btBrBBCUhQMiUY7MdU6e4JcB3hrzUUFfzfRmRJFbLCLxczTJwSzy5P-wiWjykS6a_sxehXfTl888iqUlFZNWmPfs_cnosqZKhw_pF1F3aUk7-bR40VMUE5txush2BQ4tW4pR-q3_UL_Ll-XNJj0Tuzu4A7Ibw0jdoYd7J3WXVsx0W3QQ%3D%3D&p5=gwaok&ad-session-id=9960471657386079975&utg=oxum&lts=fjmwgon&ytt=424413099065349&ybv=0.612100&ylv=0.612100&dl=https%3A%2F%2Fwww.ufa.kp.ru%2F%3Fsection%3Dsociety&rqs=YJCM2sHShn1htMli3cMJIYNMNbpEQJOS&pr=hfnuxqp&puid3=top%3Aregion&rtb-si=b&puid2=society%3Atoday%3Ainteresting%3Azenyandex%3Aincident%3Aemergency%3Asport%3Acelebrity&p2=fbao&rand=fyevfrm&sj=Gp3ip5tDil_YAiYQ20TcqNaAUH3IxExGVX2-w2q9aLilKwfupqbmmmztzk3AWg%3D%3D&puid1=adv-1657386079931-71&p1=bufhv&resp-time=392

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:22 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Jul 2022 17:01:22 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame FD6E 624 B
297 B 19ms
18ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGIb4hs4BMAE&v=APEucNW_jXVFU2rftFcTOE6eD8lSkgvik-9lbIFYLqNjwlnp52nuenR5VDWo2askT3JvTe8AMwssVXRl57wr6GkDnC35MEad6P1EHyMUe5bykVY5JcFlhTL12WNH85JwowvXQt3_59Z_4DkADX2Ht13VG9Gjy4pDM-fb74ruLZMONbsUF0Uu81w

Requested by

Host: 74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com
URL: https://74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 17:01:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8165 80 KB
33 KB 50ms
50ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AAd6DgkoBYTFOXyGvIW6BgoG4mKlsducXuQBQyvCiHSNF_v6xwE9pBrRnslolGIUE3cgYaJrQ93CUeiDyoF7yncLYjvaOnqtwBFwECLlXU148xNi-F8bjC8UN9yYy6Cn7MOYizSrIgYgc7ZBJRYBf_r92n6Q&dbm_d=AKAmf-Bq8kgtD1Xip7YQlLVsbUEBAaeQAE1RTf63vS91nmNICDKrchCK9mY8rYlMO5Dlbqxblg9hXMEBS48HgONElw14qHzcf1zLjrGuvPPJDhk5bxGBzGJ3Rm6ljAK7vuN1bbOXHQNHfFm4V-bDLe2mNqr8r77CEALgldJzhrORvdtVh42PAY5c9bBvXbPp-iwXcJ0j3lk6EqMeUS02lJ1ELHVN1RExuv1Xx2J3CKugISZ0stgpRdqE3OXM_GoG9QbbkBXxC2ueI40K9YoEGiH-0B_CQTXTJBWQIbnXi7WhCeVAnjIMP0fIgBFpOuVIDYpM85OArrb1stQE5MNGQAwCTlZpvX2Kw_dJg91joG_qTJYvLK1Jfqbl1AX3b2Rn2alMo8Zo1OFBxa35mskXa84fdsk2iLPDx29CCrTLf0sK-KrJu3V0UcLb4-yToGTjiEpm7WYLDw_vgie65gbqUuda1ffRwxyjlqrU-Dry-Ziqcsp4tzOi6C6deAPC2sQYSYYC-Eurz7GkmOTmwy2-rJYtwwG_7D0HE9adAqtOJqh_jhxMNgCIMqg4IAKXn5Do6j5RUaNvK6Hh3NExncYV1CbOezXgZ2w-g8sGDHxEFdAYKAZAGO6SCDzWRNvo2kXaMVH1nyyMSHe-AO0CY1UHmWcWj3m_TEEKrSTm4jMgEhIYqUT3pzOXKbSKJ-ufqOZswTEFZohtUIH329CzrzoLzCewXnNZr6iaZss3v4maXrT_vVX1YLgh3ZOBq_DiZ-2OamXC6vV0svrShoelNwZJCwraTbQaJKermYMii63HvBjUY10y86QxG66_roXey5UJXQF1ljeMk2AgR_K18SdJgjvO2j8c3SChFFZwiEfUEvIL763EHAiJi19GCBM6_j5OYWSE5KcG2u8hMY9Iv-JchCZUNVpAdyCzrFc2UOkVHHAZk1lkYKuKqXOytFBUjGh23PPoRP5My-PkrKSOlRwuPWyx-HFx-_Jubirmb1xMXrcIlnSOPpZUULJCOGDyNP1He8vId9_VUClecA7qFp5TWY0IJHvVsAkSAwmTXnZmYwWvudMYFQNg4yh3-SF7AasrewPp9ZNdzy-hk54dVV_7Z4InlcXOhvGppk9bg8YjRkuJedIrIdwj1WZ62fFITIIAM1hitxiO0j1GSwoXx1V2SHbBybiRo_zLAFm_Fn0JyIrHAYhk9z3-Ud8vKVqI7kTQn9gATs0gr-ZYgqZI8V2chfehGVXXxMLKVgRQq59-QUMRD5f5rWO4c2TWd5GjQknHg5gIWBa8lu-g2fl3dIqxfYfisxPCzAMXYsTganB0oo-9uV49EXC05PzDt1aIZHHClKS5O5Kug2_27mTjKbwrjdb3wWaxzO3i_NRcvKYuQ7PopQnPlvzJL3KBsXKM6zs0ENYA1uePT33zs8HMz58vzEBFb-IqDxjBUKeVxZdzfhMS_CEhfuwYVoeEwxMJQ_iEnKpgE9J8TP80a8hOXnfk3G-rD8sP6dG1B-YNmNPxIoS2DOorAacta2MlY5-WO4z6NMGpm9uFvbEiHPGm0boXOqxconHAO8ATkK81rE9pcv7M2CUTSDYaDNkdvIXI73h3aQSsyGd2nznH1dcacOqaLG2QvW6xc2Z64itM9Bx4yNHOzDcS6QbrGW1Pym6gN1p_sVhe8STfxQWtF1Yi5vFkWJMTImQ7srC_Q4NqOuNL7LW0TCQqnR7jAYeG67TzM5i5UPegvjzX1X6nRgRSJnC35nwSPYQ3whrnsMh5Jm_vG4fkeHQumdWP56kR83_ZrUU3ZFzwJx_0lkg0tvyzjE7r2Z3SAdwjRsiZzchqT1IDlUDIMj1v3B39AN6YjX1c5W62GNb9V2DK5FKUNE3fRhF5fqK4nk26LtDqYICqJoIlW3Q0AsCLDO-JrYpzAz4s7jFs5QykzmMT_SmuOa3NCDHka69vkl-2RTzHjGwZXe7HiMv8iyWVg-NE6fwZaCUHrMjoZHu-18_LDMT3jF-8mMSo2cPESVwnef3KnKijC0OHs0Qx1muVtFn2SMM4Bh6K5-NYKlK6y0Ua8sHg9A7uh0lQph13-eeS6LNTZD1dTd_DH26NYtyU7JmSX1DFSVSK15FqS_IGu6iy11xPJG9SzgievfR5LdkU8MwzTy_OUgofzmK2alvRJCxtYc5S9Th3nJ7pzuMtlUR0fSXdJhVzcjbPQ1G9_yiWBscsMAxHSvcDkhUSxoBIV7kCpfZaN3n_EjEYE-anEjTTVbPTbpXSV2yIT3otDHtxD03677YvRrDQttDL1StkfDyPJvV2T1h0UHft3SknxNf9PBzjXI8uxlb3VPFjr68jUZQlyi4Rdb3cH9D4e6GmDsY5-E_5x0kMT_ss-iyj8-fWZIlWYZpNlF_mCzC1p2JFhwyt9uWHIdwk0yJOEAAEMoICsX54h3Rv5aSlotLCVIGD2niBHb_ByLRZJkCXlyVXI4j8eCcSu03ArKy7mvbgsk-MBk0qQOk6lic9z1uR94BpoSSEkWsw1wheLn3kV3T0IQS4GRx0DaLRnt48bcWU7jBXdhw1I0AetrLjxPVPDhvg0ht5mVY91hVSqo7rqa2O0ltJiyKJu8b_yu5zJ1Y4W6XcQxKNp-E2J91XWdKGv9jf7JKG9zvNm3xlwi-hRn0eIeyQy2LLHYuZrIjNhLPLIxBuJjbsX9H9nNRG5ntzyuZgm-CVO1KljDAGvDc6aQb5dpp1X8h-cYJlYSV9A95uhBWM6w7xo_UFHbx8phy5YTRfQwkV_jjq1xa9D8RezueJC53V4PK-7g4G0BJEEcpMc5ZPGC-8nT9XzUZuwaAbesljhk9hAkH4mB-87L-fP0tMy3ywiiP--4tFFRsiKQk-iQ5QQ07Ygitcrb1WRkN-s-msJtejHTJXJ9bToDy7t4kVNSbLmSKDR0ojwrxegmRghhdYfaQHF5_GEaXw9R-XaT4OdW8T571UTzvu8Y-25IM37wpvCVju75j3vi5hNyFIH4tHtV8UV5c77xtFlIonndl03GNVOyGVQ5V8Y1vkBxAZY4q6lIz1NejT_hLT-doh73uEIdtk0vTbSI6z86W5IO1et9-Dz0ssptBzaRLUR4Wdjy_8V_4tH6fTIKQQ60mLCt-foROurvVPSctXxJ-R4FF0k4YLMmARrnyNMZvrkqRlJM9yiPEvHGb3rhz8ANrIMzXgetn72kRD0F6vNgp2FTMO9Q3N0x-MP1Hs2KbJx3DAI1ge2Yo2MdpacOtTLAoFZFsgU7jQzvDQQQHKQxFX_2s05k-o6mIWoFmG6IP7YTRM1tIUL4miY_f2VdOuyoUi520lvgsa_tLLTkAHedPsdRN_R0L1Pv1sSBstnW89Dhi0xVnauENf2kWfUUzqpKiYh2ssaTM&cid=CAASJeRoxucweCLtcRRUymaxrQhYtb5larrTfRdgMvm8PiLI-92mk2g&rfl=2%2Chttps%253A%252F%252Fwww.ufa.kp.ru%242%2Chttps%253A%252F%252Fwww.ufa.kp.ru%252F%240

Requested by

Host: www.ufa.kp.ru
URL: https://www.ufa.kp.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

a3600e1c8745076994bd6475227b55060484ed3cef889414c45e82eb4414955a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34130
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8165 42 B
63 B 43ms
41ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AM1TUDwXAzSUl6IGH7J4Vc8doOT-87JmTxPLOK6VLJGsPWWSBU6QCSUu5wYX5WEoKvCyNCJZGzNs9nFOhk5hqn_pYd3ifHGzAuJ9ZA4C9PqT1OFCY

Requested by

Host: 74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com
URL: https://74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

skeleton.gif
static.adsafeprotected.com/ Frame 8165
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/1083870/64162025/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_dspID=3&ias_campId=1008206547&ias_pubId=pub-7172733408455692&ias_chanId=1&ias_placementId=176...
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=

43 B
483 B

9ms
9ms

Image
image/gif

2600:9000:2156:d000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: 74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com
URL: https://74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Server: 2600:9000:2156:d000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:14:35 GMT
via: 1.1 baaf38f0a0d54e4834bf934fa5189cea.cloudfront.net (CloudFront)
age: 29119608
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/gif
x-amz-cf-id: Bv12ryQInNboINpKQFO6I4b7rUJTHxYloiNQiSBj8ZJqfnTpyIqYCg==

Redirect headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:22 GMT
x-server-name: app03.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
cache-control: no-cache
content-length: 0
server: nginx

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/ Frame 8165 3 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/window_focus_fy2021.js

Requested by

Host: 74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com
URL: https://74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 16:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 279
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Jul 2022 16:56:43 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8165 137 KB
42 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com
URL: https://74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e49548c45f00bbfa0fda642d02b5e29b407004eacc2099e348da7cb38f477052

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43254
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1657132091081416"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 09 Jul 2022 17:01:22 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/ Frame 8165 17 KB
7 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com
URL: https://74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 16:54:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 403
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Jul 2022 16:54:39 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame FD6E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECbag7dcxEHX4SA5qb6u-JE&google_cver=1

43 B
911 B

34ms
33ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECbag7dcxEHX4SA5qb6u-JE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGIb4hs4BMAE&v=APEucNW_jXVFU2rftFcTOE6eD8lSkgvik-9lbIFYLqNjwlnp52nuenR5VDWo2askT3JvTe8AMwssVXRl57wr6GkDnC35MEad6P1EHyMUe5bykVY5JcFlhTL12WNH85JwowvXQt3_59Z_4DkADX2Ht13VG9Gjy4pDM-fb74ruLZMONbsUF0Uu81w
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 72829f060e93bbc2-FRA
pragma: no-cache
date: Sat, 09 Jul 2022 17:01:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6C1o9vQu1cjbR3%2BcVeutD9AcySHI9i5DX1otY7PfWRS6HBx7BxzrT%2BeIPUJQux%2FJL6MvJyJyOSSQTlEr%2BKp6kd9qF1QtQQgCsIiQNeSLUvwRce4isBwZpjrIPasfKvCkb6JdhK%2Bjx8lYlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECbag7dcxEHX4SA5qb6u-JE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame FD6E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ysm0YU0EHVdfA3nfhEX4.gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECbag7dcxEHX4SA5qb6u-JE&google_cver=1&google_hm=2

43 B
914 B

24ms
23ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECbag7dcxEHX4SA5qb6u-JE&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGIb4hs4BMAE&v=APEucNW_jXVFU2rftFcTOE6eD8lSkgvik-9lbIFYLqNjwlnp52nuenR5VDWo2askT3JvTe8AMwssVXRl57wr6GkDnC35MEad6P1EHyMUe5bykVY5JcFlhTL12WNH85JwowvXQt3_59Z_4DkADX2Ht13VG9Gjy4pDM-fb74ruLZMONbsUF0Uu81w
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 72829f065f0ebbc2-FRA
pragma: no-cache
date: Sat, 09 Jul 2022 17:01:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ec73Vr%2By8S8JcjzOo%2B2En4yUsBxe3G7msDmDodlzcBNc6jT22G0aw6Ndq3nEaN%2F%2BkFajjdLpz0AdWKiUWIP%2BEkj3CCYmNsUFy3QmUvB%2BuGlB8unBsBDkuAjqeT%2BOOBoGzYJKJ3puNJ31%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECbag7dcxEHX4SA5qb6u-JE&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame FD6E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESENCcWGbHGFsPMiR2z5hN9mY&google_cver=1

43 B
1016 B

19ms
19ms

Image
image/gif

37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESENCcWGbHGFsPMiR2z5hN9mY&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGIb4hs4BMAE&v=APEucNW_jXVFU2rftFcTOE6eD8lSkgvik-9lbIFYLqNjwlnp52nuenR5VDWo2askT3JvTe8AMwssVXRl57wr6GkDnC35MEad6P1EHyMUe5bykVY5JcFlhTL12WNH85JwowvXQt3_59Z_4DkADX2Ht13VG9Gjy4pDM-fb74ruLZMONbsUF0Uu81w

Protocol

HTTP/1.1

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 09 Jul 2022 17:01:22 GMT
X-Proxy-Origin: 80.255.10.204; 80.255.10.204; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 21cba846-7464-4972-be2b-e744efe35ec7
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESENCcWGbHGFsPMiR2z5hN9mY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FD6E
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMyOTg2MjM0Mjg2ODg5NzkyMQ%3D%3D

170 B
188 B

53ms
52ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMyOTg2MjM0Mjg2ODg5NzkyMQ%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 09 Jul 2022 17:01:22 GMT
X-Proxy-Origin: 80.255.10.204; 80.255.10.204; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: b7c7a679-020f-40a7-b017-101128de5672
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjMyOTg2MjM0Mjg2ODg5NzkyMQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 8165 106 KB
37 KB 24ms
8ms Script
text/javascript 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.ufa.kp.ru
URL: https://www.ufa.kp.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com/
Origin: https://74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 08:39:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30104
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 10 Jul 2022 08:39:38 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220706/r20110914/elements/html/ Frame 8165 8 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220706/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AAd6DgkoBYTFOXyGvIW6BgoG4mKlsducXuQBQyvCiHSNF_v6xwE9pBrRnslolGIUE3cgYaJrQ93CUeiDyoF7yncLYjvaOnqtwBFwECLlXU148xNi-F8bjC8UN9yYy6Cn7MOYizSrIgYgc7ZBJRYBf_r92n6Q&dbm_d=AKAmf-Bq8kgtD1Xip7YQlLVsbUEBAaeQAE1RTf63vS91nmNICDKrchCK9mY8rYlMO5Dlbqxblg9hXMEBS48HgONElw14qHzcf1zLjrGuvPPJDhk5bxGBzGJ3Rm6ljAK7vuN1bbOXHQNHfFm4V-bDLe2mNqr8r77CEALgldJzhrORvdtVh42PAY5c9bBvXbPp-iwXcJ0j3lk6EqMeUS02lJ1ELHVN1RExuv1Xx2J3CKugISZ0stgpRdqE3OXM_GoG9QbbkBXxC2ueI40K9YoEGiH-0B_CQTXTJBWQIbnXi7WhCeVAnjIMP0fIgBFpOuVIDYpM85OArrb1stQE5MNGQAwCTlZpvX2Kw_dJg91joG_qTJYvLK1Jfqbl1AX3b2Rn2alMo8Zo1OFBxa35mskXa84fdsk2iLPDx29CCrTLf0sK-KrJu3V0UcLb4-yToGTjiEpm7WYLDw_vgie65gbqUuda1ffRwxyjlqrU-Dry-Ziqcsp4tzOi6C6deAPC2sQYSYYC-Eurz7GkmOTmwy2-rJYtwwG_7D0HE9adAqtOJqh_jhxMNgCIMqg4IAKXn5Do6j5RUaNvK6Hh3NExncYV1CbOezXgZ2w-g8sGDHxEFdAYKAZAGO6SCDzWRNvo2kXaMVH1nyyMSHe-AO0CY1UHmWcWj3m_TEEKrSTm4jMgEhIYqUT3pzOXKbSKJ-ufqOZswTEFZohtUIH329CzrzoLzCewXnNZr6iaZss3v4maXrT_vVX1YLgh3ZOBq_DiZ-2OamXC6vV0svrShoelNwZJCwraTbQaJKermYMii63HvBjUY10y86QxG66_roXey5UJXQF1ljeMk2AgR_K18SdJgjvO2j8c3SChFFZwiEfUEvIL763EHAiJi19GCBM6_j5OYWSE5KcG2u8hMY9Iv-JchCZUNVpAdyCzrFc2UOkVHHAZk1lkYKuKqXOytFBUjGh23PPoRP5My-PkrKSOlRwuPWyx-HFx-_Jubirmb1xMXrcIlnSOPpZUULJCOGDyNP1He8vId9_VUClecA7qFp5TWY0IJHvVsAkSAwmTXnZmYwWvudMYFQNg4yh3-SF7AasrewPp9ZNdzy-hk54dVV_7Z4InlcXOhvGppk9bg8YjRkuJedIrIdwj1WZ62fFITIIAM1hitxiO0j1GSwoXx1V2SHbBybiRo_zLAFm_Fn0JyIrHAYhk9z3-Ud8vKVqI7kTQn9gATs0gr-ZYgqZI8V2chfehGVXXxMLKVgRQq59-QUMRD5f5rWO4c2TWd5GjQknHg5gIWBa8lu-g2fl3dIqxfYfisxPCzAMXYsTganB0oo-9uV49EXC05PzDt1aIZHHClKS5O5Kug2_27mTjKbwrjdb3wWaxzO3i_NRcvKYuQ7PopQnPlvzJL3KBsXKM6zs0ENYA1uePT33zs8HMz58vzEBFb-IqDxjBUKeVxZdzfhMS_CEhfuwYVoeEwxMJQ_iEnKpgE9J8TP80a8hOXnfk3G-rD8sP6dG1B-YNmNPxIoS2DOorAacta2MlY5-WO4z6NMGpm9uFvbEiHPGm0boXOqxconHAO8ATkK81rE9pcv7M2CUTSDYaDNkdvIXI73h3aQSsyGd2nznH1dcacOqaLG2QvW6xc2Z64itM9Bx4yNHOzDcS6QbrGW1Pym6gN1p_sVhe8STfxQWtF1Yi5vFkWJMTImQ7srC_Q4NqOuNL7LW0TCQqnR7jAYeG67TzM5i5UPegvjzX1X6nRgRSJnC35nwSPYQ3whrnsMh5Jm_vG4fkeHQumdWP56kR83_ZrUU3ZFzwJx_0lkg0tvyzjE7r2Z3SAdwjRsiZzchqT1IDlUDIMj1v3B39AN6YjX1c5W62GNb9V2DK5FKUNE3fRhF5fqK4nk26LtDqYICqJoIlW3Q0AsCLDO-JrYpzAz4s7jFs5QykzmMT_SmuOa3NCDHka69vkl-2RTzHjGwZXe7HiMv8iyWVg-NE6fwZaCUHrMjoZHu-18_LDMT3jF-8mMSo2cPESVwnef3KnKijC0OHs0Qx1muVtFn2SMM4Bh6K5-NYKlK6y0Ua8sHg9A7uh0lQph13-eeS6LNTZD1dTd_DH26NYtyU7JmSX1DFSVSK15FqS_IGu6iy11xPJG9SzgievfR5LdkU8MwzTy_OUgofzmK2alvRJCxtYc5S9Th3nJ7pzuMtlUR0fSXdJhVzcjbPQ1G9_yiWBscsMAxHSvcDkhUSxoBIV7kCpfZaN3n_EjEYE-anEjTTVbPTbpXSV2yIT3otDHtxD03677YvRrDQttDL1StkfDyPJvV2T1h0UHft3SknxNf9PBzjXI8uxlb3VPFjr68jUZQlyi4Rdb3cH9D4e6GmDsY5-E_5x0kMT_ss-iyj8-fWZIlWYZpNlF_mCzC1p2JFhwyt9uWHIdwk0yJOEAAEMoICsX54h3Rv5aSlotLCVIGD2niBHb_ByLRZJkCXlyVXI4j8eCcSu03ArKy7mvbgsk-MBk0qQOk6lic9z1uR94BpoSSEkWsw1wheLn3kV3T0IQS4GRx0DaLRnt48bcWU7jBXdhw1I0AetrLjxPVPDhvg0ht5mVY91hVSqo7rqa2O0ltJiyKJu8b_yu5zJ1Y4W6XcQxKNp-E2J91XWdKGv9jf7JKG9zvNm3xlwi-hRn0eIeyQy2LLHYuZrIjNhLPLIxBuJjbsX9H9nNRG5ntzyuZgm-CVO1KljDAGvDc6aQb5dpp1X8h-cYJlYSV9A95uhBWM6w7xo_UFHbx8phy5YTRfQwkV_jjq1xa9D8RezueJC53V4PK-7g4G0BJEEcpMc5ZPGC-8nT9XzUZuwaAbesljhk9hAkH4mB-87L-fP0tMy3ywiiP--4tFFRsiKQk-iQ5QQ07Ygitcrb1WRkN-s-msJtejHTJXJ9bToDy7t4kVNSbLmSKDR0ojwrxegmRghhdYfaQHF5_GEaXw9R-XaT4OdW8T571UTzvu8Y-25IM37wpvCVju75j3vi5hNyFIH4tHtV8UV5c77xtFlIonndl03GNVOyGVQ5V8Y1vkBxAZY4q6lIz1NejT_hLT-doh73uEIdtk0vTbSI6z86W5IO1et9-Dz0ssptBzaRLUR4Wdjy_8V_4tH6fTIKQQ60mLCt-foROurvVPSctXxJ-R4FF0k4YLMmARrnyNMZvrkqRlJM9yiPEvHGb3rhz8ANrIMzXgetn72kRD0F6vNgp2FTMO9Q3N0x-MP1Hs2KbJx3DAI1ge2Yo2MdpacOtTLAoFZFsgU7jQzvDQQQHKQxFX_2s05k-o6mIWoFmG6IP7YTRM1tIUL4miY_f2VdOuyoUi520lvgsa_tLLTkAHedPsdRN_R0L1Pv1sSBstnW89Dhi0xVnauENf2kWfUUzqpKiYh2ssaTM&cid=CAASJeRoxucweCLtcRRUymaxrQhYtb5larrTfRdgMvm8PiLI-92mk2g&rfl=2%2Chttps%253A%252F%252Fwww.ufa.kp.ru%242%2Chttps%253A%252F%252Fwww.ufa.kp.ru%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 16:57:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 234
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Jul 2022 16:57:28 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220706/r20110914/ Frame 8165 27 KB
10 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220706/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8247e71c60f01cce914615568139113018a1a129dceb0fe0af55edb0211b8fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 16:59:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 110
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10545
x-xss-protection: 0
server: cafe
etag: 4672069523611413616
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Jul 2022 16:59:32 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0493 42 B
64 B 43ms
43ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuAJoc1lHl5-0wEkLFXRFAxBA_FQRlkWqV8R7R92q7GcNDkn6SRJl1HvofXS5lDd9EdQnf_DE_znikNuGO25ISBzvxxeRMGZv9XkSARDqIpHUiOia8eJGa_ZiXbsWbouYH2eURqtHoI1Sr_1w&sai=AMfl-YQ3igxbwrpQN-5oHG1Zh5G9PtDriiWomgJlq0Pxphp0rWL31Q9ObJU4njQ3zFERmqC00GJwotdzB_Lmdh6yIZF-L69PLPHMtiMJ1FgudrOfZDYBQXXHZMkEUviPVW0&sig=Cg0ArKJSzMIUcAMSOFQGEAE&cid=CAASJ-RoEQBW-h8PDN1sec05WlWe0vh1eKgWBX7OfQgL_Alw2-adhCgKig&id=lidar2&mcvt=1000&p=389,1529,429,1570&mtos=1000,1000,1000,1000,1019&tos=1000,0,0,0,19&v=20220706&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4130042211&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1657386080962&rpt=276&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8165 41 KB
15 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com
URL: https://74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 11:50:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 450664
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Jul 2023 11:50:18 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 91BF 1 KB
749 B 9ms
9ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com
URL: https://74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 40058
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Jul 2022 05:53:44 GMT
etag: 48472445140208031
expires: Sun, 10 Jul 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8165 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 196f21daf4db2fe8554fb7efcde48a7c4d027da750cf7421a698f7e37ea4516e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame C23F 22 KB
8 KB 8ms
8ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 450663
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 11:50:19 GMT
expires: Tue, 04 Jul 2023 11:50:19 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/6763682074198253615/300x600_RTB30/ Frame E960 11 KB
4 KB 8ms
7ms Document
text/html 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6763682074198253615/300x600_RTB30/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e37cc949a45bfd79a301489a44230708b7d37d05023e429395c9adfbbda5b0ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 154492
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3893
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Jul 2022 22:06:30 GMT
expires: Fri, 07 Jul 2023 22:06:30 GMT
last-modified: Tue, 28 Jun 2022 09:54:43 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8165 0
27 B 53ms
53ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu7Cq-R5EleiRYtk5sBculqr90HiyshG7Rc94j-xiQ9dxUEI-qp3PJnHcNrbRMJ2MXXStZjj-sq-WcjAymg76_Ak8EanD9oTkRy97DZcmV-n2ffsSaQt3VLHOeaMS0hnSxzqnlT5Y22zheoc_vC8h_NS-IrH4pZDtDRaubufIVOCOTeEkvtKML_Q-rsKlY_en8rYi6ZBuu05bytdGx5NHOU2goZfLpcwuzpwGR3kbhRImOIKzxibObfN0NX2PAPvy5WaAQnzXszTz5NGMGYcK_EHAzQmIWkPq-jJqHesQRXfKfWWe4gx-GL3Rhme8EAhZoK7YkdXoDpZCKjIiziBjWBmdmSSOMFeuts2y443DPumimaae7a06oJG3KP6vEsTuWNktLBIGPPMZdR_maF2aPSVyGtIahM4iiPqCrwlRx0scgbvhMOoZltYlQFPEQCcERL3Qrh11xRz2ObIDVcLNuUPdUbkC_NlV1aXU1eesLR7nOfosM6mYQ9cvKcwOuBlW_1zdW5XTIhXzESSB3As5fvc7yLr8mjjhspPn0WsbKV8IxqjyTJdBPN-PqikNRvGk_D8oj_qgnBGkeqUIQdjuyTEp3jVIj3rrQi2YQ81dwhQ09f9rBlsc4vFUnXKf92Kut9UfXpxWdhS1Ej4zaU3l3err7WTnX0oWJx-T7ZipqPp6vQFr1kwDKHF8ZontUYQQ_v2vZHhatT8hTcpZ1GgGVDzRDpYv5BrgjKvXLpULsp2kar645T7o7IJyNWclSz1_7b-RVSUmYAEB6h88Gc3z0GrzfEpLudEWmy0cteY6k3HFJC6Ah4xCcdB1X23Rv4Z-0O1M_YlviQ3TEA8cVGehZaIN5YOMnrAiFQGqvjjR0ogZ9vMPmvVmI1PsR6aSeTeC_xFD5aDrAiv9Hm_UV0D1r20XJvvTOlSAsC88DCgktP2iLz7Em-hDB-6vJsOnjYRcKVIwT1eKiCOFU3UaIch7Yr72n_T438ySLUpb9d-QrRc_OUSy5Vdbp3DuaHuT90qukIl9dbRR4SsCBIwNkOQSwFcsbFpg5py88AJ-Z4tPnZsKugAi2KDHGRCsiF29JrwwUjHIy9klXumqxN5yh9zIibpbJBXaQ-ld_NOBWUn91yCwhkg6zB6jvNBoSMZuUgH2AkQmBrlYfLD6PXdOojUZUAqkJV7FvNDLgrKTWPwWxK0gIb7Ekr5gIowzbTxokM-iUIYLkYoYkmF3_iKri5OkRYsLdaJA2LmahMz4wA1ifMcXr3NARt_JB9W6mcasBbUP83hVfOTYIrXcdmCT32HWMd&sai=AMfl-YT42REXI3Cn4La2t6toH6KHP5rTDTmqYoXfzFXR2eZu1ja-WZP3025RDuo-9JpPD18UUPoo_s1tQntxJ7rVSpFyCDCN3OoKfEW-XT47-AB6adTZu9E5bNReAlGROWj40XDfBVhGiU--17qTPmYoo1-zEKs4p4ZFq6A2o9DQHAaJNMNTtDQEjTHZHWquf6WXEkyQpCtMYyUQTCuFFR3vOhOr&sig=Cg0ArKJSzIs9Xp0UEVi_EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=52&cbvp=1&cstd=49&cisv=r20220706.25797&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: www.ufa.kp.ru
URL: https://www.ufa.kp.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Sat, 09 Jul 2022 17:01:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 8165 43 B
946 B 66ms
25ms Image
image/gif 213.202.235.9
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvApi=sky-dv360&extProvId=300&extPu=sky-dv360&extLi=1008206547&extPm=432126982&extCr=17610765076&gdpr=&gdpr_consent=&rnd=224850707

Requested by

Host: 74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com
URL: https://74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.202.235.9 Herrischried, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
Pragma: no-cache
X-ET-Code: 0
Last-Modified: Sa, 09 Jul 2022 05:01:22 GMT
Server: Microsoft-IIS/8.5
Date: Sat, 09 Jul 2022 17:01:21 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 923
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK event
skydeutschland.demdex.net/ Frame 8165 42 B
964 B 39ms
38ms Image
image/gif 54.154.32.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=173856896&d_placement=339726501&d_campaign=28084662&d_bust=224850707&gdpr=&gdpr_consent=

Requested by

Host: 74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com
URL: https://74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.154.32.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-154-32-144.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v036-0bbb11b84.edge-irl1.demdex.com 6 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 1H6qkgReQxk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 91BF
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESED4DVQj1DqpAZ5dYnq-jaSk&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESED4DVQj1DqpAZ5dYnq-jaSk&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=b2pScDV4NFUxT2FkUEE1&google_gid=CAESED4DVQj1DqpAZ5dYnq-jaSk&google_cver=1&google_push=AehlK4D4ietfy2xIB8vzjXpTRqsG_sswifNrb-bX5tnWLpJ...

170 B
188 B

57ms
57ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=b2pScDV4NFUxT2FkUEE1&google_gid=CAESED4DVQj1DqpAZ5dYnq-jaSk&google_cver=1&google_push=AehlK4D4ietfy2xIB8vzjXpTRqsG_sswifNrb-bX5tnWLpJMQoPxpThBMEsFX2zHBr-GsVmvc9KHvGhHB9It-BfpbYikg1k_95E

Requested by

Host: 74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com
URL: https://74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 09 Jul 2022 17:01:21 GMT
Server: PingMatch/658332f#658332fc5aaa95d8a9be88d89d84d3c319923363 i-046b02221141da501@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=b2pScDV4NFUxT2FkUEE1&google_gid=CAESED4DVQj1DqpAZ5dYnq-jaSk&google_cver=1&google_push=AehlK4D4ietfy2xIB8vzjXpTRqsG_sswifNrb-bX5tnWLpJMQoPxpThBMEsFX2zHBr-GsVmvc9KHvGhHB9It-BfpbYikg1k_95E
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 91BF
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEJu4SSmLzimtKQT-0xYgxDs&google_cver=1&google_push=AehlK4CalPs5WLGLkPk6UPdcSs65Rw4gtfFRxjC7cSEpPy_imYZ4oyZCdnIr4QRRE3MD80-Vml5z3q7kiQnmt8GBLs1A5dM6tcc&r...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJu4SSmLzimtKQT-0xYgxDs&google_cver=1&google_push=AehlK4CalPs5WLGLkPk6UPdcSs65Rw4gtfFRxjC7cSEpPy_imYZ4oyZCdnIr4QRRE3MD80-Vml5z3q7kiQnmt8GBLs1A5dM6tcc...

43 B
411 B

196ms
195ms

Image
image/gif

2606:4700:4400::6812:230b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJu4SSmLzimtKQT-0xYgxDs&google_cver=1&google_push=AehlK4CalPs5WLGLkPk6UPdcSs65Rw4gtfFRxjC7cSEpPy_imYZ4oyZCdnIr4QRRE3MD80-Vml5z3q7kiQnmt8GBLs1A5dM6tcc&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4CalPs5WLGLkPk6UPdcSs65Rw4gtfFRxjC7cSEpPy_imYZ4oyZCdnIr4QRRE3MD80-Vml5z3q7kiQnmt8GBLs1A5dM6tcc%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700:4400::6812:230b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:22 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 72829f07efcf90af-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:22 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 348
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 72829f069e7290af-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJu4SSmLzimtKQT-0xYgxDs&google_cver=1&google_push=AehlK4CalPs5WLGLkPk6UPdcSs65Rw4gtfFRxjC7cSEpPy_imYZ4oyZCdnIr4QRRE3MD80-Vml5z3q7kiQnmt8GBLs1A5dM6tcc&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4CalPs5WLGLkPk6UPdcSs65Rw4gtfFRxjC7cSEpPy_imYZ4oyZCdnIr4QRRE3MD80-Vml5z3q7kiQnmt8GBLs1A5dM6tcc%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 91BF 0
173 B 55ms
16ms Image
text/plain 34.96.105.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEKzhEFLUzLNLyuroOkdxKkk&google_cver=1&google_push=AehlK4AoQ-jDsan2dNCGH9ell0k8gMOU7VkMMMEWOpjX-cfcbm1BPgweGjz1JwSi81j1qn9OftfWv75NNCUZ9da9S2d2Art8tTY
Requested by: Host: 74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com
URL: https://74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:22 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 91BF
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEKnItgLz6MKvXGHR5xG0rOk&google_cver=1&google_push=AehlK4DJbuYf0IQeC1F3f6rQLISB05qcOHM_mI3U7rWn8JXTyHB6xtzsAvGlONmtkPN8dYlz5lmoD3-f776JepW5...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=NpLWTUBiTLyeuMcLB25ATg2&google_push=AehlK4DJbuYf0IQeC1F3f6rQLISB05qcOHM_mI3U7rWn8JXTyHB6xtzsAvGlONmtkPN8dYlz5lmoD3-f776JepW5yING50RWCw

170 B
188 B

51ms
51ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=NpLWTUBiTLyeuMcLB25ATg2&google_push=AehlK4DJbuYf0IQeC1F3f6rQLISB05qcOHM_mI3U7rWn8JXTyHB6xtzsAvGlONmtkPN8dYlz5lmoD3-f776JepW5yING50RWCw

Requested by

Host: 74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com
URL: https://74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 09 Jul 2022 17:01:22 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=NpLWTUBiTLyeuMcLB25ATg2&google_push=AehlK4DJbuYf0IQeC1F3f6rQLISB05qcOHM_mI3U7rWn8JXTyHB6xtzsAvGlONmtkPN8dYlz5lmoD3-f776JepW5yING50RWCw
x-host: tde-deliveryengine-production-78dd496b74-mkp8x
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 91BF
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEAhnl9H_ms282tFlitERxI&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEAhnl9H_ms282tFlitERxI&google_hm=Ysm0YU0EHVdfA3nfhEX4-gAABHMAAAIB&google_nid=index&google_push=AehlK4BdrbJ0b3Lg7LZnxoFW-2cCAsQZkwUO_...

170 B
188 B

19ms
18ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEAhnl9H_ms282tFlitERxI&google_hm=Ysm0YU0EHVdfA3nfhEX4-gAABHMAAAIB&google_nid=index&google_push=AehlK4BdrbJ0b3Lg7LZnxoFW-2cCAsQZkwUO__F_e0zB55XCeqlYG2r7QJUV0WalDltru-TrsynQRPl9tjl15G-0PRt7-VabVXs

Requested by

Host: 74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com
URL: https://74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nd9JQf8HlIU%2FrgeezYsUmgFLmgt3HB31hJ8yW1T6RefV7wxkx6tHSmGzE%2FV3Dc%2FpGf5ZPqkAcBz7%2FsqFxSgZBTvWvfLUAfVJwW7sVHgmO0mWWEIWJw3oItct7bULA%2BBHsX4Oa1KvKxUx5g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEAhnl9H_ms282tFlitERxI&google_hm=Ysm0YU0EHVdfA3nfhEX4-gAABHMAAAIB&google_nid=index&google_push=AehlK4BdrbJ0b3Lg7LZnxoFW-2cCAsQZkwUO__F_e0zB55XCeqlYG2r7QJUV0WalDltru-TrsynQRPl9tjl15G-0PRt7-VabVXs
cache-control: no-cache
cf-ray: 72829f06ae855b92-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 91BF
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEI...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AehlK4Cxk73AggeRDQrsoy2wdnmwaUZkxhUsdgIUWX76GE3O0F1mtGYfXLOyuEPeW9BqnHwq0g-EwgSJzpeKStTkKBq3VSYUyaU&redir=https%3A%2F%2Fcm.g.double...
https://sync.targeting.unrulymedia.com/csync/RX-9cfec7d6-89db-49f7-ac93-538535091cb6-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAehlK4Cxk73AggeRDQrsoy2wd...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4Cxk73AggeRDQrsoy2wdnmwaUZkxhUsdgIUWX76GE3O0F1mtGYfXLOyuEPeW9BqnHwq0g-EwgSJzpeKStTkKBq3VSYUyaU&google_hm=A5z-x9aJ20n3rJNThTUJHLY

170 B
188 B

18ms
18ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4Cxk73AggeRDQrsoy2wdnmwaUZkxhUsdgIUWX76GE3O0F1mtGYfXLOyuEPeW9BqnHwq0g-EwgSJzpeKStTkKBq3VSYUyaU&google_hm=A5z-x9aJ20n3rJNThTUJHLY

Requested by

Host: 74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com
URL: https://74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4Cxk73AggeRDQrsoy2wdnmwaUZkxhUsdgIUWX76GE3O0F1mtGYfXLOyuEPeW9BqnHwq0g-EwgSJzpeKStTkKBq3VSYUyaU&google_hm=A5z-x9aJ20n3rJNThTUJHLY
date: Sat, 09 Jul 2022 17:01:22 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX9cfec7d689db49f7ac93538535091cb6003
content-type: text/html

GET
H3 200 dot.gif
s0.2mdn.net/ Frame 91BF 43 B
65 B 18ms
18ms Image
image/gif 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEJwEYZUoHyFlyrAT0mImIlM&google_cver=1&google_push=AehlK4BYMYodjx3EXzgvYOQPcAmSRFLNLt0bqR6Ky3xFs0xhztR2oJF5Qbr1JifcluIdA8c5nf7UUpnWqFSDzwG_djq8O05hyBvl

Requested by

Host: 74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com
URL: https://74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 10 Jul 2022 17:01:22 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 91BF 0
12 B 17ms
16ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13INNi1bfXg3WnzR94jXPSHNiU1eQC-oMnqB8NsQ4zc2XO70x52PwlWutoNjUX_t6wtkxl1EWQ

Requested by

Host: 74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com
URL: https://74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:22 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame E960 236 KB
63 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6763682074198253615/300x600_RTB30/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6763682074198253615/300x600_RTB30/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Jul 2022 17:01:22 GMT

GET
H3 200 index.js Show response
s0.2mdn.net/sadbundle/6763682074198253615/300x600_RTB30/ Frame E960 50 KB
10 KB 11ms
10ms Script
application/x-javascript 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6763682074198253615/300x600_RTB30/index.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6763682074198253615/300x600_RTB30/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e18d2929358614016c3a29a472abe77528fa5c1267bfe45276112d2726a4d092

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6763682074198253615/300x600_RTB30/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 22:06:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 154492
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10678
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 09:54:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 07 Jul 2023 22:06:30 GMT

GET
H3 200 PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js Show response
pagead2.googlesyndication.com/bg/ Frame C23F 36 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c12f2da086c2408f3f1255b457b7798f793cf77f792c14c66fdbb9bf3c3eaa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 14:55:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7529
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13888
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Jul 2023 14:55:53 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
18 B 73ms
72ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=5d171793d89d4cb2&pm=bmp&pxo=MFqK4PiMPHOxqwX-ahm3k2XCPc6ge3fxMM7r9WL7xOwyJiz2jsaF_fysdqNUAHCfBjeH1CkwARV-uJb4ZqoqP23Ndqxl8DAVN-F7vlXd6jaNmWGN0nX6WzQT-jWJqf9rOs5dpMmnzeHrvAtolw8H77VJbfPTS2CcmNZa8SW3OcgzK0kTyQ%3D%3D&p5=gwdbk&ad-session-id=9960471657386079975&utg=oxum&lts=fjmwgom&ytt=424413099065349&ybv=0.612100&ylv=0.612100&dl=https%3A%2F%2Fwww.ufa.kp.ru%2F%3F&rtb-si=b&p2=gftf&rand=cjzmhon&sj=jH9oyGzHgyaDhoybOQK_PW2DR148gHyJHlZdVr9nLahr76v0uU3UiAEj6vWh-A%3D%3D&puid1=adv-1657386079927-66&pr=hfnuxqp&p1=cdinl&rqs=YJCM2sHShn1gtMliGDQkCijhkadxvyD2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:22 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Jul 2022 17:01:22 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H3 200 bg_wow.jpg
s0.2mdn.net/sadbundle/6763682074198253615/300x600_RTB30/images/ Frame E960 2 KB
2 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6763682074198253615/300x600_RTB30/images/bg_wow.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6763682074198253615/300x600_RTB30/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

234f1949a1b02416dcc009a5d47817b02037d76878e1569c597235aa75f14025

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6763682074198253615/300x600_RTB30/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 22:06:30 GMT
x-content-type-options: nosniff
age: 154492
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1854
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 09:54:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 07 Jul 2023 22:06:30 GMT

GET
H3 200 K1.jpg
s0.2mdn.net/sadbundle/6763682074198253615/300x600_RTB30/images/ Frame E960 23 KB
23 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6763682074198253615/300x600_RTB30/images/K1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6763682074198253615/300x600_RTB30/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25fe52443f527062549bb7a398b41a165bd4fd2c9e3eec1e72af83591f544460

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6763682074198253615/300x600_RTB30/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 22:06:30 GMT
x-content-type-options: nosniff
age: 154492
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23860
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 09:54:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 07 Jul 2023 22:06:30 GMT

GET
H3 200 K2.jpg
s0.2mdn.net/sadbundle/6763682074198253615/300x600_RTB30/images/ Frame E960 36 KB
37 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6763682074198253615/300x600_RTB30/images/K2.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6763682074198253615/300x600_RTB30/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e900f2f0a89349c3614b9551095efe169f77b922c26b6678a75767f4003551b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6763682074198253615/300x600_RTB30/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 22:06:30 GMT
x-content-type-options: nosniff
age: 154492
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37372
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 09:54:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 07 Jul 2023 22:06:30 GMT

GET
H3 200 K3.jpg
s0.2mdn.net/sadbundle/6763682074198253615/300x600_RTB30/images/ Frame E960 36 KB
36 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6763682074198253615/300x600_RTB30/images/K3.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6763682074198253615/300x600_RTB30/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a377872901931ae8060a099466446e6f2146940fae4047c29389bbcabf5c1715

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6763682074198253615/300x600_RTB30/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 22:06:30 GMT
x-content-type-options: nosniff
age: 154492
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37283
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 09:54:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 07 Jul 2023 22:06:30 GMT

GET
H3 200 K4.jpg
s0.2mdn.net/sadbundle/6763682074198253615/300x600_RTB30/images/ Frame E960 28 KB
29 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6763682074198253615/300x600_RTB30/images/K4.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6763682074198253615/300x600_RTB30/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

647a7d8e86b97b6af333b3647fbb8dd16b09ef585a4c448e130fb2238103eabc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6763682074198253615/300x600_RTB30/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 22:06:30 GMT
x-content-type-options: nosniff
age: 154492
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29167
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 09:54:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 07 Jul 2023 22:06:30 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C23F 0
20 B 46ms
46ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BUEpZYrTJYtHxDJS13gP8la1IAAAAADgB4AQC&bg=!ICOlI2fNAAaYcLjmuHA7ACkAdvg8WsTS0HRtdWPanv9-KPF9BcSWSqapmyhy08NXuax1ixYCQNKeCgIAAABRUgAAAAJoAQeZAw1zIHwOuaxRGG1_gKJTC96voLIpzrWJQB4RhHhP_bLfMRQ2Upn4gFbWr4TRAc41sdq_yZ6D4tafx7zJzh2emwkqWIpAllAktfqAVtphlJmryraFXJ6i64002zpL-hOcGIHS1XT42dr0PsUNyDeNub9XQxihLx7rfzHQ4Wr-8auYUCXAJeZwGmV4TzCeANLZivv9kTakCshBVLsOpq6C6ge1icdMsEQM5WkVq6tDNRBg95s4ZaGVOxCQFsh3PbGDVsQLfGrH48Q8iFJOQVhxQQGF1fkKaT7uxeaRVPA2GQrFEh8Gsu5dprCSSOsLrElPaYADp4Ie0bDVzMvRCPy-Rr-Q2dPI-v3cjLfZbxBfpTkjkWxomO8EW35olF706P_0ggX14TJuWoByRGDapvDx61bxos45ZrL7AFNrlCnJ25FYgrm-t-IbJJ5hV9T-Chz4oH6b_rxIUu0H6kIsUAfFki6G0hFQ9WcK_MDzOGYff3zuACbXlmkpELlG-tmnSu3m2pqoKTfUDhaW_M33ex7fD9EO38uovAWvxEtVdF-XiA3Ptctx4doMJBrqKos3n81y4_NAge8gSPV-5JtOatONUNpSiX7zkF7CpDmU3b37HdtfPPM0y3XAKaXoZxDCzn4F2rUCsudjZBDoNreZa6DP83XXu2bHblooY6tSUYdkQYMjsBnIWN73QCfYG7X9oiNe0crblIPqRUNVbJqaAHL3zS52upyzvNIfJUg2GtYuH1OeA8qLHzkDZV3CZDtaPcUIVFPxdoVIg9wzGOhPbGHxuKB9tyqE4kY4L9UxwYxZEV7TW5IKkQITH_KAofPLMG9r54gm7lYz4zHEf9fSU9qEsl5XzlcppEbj6KL0Jx2iA465WSZwa3VllUZu77lrP0pI8MUaLffRErYDvYeHLJtIryBB2xUD6DTJ7spCZiiCI9sz7qBylUaBEpqD0JcMHLb3WslZ_DMATAztOm9mmgOTEa3BlDHZqPm4kmBSa4cOxIj1P15Ac3d9FLYGrhBB6u1M2M5U5S8LdJXmIx_UkH2w

Requested by

Host: 74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com
URL: https://74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Logo_WOW_FX1.png
s0.2mdn.net/sadbundle/6763682074198253615/300x600_RTB30/images/ Frame E960 19 KB
19 KB 8ms
8ms Image
image/png 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6763682074198253615/300x600_RTB30/images/Logo_WOW_FX1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6763682074198253615/300x600_RTB30/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

684ed0719810bd7bc3f29fde539e37010b41205ef9a0aa5f4196a6ddcd2bff07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6763682074198253615/300x600_RTB30/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 22:06:30 GMT
x-content-type-options: nosniff
age: 154492
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19336
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 09:54:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 07 Jul 2023 22:06:30 GMT

GET
H3 200 Logo_WOW_FX_end.png
s0.2mdn.net/sadbundle/6763682074198253615/300x600_RTB30/images/ Frame E960 22 KB
22 KB 9ms
8ms Image
image/png 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6763682074198253615/300x600_RTB30/images/Logo_WOW_FX_end.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6763682074198253615/300x600_RTB30/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6edd82367522384c89340b46118764d39a1a788e644f89af52fd9f992dad9d81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6763682074198253615/300x600_RTB30/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 22:06:30 GMT
x-content-type-options: nosniff
age: 154492
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22707
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 09:54:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 07 Jul 2023 22:06:30 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8165 0
26 B 46ms
46ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu7Cq-R5EleiRYtk5sBculqr90HiyshG7Rc94j-xiQ9dxUEI-qp3PJnHcNrbRMJ2MXXStZjj-sq-WcjAymg76_Ak8EanD9oTkRy97DZcmV-n2ffsSaQt3VLHOeaMS0hnSxzqnlT5Y22zheoc_vC8h_NS-IrH4pZDtDRaubufIVOCOTeEkvtKML_Q-rsKlY_en8rYi6ZBuu05bytdGx5NHOU2goZfLpcwuzpwGR3kbhRImOIKzxibObfN0NX2PAPvy5WaAQnzXszTz5NGMGYcK_EHAzQmIWkPq-jJqHesQRXfKfWWe4gx-GL3Rhme8EAhZoK7YkdXoDpZCKjIiziBjWBmdmSSOMFeuts2y443DPumimaae7a06oJG3KP6vEsTuWNktLBIGPPMZdR_maF2aPSVyGtIahM4iiPqCrwlRx0scgbvhMOoZltYlQFPEQCcERL3Qrh11xRz2ObIDVcLNuUPdUbkC_NlV1aXU1eesLR7nOfosM6mYQ9cvKcwOuBlW_1zdW5XTIhXzESSB3As5fvc7yLr8mjjhspPn0WsbKV8IxqjyTJdBPN-PqikNRvGk_D8oj_qgnBGkeqUIQdjuyTEp3jVIj3rrQi2YQ81dwhQ09f9rBlsc4vFUnXKf92Kut9UfXpxWdhS1Ej4zaU3l3err7WTnX0oWJx-T7ZipqPp6vQFr1kwDKHF8ZontUYQQ_v2vZHhatT8hTcpZ1GgGVDzRDpYv5BrgjKvXLpULsp2kar645T7o7IJyNWclSz1_7b-RVSUmYAEB6h88Gc3z0GrzfEpLudEWmy0cteY6k3HFJC6Ah4xCcdB1X23Rv4Z-0O1M_YlviQ3TEA8cVGehZaIN5YOMnrAiFQGqvjjR0ogZ9vMPmvVmI1PsR6aSeTeC_xFD5aDrAiv9Hm_UV0D1r20XJvvTOlSAsC88DCgktP2iLz7Em-hDB-6vJsOnjYRcKVIwT1eKiCOFU3UaIch7Yr72n_T438ySLUpb9d-QrRc_OUSy5Vdbp3DuaHuT90qukIl9dbRR4SsCBIwNkOQSwFcsbFpg5py88AJ-Z4tPnZsKugAi2KDHGRCsiF29JrwwUjHIy9klXumqxN5yh9zIibpbJBXaQ-ld_NOBWUn91yCwhkg6zB6jvNBoSMZuUgH2AkQmBrlYfLD6PXdOojUZUAqkJV7FvNDLgrKTWPwWxK0gIb7Ekr5gIowzbTxokM-iUIYLkYoYkmF3_iKri5OkRYsLdaJA2LmahMz4wA1ifMcXr3NARt_JB9W6mcasBbUP83hVfOTYIrXcdmCT32HWMd&sai=AMfl-YT42REXI3Cn4La2t6toH6KHP5rTDTmqYoXfzFXR2eZu1ja-WZP3025RDuo-9JpPD18UUPoo_s1tQntxJ7rVSpFyCDCN3OoKfEW-XT47-AB6adTZu9E5bNReAlGROWj40XDfBVhGiU--17qTPmYoo1-zEKs4p4ZFq6A2o9DQHAaJNMNTtDQEjTHZHWquf6WXEkyQpCtMYyUQTCuFFR3vOhOr&sig=Cg0ArKJSzIs9Xp0UEVi_EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=235&vt=11&dtpt=183&dett=3&cstd=49&cisv=r20220706.25797&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: www.ufa.kp.ru
URL: https://www.ufa.kp.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Jul 2022 17:01:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4DA6 0
0 77ms
76ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022070601&jk=1111535227693978&bg=!29il2JzNAAaYcLjmuHA7ACkAdvg8WlNG6uyDXtTFTuIaaePfefx1CGlY0hUKaNhM8AaRjE6IlhwoQAIAAABNUgAAAAJoAQcKAMolYMevc49F-UQEuHfQuUPAHp8TG4QZQQOIhimafpTpBLNgUOIW6i5UutlA0HJbXAXo_EVqu6BoahorH10Y8_0sYwy8Il1LiP4HT6m7ZaFc9wO1lz7eU75lCfOWSZQUfYSPqSNdUV9Fg38tyaKjDQ_xVqtIAA49e-ZyKo9rnXTGBFECYmPW0MOIqz9g5u-S74FsobAcqwmEBimkfxqaPrt4arzBYhB_ZG4YRY8Ju6dqxLMOdDJX-C1-hEiiBAaXp4BJGYaJ9nfXI-acmQK-_jJpxOx8rmM8HEvxwvPlFLBl6Zfex4t_INn4A93Emu3B2sfPaCS_ADXlOXvG9jTceLZXfr7e6iTB8PQOET93X7bVLlesjbAoGhR-_XpilZsZDXfOfRQ8wU4yVE8eXcdJJGkKcBVCQM0FgRMQxk--FWr0PFRsRuLyF7iccBFoWn2-61Bzow0sfzWKnQES6SGxosPDLN34xec91u3AnSIFuL-X_n9AF-nbsKk93pjqN-6hJQjwIW5RMWi4735fZVGsejGI42Blx847vUUH8Q_wh3MuLYd_iY7mIGl5eASghI_wSbblFAWLhBIasdyMzCXBVeYLlBIr-lL1zAqszsO9DH_kCw_hqh-dlRMksEf34MxYWbJeSEUewF5LEs4gO9raEbX-5oh45EMPvwVkkIlYwU4A6sI5r-CsM7UKpf7qksavc0b_bSZiz49j4LZTETOfi9ontLetF2W3cXZPvJr7LHbG1b4hOzeNr7X06UQRH2nJuww0gTEVR9jn-nDAKUX0LYahIeq6QQ8n8-_fSE5iDZbISsQ5kWz5UiMADXlB5q0gJJwGXI55iURa1TYrppVOHUN_L7fonsxYCM3a-v9hN5JJ_3E3OyZ1ExPgRxes3qWtOe_OMsuC_LWb-bSrxoGnzoaI_fVIAoqCd7prTaPDafCrB_kjM47g_GeTQqpELAxRyftNgT_PuHApEan_G47FOF7bJb_EtNu01JDCUcuijPere0VupsjSGgtOQ4DDQJ6GW_b3pOPOi3UecsI9u4mTZlQe73qbGUTUsYRUvcFf6uItCwSSsbnsfJNmhhLivOIu-y-c_B7Mdi-OJojZRmE4pdyHWvmLTrjx7udSkgBMcByzpe4W8sh3qg433VAammRncBg0McJwKMvM1GrWgrk9Ex0SqYhkkzqtCtZHrgxegRHU8BBPN53dNzSFz1Bu
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H2 204 event
ads.adfox.ru/232598/ 0
18 B 73ms
72ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=3727cc71193c9422&pm=bmp&pxo=W3DtBN3uVZE1I4mMDpER8SGpgr0qRPZpyO_zZVfe6qZiYX5t2psRMDjQBMZTk16pWRJg3ZmYadUVC8bNGvNuEGSL2w_hICqPs7z55pm--ImfnveBfqk5fvWtq1I19BokHYlJJhXjzJHqs6e6lnIUGLRSh--ByAouq4M--9Urz2iAElO1pSU%3D&p5=gwefg&ad-session-id=9960471657386079975&utg=oxum&lts=fjmwgom&ytt=424413099065349&ybv=0.612100&ylv=0.612100&dl=https%3A%2F%2Fwww.ufa.kp.ru%2F%3Fsection%3Dsociety&rqs=YIziPGAVrnpgtMli-jf1tu2AMyDSx6_z&pr=hfnuxqp&puid3=top%3Aregion&rtb-si=b&puid2=society%3Atoday%3Ainteresting%3Azenyandex%3Aincident%3Aemergency%3Asport%3Acelebrity&p2=fxjd&rand=kitgzwm&sj=cIGBpT2O1kX7idh3nMFMC4iFOoPcz8yKTP2UXAUSzbN-gvb0NzJbMBFOVgbsAA%3D%3D&puid1=adv-1657386079929-502&p1=cavko

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:22 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Jul 2022 17:01:22 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 bundle.js Show response
yastatic.net/q/set/s/rsya-tag-users/ Frame 19CF 105 KB
37 KB 44ms
43ms Script
application/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Requested by

Host: www.ufa.kp.ru
URL: https://www.ufa.kp.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:22 GMT
content-encoding: br
last-modified: Fri, 29 Oct 2021 11:19:01 GMT
server: nginx/1.17.9
etag: W/"82bdc8db563d3e71c35534315f8a9fd5"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Tue, 12 Jul 2022 04:59:18 GMT
cache-control: public, max-age=31556952
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
x-nginx-request-id: d92c99b6b2510102

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ Frame 19CF 158 KB
56 KB 127ms
126ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

8d87c18fcb70f9b1d23c94aedc506cb6cc2640c5aebb25ca6e8e64b0cd997553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:22 GMT
content-encoding: br
last-modified: Fri, 08 Jul 2022 09:23:14 GMT
etag: "62c7cd52-dd8a"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 56714
expires: Sat, 09 Jul 2022 18:01:22 GMT

GET
H2 200 data Show response
yandex.ru/set/s/rsya-tag-users/ Frame 19CF 403 B
633 B 179ms
179ms Fetch
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/set/s/rsya-tag-users/data?referrer=https%3A%2F%2Fwww.ufa.kp.ru%2F

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

adcb0224d040ec15b6f3454ca34d198a475d5c9be03817b6b5d843b8d3d1bf0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: public,max-age=300
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 19CF 40 KB
15 KB 64ms
27ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

00e67a6bb1601297c954a9c6438eb956f4ca87253683fb348d1bda64cee7d1ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15163
x-xss-protection: 0
server: cafe
etag: 11137310801552021614
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 09 Jul 2022 17:01:23 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/1014923426/ Frame 19CF
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=Y7TJYsuYCdD41gachKCwCA...
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=102528235&crd=CM2osQI&is_vtc=1&random=247629...
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=102528235&crd=CM2osQI&is_vtc=1&random=2476292...

42 B
64 B

18ms
18ms

Image
image/gif

2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=102528235&crd=CM2osQI&is_vtc=1&random=2476292959&ipr=y

Protocol

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:23 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=102528235&crd=CM2osQI&is_vtc=1&random=2476292959&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-user-list/1014923426/ Frame 19CF
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=Y7TJYsGbCei2mLAPkv-hgA...
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=545970067&crd=&is_vtc=1&random=716045820
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=545970067&crd=&is_vtc=1&random=716045820&ipr=y

42 B
64 B

18ms
18ms

Image
image/gif

2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=545970067&crd=&is_vtc=1&random=716045820&ipr=y

Protocol

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:23 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=545970067&crd=&is_vtc=1&random=716045820&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3 Show response
mc.yandex.com/watch/ Frame 19CF 167 B
262 B 75ms
75ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fwww.ufa.kp.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A%3Avf%3A2n2z35yck7fai9c6gvqew%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A255434201581%3Ahid%3A15804948%3Az%3A0%3Ai%3A20220709170123%3Aet%3A1657386083%3Ac%3A1%3Arn%3A1023060971%3Arqn%3A1%3Au%3A1657386083788633510%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1657386080916%3Ads%3A0%2C62%2C32%2C2%2C0%2C0%2C%2C80%2C0%2C177%2C177%2C0%2C177%3Aco%3A0%3Ast%3A1657386083&t=clc(0-0-0)aw(1)rqnt(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

1da3c6fb6569b54163eab973f140c5e69638e1be677449e570a960f858d31f98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:23 GMT
x-content-type-options: nosniff
last-modified: Sat, 09-Jul-2022 17:01:23 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 167
x-xss-protection: 1; mode=block
expires: Sat, 09-Jul-2022 17:01:23 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ Frame 19CF 43 B
132 B 63ms
63ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 17:01:23 GMT
last-modified: Fri, 08 Jul 2022 09:23:14 GMT
etag: "62c7cd52-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sat, 09 Jul 2022 18:01:23 GMT

GET
H2 200 1Mb-UJRO0HS200000000U9nJJ9ZGS-lWfRPQGwUp5dTRmbQOMYPiEPd400IUC95GVaQ3YDY-D0Q6L4QWUARJMORB8F5I6I2ljl0G8qCh8uZi1Ca20HF3JCOQFGXx8QEM38IraZ5I4iBQoyZgAC1m5Cm_omZIT1LCtcLaa65W-iiuYuc1OIuJI6Gfqobc1eQrJB-0x... Show response
yandex.ru/an/rtbcount/ 43 B
149 B 63ms
62ms XHR
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/rtbcount/1Mb-UJRO0HS200000000U9nJJ9ZGS-lWfRPQGwUp5dTRmbQOMYPiEPd400IUC95GVaQ3YDY-D0Q6L4QWUARJMORB8F5I6I2ljl0G8qCh8uZi1Ca20HF3JCOQFGXx8QEM38IraZ5I4iBQoyZgAC1m5Cm_omZIT1LCtcLaa65W-iiuYuc1OIuJI6Gfqobc1eQrJB-0xBDC_u7WATCBeCWh9W7xx5ztWGvXSDeypINfCIl3NwOEOGQ6LcPMeD9UPaKWEPKPPCHSPYQGvK1I0MGtoqRcvz-kYnfliUewoPpGyyWcGNHTrLMmohjWyYUpWnC_s9cpM1GYlPnzZOezWZFo3DDBV7CoFSEyYvCYyy9B35rpqunBd1UoI8T25AzW-HEpWuNf00lJJHQ8Bp_OFsGvUmO4tjY_PG7vTG9hQqD7Gzk1X0Mid2TPDp_X0AkxoHg_HM2li5PR-LTMa0yxs1fO9h0zMB3fojmRMmxNpc2xSZXu0TlkJG_VTBtuz6SzuqescAa7s3nEi34_OkCDDtMqoaylZp1pIKaqVya6i_ydd3MHNSxoroGsxRVsizZPp0oD30qCDh0tAEnWPpp1BlA0_U61goSxNxoRcFM3VQ5n0yVMzmO0HNIiFW00?confirmTime=2100000&confirmRatio=1000000&test-tag=424411488321538&format-type=96&actual-format=8&rnd=1188762314694&banner-sizes=eyI3MjA1NzYwNjQzMjA2MTU1NSI6IjE1NjB4MjUwIn0%3D&width=1560&height=250

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ufa.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: image/gif
access-control-allow-origin: https://www.ufa.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
last-modified: Sat, 09 Jul 2022 17:01:23 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sat, 09 Jul 2022 17:01:23 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame 19CF 3 KB
1 KB 26ms
25ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1657386083177&cv=9&fst=1657386083177&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.ufa.kp.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

658a31080f4c92057ab73d23662587dc105968886d8fab4429d6e3556b303b34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1116
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame 19CF 3 KB
1 KB 26ms
25ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1657386083180&cv=9&fst=1657386083180&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.ufa.kp.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

c0bc1600be0a939e3e5d60148c63c95109b958ff4565655567436d3d2377765b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1115
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame 19CF 3 KB
1 KB 26ms
25ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1657386083183&cv=9&fst=1657386083183&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.ufa.kp.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

5c64e12b588d702a436e52f0f326e596cda24b32231a92e9cf882b7fbb497901

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1114
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame 19CF 3 KB
1 KB 25ms
24ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1657386083184&cv=9&fst=1657386083184&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.ufa.kp.ru%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

c946336c5151be03c9194c28383681b117149088b35ff3286159d26d43280afe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1116
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame 19CF 42 B
64 B 33ms
32ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1657386083177&cv=9&fst=1657386000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.ufa.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=3508218691&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/947884341/ Frame 19CF 42 B
64 B 49ms
31ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/947884341/?random=1657386083177&cv=9&fst=1657386000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.ufa.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=3508218691&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame 19CF 42 B
64 B 25ms
24ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1657386083180&cv=9&fst=1657386000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.ufa.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=3562203006&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/693627671/ Frame 19CF 42 B
64 B 38ms
20ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/693627671/?random=1657386083180&cv=9&fst=1657386000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.ufa.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=3562203006&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame 19CF 42 B
64 B 25ms
24ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1657386083183&cv=9&fst=1657386000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.ufa.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=3901164477&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/947884341/ Frame 19CF 42 B
64 B 35ms
19ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/947884341/?random=1657386083183&cv=9&fst=1657386000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.ufa.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=3901164477&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame 19CF 42 B
64 B 26ms
25ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1657386083184&cv=9&fst=1657386000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.ufa.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=1867243616&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/693627671/ Frame 19CF 42 B
64 B 36ms
21ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/693627671/?random=1657386083184&cv=9&fst=1657386000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fwww.ufa.kp.ru%2F&async=1&fmt=3&is_vtc=1&random=1867243616&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
66 B 71ms
71ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=ec03716242854847&pm=bmn&pxo=MFqK4PiMPHOxqwX-ahm3k2XCPc6ge3fxMM7r9WL7xOwyJiz2jsaF_fysdqNUAHCfBjeH1CkwARV-uJb4ZqoqP23Ndqxl8DAVN-F7vlXd6jaNmWGN0nX6WzQT-jWJqf9rOs5dpMmnzeHrvAtolw8H77VJbfPTS2CcmNZa8SW3OcgzK0kTyQ%3D%3D&p5=gwdbk&ad-session-id=9960471657386079975&utg=oxum&lts=fjmwgom&ytt=424413099065349&ybv=0.612100&ylv=0.612100&dl=https%3A%2F%2Fwww.ufa.kp.ru%2F%3F&rtb-si=b&p2=gftf&rand=mzgzulp&sj=jH9oyGzHgyaDhoybOQK_PW2DR148gHyJHlZdVr9nLahr76v0uU3UiAEj6vWh-A%3D%3D&puid1=adv-1657386079927-66&pr=hfnuxqp&p1=cdinl&rqs=YJCM2sHShn1gtMliGDQkCijhkadxvyD2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:23 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Jul 2022 17:01:23 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8165 42 B
64 B 51ms
51ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvNUnxnQrk7nJcXYANXg-soV829P4A65PfrrjqUcF9DI5fuQoKqHGZXLy_JBjzDonKTekPpt2Xa1C8LoHK_TTbOXxxtUpJAQdY4XQ4jOE3NjAx9X3Vmzqss37PdVtfNPOOaeRSKvYqdfpCW&sai=AMfl-YSZpjDkffhSWRqMsgS7SHynL-bhjmqsfGNKfC73AF8qiP3jAULTFnfGsZh1w98jVy38KGnbepI56dQum3TAxPaJpPYiToJQcEn5JiDTWVZfQaBNUBHP05tvqdh-&sig=Cg0ArKJSzEFFv-RStmQfEAE&cid=CAASJeRoxucweCLtcRRUymaxrQhYtb5larrTfRdgMvm8PiLI-92mk2g&id=lidar2&mcvt=1000&p=486,1359,526,1400&mtos=1000,1000,1000,1000,1028&tos=1000,0,0,0,28&v=20220706&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3886855702&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1657386082171&rpt=109&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 37412095 Show response
mc.yandex.com/watch/ Frame 19CF 350 B
385 B 69ms
69ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fwww.ufa.kp.ru%2F&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%220%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22chrome%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Agdpr%3A6%3Avf%3A2n2z35yck7fai9c6gvqew%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A2%3Adp%3A1%3Als%3A332713613930%3Ahid%3A15804948%3Az%3A0%3Ai%3A20220709170123%3Aet%3A1657386083%3Ac%3A1%3Arn%3A851533279%3Arqn%3A1%3Au%3A1657386083788633510%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1657386080916%3Ads%3A0%2C62%2C32%2C2%2C0%2C0%2C%2C80%2C0%2C177%2C177%2C0%2C177%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1657386083%3At%3A&t=gdpr(6)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

87ecf8d0827ea4a6cc8d5125a38301d06b306702e1abd3fd9423d3db009eced6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:23 GMT
x-content-type-options: nosniff
last-modified: Sat, 09-Jul-2022 17:01:23 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 350
x-xss-protection: 1; mode=block
expires: Sat, 09-Jul-2022 17:01:23 GMT

GET
H2 200 WPyejI_zOF40hGm0L1LOC04FvFwDkmK0yG4GW8200J5WjCbY000003YScWE80Xov0XYFc5Jw6rUhy0BxaxJW3V050Q06ueaEoGPWa8pQmTA6VQa7Giq0quHMg3N01y2hiFe1W0e1Y8WBEAeB43zh-jr2pG00GhEMH6BZy0i6u0s2W821W820Y0IO3k2OYkU3h8NNU... Show response
yandex.ru/an/count/ 43 B
267 B 68ms
68ms XHR
image/gif 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/count/WPyejI_zOF40hGm0L1LOC04FvFwDkmK0yG4GW8200J5WjCbY000003YScWE80Xov0XYFc5Jw6rUhy0BxaxJW3V050Q06ueaEoGPWa8pQmTA6VQa7Giq0quHMg3N01y2hiFe1W0e1Y8WBEAeB43zh-jr2pG00GhEMH6BZy0i6u0s2W821W820Y0IO3k2OYkU3h8NNUgWFmfhZwStGbTGra13ouDIHXvdzoi41-10Ku9MOVV0I5OWJ0v0JCk0K0TWLmOhsxAEFlFnZy80MXO28W8R0O9WMyBRwbGQWoHRmFzWMWHUe5mcP6D0O8VWOdFhEm92N_OqSW1c96RFai1dWeBBKdTYqmtsu6V___m706T_emkYxmeh3Tz8P4dbXOdDVSsLoTcLoBt8sE3GjCUWPc0pm6Ve1c1hKmrEm6qYu6mE270rNDK4wRsTtM3P4P64twHo07Vz_W22088WW0T0X____0HC0CyDhc35HF78o4EDJi1h4Yik2INGEmJZU19aOkCfONBOQaDR-wAFcCA6Wke1UxHo6cx51JFXZcuD86eOP~1=WpOejI_zOCS2PHa0P2oapb0rnmE6WC2tkTsexiS1W041Y07sW8BMZ06G0URX-wlSW8200fW1vk7xgroW0Qge0Qgu0OBNdQeas06Oilca0U01higzdW7e0Se3-07ycDw-0Q02bCFm6C022x030kW4mX681T3s2905ohmCi0N4bWMu1SIM1S05zfWEo0NyyGNG1Rsg0U05bAW6ueaEgGT2pG3JX5QeDRW7W0NG1nRO1n3W1v0DyGS0meA01k08og6u3EW91unWQgP-3ki_oTaBw0lGzWY83BoR1fWDr-pmFw0Em8GzW12Cb-KYmB2GWW7G4CUIhr-O4Rw49Q4HP-0Hcwezw16abfJxeS2oWUy-nq0vZEFk3Vl3FvWJ1E0Jn9O5Y1JIYxp5lkF3cI2W5CIM1QWKohmCi1J8pzmDk1I0hU84m1I0d9mvo1G7q1J4jwbts1JMZ_ML1kWKZ0BG5TQFzPK6s1N1YlRieu-y_6EO5l2s-fK6eB0MemV95j0MlA3UlW7O5lBWr967cVtAmG615m3mFvWNselABRWN0S0NjPO1q1VGXWFO5wotF-WN29aOe1W7i1Z7owQM1hWOGlWOdFhEm92N_OqSW1c96RFa20000000e1d00RWP____0U0P2EWPc0pm6Ve1WHh__pUtnvHmAuWQm8Gzc1hKmrEu6WBr6W40002O6wUZFB0RIBWR0zWRW820W0Jf6m000E2A0L91y1k3eRO5-1lzbFS1s1pGzWZW7Cgy3EaSyHm0001CE4kzFu0T_t-P7SWTm8Gzu1trhZpe7VtjflJAiekf8F0TkVwdvUsIpkOB-1sdqRoFlQxwjIwH7gWU0T0Uu8lWYVQInylP0TWU-zeUY1____y1e1-Cb-KYi1y1o1-CsRnIqXy6DZ4oCJ0msHy000201aLIGU0VWRR01UWVd_ta0O0WW228806f8B0WX80Wu201q27_0I40EEANbn3eYz7Q15A4ahn7Jf1aY25I1f1W1QC8HCAzNqDWgJ8YiY4POakonvI0QBbcWOMGuEygN7rd-81eGSMwG0ZYZBW5QIAho9eK8wyHM49SNk19OrGBWmz548PgaX9i4t00~1?stat-id=28&test-tag=424411488354833&banner-sizes=eyI3MjA1NzYwNjQzMjA2MTU1NSI6IjE1NjB4MjUwIn0%3D&format-type=96&actual-format=8&pcodever=612100&banner-test-tags=eyI3MjA1NzYwNjQzMjA2MTU1NSI6IjMxOTUwNSJ9&width=1560&height=250&confirmTime=2100000&confirmRatio=1000000&wmode=0

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ufa.kp.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: image/gif
access-control-allow-origin: https://www.ufa.kp.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
last-modified: Sat, 09 Jul 2022 17:01:23 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sat, 09 Jul 2022 17:01:23 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
18 B 62ms
61ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=b9a2b6ed026e24e9&pm=bmp&pxo=19btBrBBCUhQMiUY7MdU6e4JcB3hrzUUFfzfRmRJFbLCLxczTJwSzy5P-wiWjykS6a_sxehXfTl888iqUlFZNWmPfs_cnosqZKhw_pF1F3aUk7-bR40VMUE5txush2BQ4tW4pR-q3_UL_Ll-XNJj0Tuzu4A7Ibw0jdoYd7J3WXVsx0W3QQ%3D%3D&p5=gwaok&ad-session-id=9960471657386079975&utg=oxum&lts=fjmwgon&ytt=424413099065349&ybv=0.612100&ylv=0.612100&dl=https%3A%2F%2Fwww.ufa.kp.ru%2F%3Fsection%3Dsociety&rqs=YJCM2sHShn1htMli3cMJIYNMNbpEQJOS&pr=hfnuxqp&puid3=top%3Aregion&rtb-si=b&puid2=society%3Atoday%3Ainteresting%3Azenyandex%3Aincident%3Aemergency%3Asport%3Acelebrity&p2=fbao&rand=layxjqa&sj=Gp3ip5tDil_YAiYQ20TcqNaAUH3IxExGVX2-w2q9aLilKwfupqbmmmztzk3AWg%3D%3D&puid1=adv-1657386079931-71&p1=bufhv

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:23 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Jul 2022 17:01:23 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
66 B 63ms
63ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=8f13f5fb68091490&pm=bmn&pxo=19btBrBBCUhQMiUY7MdU6e4JcB3hrzUUFfzfRmRJFbLCLxczTJwSzy5P-wiWjykS6a_sxehXfTl888iqUlFZNWmPfs_cnosqZKhw_pF1F3aUk7-bR40VMUE5txush2BQ4tW4pR-q3_UL_Ll-XNJj0Tuzu4A7Ibw0jdoYd7J3WXVsx0W3QQ%3D%3D&p5=gwaok&ad-session-id=9960471657386079975&utg=oxum&lts=fjmwgon&ytt=424413099065349&ybv=0.612100&ylv=0.612100&dl=https%3A%2F%2Fwww.ufa.kp.ru%2F%3Fsection%3Dsociety&rqs=YJCM2sHShn1htMli3cMJIYNMNbpEQJOS&pr=hfnuxqp&puid3=top%3Aregion&rtb-si=b&puid2=society%3Atoday%3Ainteresting%3Azenyandex%3Aincident%3Aemergency%3Asport%3Acelebrity&p2=fbao&rand=bpglggv&sj=Gp3ip5tDil_YAiYQ20TcqNaAUH3IxExGVX2-w2q9aLilKwfupqbmmmztzk3AWg%3D%3D&puid1=adv-1657386079931-71&p1=bufhv

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:24 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Jul 2022 17:01:24 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
66 B 70ms
70ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=9bcb5557121a434a&pm=bmq&pxo=MFqK4PiMPHOxqwX-ahm3k2XCPc6ge3fxMM7r9WL7xOwyJiz2jsaF_fysdqNUAHCfBjeH1CkwARV-uJb4ZqoqP23Ndqxl8DAVN-F7vlXd6jaNmWGN0nX6WzQT-jWJqf9rOs5dpMmnzeHrvAtolw8H77VJbfPTS2CcmNZa8SW3OcgzK0kTyQ%3D%3D&p5=gwdbk&ad-session-id=9960471657386079975&utg=oxum&lts=fjmwgom&ytt=424413099065349&ybv=0.612100&ylv=0.612100&dl=https%3A%2F%2Fwww.ufa.kp.ru%2F%3F&rtb-si=b&p2=gftf&rand=brwrahn&sj=jH9oyGzHgyaDhoybOQK_PW2DR148gHyJHlZdVr9nLahr76v0uU3UiAEj6vWh-A%3D%3D&puid1=adv-1657386079927-66&pr=hfnuxqp&p1=cdinl&rqs=YJCM2sHShn1gtMliGDQkCijhkadxvyD2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:25 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Jul 2022 17:01:25 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
18 B 71ms
71ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=25e23940ca211743&pm=bmq&pxo=W3DtBN3uVZE1I4mMDpER8SGpgr0qRPZpyO_zZVfe6qZiYX5t2psRMDjQBMZTk16pWRJg3ZmYadUVC8bNGvNuEGSL2w_hICqPs7z55pm--ImfnveBfqk5fvWtq1I19BokHYlJJhXjzJHqs6e6lnIUGLRSh--ByAouq4M--9Urz2iAElO1pSU%3D&p5=gwefg&ad-session-id=9960471657386079975&utg=oxum&lts=fjmwgom&ytt=424413099065349&ybv=0.612100&ylv=0.612100&dl=https%3A%2F%2Fwww.ufa.kp.ru%2F%3Fsection%3Dsociety&rqs=YIziPGAVrnpgtMli-jf1tu2AMyDSx6_z&pr=hfnuxqp&puid3=top%3Aregion&rtb-si=b&puid2=society%3Atoday%3Ainteresting%3Azenyandex%3Aincident%3Aemergency%3Asport%3Acelebrity&p2=fxjd&rand=cejaxsc&sj=cIGBpT2O1kX7idh3nMFMC4iFOoPcz8yKTP2UXAUSzbN-gvb0NzJbMBFOVgbsAA%3D%3D&puid1=adv-1657386079929-502&p1=cavko

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:25 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Jul 2022 17:01:25 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 204 event
ads.adfox.ru/232598/ 0
66 B 62ms
62ms Image
text/plain 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/232598/event?hash=8d44e63a7cf7e718&pm=bmq&pxo=19btBrBBCUhQMiUY7MdU6e4JcB3hrzUUFfzfRmRJFbLCLxczTJwSzy5P-wiWjykS6a_sxehXfTl888iqUlFZNWmPfs_cnosqZKhw_pF1F3aUk7-bR40VMUE5txush2BQ4tW4pR-q3_UL_Ll-XNJj0Tuzu4A7Ibw0jdoYd7J3WXVsx0W3QQ%3D%3D&p5=gwaok&ad-session-id=9960471657386079975&utg=oxum&lts=fjmwgon&ytt=424413099065349&ybv=0.612100&ylv=0.612100&dl=https%3A%2F%2Fwww.ufa.kp.ru%2F%3Fsection%3Dsociety&rqs=YJCM2sHShn1htMli3cMJIYNMNbpEQJOS&pr=hfnuxqp&puid3=top%3Aregion&rtb-si=b&puid2=society%3Atoday%3Ainteresting%3Azenyandex%3Aincident%3Aemergency%3Asport%3Acelebrity&p2=fbao&rand=ltxggkn&sj=Gp3ip5tDil_YAiYQ20TcqNaAUH3IxExGVX2-w2q9aLilKwfupqbmmmztzk3AWg%3D%3D&puid1=adv-1657386079931-71&p1=bufhv

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ufa.kp.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jul 2022 17:01:26 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Jul 2022 17:01:26 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ssp.bidvol.com
URL: https://ssp.bidvol.com/rtb/pl999

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022063001&jk=3647680505521672&rc=

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

69 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 04:24:32	Name: afpix Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 04:24:32	Name: pcs3 Value: 1
.kp.ru/	1970-01-20 04:33:10	Name: w3k Value: 49c7c921-c32a-4404-a5db-4a5d06222f8e
.kp.ru/	1970-01-20 04:33:10	Name: w3t Value: eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOiI0OWM3YzkyMS1jMzJhLTQ0MDQtYTVkYi00YTVkMDYyMjJmOGUiLCJqdGkiOiI4ZmZkZTVjNy05ZTNjLTQzYzUtYmU1ZC1hODI4YzI5NzNkMTEiLCJfdmVyc2lvbiI6MSwiX3BhdGgiOiIvIiwiX3RyYWNlIjoiODY3OTM4M2U5ODJlM2UyYzRjNzQ5MTRkZmFjNjdhNmQiLCJfcGF5bG9hZHMiOnsiZ2VvIjp7ImNvZGVyIjp7InN0cl9yZWdpb24iOiIiLCJyZWdpb24iOjAsInVwZGF0ZWQiOiIyMDIyLTA3LTA5VDE3OjAxOjE5WiIsInNvdXJjZSI6Imdlb2NvZGVyIn19LCJwcm9maWxlIjpudWxsfSwiX2dyYW50cyI6bnVsbCwiaXNzIjp7ImVzc2VudGlhbCI6ZmFsc2UsInZhbHVlcyI6WyJ3d3cudWZhLmtwLnJ1Il19LCJleHAiOjE2NTc5OTA4NzksImlhdCI6MTY1NzM4NjA3OSwibmJmIjoxNjU3Mzg2MDc5LCJzdWIiOiJzZXNzaW9uIn0.gbJ2KridZBHR-hUx7AIawfMaokcg_yB8Zl4zxKTYuqhKha_l3VjYX_MJ-MGvCaawMAv9JqUF8v2QsKKuvkDMlRxh4o_QMJ-J-RXXfRP8jdYw3dh2Na8O3kDh33EvqGIOoSnAS634IOh616GStIWfOEXBeqSaRQTW4AH1nnwmJs3cF4VLzlKgaM1CWloSVriv_Lr8kUCaRZj2AM7FtH-1izHmee19tt1-iUsfJNgR-SIwxnNg4ifAvmOucGFvQgx8esRJLgj3YuuGUNTl47Hk_TMQNwJOEeqeByqaTwgH_x3s1rad5RKfGOWsdMDDtFg3KWyHT7zjeiXWh2kRBujV-w
.kp.house/	1970-01-20 04:33:10	Name: w3a Value: eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZHQ00iLCJ6aXAiOiJERUYifQ.jHefAhFJYF-G8dTfy5ZuYKgPltVpdRlDLO2qjJIg4Rt-s12nlnR7qR3YNcm8FsGU3GTeWHAD8TuCCRZxv5PuIlsbXgBvXmDQpYfM3BLKmKXZ6niErnsyJXt8880wY0YkQPOWQQZvucygT8Yqb6UArirnGHbCI4eTkUKNxrRVk-YaWBbWoDV3lVn6Y2Zii-mupCULQSxPnfFKs3yopQVW26Q7RjMRlcqyktDN4DMP4PEcTXqXpdxDbajJUKxB8nzP82ktyKCQosKp8c0BibYOGN0o0No1gn8B-OlwHW3a3Stnccnqo8_ZkD9O_IOqFZ7-B2dx5zrmEuc44thPMIkvUQ.6Gfmnv8YsAIcetMt.T89EuF_A676Apb6RO0ydfO4b.vpgFTBtsuQhHjWHj4k4knQ
.kp.house/	1970-01-20 04:33:10	Name: w3k Value: 14ccf495-bdb9-468c-ad8b-bfc946fcda81
.kp.house/	1970-01-20 04:33:10	Name: w3t Value: eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzaWQiOiIxNGNjZjQ5NS1iZGI5LTQ2OGMtYWQ4Yi1iZmM5NDZmY2RhODEiLCJqdGkiOiI4NGU4NjE5ZC0zYzExLTQ2NTAtOWJlYy1iNDczMTkxZDIwNDAiLCJzdWIiOiJzZXNzaW9uIiwiZXhwIjoxNjU3OTkwODc5LCJpYXQiOjE2NTczODYwNzksIm5iZiI6MTY1NzM4NjA3OSwiX3ZlcnNpb24iOjEsIl9wYXRoIjpudWxsLCJpc3MiOnsiZXNzZW50aWFsIjp0cnVlLCJ2YWx1ZXMiOlsicHJvZCJdfSwiX3RyYWNlIjoiZmE3ZjA5Y2U0OGY0MDQ0MmU0ZjFlMDU2ODk3YTg1OTUifQ.UxheEw-en0ri9oLY0I7drj3ob3Y43bHf1f4YZhKqSvTQgKiBDnJrqK7Pglznp7_y3L_S4aZABv9pir14XKepKfbEAuwLxbsuOEk3l35oi8MdUJnuMeBjt5A4fvOu_B81tSDJ2nBiqem4nsATCBoGku8XjcJjweZt2irAh2gplzrZEsHXCA4w8P5An32X43nn3Ku01mMVyNn65rPH1bvEnEeH9ApNNxZgShagMcMDLQvdJNTuR0qYZlSvJ3WSAD3LX84C21CbxOoqUZFQ5g4ZzaKhomzB-yh9qElWsYKP2KI37i3qgqaGJyzBx-6--mGt-EBfie5T1XMUPNJcKqIETg
.exchange.buzzoola.com/	1970-01-20 05:06:18	Name: uuid Value: 80a0a233-0d5b-4b35-4d3e-ac62a4abefe1
.betweendigital.com/	1970-01-20 13:08:42	Name: dc Value: lux1
.betweendigital.com/	1970-01-20 13:08:42	Name: ss Value: 1
.betweendigital.com/	1970-01-20 13:08:42	Name: unm Value: 1
.exchange.buzzoola.com/	1970-01-20 04:43:15	Name: cookiesyncs Value: 000000000000000000000000d93dab9edf0912baf9008f35866978f1
.betweendigital.com/	1970-01-20 13:08:42	Name: tuuid Value: 84be61e1-c916-52be-92f8-ff42f0314b22
.betweendigital.com/	1970-01-20 13:08:42	Name: ut Value: Ysm0YAABW6gtkpt_ilq5segXT7kp72dX7O43zQ==
.criteo.com/	1970-01-20 13:44:42	Name: uid Value: b4d72bb5-a122-4917-94f6-43b7ca6fc0db
.kp.ru/	1970-01-20 13:44:42	Name: cto_bundle Value: 4dFywl8xSE1rcjRDVE5hRlolMkIlMkZRbFVtUFNneDlvQmNZS1pxRDJaQ1dFM04zeTNXN3Y0Nm9Zc1I5YUZVbUlieUpiR3ZQYWN2MFlVYTl6bEJabjVUeXIzMHhjY2dCMWFHVjJJSEZUOENsRDVwcjJwYjdQZ2t6R2NTbU9mZmpuJTJGZWphMDROZlp3MGZ6V25KJTJCNFJ3VzdtamV0cUt2ZyUzRCUzRA
.yandex.ru/	1970-01-20 21:54:18	Name: yandexuid Value: 9045148631657386080
.yandex.ru/	1970-01-20 21:54:18	Name: i Value: MU9rnIwntpZPRpo1/ak7CzPvtHKvCe6zdGdR8fC42tasHtPIrTjADuRjqUp7ntugb1yRRw7lQwy7M95RRIZDkthZtqg=
.kp.ru/	1970-01-20 13:44:42	Name: __gads Value: ID=90a4e6e54444b41b:T=1657386080:S=ALNI_MZbWSwwjfICnOlFMFItflPywuynSA
.doubleclick.net/	1970-01-20 13:44:42	Name: IDE Value: AHWqTUkhFJQ_ZUYsLJIPPyPdPkxhs4e4YDt0YotfEPMxy8io0OoMAaOmM0r4EXo19h8
.casalemedia.com/	1970-01-20 13:08:42	Name: CMID Value: Ysm0YU0EHVdfA3nfhEX4.gAA
.casalemedia.com/	1970-01-20 06:32:42	Name: CMPS Value: 1139
.casalemedia.com/	1970-01-20 06:32:42	Name: CMPRO Value: 1139
.adnxs.com/	1970-01-20 06:32:42	Name: uuid2 Value: 6329862342868897921
m.exactag.com/	1970-01-20 06:32:42	Name: exactag_new_gk Value: 365d05d4ae884769a72238123dd650b0%7c07.09.2022+17%3a01%3a21
m.exactag.com/	1970-01-20 08:42:18	Name: exactag_new_uk Value: 259d6799c27c415988face94d7d51c5c%7c
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: 6ea60caefb4346c199a106ba
.mc.yandex.com/	1970-01-20 04:23:06	Name: sync_cookie_csrf Value: 4039639801fake
.demdex.net/	1970-01-20 08:42:18	Name: demdex Value: 25029636161358565680767734612215072104
.ufa.kp.ru/	1970-01-20 21:54:18	Name: _ga Value: GA1.3.1080884444.1657386081
.ufa.kp.ru/	1970-01-20 04:24:32	Name: _gid Value: GA1.3.610406724.1657386081
.ufa.kp.ru/	1970-01-20 04:23:06	Name: _dc_gtm_UA-23870775-1 Value: 1
.skydeutschland.demdex.net/	1970-01-20 08:42:18	Name: skydeutschland Value: 25029636161358565680767734612215072104
.ufa.kp.ru/	1970-01-20 04:23:06	Name: _gat_UA-5200037-9 Value: 1
.ufa.kp.ru/	1970-01-20 04:23:06	Name: _gat_UA-23870775-31 Value: 1
.kp.ru/	1970-01-20 21:54:18	Name: _ga_8MQ0FGXD1P Value: GS1.1.1657386081.1.0.1657386081.0
.kp.ru/	1970-01-20 21:54:18	Name: _ga Value: GA1.1.1080884444.1657386081
.yadro.ru/	1970-01-20 13:07:30	Name: FTID Value: 1YoRHX3GFWeM1YoRHX002KLQ
.kp.ru/	1970-01-20 21:54:18	Name: _ga_D0H9SYE5JC Value: GS1.1.1657386081.1.0.1657386081.0
.mc.yandex.ru/	1970-01-20 04:23:06	Name: sync_cookie_csrf Value: 197168297fake
.yadro.ru/	1970-01-20 13:07:30	Name: VID Value: 3B_hQf11bfOM1YoRHX002KMA
.kp.ru/	1970-01-20 13:08:42	Name: _ym_uid Value: 16573860811008625930
.kp.ru/	1970-01-20 13:08:42	Name: _ym_d Value: 1657386082
.yandex.com/	1970-01-20 13:08:42	Name: yandexuid Value: 9045148631657386080
.yandex.com/	1970-01-20 13:08:42	Name: yuidss Value: 9045148631657386080
.mc.yandex.com/	1970-01-20 04:24:32	Name: sync_cookie_ok Value: synced
.kp.ru/	1970-01-20 04:24:18	Name: _ym_isad Value: 2
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 201957201657386081
.yandex.com/	1970-01-23 19:59:06	Name: i Value: FSaVbVIGNtjhpW1S32IOl6e4jMaPkaC4nM7YXj+386v89x12rX/CQoJBx/R2HROw3v2GUvZmalGTIUuHboll9TprA5s=
.tns-counter.ru/	1970-01-20 13:08:42	Name: guid Value: CCDD6A2262C9B461X1657386081
.yandex.com/	1970-01-20 13:08:42	Name: ymex Value: 1688922081.yrts.1657386081#1688922081.yrtsi.1657386081
.stat.media/	1970-01-20 13:08:42	Name: _sm_uid Value: bf344eed-4254-4582-ad38-7c4e1a8fc4e6
.stat.media/	1970-01-20 13:08:42	Name: _sm_udt Value: 1657386081984
.stat.media/	1970-01-20 04:23:07	Name: _sm_sid Value: a71efc8f-1251-4aed-8b80-1b164d8c1c21
.stat.media/	1970-01-20 05:06:18	Name: _sm_cm Value: 6
.smi2.ru/	1970-01-20 13:08:42	Name: _sm_uid Value: bf344eed-4254-4582-ad38-7c4e1a8fc4e6
.smi2.ru/	1970-01-20 13:08:42	Name: _sm_udt Value: 1657386081984
.smi2.ru/	1970-01-20 04:23:07	Name: _sm_sid Value: a71efc8f-1251-4aed-8b80-1b164d8c1c21
.adnxs.com/	1970-01-20 06:32:42	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?ens94S!]tb68i_iqf!oN/@E'zz<Z0Q8Rm-LuIY<sa+MHJgXR_4ilWMfliqzi3>$AFTD._PlZ[C[-kX-<E8oU
.w55c.net/	1970-01-20 13:53:20	Name: wfivefivec Value: ojRp5x4U1OadPA5
.casalemedia.com/	1970-01-20 06:32:42	Name: CMTS Value: 1199
.blismedia.com/	1970-01-20 13:08:46	Name: b Value: 62C9B46216C8E739412CE2E7BLIS
.travelaudience.com/	1970-01-20 13:53:20	Name: _tracker Value: %7B%22UUID%22%3A%223692D64D-4062-4CBC-9EB8-C70B076E404E%22%7D
.w55c.net/	1970-01-20 05:06:18	Name: matchgoogle Value: 5
.1rx.io/	1970-01-20 13:08:42	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-9cfec7d6-89db-49f7-ac93-538535091cb6-003%22%7D
.targeting.unrulymedia.com/	1970-01-20 13:08:42	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-9cfec7d6-89db-49f7-ac93-538535091cb6-003%22%7D
.tribalfusion.com/	1970-01-20 06:32:42	Name: ANON_ID Value: alnseFtZdPufm7SpBnA8MrJT4QVL7ZaB8nSnoaT1hbg6MJ2fvRfXPH80Vh9KSStE7alQlNifXaDmVBvUTT3dBw
.yandex.ru/	1970-01-20 21:54:18	Name: is_gdpr Value: 1
.yandex.ru/	1970-01-20 21:54:18	Name: is_gdpr_b Value: CI+ICxC0fRgB

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

14b723fe60395e204d08b5454577ac76.safeframe.googlesyndication.com
74c31888aa82887ddc63d7cce03bddbb.safeframe.googlesyndication.com
a.tribalfusion.com
ad.mail.ru
adfox-c2s-ams.creativecdn.com
ads.adfox.ru
ads.betweendigital.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
avatars.mds.yandex.net
banners.adfox.ru
bidder.criteo.com
cddb1aedb75224132775dcc54c671cd8.safeframe.googlesyndication.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
counter.yadro.ru
dsum-sec.casalemedia.com
exchange.buzzoola.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
identity.kp.house
m.exactag.com
m.ufa.kp.ru
matchid.adfox.yandex.ru
mc.yandex.com
mc.yandex.ru
mug.criteo.com
pagead2.googlesyndication.com
pb.adriver.ru
pixel.adsafeprotected.com
pm.w55c.net
region1.google-analytics.com
s.tribalfusion.com
s0.2mdn.net
s01.stc.yc.kpcdn.net
s02.api.yc.kpcdn.net
s09.stc.yc.kpcdn.net
s14.stc.yc.kpcdn.net
s16.stc.yc.kpcdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
skydeutschland.demdex.net
smi2.net
smi2.ru
ssp.bidvol.com
ssum-sec.casalemedia.com
stat.media
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
sync.1rx.io
sync.targeting.unrulymedia.com
target.smi2.net
tns-counter.ru
tpc.googlesyndication.com
tr.blismedia.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.ufa.kp.ru
yandex.ru
yastatic.net
ysa-static.passport.yandex.ru
pagead2.googlesyndication.com
ssp.bidvol.com
104.18.19.126
142.250.181.226
142.250.185.162
142.250.185.194
142.250.186.66
143.204.89.128
146.185.195.90
168.119.9.59
178.250.0.157
178.250.0.165
185.184.8.90
188.42.191.196
195.209.111.20
2001:4860:4802:32::36
2001:6d0:4001::226
213.19.147.44
213.202.235.9
2600:9000:2156:d000:8:48e:53c0:93a1
2606:4700:4400::6812:230b
2606:4700::6811:190e
2a00:1148:db00::17
2a00:1450:4001:802::2006
2a00:1450:4001:802::200a
2a00:1450:4001:806::200e
2a00:1450:4001:80b::2008
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2001
2a00:1450:4001:810::2003
2a00:1450:4001:812::2002
2a00:1450:4001:813::2004
2a00:1450:4001:827::2001
2a00:1450:4001:827::2003
2a00:1450:4001:828::2002
2a00:1450:400c:c1b::9a
2a02:2638::1c
2a02:2638::3
2a02:6b8:20::215
2a02:6b8::16b
2a02:6b8::184
2a02:6b8::1:119
2a02:6b8::1be
2a02:6b8::2:158
2a02:6b8::5:114
2a02:6b8:a::a
2a03:90c0:41:2801::254
3.120.80.21
34.96.105.8
35.190.0.66
37.252.173.27
52.30.25.219
54.154.32.144
82.148.14.195
82.202.225.240
88.212.201.204
88.212.218.1
95.181.181.12
95.181.181.82
00e67a6bb1601297c954a9c6438eb956f4ca87253683fb348d1bda64cee7d1ca
01eb1050ef11c6e804aa51fcde72e6c7c7404e412b35135be924af3cd6d1b050
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
05ca835ae9f42c9caf134c8e1aba2adf143e42baa6fbabbc1e92a3ba0d1ed3b6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb28c982b61485dd5d4d5a441fe4685d5981bfb36c14a0325a117fcb14c8e48
0e1eb5a8ac7e4f640c6e438cac7b0e5a427f624a94cad2b07deb90000bff24fb
0e54ec3374e523c1378b876a28ceeba7596769c94640d5f8702b5cea3b8c5658
0ecb4b923933b10d109180731c8f65f580bcbc4d42c6112ad7ebdb56c79441cd
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
196f21daf4db2fe8554fb7efcde48a7c4d027da750cf7421a698f7e37ea4516e
1d386626a236bf37f510e9c0c2d85036641c5cc85bed4b320a181861477d0ec7
1da3c6fb6569b54163eab973f140c5e69638e1be677449e570a960f858d31f98
234f1949a1b02416dcc009a5d47817b02037d76878e1569c597235aa75f14025
23b6e9571b78dcca49a8f203826bb25ad8bfb2aab56bd2b3b4027129ced5f82b
23cd1e833b774d9f157da2c47f4f298e688e692f43f98347446ef95ef724492c
25fe52443f527062549bb7a398b41a165bd4fd2c9e3eec1e72af83591f544460
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2a0e49bb6cf4548106d205a7a7b971e72c0877e7247ef4cc889185b1aed3bfb0
2b266db17b19959b548cce93f88f6ef8187e6b29b446cd51a51149dc6569263e
2d32f681e01e8082f5df941a021b306e98063b7330b197ba674e71dcc5dc4d4e
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ea6594700eadc561dce18df33d16ff9d07ff631d4f6f4eae734bfe34e900f0c
32b0f7e66a50c24d967afd1b4c120fc5a898758db2d7d2023c8987c312c8f2fe
3394110000caa52bc9dcf892178cb4a7a8d25db76721a2290caaeb667413a4d0
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
359084d87256c51b821f4c91cebc939bed1fca6f87f9ee209196c488927869b0
35ed988aff3c8059b4869fd94cc2885879041fbd698317a53741bca5095c3091
3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9
3b2c1892eee0748ebfad53eb519525d66d3977b0544fde4fa5ff92152f400331
3bdab4da5017468f0ddfc1a51edc3772a13aa064c83df984c152729075714847
3c12f2da086c2408f3f1255b457b7798f793cf77f792c14c66fdbb9bf3c3eaa3
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f7cb68abebddb8481e02aa86c09a9f5bb92143703ad0c5309bac5b393168dbc
41d126b6bc6ac81f29bbe2d816aad3776fa48abb5bd62d7a65b114dbe90e283b
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
4373878b9f750698b6a199ebc0eb0e550df208c5a1f9f778a346e271a2b4d733
445837ee1d1da2644d2531f84c664f157828154b8b5e032dbef64c3a8308ef17
470b4a5b32a057a0e5e1cbe0719913aac7d8a1ee8576cab5661cc2450a39bfcd
4a21722e468cc743281d7a34462161126d8861c68b25ddeaf407c6389827402a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4be74101162d4ed978851bd6dd595e849e4209b55cdfbf43bf39fdaee81a4192
4c9f9038ef0cca8daea160666fcf23b0cc4fd3ba853dcd4494e8ec35e3a0c039
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50dabdfe14e68cd56b9c400784b44793b81d7b40b34b2f133157257b50dc4a56
514eede7d4c785888305efd995fc683471908a39b7c54ee24f9d2362fb4ec9e0
540494568edcb120a58c4c4890d03f34c810edc9fc355f28720dbdef11420b42
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59e2467d94ae007fa71bc0b10f4b92f227edfa03afb5ce7c904b9ea2bcf537e9
5c64e12b588d702a436e52f0f326e596cda24b32231a92e9cf882b7fbb497901
5e5c9149be229df7c934f8cd1acf1b3cc9e04e29cbbe6cbe0e2d726e79930cff
5f04f87ba7cd3beb8f840e33441bdc8cfee7fe74a49cd8abdcc8ac7727b6bbda
607912ce0bbdc533bd357dc99af092f34783fee7f24f7fc16ece184018a7441b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6251ec4f734c7d06fd01d32d191786319864206e9b374cfda5f055314427487c
647a7d8e86b97b6af333b3647fbb8dd16b09ef585a4c448e130fb2238103eabc
658a31080f4c92057ab73d23662587dc105968886d8fab4429d6e3556b303b34
677acc9eed10d735ed46dabd82553005a036fe19930511d9850060a4fb6d2c2b
684ed0719810bd7bc3f29fde539e37010b41205ef9a0aa5f4196a6ddcd2bff07
68a2b11c387cf46b59e8e3bb11aa0744237002004d7a58d81ef2acbd5fac38ef
69c3207f80de1de6ee4ff239d740ea31bbc7091e7870365c49aad61b21359687
6b03dda9cfb6c3b381d1264a12d74a8e850ad3a7d82531879b42703fe4449f3a
6b0c6ad2a39e30acdd045f1e10d04d6032f0447387edd32af55f7d80b2d4f0f0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d30d6b4d59bc9671eccc54b535566f3ebaab9512db1d616bb47b326cdbae5c5
6db6653a65bc919f600c1e098b02145b5e62d137fbf99f84ad526692b65cc31c
6edd82367522384c89340b46118764d39a1a788e644f89af52fd9f992dad9d81
6ff082130eb8e0fe1ba485606bab3de43a410b184c718be62c739ab9f67c6863
7078eb74b3490fbce59240137433266a3c5252599126b6547af5770135789a5f
73720f862be505fc73b3884bc441d49060f787d3273bde1738114819dcbaf0a3
737520ba1c13b8233e07e8d76e1bc3d126d3e47f389d5f5806cf9b0a738cd62f
748646bc30925c61574071e2cfe947ece6be153f4d4e4b5d1d192cbe2f5e6cc4
75d16f690db62e7b02e26bff78808ea7529f154b36340c9b6d6e1cd81b64a4ca
77403385afe39467e0833e772e0221fdad7007eb96d819d6fb21c776392e81c1
796f7872a8b1c02905852f60f09e2932c3de966706b563e62aa09ee2c248d2ff
7a0fb8fc4de0bde528e5b17743e35c50492d1d1de41567cb3b83f5a63db862d0
7a820b716232caecc0719f63cda4a2ae441c9f551a53fbd0ef7658cc1a69421f
7ab11e86e8d08494fc5f620a9fe7365c560ff721a5ae92c40b3a8c4c61e48aa1
7bce0c69ad73ad4b4a2b32591c67783d8ee9b2a1c1ad9b6015fe97a0d94e24bb
7f23652d55f84af77692f04c63d6dcd15a8410e2696080b3002cd993a8588c43
7f7d4a77e29961071a337cc5073d127fc328e2ea23fca15e9894838d72cc6822
7faa9810b4278d5a6798f3c9b7102420fb46064cbda3b00c304caeba700af349
814239bdb57b0aff5faeeca03f9a89593d15a0a88e9b083b4c4841f96c94fd95
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87ecf8d0827ea4a6cc8d5125a38301d06b306702e1abd3fd9423d3db009eced6
8a550da83fe5faf522945c7b61350dec5c08ef10a670c1db4fc5958b5a85057b
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8d87c18fcb70f9b1d23c94aedc506cb6cc2640c5aebb25ca6e8e64b0cd997553
9205ceae907f8417e3b4bd8463b1075526a25da4cdd2aed549b03cd6869632aa
92336e38ed3db3043e72f8ccb341fb8ba9a989f8881fd04ba9836378d96e8f27
924170a2b204eb90280acbb03496558dc98acc1b9d6fd96ae955996047ec970d
92f108fa97f63aa01d67c7c19599f9133ef0e60a11fba74ca137f5b699abd36b
95327a5afe839adbe3ee4e19cf7c4811a8a28382dbeae85b65fe7807d6f14c2a
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
9949cf2fec7a7552969f1786b4bf7d362f1ec82391e6762028b59d123953e464
99f155f12648dee0ed3b192df6d7e3197a55c68256158dc78212b27f5591c776
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a
9dc89e2eae45dccc1b2d7b9540adae2349bbb5d84578eadb8f0f645eac324910
9df9512d0f2332b34e43e220b6bdc675dc6b663e72406edde64fd96dc9128e1b
9ec280a1227cbe09d1829e253ef6cea01bb92cf698e4f470dfee9630a2a1e9a6
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2f96d2c0ff2b96cc2421214831ffda7b4e71aee0426d60628d04173dcd699c7
a3600e1c8745076994bd6475227b55060484ed3cef889414c45e82eb4414955a
a377872901931ae8060a099466446e6f2146940fae4047c29389bbcabf5c1715
a3c5ff7e114ffe32212ee07123f9dc6aa19c09072e44fe64649c9cc747040cab
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4fec8151febe9c096aadd4deceb0f6b4c019b8e37399d7c164addc017628c8c
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a81ae4dd7742b736f41e6e382827ab3672728b6f7f529ad5c72d6d6e79861484
aa99cf825a3d0aa0fe6ef29ade07cea2dd50561661e91f65a8dbc06bf1c4b4d9
abb5348aeb50feab8abc0212d24ef2d4daa64f08d38e6cabce13e7a78f1ad837
adcb0224d040ec15b6f3454ca34d198a475d5c9be03817b6b5d843b8d3d1bf0f
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2b5ba1466d0642bd868bef2b0e13277b34376fd0a11484fc1518d67e48b727d
b3f92ff94097926b95ef255dd60ff7c5a6005ffafcd48ea378fb6d6193135b56
b616985eb114c59268f7cd3dfabfc698a96a5a79f6704b87606b1feb7a54e9d2
b6936eb5383822d71deb8d9bbd1fdba1c8abfc2b0a31cc954030b51ecf903574
b9626a32ba37b0590508877b518afb8e18c1623278119b425ba2e3d14d39c4fe
ba1a1a99536a9f8a8413921afdc9bfd656f70445f10a30f3c82407917fbd17ba
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
becefc9f93e9ea8cec1d4749c473c476c44e65a7eee7d88dda107958649413e9
c0bc1600be0a939e3e5d60148c63c95109b958ff4565655567436d3d2377765b
c197ef987b405607bd112d5f6988d7b33f5c74b8d02b752208f7f5fb1b1b32e9
c40168707694e0bb9241c2f9f4ef86dfa65513f547b6a37c151babf07fcd7d53
c80e6a16dd9b77ca81bb8f4eecdf5416c0fa749739c40d51e70efc1c0ea70c14
c8247e71c60f01cce914615568139113018a1a129dceb0fe0af55edb0211b8fd
c84615457f9332569ff8501c382a395ef9fe116a9add5034b4ebc62c9bceeb3d
c946336c5151be03c9194c28383681b117149088b35ff3286159d26d43280afe
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d3114c4944dcf347da9b150fbd12bf83cf1a719fca0eb5480d9af4cb2f30aefc
d72b8eb9289bec0987d4af915f6cd81fc04863709b510aa7d98887d1cff60c49
d72e02e86cedb9eb4830a12ae6d968a9c8ffd04bf6c009812cd906d7a28e8275
d82ba7e7afa232e0b7c28a294bf0fc1d80892b68d4eb0908759e43224121eb38
da09f03549a3d9ae51406d85931ec2682bc82759cf96101b982496da1139ddda
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e18d2929358614016c3a29a472abe77528fa5c1267bfe45276112d2726a4d092
e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264
e37cc949a45bfd79a301489a44230708b7d37d05023e429395c9adfbbda5b0ff
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e49548c45f00bbfa0fda642d02b5e29b407004eacc2099e348da7cb38f477052
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e7052ee7e4fa3d19fa953957b23d6cd29b2311739ec0932d6e570577d19f2503
e7c769f71b17542bdd9fa9e1f444ef46987979487c51328eb1abfc12c55eab08
e900f2f0a89349c3614b9551095efe169f77b922c26b6678a75767f4003551b9
ee98d2c84912eb46a287131a615487c667455b3e257d0e94e4b9ca07cd81d693
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4431ed2e1a04ff61147b043d77314af2c6711194fa816b09187c945a24be7ec
f727add9660bc8e1534d2c1823eac57bc6bd1c021d67d017163b5b858dd28275
f76a521d8d893e573ee2def73e397a42f33f937aca5dcfeb77b2e001ea5a7ca6
f9cc2413f1d30384288de76afee6c3aab8be798336aa433d24e27084adfe573f
fe3d5ece1a52c015941c42133a60b6211e2f3a219f0d88a8ed5eb7698d444eb7

www.ufa.kp.ru Open in urlscan Pro 95.181.181.82 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

286 Requests

90 %HTTPS

53 %IPv6

45 Domains

71 Subdomains

55 IPs

9 Countries

3824 kBTransfer

9573 kBSize

69 Cookies

35 Outgoing links

Page URL History

Redirected requests

286 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.ufa.kp.ru Open in urlscan Pro
95.181.181.82 Public Scan

Screenshot
Live screenshot

Full Image

286
Requests

90 %
HTTPS

53 %
IPv6

45
Domains

71
Subdomains

55
IPs

9
Countries

3824 kB
Transfer

9573 kB
Size

69
Cookies

286 HTTP transactions
12 data transactions